def add_user(): if request.method == 'GET': return render_template('adduser.html', admin = UserManager.get(store, session.get('userid'))[1].admin) error = False (name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ]) if name in (None, ''): flash('The name is required.') error = True if passwd in (None, ''): flash('Please provide a password.') error = True elif passwd != passwd_confirm: flash("The passwords don't match.") error = True if admin is None: admin = True if store.find(User, User.admin == True).count() == 0 else False else: admin = True if not error: status = UserManager.add(store, name, passwd, mail, admin) if status == UserManager.SUCCESS: flash("User '%s' successfully added" % name) return redirect(url_for('user_index')) else: flash(UserManager.error_str(status)) return render_template('adduser.html', admin = UserManager.get(store, session.get('userid'))[1].admin)
def update_clients(uid): clients_opts = {} for client in set(map(lambda k: k.rsplit('_', 1)[0], request.form.keys())): clients_opts[client] = { k.rsplit('_', 1)[1]: v for k, v in filter(lambda (k, v): k.startswith(client), request.form.iteritems()) } app.logger.debug(clients_opts) if uid == 'me': userid = uuid.UUID(session.get('userid')) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) userid = uuid.UUID(uid) for client, opts in clients_opts.iteritems(): prefs = store.get(ClientPrefs, (userid, client)) if 'delete' in opts and opts['delete'] in [ 'on', 'true', 'checked', 'selected', '1' ]: store.remove(prefs) continue prefs.format = opts['format'] if 'format' in opts and opts['format'] else None prefs.bitrate = int(opts['bitrate']) if 'bitrate' in opts and opts['bitrate'] else None store.commit() flash('Clients preferences updated.') return user_profile(uid)
def change_username(uid): if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1] if request.method == 'POST': username = request.form.get('user') if username in ('', None): flash('The username is required') return render_template('change_username.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin) if request.form.get('admin') is None: admin = False else: admin = True changed = False if user.name != username or user.admin != admin: user.name = username user.admin = admin store.commit() flash("User '%s' updated." % username) return redirect(url_for('user_profile', uid = uid)) else: flash("No changes for '%s'." % username) return redirect(url_for('user_profile', uid = uid)) return render_template('change_username.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def test_get_user(self): # Get existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.get(self.store, user.id), (UserManager.SUCCESS, user)) # Get with invalid UUID self.assertEqual(UserManager.get(self.store, 'invalid-uuid'), (UserManager.INVALID_ID, None)) # Non-existent user self.assertEqual(UserManager.get(self.store, uuid.uuid4()), (UserManager.NO_SUCH_USER, None))
def user_profile(uid): if uid == 'me': prefs = store.find(ClientPrefs, ClientPrefs.user_id == uuid.UUID(session.get('userid'))) return render_template('profile.html', user = UserManager.get(store, session.get('userid'))[1], api_key = config.get('lastfm', 'api_key'), clients = prefs, admin = UserManager.get(store, session.get('userid'))[1].admin) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) prefs = store.find(ClientPrefs, ClientPrefs.user_id == uuid.UUID(uid)) return render_template('profile.html', user = UserManager.get(store, uid)[1], api_key = config.get('lastfm', 'api_key'), clients = prefs, admin = UserManager.get(store, session.get('userid'))[1].admin)
def lastfm_unreg(uid): if uid == 'me': lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) lfm = LastFm(UserManager.get(store, uid)[1], app.logger) lfm.unlink_account() store.commit() flash('Unliked LastFM account') return redirect(url_for('user_profile', uid = uid))
def test_get_user(self): # Get existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.get(self.store, user.id), (UserManager.SUCCESS, user)) # Get with invalid UUID self.assertEqual(UserManager.get(self.store, 'invalid-uuid'), (UserManager.INVALID_ID, None)) self.assertEqual(UserManager.get(self.store, 0xfee1bad), (UserManager.INVALID_ID, None)) # Non-existent user self.assertEqual(UserManager.get(self.store, uuid.uuid4()), (UserManager.NO_SUCH_USER, None))
def change_mail(uid): if uid == 'me': user = UserManager.get(store, session.get('userid'))[1] else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1] if request.method == 'POST': mail = request.form.get('mail') # No validation, lol. user.mail = mail store.commit() return redirect(url_for('user_profile', uid = uid)) return render_template('change_mail.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def change_username_form(uid): code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: flash(UserManager.error_str(code)) return redirect(url_for('index')) return render_template('change_username.html', user = user)
def change_username_post(uid): code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: return redirect(url_for('index')) username = request.form.get('user') if username in ('', None): flash('The username is required') return render_template('change_username.html', user = user) if user.name != username and store.find(User, User.name == username).one(): flash('This name is already taken') return render_template('change_username.html', user = user) if request.form.get('admin') is None: admin = False else: admin = True if user.name != username or user.admin != admin: user.name = username user.admin = admin store.commit() flash("User '%s' updated." % username) else: flash("No changes for '%s'." % username) return redirect(url_for('user_profile', uid = uid))
def do_user_import(): if not request.files['file']: return render_template('importusers.html', admin = UserManager.get(store, session.get('userid'))[1].admin) users = [] reader = csv.reader(request.files['file']) for id, name, mail, password, salt, admin, lfmsess, lfmstatus in reader: mail = None if mail == 'None' else mail admin = admin == 'True' lfmsess = None if lfmsess == 'None' else lfmsess lfmstatus = lfmstatus == 'True' user = User() user.id = uuid.UUID(id) user.name = name user.password = password user.salt = salt user.admin = admin user.lastfm_session = lfmsess user.lastfm_status = lfmstatus users.append(user) store.find(User).remove() for u in users: store.add(u) store.commit() return redirect(url_for('user_index'))
def index(): stats = { 'artists': store.find(Artist).count(), 'albums': store.find(Album).count(), 'tracks': store.find(Track).count() } return render_template('home.html', stats = stats, admin = UserManager.get(store, session.get('userid'))[1].admin)
def lastfm_reg(uid): token = request.args.get('token') if token in ('', None): flash('Missing LastFM auth token') return redirect(url_for('user_profile', uid = uid)) if uid == 'me': lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) lfm = LastFm(UserManager.get(store, uid)[1], app.logger) status, error = lfm.link_account(token) store.commit() flash(error if not status else 'Successfully linked LastFM account') return redirect(url_for('user_profile', uid = uid))
def change_mail(): user = UserManager.get(store, session.get('userid'))[1] if request.method == 'POST': mail = request.form.get('mail') # No validation, lol. user.mail = mail store.commit() return redirect(url_for('user_profile')) return render_template('change_mail.html', user = user)
def index(): stats = { 'artists': store.find(Artist).count(), 'albums': store.find(Album).count(), 'tracks': store.find(Track).count() } return render_template('home.html', stats=stats, admin=UserManager.get( store, session.get('userid'))[1].admin)
def login_check(): if request.path.startswith('/rest/'): return if request.path.startswith('/static/'): return if request.endpoint != 'login': should_login = False if not session.get('userid'): should_login = True elif UserManager.get(store, session.get('userid'))[0] != UserManager.SUCCESS: session.clear() should_login = True elif UserManager.get(store, session.get('userid'))[1].name != session.get('username'): session.clear() should_login = True if should_login: flash('Please login') return redirect(url_for('login', returnUrl = request.script_root + request.url[len(request.url_root)-1:]))
def lastfm_reg(): token = request.args.get('token') if token in ('', None): flash('Missing LastFM auth token') return redirect(url_for('user_profile')) lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) status, error = lfm.link_account(token) store.commit() flash(error if not status else 'Successfully linked LastFM account') return redirect(url_for('user_profile'))
def change_password(uid): if uid == 'me': user = UserManager.get(store, session.get('userid'))[1].name else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1].name if request.method == 'POST': error = False if uid == 'me' or uid == session.get('userid'): current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) if current in ('', None): flash('The current password is required') error = True else: new, confirm = map(request.form.get, [ 'new', 'confirm' ]) if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: if uid == 'me' or uid == session.get('userid'): status = UserManager.change_password(store, session.get('userid'), current, new) else: status = UserManager.change_password2(store, UserManager.get(store, uid)[1].name, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile', uid = uid)) return render_template('change_pass.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def playlist_details(uid): try: uid = uuid.UUID(uid) if type(uid) in (str, unicode) else uid except: flash('Invalid playlist id') return redirect(url_for('playlist_index')) playlist = store.get(Playlist, uid) if not playlist: flash('Unknown playlist') return redirect(url_for('playlist_index')) return render_template('playlist.html', playlist = playlist, admin = UserManager.get(store, session.get('userid'))[1].admin)
def add_folder(): if request.method == 'GET': return render_template('addfolder.html', admin = UserManager.get(store, session.get('userid'))[1].admin) error = False (name, path) = map(request.form.get, [ 'name', 'path' ]) if name in (None, ''): flash('The name is required.') error = True if path in (None, ''): flash('The path is required.') error = True if error: return render_template('addfolder.html', admin = UserManager.get(store, session.get('userid'))[1].admin) ret = FolderManager.add(store, name, path) if ret != FolderManager.SUCCESS: flash(FolderManager.error_str(ret)) return render_template('addfolder.html', admin = UserManager.get(store, session.get('userid'))[1].admin) flash("Folder '%s' created. You should now run a scan" % name) return redirect(url_for('folder_index'))
def test_get_user(self): self.create_data() # Get existing users for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) self.assertEqual(UserManager.get(user.id), user) # Get with invalid UUID self.assertRaises(ValueError, UserManager.get, "invalid-uuid") self.assertRaises(ValueError, UserManager.get, 0xFEE1BAD) # Non-existent user self.assertRaises(ObjectNotFound, UserManager.get, uuid.uuid4())
def login_check(): if request.path.startswith('/rest/'): return if request.endpoint != 'login': should_login = False if not session.get('userid'): should_login = True elif UserManager.get(store, session.get('userid'))[0] != UserManager.SUCCESS: session.clear() should_login = True if should_login: flash('Please login') return redirect( url_for('login', returnUrl=request.script_root + request.url[len(request.url_root) - 1:]))
def login_check(): if request.path.startswith('/rest/'): return if request.path.startswith('/static/'): return request.user = None should_login = True if session.get('userid'): code, user = UserManager.get(store, session.get('userid')) if code != UserManager.SUCCESS: session.clear() else: request.user = user should_login = False if should_login and request.endpoint != 'login': flash('Please login') return redirect(url_for('login', returnUrl = request.script_root + request.url[len(request.url_root)-1:]))
def decorated_func(*args, **kwargs): if kwargs: uid = kwargs[arg] else: uid = args[0] if uid == 'me': user = request.user elif not request.user.admin: return redirect(url_for('index')) else: code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: flash(UserManager.error_str(code)) return redirect(url_for('index')) if kwargs: kwargs['user'] = user else: args = (uid, user) return f(*args, **kwargs)
def change_password(): if request.method == 'POST': current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) error = False if current in ('', None): flash('The current password is required') error = True if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: status = UserManager.change_password(store, session.get('userid'), current, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile')) return render_template('change_pass.html', user = UserManager.get(store, session.get('userid'))[1].name)
def login_check(): if request.path.startswith('/rest/'): return if request.path.startswith('/static/'): return request.user = None should_login = True if session.get('userid'): code, user = UserManager.get(store, session.get('userid')) if code != UserManager.SUCCESS: session.clear() else: request.user = user should_login = False if should_login and request.endpoint != 'login': flash('Please login') return redirect( url_for('login', returnUrl=request.script_root + request.url[len(request.url_root) - 1:]))
def check_admin(): if not request.path.startswith('/user'): return if request.endpoint in ('user_index', 'add_user', 'del_user', 'export_users', 'import_users', 'do_user_import') and not UserManager.get(store, session.get('userid'))[1].admin: return redirect(url_for('index'))
def check_admin(): if not request.path.startswith('/folder'): return if not UserManager.get(store, session.get('userid'))[1].admin: return redirect(url_for('index'))
def import_users(): return render_template('importusers.html', admin = UserManager.get(store, session.get('userid'))[1].admin)
def check_admin(): if not request.path.startswith("/folder"): return if not UserManager.get(store, session.get("userid"))[1].admin: return redirect(url_for("index"))
def user_index(): return render_template('users.html', users = store.find(User), admin = UserManager.get(store, session.get('userid'))[1].admin)
def folder_index(): return render_template('folders.html', folders = store.find(Folder, Folder.root == True), admin = UserManager.get(store, session.get('userid'))[1].admin)
def lastfm_unreg(): lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) lfm.unlink_account() store.commit() flash('Unliked LastFM account') return redirect(url_for('user_profile'))
def playlist_index(): return render_template('playlists.html', mine = store.find(Playlist, Playlist.user_id == uuid.UUID(session.get('userid'))), others = store.find(Playlist, Playlist.user_id != uuid.UUID(session.get('userid')), Playlist.public == True), admin = UserManager.get(store, session.get('userid'))[1].admin)
def user_profile(): prefs = store.find(ClientPrefs, ClientPrefs.user_id == uuid.UUID(session.get('userid'))) return render_template('profile.html', user = UserManager.get(store, session.get('userid'))[1], api_key = config.get('lastfm', 'api_key'), clients = prefs)