def delete_user(user_data): """Delete a user and their authentication information.""" auth_token = flask.request.headers.get('Authorization', '').replace('Bearer ', '') if user_data.user_id: try: auth.check_token(user_data.user_id, auth_token, role='auth') except ValueError: flask.abort(403, 'Wrong authentication token.') filter_user = {'_id': _safe_object_id(user_data.user_id)} elif user_data.profile.email: try: auth.check_token(user_data.profile.email, auth_token, role='unsubscribe') except ValueError: flask.abort(403, 'Accès refusé') filter_user = _DB.user.find_one( {'profile.email': user_data.profile.email}, {'_id': 1}) else: flask.abort(400, 'Impossible de supprimer un utilisateur sans son ID.') if filter_user: _DB.user_auth.delete_one(filter_user) _DB.user.delete_one(filter_user) return user_pb2.UserId(user_id=user_data.user_id)
def delete_user(user_data): """Delete a user and their authentication information.""" if user_data.user_id: user_from_db = _get_user_data(user_data.user_id) facebook_creds_mismatch = ( user_data.facebook_id and user_data.facebook_id != user_from_db.facebook_id) google_creds_mismatch = (user_data.google_id and user_data.google_id != user_from_db.google_id) email_mismatch = ( user_data.profile.email and user_data.profile.email != user_from_db.profile.email) if facebook_creds_mismatch or google_creds_mismatch or email_mismatch: flask.abort(403, 'Wrong credentials.') filter_user = {'_id': _safe_object_id(user_data.user_id)} elif user_data.profile.email: auth_token = flask.request.headers.get('Authorization', '').replace('Bearer ', '') try: auth.check_token(user_data.profile.email, auth_token, role='unsubscribe') except ValueError: flask.abort(403, 'Accès refusé') filter_user = _DB.user.find_one( {'profile.email': user_data.profile.email}, {'_id': 1}) else: flask.abort(400, 'Impossible de supprimer un utilisateur sans son ID.') if filter_user: _DB.user_auth.delete_one(filter_user) _DB.user.delete_one(filter_user) return user_pb2.UserId(user_id=user_data.user_id)
def give_feedback(feedback): """Retrieve information about jobs whithin a job group.""" if feedback.user_id: auth_token = flask.request.headers.get('Authorization', '').replace('Bearer ', '') if not auth_token: flask.abort(401, 'Token manquant') try: auth.check_token(feedback.user_id, auth_token, role='auth') except ValueError: flask.abort(403, 'Unauthorized token') _give_feedback(feedback) return ''
def get_employment_status(): """Save user's first click and redirect them to the full survey.""" if any(param not in flask.request.args for param in ('user', 'token')): flask.abort(422, 'Paramètres manquants.') user_id = flask.request.args.get('user') auth_token = flask.request.args.get('token') try: auth.check_token(user_id, auth_token, role='employment-status') except ValueError: flask.abort(403, 'Accès non autorisé.') user_proto = _get_user_data(user_id) if 'id' in flask.request.args: survey_id = int(flask.request.args.get('id')) if survey_id >= len(user_proto.employment_status): flask.abort(422, 'Id invalide.') employment_status = user_proto.employment_status[survey_id] json_format.ParseDict(flask.request.args, employment_status, ignore_unknown_fields=True) _DB.user.update_one({'_id': _safe_object_id(user_id)}, { '$set': { 'employment_status.%s' % survey_id: json_format.MessageToDict(employment_status) } }, upsert=False) else: survey_id = len(user_proto.employment_status) employment_status = user_pb2.EmploymentStatus() employment_status.created_at.FromDatetime(now.get()) json_format.ParseDict(flask.request.args, employment_status, ignore_unknown_fields=True) _DB.user.update_one({'_id': _safe_object_id(user_id)}, { '$push': { 'employment_status': json_format.MessageToDict(employment_status) } }, upsert=False) if 'redirect' in flask.request.args: return flask.redirect('{}?{}'.format( flask.request.args.get('redirect'), parse.urlencode({ 'user': user_id, 'token': auth_token, 'id': survey_id, }))) return ''
def test_check_token_wrong_role(self): """check_token fails if wrong role.""" login_token = auth.create_token('*****@*****.**', 'login') with self.assertRaises(ValueError): auth.check_token('*****@*****.**', login_token, 'unsubscribe')
def test_check_token_empty(self): """Check that an empty token fails.""" with self.assertRaises(ValueError): auth.check_token('*****@*****.**', '', 'login')
def test_check_token(self): """Basic usage of check_token (round trip with create_token).""" login_token = auth.create_token('*****@*****.**', 'login') auth.check_token('*****@*****.**', login_token, 'login')