예제 #1
0
    def put(self, username):
        """ Updates information about the specified user. """
        if SuperUserPermission().can():
            user = pre_oci_model.get_nonrobot_user(username)
            if user is None:
                raise NotFound()

            if superusers.is_superuser(username):
                raise InvalidRequest('Cannot update a superuser')

            user_data = request.get_json()
            if 'password' in user_data:
                # Ensure that we are using database auth.
                if app.config['AUTHENTICATION_TYPE'] != 'Database':
                    raise InvalidRequest(
                        'Cannot change password in non-database auth')

                pre_oci_model.change_password(username, user_data['password'])

            if 'email' in user_data:
                # Ensure that we are using database auth.
                if app.config['AUTHENTICATION_TYPE'] not in [
                        'Database', 'AppToken'
                ]:
                    raise InvalidRequest(
                        'Cannot change e-mail in non-database auth')

                pre_oci_model.update_email(username,
                                           user_data['email'],
                                           auto_verify=True)

            if 'enabled' in user_data:
                # Disable/enable the user.
                pre_oci_model.update_enabled(username,
                                             bool(user_data['enabled']))

            if 'superuser' in user_data:
                config_object = config_provider.get_config()
                superusers_set = set(config_object['SUPER_USERS'])

                if user_data['superuser']:
                    superusers_set.add(username)
                elif username in superusers_set:
                    superusers_set.remove(username)

                config_object['SUPER_USERS'] = list(superusers_set)
                config_provider.save_config(config_object)

            return_value = user.to_dict()
            if user_data.get('password') is not None:
                password = user_data.get('password')
                return_value[
                    'encrypted_password'] = authentication.encrypt_user_password(
                        password)
            if user_data.get('email') is not None:
                return_value['email'] = user_data.get('email')

            return return_value

        raise Unauthorized()
예제 #2
0
    def put(self, username):
        """
        Updates information about the specified user.
        """
        if SuperUserPermission().can():
            user = pre_oci_model.get_nonrobot_user(username)
            if user is None:
                raise NotFound()

            if superusers.is_superuser(username):
                raise InvalidRequest("Cannot update a superuser")

            user_data = request.get_json()
            if "password" in user_data:
                # Ensure that we are using database auth.
                if app.config["AUTHENTICATION_TYPE"] != "Database":
                    raise InvalidRequest("Cannot change password in non-database auth")

                pre_oci_model.change_password(username, user_data["password"])

            if "email" in user_data:
                # Ensure that we are using database auth.
                if app.config["AUTHENTICATION_TYPE"] not in ["Database", "AppToken"]:
                    raise InvalidRequest("Cannot change e-mail in non-database auth")

                pre_oci_model.update_email(username, user_data["email"], auto_verify=True)

            if "enabled" in user_data:
                # Disable/enable the user.
                pre_oci_model.update_enabled(username, bool(user_data["enabled"]))

            if "superuser" in user_data:
                config_object = config_provider.get_config()
                superusers_set = set(config_object["SUPER_USERS"])

                if user_data["superuser"]:
                    superusers_set.add(username)
                elif username in superusers_set:
                    superusers_set.remove(username)

                config_object["SUPER_USERS"] = list(superusers_set)
                config_provider.save_config(config_object)

            return_value = user.to_dict()
            if user_data.get("password") is not None:
                password = user_data.get("password")
                return_value["encrypted_password"] = authentication.encrypt_user_password(
                    password
                ).decode("ascii")
            if user_data.get("email") is not None:
                return_value["email"] = user_data.get("email")

            return return_value

        raise Unauthorized()