def _process(self): token = request.view_args['token'] data = self.token_storage.get(token) valid, existing = self._validate(data) if valid: self.token_storage.delete(token) if existing and existing.is_pending: logger.info("Found pending user %s to be merged into %s", existing, self.user) # If the pending user has missing names, copy them from the active one # to allow it to be marked as not pending and deleted during the merge. existing.first_name = existing.first_name or self.user.first_name existing.last_name = existing.last_name or self.user.last_name merge_users(existing, self.user) flash( _("Merged data from existing '{}' identity").format( existing.email)) existing.is_pending = False self.user.secondary_emails.add(data['email']) signals.users.email_added.send(self.user, email=data['email']) flash( _('The email address {email} has been added to your account.'). format(email=data['email']), 'success') return redirect(url_for('.user_emails'))
def _process(self): form = MergeForm() if form.validate_on_submit(): source = form['source_user'].data target = form['target_user'].data merge_users(source, target) flash(_('The users have been successfully merged.'), 'success') return redirect(url_for('.user_profile', user_id=target.id)) return WPUsersAdmin.render_template('users_merge.html', form=form)
def _process(self): token = request.view_args['token'] data = self.token_storage.get(token) valid, existing = self._validate(data) if valid: self.token_storage.delete(token) if existing and existing.is_pending: flash(_("Merged data from existing '{}' identity").format(existing.email)) merge_users(existing, self.user) existing.is_pending = False self.user.secondary_emails.add(data['email']) flash(_('The email address {email} has been added to your account.').format(email=data['email']), 'success') return redirect(url_for('.user_emails'))
def test_merge_users(create_user, dummy_user, dummy_application, dummy_token, create_application, test_client): source_user = create_user(123) # app on both users (already exists on dummy user via dummy token) app_link = OAuthApplicationUserLink(application=dummy_application, user=source_user, scopes=['read:user', 'write:legacy_api']) token_string = generate_token() OAuthToken(access_token=token_string, app_user_link=app_link, scopes=['read:user']) # app only on source user test_app = create_application(name='test') app_link2 = OAuthApplicationUserLink(application=test_app, user=source_user, scopes=['read:user']) token_string2 = generate_token() OAuthToken(access_token=token_string2, app_user_link=app_link2, scopes=['read:user']) OAuthToken(access_token=generate_token(), app_user_link=app_link2, scopes=['read:user']) OAuthToken(access_token=generate_token(), app_user_link=app_link2, scopes=['read:user']) resp = test_client.get('/api/user/', headers={'Authorization': f'Bearer {dummy_token._plaintext_token}'}) assert resp.status_code == 200 assert resp.json['id'] == dummy_user.id for token in (token_string, token_string2): resp = test_client.get('/api/user/', headers={'Authorization': f'Bearer {token}'}) assert resp.status_code == 200 assert resp.json['id'] == source_user.id old_token_count = OAuthToken.query.count() merge_users(source_user, dummy_user) # source user should not have any leftover app links assert not source_user.oauth_app_links.count() # two app links on the target user assert dummy_user.oauth_app_links.count() == 2 # dummy app has one token from each user assert dummy_user.oauth_app_links.filter_by(application=dummy_application).one().tokens.count() == 2 # test app has 3 tokens coming from source user assert dummy_user.oauth_app_links.filter_by(application=test_app).one().tokens.count() == 3 # the total number of tokens didn't change (we do not delete surplus tokens during merge anyway) assert OAuthToken.query.count() == old_token_count # all tokens point to the target user for token in (dummy_token._plaintext_token, token_string, token_string2): resp = test_client.get('/api/user/', headers={'Authorization': f'Bearer {token}'}) assert resp.status_code == 200 assert resp.json['id'] == dummy_user.id
def _process(self): form = MergeForm() if form.validate_on_submit(): source = form.source_user.data target = form.target_user.data errors, warnings = _get_merge_problems(source, target) if errors: raise BadRequest(_('Merge aborted due to failed sanity check')) if warnings: logger.info("User %s initiated merge of %s into %s (with %d warnings)", session.user, source, target, len(warnings)) else: logger.info("User %s initiated merge of %s into %s", session.user, source, target) merge_users(source, target) flash(_('The users have been successfully merged.'), 'success') return redirect(url_for('.user_profile', user_id=target.id)) return WPUsersAdmin.render_template('users_merge.html', 'users', form=form)
def _process(self): token = request.view_args['token'] data = self.token_storage.get(token) valid, existing = self._validate(data) if valid: self.token_storage.delete(token) if existing and existing.is_pending: flash( _("Merged data from existing '{}' identity").format( existing.email)) merge_users(existing, self.user) existing.is_pending = False self.user.secondary_emails.add(data['email']) flash( _('The email address {email} has been added to your account.'). format(email=data['email']), 'success') return redirect(url_for('.user_emails'))
def _process(self): token = request.view_args['token'] data = self.token_storage.get(token) valid, existing = self._validate(data) if valid: self.token_storage.delete(token) if existing and existing.is_pending: logger.info("Found pending user %s to be merged into %s", existing, self.user) # If the pending user has missing names, copy them from the active one # to allow it to be marked as not pending and deleted during the merge. existing.first_name = existing.first_name or self.user.first_name existing.last_name = existing.last_name or self.user.last_name merge_users(existing, self.user) flash(_("Merged data from existing '{}' identity").format(existing.email)) existing.is_pending = False self.user.secondary_emails.add(data['email']) signals.users.email_added.send(self.user, email=data['email']) flash(_('The email address {email} has been added to your account.').format(email=data['email']), 'success') return redirect(url_for('.user_emails'))