def fixture_add_user(username=u'chris',
password=u'toast',
privileges=[],
wants_comment_notification=True):
# Reuse existing user or create a new one
test_user = LocalUser.query.filter(LocalUser.username == username).first()
if test_user is None:
test_user = LocalUser()
test_user.username = username
test_user.email = username + u'@example.com'
if password is not None:
test_user.pw_hash = gen_password_hash(password)
test_user.wants_comment_notification = wants_comment_notification
for privilege in privileges:
query = Privilege.query.filter(Privilege.privilege_name == privilege)
if query.count():
test_user.all_privileges.append(query.one())
test_user.save()
# Reload - The `with_polymorphic` needs to be there to eagerly load
# the attributes on the LocalUser as this can't be done post detachment.
user_query = LocalUser.query.with_polymorphic(LocalUser)
test_user = user_query.filter(LocalUser.username == username).first()
# ... and detach from session:
Session.expunge(test_user)
return test_user
def fixture_add_user(username=u'chris', password=u'toast',
privileges=[], wants_comment_notification=True):
# Reuse existing user or create a new one
test_user = LocalUser.query.filter(LocalUser.username==username).first()
if test_user is None:
test_user = LocalUser()
test_user.username = username
test_user.email = username + u'@example.com'
if password is not None:
test_user.pw_hash = gen_password_hash(password)
test_user.wants_comment_notification = wants_comment_notification
for privilege in privileges:
query = Privilege.query.filter(Privilege.privilege_name==privilege)
if query.count():
test_user.all_privileges.append(query.one())
test_user.save()
# Reload - The `with_polymorphic` needs to be there to eagerly load
# the attributes on the LocalUser as this can't be done post detachment.
user_query = LocalUser.query.with_polymorphic(LocalUser)
test_user = user_query.filter(LocalUser.username==username).first()
# ... and detach from session:
Session.expunge(test_user)
return test_user
def process_request(self, request, controller):
"""Log the user in if the HTTP Authentication header is found."""
_log.debug('Trying to authorize the user via YunoHost SSO Auth')
username = six.text_type(
request.headers.get(HEADER_USER, '')
)
if not username:
# log current user out if auth is disabled
if not check_auth_enabled() and (
request.user or 'user_id' in request.session):
_log.debug('Cleaning invalid user session')
request.session.delete()
request.user = None
return
# check the current user session
if request.user:
if request.user.username != username:
request.session.delete()
request.user = None
else:
return
# create the user as needed
user = LocalUser.query.filter(LocalUser.username==username).first()
if not user:
_log.debug('Creating new user {0}'.format(username))
user = LocalUser()
user.username = username
email = six.text_type(
request.headers.get(HEADER_EMAIL, '')
)
if email:
_log.debug('Found email address {0}'.format(email))
user.email = email
# give the user the default privileges
default_privileges = get_default_privileges(user)
default_privileges.append(
Privilege.query.filter(
Privilege.privilege_name==u'active').one()
)
if ADMIN_USERNAME and username == ADMIN_USERNAME:
_log.debug('Giving admin privileges to user')
default_privileges.append(
Privilege.query.filter(
Privilege.privilege_name==u'admin').one()
)
user.all_privileges = default_privileges
user.save()
# log the user in
request.session['user_id'] = six.text_type(user.id)
request.session.save()
request.user = user
def create_basic_user(form):
user = LocalUser()
user.username = form.username.data
user.email = form.email.data
user.save()
return user
def create_basic_user(form):
user = LocalUser()
user.username = form.username.data
user.email = form.email.data
user.save()
return user
