def test_get_user_by_name(user_factory): user = user_factory(name="name", email="email") db.session.add(user) db.session.flush() with pytest.raises(users.UserNotFoundError): assert users.get_user_by_name("non-existing") with pytest.raises(users.UserNotFoundError): assert users.get_user_by_name("email") assert users.get_user_by_name("name") is user assert users.get_user_by_name("NAME") is user
def test_get_user_by_name(user_factory): user = user_factory(name='name', email='email') db.session.add(user) db.session.flush() with pytest.raises(users.UserNotFoundError): assert users.get_user_by_name('non-existing') with pytest.raises(users.UserNotFoundError): assert users.get_user_by_name('email') assert users.get_user_by_name('name') is user assert users.get_user_by_name('NAME') is user
def delete(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) versions.verify_version(user, ctx) versions.bump_version(user) infix = "self" if ctx.user.user_id == user.user_id else "any" if ctx.has_param("name"): auth.verify_privilege(ctx.user, "users:edit:%s:name" % infix) users.update_user_name(user, ctx.get_param_as_string("name")) if ctx.has_param("password"): auth.verify_privilege(ctx.user, "users:edit:%s:pass" % infix) users.update_user_password(user, ctx.get_param_as_string("password")) if ctx.has_param("email"): auth.verify_privilege(ctx.user, "users:edit:%s:email" % infix) users.update_user_email(user, ctx.get_param_as_string("email")) if ctx.has_param("rank"): auth.verify_privilege(ctx.user, "users:edit:%s:rank" % infix) users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user) if ctx.has_param("avatarStyle"): auth.verify_privilege(ctx.user, "users:edit:%s:avatar" % infix) users.update_user_avatar( user, ctx.get_param_as_string("avatarStyle"), ctx.get_file("avatar", default=b""), ) ctx.session.commit() return _serialize(ctx, user)
def test_updating_user(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) result = test_ctx.api.put( test_ctx.context_factory(input={ 'name': 'chewie', 'email': '*****@*****.**', 'password': '******', 'rank': 'moderator', 'avatarStyle': 'gravatar', }, user=user), 'u1') assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1997, 1, 1), 'lastLoginTime': None, 'email': '*****@*****.**', 'name': 'chewie', 'rank': 'moderator', } } user = users.get_user_by_name('chewie') assert user.name == 'chewie' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_MODERATOR assert user.avatar_style == user.AVATAR_GRAVATAR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def test_creating_user(test_ctx, fake_datetime): with fake_datetime('1969-02-12'): result = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie1', 'email': '*****@*****.**', 'password': '******', }, user=test_ctx.user_factory(rank=db.User.RANK_REGULAR))) assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1969, 2, 12), 'lastLoginTime': None, 'name': 'chewie1', 'rank': 'administrator', 'email': '*****@*****.**', } } user = users.get_user_by_name('chewie1') assert user.name == 'chewie1' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_ADMINISTRATOR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def get_user_tokens(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:list:%s" % infix) user_token_list = user_tokens.get_user_tokens(user) return {"results": [_serialize(ctx, token) for token in user_token_list]}
def update_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return _serialize(ctx, user)
def test_updating_user(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) result = test_ctx.api.put( test_ctx.context_factory( input={ 'name': 'chewie', 'email': '*****@*****.**', 'password': '******', 'rank': 'moderator', 'avatarStyle': 'gravatar', }, user=user), 'u1') assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1997, 1, 1), 'lastLoginTime': None, 'email': '*****@*****.**', 'name': 'chewie', 'rank': 'moderator', } } user = users.get_user_by_name('chewie') assert user.name == 'chewie' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_MODERATOR assert user.avatar_style == user.AVATAR_GRAVATAR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def get_user_tokens(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:list:%s' % infix) user_token_list = user_tokens.get_user_tokens(user) return {'results': [_serialize(ctx, token) for token in user_token_list]}
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) if not user: raise users.UserNotFoundError('User %r not found.' % user_name) if ctx.user.user_id == user.user_id: infix = 'self' else: infix = 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_name(user, ctx.get_param_as_string('name'), ctx.user) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return {'user': _serialize_user(ctx.user, user)}
def _authenticate(self, username, password): ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not user: raise errors.AuthError('No such user.') if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def _authenticate_token(username: str, token: str) -> Tuple[model.User, model.UserToken]: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) user_token = user_tokens.get_by_user_and_token(user, token) if not auth.is_valid_token(user_token): raise errors.AuthError('잘못된 토큰입니다.') return user, user_token
def _authenticate_token( username: str, token: str) -> Tuple[model.User, model.UserToken]: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) user_token = user_tokens.get_by_user_and_token(user, token) if not auth.is_valid_token(user_token): raise errors.AuthError('Invalid token.') return user, user_token
def delete_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def delete_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def get_user_tokens( ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:list:%s' % infix) user_token_list = user_tokens.get_user_tokens(user) return { 'results': [_serialize(ctx, token) for token in user_token_list] }
def delete_user_token(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:delete:%s" % infix) user_token = user_tokens.get_by_user_and_token(user, params["user_token"]) if user_token is not None: ctx.session.delete(user_token) ctx.session.commit() return {}
def delete_user_token( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:delete:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) if user_token is not None: ctx.session.delete(user_token) ctx.session.commit() return {}
def test_uploading_avatar(test_ctx, tmpdir): config.config['data_dir'] = str(tmpdir.mkdir('data')) config.config['data_url'] = 'http://example.com/data/' user = test_ctx.user_factory(name='u1', rank=db.User.RANK_MODERATOR) db.session.add(user) response = test_ctx.api.put( test_ctx.context_factory(input={'avatarStyle': 'manual'}, files={'avatar': EMPTY_PIXEL}, user=user), 'u1') user = users.get_user_by_name('u1') assert user.avatar_style == user.AVATAR_MANUAL assert response['user']['avatarUrl'] == \ 'http://example.com/data/avatars/u1.png'
def test_first_user_becomes_admin_others_not(test_ctx): result1 = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie1', 'email': '*****@*****.**', 'password': '******', }, user=test_ctx.user_factory(rank=db.User.RANK_ANONYMOUS))) result2 = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie2', 'email': '*****@*****.**', 'password': '******', }, user=test_ctx.user_factory(rank=db.User.RANK_ANONYMOUS))) assert result1['user']['rank'] == 'administrator' assert result2['user']['rank'] == 'regular' first_user = users.get_user_by_name('chewie1') other_user = users.get_user_by_name('chewie2') assert first_user.rank == db.User.RANK_ADMINISTRATOR assert other_user.rank == db.User.RANK_REGULAR
def delete(self, ctx, user_name): user = users.get_user_by_name(user_name) if not user: raise users.UserNotFoundError('User %r not found.' % user_name) if ctx.user.user_id == user.user_id: infix = 'self' else: infix = 'any' auth.verify_privilege(ctx.user, 'users:delete:%s' % infix) ctx.session.delete(user) ctx.session.commit() return {}
def test_uploading_avatar(test_ctx, tmpdir): config.config['data_dir'] = str(tmpdir.mkdir('data')) config.config['data_url'] = 'http://example.com/data/' user = test_ctx.user_factory(name='u1', rank=db.User.RANK_MODERATOR) db.session.add(user) response = test_ctx.api.put( test_ctx.context_factory( input={'avatarStyle': 'manual'}, files={'avatar': EMPTY_PIXEL}, user=user), 'u1') user = users.get_user_by_name('u1') assert user.avatar_style == user.AVATAR_MANUAL assert response['user']['avatarUrl'] == \ 'http://example.com/data/avatars/u1.png'
def create_user_token( ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:create:%s' % infix) enabled = ctx.get_param_as_bool('enabled', True) user_token = user_tokens.create_user_token(user, enabled) if ctx.has_param('note'): note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time( user_token, expiration_time) ctx.session.add(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def create_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:create:%s' % infix) enabled = ctx.get_param_as_bool('enabled', True) user_token = user_tokens.create_user_token(user, enabled) if ctx.has_param('note'): note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time(user_token, expiration_time) ctx.session.add(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def test_uploading_avatar(test_ctx, tmpdir): config.config['data_dir'] = str(tmpdir.mkdir('data')) config.config['data_url'] = 'http://example.com/data/' response = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie', 'email': '*****@*****.**', 'password': '******', 'avatarStyle': 'manual', }, files={'avatar': EMPTY_PIXEL}, user=test_ctx.user_factory(rank=db.User.RANK_MODERATOR))) user = users.get_user_by_name('chewie') assert user.avatar_style == user.AVATAR_MANUAL assert response['user']['avatarUrl'] == \ 'http://example.com/data/avatars/chewie.png'
def create_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:create:%s" % infix) enabled = ctx.get_param_as_bool("enabled", True) user_token = user_tokens.create_user_token(user, enabled) if ctx.has_param("note"): note = ctx.get_param_as_string("note") user_tokens.update_user_token_note(user_token, note) if ctx.has_param("expirationTime"): expiration_time = ctx.get_param_as_string("expirationTime") user_tokens.update_user_token_expiration_time(user_token, expiration_time) ctx.session.add(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar', default=b'')) ctx.session.commit() return _serialize(ctx, user)
def update_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param('enabled'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_tokens.update_user_token_enabled(user_token, ctx.get_param_as_bool('enabled')) if ctx.has_param('note'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time(user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def update_user_token( ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param('enabled'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_tokens.update_user_token_enabled( user_token, ctx.get_param_as_bool('enabled')) if ctx.has_param('note'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time( user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def update_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) user_token = user_tokens.get_by_user_and_token(user, params["user_token"]) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param("enabled"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) user_tokens.update_user_token_enabled(user_token, ctx.get_param_as_bool("enabled")) if ctx.has_param("note"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) note = ctx.get_param_as_string("note") user_tokens.update_user_token_note(user_token, note) if ctx.has_param("expirationTime"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) expiration_time = ctx.get_param_as_string("expirationTime") user_tokens.update_user_token_expiration_time(user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def get_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) if ctx.user.user_id != user.user_id: auth.verify_privilege(ctx.user, 'users:view') return _serialize(ctx, user)
def _authenticate(username: str, password: str) -> model.User: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def get(self, ctx, user_name): auth.verify_privilege(ctx.user, 'users:view') user = users.get_user_by_name(user_name) return users.serialize_user_with_details(user, ctx.user)
def _authenticate_basic_auth(username: str, password: str) -> model.User: """ Try to authenticate user. Throw AuthError for invalid users. """ user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError("Invalid password.") return user
def get(self, ctx, user_name): auth.verify_privilege(ctx.user, 'users:view') user = users.get_user_by_name(user_name) if not user: raise users.UserNotFoundError('User %r not found.' % user_name) return {'user': _serialize_user(ctx.user, user)}
def _authenticate_basic_auth(username: str, password: str) -> model.User: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def test_removing_email(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) test_ctx.api.put(test_ctx.context_factory(input={'email': ''}, user=user), 'u1') assert users.get_user_by_name('u1').email is None
def test_removing_email(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) test_ctx.api.put( test_ctx.context_factory(input={'email': ''}, user=user), 'u1') assert users.get_user_by_name('u1').email is None
def get_user(ctx, params): user = users.get_user_by_name(params['user_name']) if ctx.user.user_id != user.user_id: auth.verify_privilege(ctx.user, 'users:view') return _serialize(ctx, user)