def update_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return _serialize(ctx, user)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) versions.verify_version(user, ctx) versions.bump_version(user) infix = "self" if ctx.user.user_id == user.user_id else "any" if ctx.has_param("name"): auth.verify_privilege(ctx.user, "users:edit:%s:name" % infix) users.update_user_name(user, ctx.get_param_as_string("name")) if ctx.has_param("password"): auth.verify_privilege(ctx.user, "users:edit:%s:pass" % infix) users.update_user_password(user, ctx.get_param_as_string("password")) if ctx.has_param("email"): auth.verify_privilege(ctx.user, "users:edit:%s:email" % infix) users.update_user_email(user, ctx.get_param_as_string("email")) if ctx.has_param("rank"): auth.verify_privilege(ctx.user, "users:edit:%s:rank" % infix) users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user) if ctx.has_param("avatarStyle"): auth.verify_privilege(ctx.user, "users:edit:%s:avatar" % infix) users.update_user_avatar( user, ctx.get_param_as_string("avatarStyle"), ctx.get_file("avatar", default=b""), ) ctx.session.commit() return _serialize(ctx, user)
def test_update_user_password(user_factory, config_injector): config_injector({'password_regex': '^[a-z]+$'}) user = user_factory() with patch('szurubooru.func.auth.create_password'), \ patch('szurubooru.func.auth.get_password_hash'): auth.create_password.return_value = 'salt' auth.get_password_hash.return_value = 'hash' users.update_user_password(user, 'a') assert user.password_salt == 'salt' assert user.password_hash == 'hash'
def test_update_user_password(user_factory, config_injector): config_injector({'password_regex': '^[a-z]+$'}) user = user_factory() with patch('szurubooru.func.auth.create_password'), \ patch('szurubooru.func.auth.get_password_hash'): auth.create_password.return_value = 'salt' auth.get_password_hash.return_value = 'hash' users.update_user_password(user, 'a') assert user.password_salt == 'salt' assert user.password_hash == 'hash'
def test_update_user_password(user_factory, config_injector): config_injector({"password_regex": "^[a-z]+$"}) user = user_factory() with patch("szurubooru.func.auth.create_password"), patch( "szurubooru.func.auth.get_password_hash"): auth.create_password.return_value = "salt" auth.get_password_hash.return_value = ("hash", 3) users.update_user_password(user, "a") assert user.password_salt == "salt" assert user.password_hash == "hash" assert user.password_revision == 3
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar', default=b'')) ctx.session.commit() return _serialize(ctx, user)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def test_update_user_password_with_invalid_string(user_factory, config_injector): config_injector({"password_regex": "^[a-z]+$"}) user = user_factory() with pytest.raises(users.InvalidPasswordError): users.update_user_password(user, "0")
def test_update_user_password_with_empty_string(user_factory): user = user_factory() with pytest.raises(users.InvalidPasswordError): users.update_user_password(user, None)
def test_update_user_password_with_invalid_string( user_factory, config_injector): config_injector({'password_regex': '^[a-z]+$'}) user = user_factory() with pytest.raises(users.InvalidPasswordError): users.update_user_password(user, '0')
def test_update_user_password_with_empty_string(user_factory): user = user_factory() with pytest.raises(users.InvalidPasswordError): users.update_user_password(user, None)