def post(self):
d = self.parser.parse_args()
id = d['id']
permission = UserUpdatePermission(id)
if not permission.can():
abort(401)
user = User.get_user_by_id(id)
if user is None:
raise UserNotFound("id", id)
if d.get("username", None) is not None:
user.username = d.get("username", None)
if d.get("password", None) is not None and len(d['password']) > 0:
user.password = d.get("password", "")
if d.get("email", None) is not None:
user.email = d.get("email", None)
permission = UserUpdateAdminPermission(id)
if permission.can():
if d.get("status", None) is not None:
if d['status'] == "on":
user.set_forbid(False)
elif d['status'] == "off":
user.set_forbid(True)
if d.get("type", None) is not None:
user.type = 0 if d.get("type", None) == 'on' else 1
if id == current_user.id:
current_app.login_manager.reload_user(user)
flash("修改用户成功!", "success")
return Base_Response_Fields("success!")
def test_update_user_admin_case2(admin_login, id, email):
client, app = admin_login
rv = client.post("/api/user/update", data={"email": email, "id": id})
d = rv.get_json()
assert d['status'] == 200
with app.app_context():
user = User.get_user_by_id(id)
assert user.email == email
def test_update_user_admin_case1(admin_login, id, username):
client, app = admin_login
rv = client.post("/api/user/update", data={"username": username, "id": id})
d = rv.get_json()
assert d['status'] == 200
with app.app_context():
user = User.get_user_by_id(id)
assert user.username == username
def post(self):
d = self.parser.parse_args()
permission = BlockSearchPermission(d['user_id'])
user = User.get_user_by_id(d['user_id'])
if permission.can():
blocks = user.block_list
count = int(len(blocks))
return Block_Search_Fields(user.username, blocks, count=count)
else:
abort(401)
def test_update_user_noadmin_case2(user_login):
client, app = user_login
email = "*****@*****.**"
with app.app_context():
id = current_user.id
rv = client.post("/api/user/update", data={"email": email, "id": id})
d = rv.get_json()
assert d['status'] == 200
with app.app_context():
assert current_user.email == "*****@*****.**"
user = User.get_user_by_id(id)
assert user.email == email
def post(self):
d = self.parser.parse_args()
users = User.search_user_without_page(email=d['email'])
if len(users) == 0:
return Base_Response_Fields("ok")
elif d.get("id", None) is not None:
id = d.get("id")
n_user = User.get_user_by_id(id)
if n_user.email == d.get("email"):
return Base_Response_Fields("ok")
else:
return Base_Response_Fields("该邮箱已被注册!", USER_EMAIL_INVALID)
def post(self):
d = self.parser.parse_args()
user = User.get_user_by_username(d['username'])
if user is None:
return Base_Response_Fields("ok")
elif d.get("id", None) is not None:
id = d.get("id")
n_user = User.get_user_by_id(id)
if n_user.username == d.get("username"):
return Base_Response_Fields("ok")
else:
return Base_Response_Fields("该用户名已被注册!", USERNAME_DUPLICATE)
def show_comment():
if request.method == 'POST':
data = request.get_data()
data = str(data,'utf-8')
id = int(data.split('=')[-1])
results = []
l = Comment.get_comment_by_commodity_id(id)
for i in l:
user = User.get_user_by_id(i.user_id)
j = {'username':user.username,'comment_content':i.comment_content}
results.append(j)
print(len(results))
return make_json(200,'success',results)
def post(self):
d = self.parser.parse_args()
id = d['id']
permission = UserDeletionPermission(id)
if not permission.can():
abort(401)
user = User.get_user_by_id(id)
if user is None:
raise UserNotFound("id", id)
else:
user.safe_delete_user()
flash("删除成功, 点击<a href='javascript:redo(%d)'>这里撤销</a>" % user.id,
"danger")
return Base_Response_Fields("success")
def test_update_user_case1(admin_login, username, email):
client, app = admin_login
with app.app_context():
id = current_user.id
rv = client.post("/api/user/update",
data={
"username": username,
"email": email,
"id": id
})
d = rv.get_json()
print(rv.data.decode("utf8"))
assert d['status'] != 200
with app.app_context():
user = User.get_user_by_id(id)
assert user.username != username or user.email != email
def post(self):
d = self.parser.parse_args()
if d['end_time'] < d['start_time']:
abort(400)
if "user_id" in d:
user = User.get_user_by_id(d['user_id'])
elif "username" in d:
user = User.get_user_by_username(d['username'])
if user is None:
abort(404)
else:
abort(400)
block = Block.create_block(user.id, d['reason'], d['start_time'],
d['end_time'])
print(block)
flash(
"用户 %s 已因为%s 从 %s 被封禁到 %s" %
(block.user.username, d['reason'], d['start_time'], d['end_time']),
"warning")
return Base_Response_Fields("ok")
def test_modify_username1(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.username='******'
user=User.get_user_by_id(1)
assert user.username=='fcc'
def test_modify_status(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.status=0
user=User.get_user_by_id(1)
assert user.status==0
def test_modify_type(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.type=3
user=User.get_user_by_id(1)
assert user.type==3
def test_modify_email_wrong_case(self,app):
with app.app_context():
user=User.get_user_by_id(1)
with pytest.raises(UserEmailInvalid):
user.email='test_email' #此处应该抛出异常
def test_modify_email_right_case(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.email='*****@*****.**'
user=User.get_user_by_id(1)
assert user.email=='*****@*****.**'
def test_modify_activation(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.activation='test_act'
user=User.get_user_by_id(1)
assert user.activation=='test_act'
def test_modify_salt(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.salt='passwd'
user=User.get_user_by_id(1)
assert user.salt=='passwd'
def test_modify_password(self,app):
with app.app_context():
user=User.get_user_by_id(1)
user.password='******'
user=User.get_user_by_id(1)
assert user.check_password('passwd')
def test_select1(self,app):
with app.app_context():
user=User.get_user_by_id(2)
assert user is not None
def test_select2(self,app):
with app.app_context():
user=User.get_user_by_id(251)
assert user is None
def test_user_token_generate(self,app):
with app.app_context():
user=User.get_user_by_id(1)
assert user.get_auth_token() is not None
