def get_session(cls,cookies):
"""
returns the session if it's not expired or nonexistant
"""
cookie = SimpleCookie(cookies)
session_id = cookie['session_id'].value
db = Database()
stmnt = "SELECT SES_USR_ID, SES_EXPIRES FROM SESSIONS WHERE SES_ID = ? ;"
cur = db.query(stmnt,(session_id,))
row = cur.fetchonemap()
session=None
if row is not None:
user = User.get_user_by_id(row["SES_USR_ID"])
session = Session(user)
session._id = session_id
expiration = row["SES_EXPIRES"]
if expiration < datetime.now():
raise SessionException(SessionException.get_msg(0))
session._expiration = row["SES_EXPIRES"]
else:
raise SessionException(SessionException.get_msg(2))
return session
def deleteUser(self, params):
user_id = int(params[0])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.delete'):
user = User.get_user_by_id(user_id)
user.delete()
def revokeRightFromUser(self,params):
user_id = int(params[0])
permission_name = str(params[1])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.grant_revoke'):
user = User.get_user_by_id(user_id)
user.revoke_permission(permission_name)
return True
def alterPassword(self, params):
user_id = int(params[0])
new_password = unicode(params[1])
old_password = unicode(params[2])
session_user = Session.get_current_session_user()
if user_id == session_user.get_id():
session_user.alter_password(new_password,old_password)
else:
if session_user.check_permission("skarphed.users.alter_password"):
user = User.get_user_by_id(user_id)
user.alter_password(new_password,"",True)
return True
def get_user(self):
"""
returns this session's user
"""
return User.get_user_by_id(self._user)
def getRightsForUserPage(self,params):
user_id = int(params[0])
user = User.get_user_by_id(user_id)
return user.get_grantable_permissions()
