def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) versions.verify_version(user, ctx) versions.bump_version(user) infix = "self" if ctx.user.user_id == user.user_id else "any" if ctx.has_param("name"): auth.verify_privilege(ctx.user, "users:edit:%s:name" % infix) users.update_user_name(user, ctx.get_param_as_string("name")) if ctx.has_param("password"): auth.verify_privilege(ctx.user, "users:edit:%s:pass" % infix) users.update_user_password(user, ctx.get_param_as_string("password")) if ctx.has_param("email"): auth.verify_privilege(ctx.user, "users:edit:%s:email" % infix) users.update_user_email(user, ctx.get_param_as_string("email")) if ctx.has_param("rank"): auth.verify_privilege(ctx.user, "users:edit:%s:rank" % infix) users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user) if ctx.has_param("avatarStyle"): auth.verify_privilege(ctx.user, "users:edit:%s:avatar" % infix) users.update_user_avatar( user, ctx.get_param_as_string("avatarStyle"), ctx.get_file("avatar", default=b""), ) ctx.session.commit() return _serialize(ctx, user)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def update_user(ctx, params): user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password( user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return _serialize(ctx, user)
def test_update_user_rank(user_factory): db.session.add(user_factory()) db.session.flush() user = user_factory() auth_user = user_factory() auth_user.rank = db.User.RANK_ADMINISTRATOR users.update_user_rank(user, 'regular', auth_user) users.update_user_rank(auth_user, 'regular', auth_user) assert user.rank == db.User.RANK_REGULAR assert auth_user.rank == db.User.RANK_REGULAR
def test_update_user_rank_with_higher_rank_than_possible(user_factory): db.session.add(user_factory()) db.session.flush() user = user_factory() auth_user = user_factory() auth_user.rank = db.User.RANK_ANONYMOUS with pytest.raises(errors.AuthError): users.update_user_rank(user, 'regular', auth_user) with pytest.raises(errors.AuthError): users.update_user_rank(auth_user, 'regular', auth_user)
def test_update_user_rank_with_higher_rank_than_possible(user_factory): db.session.add(user_factory()) db.session.flush() user = user_factory() auth_user = user_factory() auth_user.rank = model.User.RANK_ANONYMOUS with pytest.raises(errors.AuthError): users.update_user_rank(user, "regular", auth_user) with pytest.raises(errors.AuthError): users.update_user_rank(auth_user, "regular", auth_user)
def test_update_user_rank(user_factory): db.session.add(user_factory()) db.session.flush() user = user_factory() auth_user = user_factory() auth_user.rank = model.User.RANK_ADMINISTRATOR users.update_user_rank(user, "regular", auth_user) users.update_user_rank(auth_user, "regular", auth_user) assert user.rank == model.User.RANK_REGULAR assert auth_user.rank == model.User.RANK_REGULAR
def create_user(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: auth.verify_privilege(ctx.user, 'users:create') name = ctx.get_param_as_string('name') password = ctx.get_param_as_string('password') email = ctx.get_param_as_string('email', default='') user = users.create_user(name, password, email) if ctx.has_param('rank'): users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar', default=b'')) ctx.session.add(user) ctx.session.commit() return _serialize(ctx, user, force_show_email=True)
def create_user(ctx, _params=None): auth.verify_privilege(ctx.user, 'users:create') name = ctx.get_param_as_string('name', required=True) password = ctx.get_param_as_string('password', required=True) email = ctx.get_param_as_string('email', required=False, default='') user = users.create_user(name, password, email) if ctx.has_param('rank'): users.update_user_rank( user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.add(user) ctx.session.commit() return _serialize(ctx, user, force_show_email=True)
def post(self, ctx): auth.verify_privilege(ctx.user, 'users:create') name = ctx.get_param_as_string('name', required=True) password = ctx.get_param_as_string('password', required=True) email = ctx.get_param_as_string('email', required=False, default='') user = users.create_user(name, password, email) if ctx.has_param('rank'): users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.add(user) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user, force_show_email=True)
def create_user( ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: if ctx.user.user_id is None: auth.verify_privilege(ctx.user, 'users:create:self') else: auth.verify_privilege(ctx.user, 'users:create:any') name = ctx.get_param_as_string('name') password = ctx.get_param_as_string('password') email = ctx.get_param_as_string('email', default='') user = users.create_user(name, password, email) if ctx.has_param('rank'): users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): users.update_user_avatar( user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar', default=b'')) ctx.session.add(user) ctx.session.commit() return _serialize(ctx, user, force_show_email=True)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) versions.verify_version(user, ctx) versions.bump_version(user) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar', default=b'')) ctx.session.commit() return _serialize(ctx, user)
def create_user(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response: if ctx.user.user_id is None: auth.verify_privilege(ctx.user, "users:create:self") else: auth.verify_privilege(ctx.user, "users:create:any") name = ctx.get_param_as_string("name") password = ctx.get_param_as_string("password") email = ctx.get_param_as_string("email", default="") user = users.create_user(name, password, email) if ctx.has_param("rank"): users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user) if ctx.has_param("avatarStyle"): users.update_user_avatar( user, ctx.get_param_as_string("avatarStyle"), ctx.get_file("avatar", default=b""), ) ctx.session.add(user) ctx.session.commit() return _serialize(ctx, user, force_show_email=True)
def test_update_user_rank_with_invalid_string(user_factory): user = user_factory() auth_user = user_factory() with pytest.raises(users.InvalidRankError): users.update_user_rank(user, 'invalid', auth_user) with pytest.raises(users.InvalidRankError): users.update_user_rank(user, 'anonymous', auth_user) with pytest.raises(users.InvalidRankError): users.update_user_rank(user, 'nobody', auth_user)
def test_update_user_rank_with_invalid_string(user_factory): user = user_factory() auth_user = user_factory() with pytest.raises(users.InvalidRankError): users.update_user_rank(user, "invalid", auth_user) with pytest.raises(users.InvalidRankError): users.update_user_rank(user, "anonymous", auth_user) with pytest.raises(users.InvalidRankError): users.update_user_rank(user, "nobody", auth_user)
def put(self, ctx, user_name): user = users.get_user_by_name(user_name) infix = 'self' if ctx.user.user_id == user.user_id else 'any' if ctx.has_param('name'): auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix) users.update_user_name(user, ctx.get_param_as_string('name')) if ctx.has_param('password'): auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix) users.update_user_password(user, ctx.get_param_as_string('password')) if ctx.has_param('email'): auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix) users.update_user_email(user, ctx.get_param_as_string('email')) if ctx.has_param('rank'): auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix) users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user) if ctx.has_param('avatarStyle'): auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix) users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'), ctx.get_file('avatar')) ctx.session.commit() return users.serialize_user_with_details(user, ctx.user)
def test_update_user_rank_with_empty_string(user_factory): user = user_factory() auth_user = user_factory() with pytest.raises(users.InvalidRankError): users.update_user_rank(user, '', auth_user)
def test_update_user_rank_with_empty_string(user_factory): user = user_factory() auth_user = user_factory() with pytest.raises(users.InvalidRankError): users.update_user_rank(user, "", auth_user)