def as_user(client: testing.FlaskClient): ui = regular_user_info() with client.session_transaction() as session: session["user_info"] = ui user = User(full_name=ui["name"], login=ui["email"], profile_picture=ui["picture"]) user.roles = [ Role(name=PredefinedRoles.USER), ] return user
def as_user(client: testing.FlaskClient): ui = regular_user_info() with client.session_transaction() as session: session['user_info'] = ui user = User(full_name=ui['name'], email=ui['email'], profile_picture=ui['picture']) user.roles = [ Role(name=PredefinedRoles.USER), ] return user
def as_admin(client: testing.FlaskClient): ui = admin_user_info() with client.session_transaction() as session: session['user_info'] = ui session['google_token'] = 'testing-admin' user = User(full_name=ui['name'], email=ui['email'], profile_picture=ui['picture']) user.roles = [ Role(name=PredefinedRoles.ADMIN), Role(name=PredefinedRoles.REVIEWER), Role(name=PredefinedRoles.USER), ] return user
def load_user(): # pylint: disable=too-many-return-statements,too-many-branches # TODO: split into smaller functions # continue for assets if request.path.startswith("/static"): return # continue for logout page if request.path == url_for("auth.logout"): return # continue for terms page if request.path == url_for("auth.terms"): return if not is_authenticated(): g.user = None return log.debug("Loading user") # Ignore all non-admin users during maintenance or restricted mode. if (current_app.config["MAINTENANCE_MODE"] or current_app.config["RESTRICT_LOGIN"] and not current_app.config["IS_LOCAL"]) and not is_admin(): logout() flash("Login restricted.", "danger") return # don't override existing user if getattr(g, "user", None) is not None: log.debug("Reusing existing user %s", g.user) return data = session["user_info"] # Make sure old and incompatible sessions get dropped. if "type" not in data.keys(): logout() return login_type = LoginType(data["type"]) if login_type in (LoginType.GOOGLE, LoginType.LOCAL): login_id = data["email"] picture = data.get("picture") elif login_type == LoginType.GITHUB: login_id = data["login"] picture = data.get("avatar_url") else: log.error("Unsupported login type %r", login_type) flash("Login unsupported.", "danger") logout() return user = User.query.filter_by(login=login_id).one_or_none() is_new = False is_changed = False if not user: resp, invite_code = registration_required(login_id=login_id) if resp is not None: return resp if "@" in login_id: name, host = login_id.rsplit("@", 1) log.info("Creating new user %s...%s@%s (%s)", name[0], name[-1], host, login_type) else: name = login_id log.info( "Creating new user %s...%s (%s)", login_id[:2], login_id[-2:], login_type, ) user = User( login=login_id, full_name=data.get("name", name), profile_picture=picture, login_type=login_type, ) is_new = True if invite_code is not None: session.pop("invite_code") user.roles = invite_code.roles user.invite_code = invite_code invite_code.remaining_uses -= 1 if current_app.config["AUTO_ENABLE_INVITED_USERS"]: user.enable() db.session.add(invite_code) else: log.info("Updating user %s", user) if "name" in data and not user.full_name: user.full_name = data["name"] is_changed = True if picture and not user.profile_picture: user.profile_picture = picture is_changed = True if user.login_type is None: user.login_type = login_type # update automatic roles if is_new: user.roles.append(get_or_create_role(PredefinedRoles.USER)) email = data.get("email") if email in current_app.config["APPLICATION_ADMINS"]: user.roles.append(get_or_create_role(PredefinedRoles.ADMIN)) user.roles.append(get_or_create_role(PredefinedRoles.REVIEWER)) if is_new: user.state = UserState.ACTIVE is_changed = True elif email == "*****@*****.**": user.roles.append(get_or_create_role(PredefinedRoles.REVIEWER)) is_changed = True if is_changed or is_new: log.info("Saving user %s", user) db.session.add(user) db.session.commit() if user.is_blocked(): logout() flash("Account blocked", "danger") elif user.is_enabled(): g.user = user log.debug("Loaded user %s", g.user) if user.is_first_login(): user.enable() db.session.add(user) db.session.commit() flash( jinja2.Markup( "Welcome to Vulncode-DB!<br>" "Please take a look at your " f'<a href="{url_for("profile.index")}">profile page</a> ' "to review your settings."), "info", ) else: logout() flash("Account not yet activated", "danger")