def create_user(self, username, password, email, \
user_type=USER_TYPES['user']):
'''
Called when a request is made to create a new user account.
@param username:
The username to associate with the new account.
@type username:
String
@param password:
The password to associate with the new account.
@type password:
String
@param email:
The email account to associate with the new account.
@type email:
String
@param user_type:
The user-type of the new account (admin, regular user, etc.).
[Default == regular user]
@type user_type:
Integer (util.config.USER_TYPES)
'''
username = sanitize(username)
password = hash(password)
if 'admin' in username:
user_type = USER_TYPES['admin']
# TODO: Validate the email address -- util.general.validate_email()
add_user_query = \
'''
INSERT OR IGNORE INTO users (user, pass, email, user_type)
VALUES ("%s", "%s", "%s", %d);
'''
print add_user_query
print username
print password
self.db.query(add_user_query % (username, password, email, user_type,))
return True
def delete_user(self, username, password='', user_type=USER_TYPES['user']):
'''
Called when attempting to remove a user account from the record. For
security and common-sense purposes; the password must also be provided.
@param username:
The username to be deleted from the records.
@type username:
String
@param password:
The password of the account to be deleted from the records. This
param is not required by administrators. [Default == '']
@type password:
String
@param user_type:
The type of user making the request. See config.USER_TYPES for more
details.
@type user_type:
Integer (util.config.USER_TYPES)
@return:
The success/failure notification of the process.
@rtype:
Boolean
'''
username = sanitize(username)
delete_user_query = \
'''
DELETE FROM users WHERE user = "******";
'''
delete_success = False
# If the requester is an admin or the correct user/pass is provided,
# proceed with deleting the account.
if (user_type is USER_TYPES['admin']) or \
self.attempt_login(username, password):
self.db.query(delete_user_query%username)
delete_success = True
return delete_success
def is_user(self, username):
'''
Called when a user has attempted a username and password combination. If
the user is successfully logged in, this will return a valid user-type;
otherwise, it will return 0.
@param username:
The username being attempted.
@type username:
String
@param password:
The password that is associated with the aforementioned username.
@type password:
String
@return:
The user-type if the login succeeds; otherwise, returns 0.
@rtype:
Integer (util.config.USER_TYPES)
'''
username = sanitize(username)
#password = hash(password)
find_user_query = \
'''
SELECT * FROM users WHERE user = "******";
'''
#old query SELECT * FROM users WHERE user = "******" AND pass = "******";
records = self.db.query(find_user_query % (username))
try:
user = records[0]
user_data = { 'is_user': '******', 'data': user }
print user_data['is_user']
print user_data['data']['user']
except IndexError:
LOGGER.warning('Invalid user/pass for user <%s>.' % username)
#user_type = 0
user_data = { 'is_user': '******', 'data': '' }
return user_data
