« back to all changes in this revision
Viewing changes to ivle/webapp/userservice/__init__.py
- browse files at revision 1354
- compare with another revision
- compare with revision 1099.1.69
- download diff
- download tarball
- view history from revision 1354
- Committer: William Grant
- Date: 2009-12-08 04:15:37 UTC
- Revision ID: grantw@unimelb.edu.au-20091208041537-fvml99fo4eir3c2z
Remove get_user and update_user userservice calls -- unused since new-user-ui.
- files modified:
- ivle/webapp/userservice/__init__.py
added
removed
ivle/webapp/userservice/__init__.py
43
43
# Optional:
44
44
# password, nick, email, studentid
45
45
46
# userservice/get_user
47
# method: May be GET
48
# Required cap: None to see yourself.
49
# CAP_GETUSER to see another user.
50
# Gets the login details of a user. Returns as a JSON object.
51
# login = Optional login name of user to get. If omitted, get yourself.
52
53
# userservice/update_user
54
# Required cap: None to update yourself.
55
# CAP_UPDATEUSER to update another user (and also more fields).
56
# (This is all-powerful so should be only for admins)
57
# login = Optional login name of user to update. If omitted, update yourself.
58
# Other fields are optional, and will set the given field of the user.
59
# Without CAP_UPDATEUSER, you may change the following fields of yourself:
60
# password, nick, email
61
# With CAP_UPDATEUSER, you may also change the following fields of any user:
62
# password, nick, email, login, rolenm, unixid, fullname, studentid
63
# (You can't change "state", but see userservice/[en|dis]able_user).
64
65
46
# TODO
66
47
# userservice/enable_user
67
48
# Required cap: CAP_UPDATEUSER
157
138
# TOS
158
139
USER_DECLARATION = "I accept the IVLE Terms of Service"
159
140
160
# List of fields returned as part of the user JSON dictionary
161
# (as returned by the get_user action)
162
user_fields_list = (
163
"login", "state", "unixid", "email", "nick", "fullname",
164
"admin", "studentid", "acct_exp", "pass_exp", "last_login",
165
"svn_pass", "admin",
166
)
167
168
141
class UserServiceView(BaseView):
169
142
subpath_allowed = True
170
143
329
302
req.content_type = "text/plain"
330
303
req.write(str(user.unixid))
331
304
332
update_user_fields_anyone = [
333
'password', 'nick', 'email'
334
]
335
update_user_fields_admin = [
336
'password', 'nick', 'email', 'admin', 'unixid', 'fullname',
337
'studentid'
338
]
339
340
@require_method('POST')
341
def handle_update_user(req, fields):
342
"""Update a user's account details.
343
This can be done in a limited form by any user, on their own account,
344
or with full powers by an admin user on any account.
345
"""
346
# Only give full powers if this user is an admin.
347
fullpowers = req.user.admin
348
# List of fields that may be changed
349
fieldlist = (update_user_fields_admin if fullpowers
350
else update_user_fields_anyone)
351
352
try:
353
login = fields.getfirst('login')
354
if login is None:
355
raise AttributeError()
356
if not fullpowers and login != req.user.login:
357
# Not allowed to edit other users
358
raise Unauthorized()
359
except AttributeError:
360
# If login not specified, update yourself
361
login = req.user.login
362
363
user = ivle.database.User.get_by_login(req.store, login)
364
365
oldpassword = fields.getfirst('oldpass')
366
if oldpassword is not None: # It was specified.
367
oldpassword = oldpassword.value
368
369
# If the user is trying to set a new password, check that they have
370
# entered old password and it authenticates.
371
if fields.getfirst('password') is not None:
372
try:
373
authenticate.authenticate(req.config, req.store, login,
374
oldpassword)
375
except AuthError:
376
# XXX: Duplicated!
377
req.headers_out['X-IVLE-Action-Error'] = \
378
urllib.quote("Old password incorrect.")
379
raise BadRequest("Old password incorrect.")
380
381
# Make a dict of fields to update
382
for f in fieldlist:
383
val = fields.getfirst(f)
384
if val is not None:
385
# Note: May be rolled back if auth check below fails
386
setattr(user, f, val.value.decode('utf-8'))
387
else:
388
pass
389
390
req.content_type = "text/plain"
391
req.write('')
392
393
def handle_get_user(req, fields):
394
"""
395
Retrieve a user's account details. This returns all details which the db
396
module is willing to give up, EXCEPT the following fields:
397
svn_pass
398
"""
399
# Only give full powers if this user is an admin
400
fullpowers = req.user.admin
401
402
try:
403
login = fields.getfirst('login')
404
if login is None:
405
raise AttributeError()
406
if not fullpowers and login != req.user.login:
407
raise Unauthorized()
408
except AttributeError:
409
# If login not specified, update yourself
410
login = req.user.login
411
412
# Just talk direct to the DB
413
userobj = ivle.database.User.get_by_login(req.store, login)
414
user = ivle.util.object_to_dict(user_fields_list, userobj)
415
# Convert time stamps to nice strings
416
for k in 'pass_exp', 'acct_exp', 'last_login':
417
if user[k] is not None:
418
user[k] = unicode(user[k])
419
420
user['local_password'] = userobj.passhash is not None
421
422
response = cjson.encode(user)
423
req.content_type = "text/plain"
424
req.write(response)
425
426
305
def handle_get_enrolments(req, fields):
427
306
"""
428
307
Retrieve a user's enrolment details. Each enrolment includes any group
720
599
actions_map = {
721
600
"activate_me": handle_activate_me,
722
601
"create_user": handle_create_user,
723
"update_user": handle_update_user,
724
"get_user": handle_get_user,
725
602
"get_enrolments": handle_get_enrolments,
726
603
"get_active_offerings": handle_get_active_offerings,
727
604
"get_project_groups": handle_get_project_groups,
Loggerhead is a web-based interface for Breezy
Version: 2.0.1