« back to all changes in this revision
Viewing changes to lib/common/db.py
- browse files at revision 467
- compare with another revision
- download diff
- download tarball
- view history from revision 467
- Committer: drtomc
- Date: 2008-02-14 23:37:08 UTC
- Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:467
makeuser: Add some of the helper functions for activating users.
setup: Add some missing svn config.
setup: Add some missing svn config.
- files added:
- www/apps/tos
- www/apps/userservice
- files modified:
- doc/setup/ivle.conf
added
removed
lib/common/db.py
76
76
Takes no parameters - gets all the DB info from the configuration."""
77
77
self.db = pg.connect(dbname=conf.db_dbname, host=conf.db_host,
78
78
port=conf.db_port, user=conf.db_user, passwd=conf.db_password)
79
self.open = True
80
81
def __del__(self):
82
if self.open:
83
self.db.close()
79
84
80
85
# USER MANAGEMENT FUNCTIONS #
81
86
82
def create_user(self, login, unixid, password, nick, fullname, rolenm,
83
studentid, dry=False):
87
def create_user(self, login, password, unixid, email, nick, fullname,
88
rolenm, studentid, acct_exp=None, dry=False):
84
89
"""Creates a user login entry in the database.
85
90
Arguments are the same as those in the "login" table of the schema.
86
91
The exception is "password", which is a cleartext password. makeuser
87
92
will hash the password.
93
Also "state" is not given explicitly; it is implicitly set to
94
"no_agreement".
88
95
Raises an exception if the user already exists.
89
96
"""
90
97
passhash = _passhash(password)
91
query = ("INSERT INTO login (login, unixid, passhash, nick, fullname,"
92
" rolenm, studentid) VALUES (%s, %d, %s, %s, %s, %s, %s);" %
93
(_escape(login), unixid, _escape(passhash), _escape(nick),
94
_escape(fullname), _escape(rolenm), _escape(studentid)))
98
query = ("INSERT INTO login (login, passhash, state, unixid, email, "
99
"nick, fullname, rolenm, studentid, acct_exp) VALUES "
100
"(%s, %s, 'no_agreement', %d, %s, %s, %s, %s, %s);" %
101
(_escape(login), _escape(passhash), unixid, _escape(email),
102
_escape(nick), _escape(fullname), _escape(rolenm),
103
_escape(studentid), _escape(acct_exp))
95
104
if dry: return query
96
105
self.db.query(query)
97
106
98
def update_user(self, login, password=None, nick=None,
99
fullname=None, rolenm=None, dry=False):
107
def update_user(self, login, password=None, state=None, email=None,
108
nick=None, fullname=None, rolenm=None, acct_exp=None, pass_exp=None,
109
last_login=None, dry=False):
100
110
"""Updates fields of a particular user. login is the name of the user
101
111
to update. The other arguments are optional fields which may be
102
112
modified. If None or omitted, they do not get modified. login and
107
117
changed without knowing the old password. The caller should check
108
118
that the user knows the existing password before calling this function
109
119
with a new one.
120
121
FIXME: this interface does not allow fields to be set to NULL (None).
110
122
"""
111
123
# Make a list of SQL fragments of the form "field = 'new value'"
112
124
# These fragments are ALREADY-ESCAPED
113
125
setlist = []
114
if password is not None:
126
if passhash is not None:
115
127
setlist.append("passhash = " + _escape(_passhash(password)))
128
if state is not None:
129
setlist.append("state = " + _escape(state))
130
if email is not None:
131
setlist.append("email = " + _escape(email))
116
132
if nick is not None:
117
133
setlist.append("nick = " + _escape(nick))
118
134
if fullname is not None:
119
135
setlist.append("fullname = " + _escape(fullname))
120
136
if rolenm is not None:
121
137
setlist.append("rolenm = " + _escape(rolenm))
138
if pass_exp is not None:
139
setlist.append("pass_exp = " + _escape(pass_exp))
140
if acct_exp is not None:
141
setlist.append("acct_exp = " + _escape(acct_exp))
142
if last_login is not None:
143
setlist.append("last_login = " + _escape(last_login))
122
144
if len(setlist) == 0:
123
145
return
124
146
# Join the fragments into a comma-separated string
141
163
142
164
Raises a DBException if the login is not found in the DB.
143
165
"""
144
query = ("SELECT login, unixid, nick, fullname, rolenm, studentid "
145
"FROM login WHERE login = %s;" % _escape(login))
166
query = ("SELECT login, state, unixid, email, nick, fullname, "
167
"rolenm, studentid FROM login WHERE login = %s;" % _escape(login))
146
168
if dry: return query
147
169
result = self.db.query(query)
148
170
# Expecting exactly one
157
179
"""Returns a list of all users. The list elements are a dictionary of
158
180
the user's DB fields, excluding the passhash field.
159
181
"""
160
query = ("SELECT login, unixid, nick, fullname, rolenm, studentid "
161
"FROM login")
182
query = ("SELECT login, state, unixid, email, nick, fullname, "
183
"rolenm, studentid FROM login")
162
184
if dry: return query
163
185
return self.db.query(query).dictresult()
164
186
165
187
def user_authenticate(self, login, password, dry=False):
166
188
"""Performs a password authentication on a user. Returns True if
167
"password" is the correct password for the given login, False
168
otherwise. "password" is cleartext.
189
"passhash" is the correct passhash for the given login, False
190
otherwise.
169
191
Also returns False if the login does not exist (so if you want to
170
192
differentiate these cases, use get_user and catch an exception).
171
193
"""
183
205
this. (The behaviour of doing so is undefined).
184
206
"""
185
207
self.db.close()
208
self.open = False
Loggerhead is a web-based interface for Breezy
Version: 2.0.1