~azzar1/unity/add-show-desktop-key

Viewing changes to www/apps/userservice/__init__.py

Committer: wagrant
Date: 2008-07-23 05:48:36 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:940

userservice: Repeat after me: I will not talk to code that runs as root
             for the sole purpose of writing to the database! Bad
             userservice! BAD! Write to the database yourself.

usrmgt-service: Remove {create,update}_user. They were just DB-access
                functions, which userservice now performs itself. We're
                now down to a single function, but additions will come.

files modified:
scripts/usrmgt-server

www/apps/userservice/__init__.py

Show diffs side-by-side

added added

removed removed

www/apps/userservice/__init__.py

import common

import common.db

import common.makeuser

from common import (util, chat, caps)

import conf

221

222

"""Create a new user, whose state is no_agreement.

222

223

This does not create the user's jail, just an entry in the database which

223

224

allows the user to accept an agreement.

225

Expected fields:

226

227

STRING REQUIRED

228

unixid - the unix uid under which execution will take place

229

on the behalf of the user. Don't use 0! If not specified

230

or None, one will be allocated from the configured

231

numeric range.

232

INT OPTIONAL

233

password - the clear-text password for the user. If this property is

234

absent or None, this is an indication that external

235

authentication should be used (i.e. LDAP).

236

STRING OPTIONAL

237

email - the user's email address.

238

STRING OPTIONAL

239

nick - the display name to use.

240

STRING REQUIRED

241

fullname - The name of the user for results and/or other official

242

purposes.

243

STRING REQUIRED

244

rolenm - The user's role. Must be one of "anyone", "student",

245

"tutor", "lecturer", "admin".

246

STRING/ENUM REQUIRED

247

studentid - If supplied and not None, the student id of the user for

248

results and/or other official purposes.

249

STRING OPTIONAL

250

Return Value: the uid associated with the user. INT

224

251

"""

225

252

if req.method != "POST":

226

253

req.throw_error(req.HTTP_METHOD_NOT_ALLOWED,

246

273

else:

247

274

pass

248

275

249

# Get the arguments for usermgt.create_user from the session

250

# (The user must have already logged in to use this app)

251

msg = {'create_user': create}

252

253

response = chat.chat(usrmgt_host, usrmgt_port, msg, usrmgt_magic,

254

decode = False)

276

common.makeuser.make_user_db(**create)

277

user = common.db.DB().get_user(create["login"])

255

278

req.content_type = "text/plain"

256

req.write(response)

279

req.write(str(user.unixid))

257

280

258

281

update_user_fields_anyone = [

259

282

'password', 'nick', 'email'

299

322

pass

300

323

update['login'] = login

301

324

302

# Get the arguments for usermgt.create_user from the session

303

# (The user must have already logged in to use this app)

304

args = {

305

"login": req.user.login,

306

"update": update,

307

}

308

msg = {'update_user': args}

309

310

response = chat.chat(usrmgt_host, usrmgt_port, msg, usrmgt_magic,

311

decode = False)

325

db = common.db.DB()

326

db.update_user(**update)

312

327

313

328

# Re-read the user's details from the DB so we can update their session

314

329

# XXX potentially-unsafe session write

315

330

if login == req.user.login:

316

db = common.db.DB()

317

331

user = db.get_user(login)

318

332

session = req.get_session()

319

333

session['user'] = user

320

334

session.save()

321

db.close()

335

336

db.close()

322

337

323

338

req.content_type = "text/plain"

324

req.write(response)

339

req.write('')

325

340

326

341

def handle_get_user(req, fields):

327

342

"""

Older »