github/supysonic
1
0
Fork 0
mirror of https://github.com/spl0k/supysonic.git synced 2024-11-09 19:52:16 +00:00
Code Issues Releases Wiki Activity

Implement updateUser

Browse Source
This commit is contained in:
Alban Féron 2020-11-10 16:56:49 +01:00
parent debb396b0e
commit 52fb367c44
No known key found for this signature in database
GPG Key ID: 8CE0313646D16165
5 changed files with 90 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/api.md
View File

@ -95,7 +95,7 @@ or with version 1.8.0.
| [`getUser`](#getuser) | | ✔️ | | [`getUser`](#getuser) | | ✔️ |
| [`getUsers`](#getusers) | 1.9.0 | ✔️ | | [`getUsers`](#getusers) | 1.9.0 | ✔️ |
| [`createUser`](#createuser) | | ✔️ | | [`createUser`](#createuser) | | ✔️ |
| [`updateUser`](#updateuser) | 1.10.2 | 📅 | | [`updateUser`](#updateuser) | 1.10.2 | ✔️ |
| [`deleteUser`](#deleteuser) | | ✔️ | | [`deleteUser`](#deleteuser) | | ✔️ |
| [`changePassword`](#changepassword) | | ✔️ | | [`changePassword`](#changepassword) | | ✔️ |
| [`getBookmarks`](#getbookmarks) | 1.9.0 | ❔ | | [`getBookmarks`](#getbookmarks) | 1.9.0 | ❔ |
@ -703,18 +703,18 @@ No parameter
| `musicFolderId` | 1.12.0 | 📅 | | `musicFolderId` | 1.12.0 | 📅 |
#### `updateUser` #### `updateUser`
📅 1.10.2 ✔️ 1.10.2
| Parameter | Vers. | | | Parameter | Vers. | |
|-----------------------|--------|---| |-----------------------|--------|---|
| `username` | 1.10.2 | 📅 | | `username` | 1.10.2 | ✔️ |
| `password` | 1.10.2 | 📅 | | `password` | 1.10.2 | ✔️ |
| `email` | 1.10.2 | 📅 | | `email` | 1.10.2 | ✔️ |
| `ldapAuthenticated` | 1.10.2 | | | `ldapAuthenticated` | 1.10.2 | |
| `adminRole` | 1.10.2 | 📅 | | `adminRole` | 1.10.2 | ✔️ |
| `settingsRole` | 1.10.2 | | | `settingsRole` | 1.10.2 | |
| `streamRole` | 1.10.2 | | | `streamRole` | 1.10.2 | |
| `jukeboxRole` | 1.10.2 | 📅 | | `jukeboxRole` | 1.10.2 | ✔️ |
| `downloadRole` | 1.10.2 | | | `downloadRole` | 1.10.2 | |
| `uploadRole` | 1.10.2 | | | `uploadRole` | 1.10.2 | |
| `coverArtRole` | 1.10.2 | | | `coverArtRole` | 1.10.2 | |

29
supysonic/api/user.py
View File

@ -92,3 +92,32 @@ def user_changepass():
UserManager.change_password2(username, password) UserManager.change_password2(username, password)
return request.formatter.empty return request.formatter.empty
@api.route("/updateUser.view", methods=["GET", "POST"])
@admin_only
def user_edit():
username = request.values["username"]
user = User.get(name=username)
if user is None:
raise NotFound("User")
if "password" in request.values:
password = decode_password(request.values["password"])
UserManager.change_password2(user, password)
email, admin, jukebox = map(
request.values.get, ["email", "adminRole", "jukeboxRole"]
)
if email is not None:
user.mail = email
if admin is not None:
admin = admin in (True, "True", "true", 1, "1")
user.admin = admin
if jukebox is not None:
jukebox = jukebox in (True, "True", "true", 1, "1")
user.jukebox = jukebox
return request.formatter.empty

15
supysonic/managers/user.py
View File

@ -24,7 +24,7 @@ class UserManager:
elif isinstance(uid, str): elif isinstance(uid, str):
uid = uuid.UUID(uid) uid = uuid.UUID(uid)
else: else:
raise ValueError("Invalid user id") raise TypeError("Invalid user id")
return User[uid] return User[uid]
@ -67,10 +67,15 @@ class UserManager:
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0] user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
@staticmethod @staticmethod
def change_password2(name, new_pass): def change_password2(name_or_user, new_pass):
user = User.get(name=name) if isinstance(name_or_user, User):
if user is None: user = name_or_user
raise ObjectNotFound(User) elif isinstance(name_or_user, str):
user = User.get(name=name_or_user)
if user is None:
raise ObjectNotFound(User)
else:
raise TypeError("Requires a User instance or a user name (string)")
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0] user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]

37
tests/api/test_user.py
View File

@ -222,7 +222,7 @@ class UserTestCase(ApiTestBase):
# non ASCII in hex encoded password # non ASCII in hex encoded password
self._make_request( self._make_request(
"changePassword", "changePassword",
{"username": "alice", "password": "enc:" + hexlify(u"новыйпароль")}, {"username": "alice", "password": "enc:" + hexlify("новыйпароль")},
skip_post=True, skip_post=True,
) )
self._make_request("ping", {"u": "alice", "p": "новыйпароль"}) self._make_request("ping", {"u": "alice", "p": "новыйпароль"})
@ -240,6 +240,41 @@ class UserTestCase(ApiTestBase):
) )
self._make_request("ping", {"u": "alice", "p": "enc:randomstring"}) self._make_request("ping", {"u": "alice", "p": "enc:randomstring"})
def test_update_user(self):
# non admin
self._make_request(
"updateUser", {"u": "bob", "p": "B0b", "username": "alice"}, error=50
)
# missing param
self._make_request("updateUser", error=10)
# non existing
self._make_request("updateUser", {"username": "charlie"}, error=70)
self._make_request(
"updateUser",
{"username": "bob", "email": "email@email.em", "jukeboxRole": True},
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "email@email.em")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request(
"updateUser", {"username": "bob", "email": "example@email.com"}
)
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "false")
self.assertEqual(child.get("jukeboxRole"), "true")
self._make_request("updateUser", {"username": "bob", "adminRole": True})
rv, child = self._make_request("getUser", {"username": "bob"}, tag="user")
self.assertEqual(child.get("email"), "example@email.com")
self.assertEqual(child.get("adminRole"), "true")
self.assertEqual(child.get("jukeboxRole"), "true")
if __name__ == "__main__": if __name__ == "__main__":
unittest.main() unittest.main()

10
tests/managers/test_manager_user.py
View File

@ -85,7 +85,7 @@ class UserManagerTestCase(unittest.TestCase):
# Get with invalid UUID # Get with invalid UUID
self.assertRaises(ValueError, UserManager.get, "invalid-uuid") self.assertRaises(ValueError, UserManager.get, "invalid-uuid")
self.assertRaises(ValueError, UserManager.get, 0xFEE1BAD) self.assertRaises(TypeError, UserManager.get, 0xFEE1BAD)
# Non-existent user # Non-existent user
self.assertRaises(ObjectNotFound, UserManager.get, uuid.uuid4()) self.assertRaises(ObjectNotFound, UserManager.get, uuid.uuid4())
@ -104,7 +104,7 @@ class UserManagerTestCase(unittest.TestCase):
# Delete invalid UUID # Delete invalid UUID
self.assertRaises(ValueError, UserManager.delete, "invalid-uuid") self.assertRaises(ValueError, UserManager.delete, "invalid-uuid")
self.assertRaises(ValueError, UserManager.delete, 0xFEE1B4D) self.assertRaises(TypeError, UserManager.delete, 0xFEE1B4D)
self.assertEqual(db.User.select().count(), 3) self.assertEqual(db.User.select().count(), 3)
# Delete non-existent user # Delete non-existent user
@ -190,6 +190,8 @@ class UserManagerTestCase(unittest.TestCase):
def test_change_password2(self): def test_change_password2(self):
self.create_data() self.create_data()
self.assertRaises(TypeError, UserManager.change_password2, uuid.uuid4(), "pass")
# With existing users # With existing users
for name in ["alice", "bob", "charlie"]: for name in ["alice", "bob", "charlie"]:
UserManager.change_password2(name, "newpass") UserManager.change_password2(name, "newpass")
@ -197,6 +199,10 @@ class UserManagerTestCase(unittest.TestCase):
self.assertEqual(UserManager.try_auth(name, "newpass"), user) self.assertEqual(UserManager.try_auth(name, "newpass"), user)
self.assertEqual(UserManager.try_auth(name, name.upper()), None) self.assertEqual(UserManager.try_auth(name, name.upper()), None)
# test passing the user directly
UserManager.change_password2(user, "NEWPASS")
self.assertEqual(UserManager.try_auth(name, "NEWPASS"), user)
# Non-existent user # Non-existent user
self.assertRaises( self.assertRaises(
ObjectNotFound, UserManager.change_password2, "null", "newpass" ObjectNotFound, UserManager.change_password2, "null", "newpass"