mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-23 01:16:18 +00:00
Implemented user management methods
This commit is contained in:
parent
9b3bb99b48
commit
7042634a89
84
api/user.py
84
api/user.py
@ -3,6 +3,8 @@
|
|||||||
from flask import request
|
from flask import request
|
||||||
from web import app
|
from web import app
|
||||||
from db import User
|
from db import User
|
||||||
|
from . import hexdecode
|
||||||
|
from user_manager import UserManager
|
||||||
|
|
||||||
@app.route('/rest/getUser.view', methods = [ 'GET', 'POST' ])
|
@app.route('/rest/getUser.view', methods = [ 'GET', 'POST' ])
|
||||||
def user_info():
|
def user_info():
|
||||||
@ -10,26 +12,72 @@ def user_info():
|
|||||||
if username is None:
|
if username is None:
|
||||||
return request.error_formatter(10, 'Missing username')
|
return request.error_formatter(10, 'Missing username')
|
||||||
|
|
||||||
|
if username != request.username and not request.user.admin:
|
||||||
|
return request.error_formatter(50, 'Admin restricted')
|
||||||
|
|
||||||
user = User.query.filter(User.name == username).first()
|
user = User.query.filter(User.name == username).first()
|
||||||
if user is None:
|
if user is None:
|
||||||
return request.error_formatter(0, 'Unknown user')
|
return request.error_formatter(0, 'Unknown user')
|
||||||
|
|
||||||
return request.formatter({
|
return request.formatter({ 'user': user.as_subsonic_user() })
|
||||||
'user': {
|
|
||||||
'username': user.name,
|
@app.route('/rest/getUsers.view', methods = [ 'GET', 'POST' ])
|
||||||
'email': user.mail,
|
def users_info():
|
||||||
'scrobblingEnabled': user.lastfm_session is not None and user.lastfm_status,
|
if not request.user.admin:
|
||||||
'adminRole': user.admin,
|
return request.error_formatter(50, 'Admin restricted')
|
||||||
'settingsRole': user.admin,
|
|
||||||
'downloadRole': True,
|
return request.formatter({ 'users': { 'user': [ u.as_subsonic_user() for u in User.query.all() ] } })
|
||||||
'uploadRole': False,
|
|
||||||
'playlistRole': False,
|
@app.route('/rest/createUser.view', methods = [ 'GET', 'POST' ])
|
||||||
'coverArtRole': False,
|
def user_add():
|
||||||
'commentRole': False,
|
if not request.user.admin:
|
||||||
'podcastRole': False,
|
return request.error_formatter(50, 'Admin restricted')
|
||||||
'streamRole': True,
|
|
||||||
'jukeboxRole': False,
|
username, password, email, admin = map(request.args.get, [ 'username', 'password', 'email', 'adminRole' ])
|
||||||
'shareRole': False
|
if not username or not password or not email:
|
||||||
}
|
return request.error_formatter(10, 'Missing parameter')
|
||||||
})
|
admin = True if admin in (True, 'True', 'true', 1, '1') else False
|
||||||
|
|
||||||
|
if password.startswith('enc:'):
|
||||||
|
password = hexdecode(password[4:])
|
||||||
|
|
||||||
|
status = UserManager.add(username, password, email, admin)
|
||||||
|
if status == UserManager.NAME_EXISTS:
|
||||||
|
return request.error_formatter(0, 'There is already a user with that username')
|
||||||
|
|
||||||
|
return request.formatter({})
|
||||||
|
|
||||||
|
@app.route('/rest/deleteUser.view', methods = [ 'GET', 'POST' ])
|
||||||
|
def user_del():
|
||||||
|
if not request.user.admin:
|
||||||
|
return request.error_formatter(50, 'Admin restricted')
|
||||||
|
|
||||||
|
username = request.args.get('username')
|
||||||
|
user = User.query.filter(User.name == username).first()
|
||||||
|
if not user:
|
||||||
|
return request.error_formatter(70, 'Unknown user')
|
||||||
|
|
||||||
|
status = UserManager.delete(user.id)
|
||||||
|
if status != UserManager.SUCCESS:
|
||||||
|
return request.error_formatter(0, UserManager.error_str(status))
|
||||||
|
|
||||||
|
return request.formatter({})
|
||||||
|
|
||||||
|
@app.route('/rest/changePassword.view', methods = [ 'GET', 'POST' ])
|
||||||
|
def user_changepass():
|
||||||
|
username, password = map(request.args.get, [ 'username', 'password' ])
|
||||||
|
if not username or not password:
|
||||||
|
return request.error_formatter(10, 'Missing parameter')
|
||||||
|
|
||||||
|
if username != request.username and not request.user.admin:
|
||||||
|
return request.error_formatter(50, 'Admin restricted')
|
||||||
|
|
||||||
|
if password.startswith('enc:'):
|
||||||
|
password = hexdecode(password[4:])
|
||||||
|
|
||||||
|
status = UserManager.change_password2(username, password)
|
||||||
|
if status != UserManager.SUCCESS:
|
||||||
|
return request.error_formatter(0, UserManager.error_str(status))
|
||||||
|
|
||||||
|
return request.formatter({})
|
||||||
|
|
||||||
|
18
db.py
18
db.py
@ -64,6 +64,24 @@ class User(Base):
|
|||||||
last_play = relationship('Track')
|
last_play = relationship('Track')
|
||||||
last_play_date = Column(DateTime, nullable = True)
|
last_play_date = Column(DateTime, nullable = True)
|
||||||
|
|
||||||
|
def as_subsonic_user(self):
|
||||||
|
return {
|
||||||
|
'username': self.name,
|
||||||
|
'email': self.mail,
|
||||||
|
'scrobblingEnabled': self.lastfm_session is not None and self.lastfm_status,
|
||||||
|
'adminRole': self.admin,
|
||||||
|
'settingsRole': True,
|
||||||
|
'downloadRole': True,
|
||||||
|
'uploadRole': False,
|
||||||
|
'playlistRole': False,
|
||||||
|
'coverArtRole': False,
|
||||||
|
'commentRole': False,
|
||||||
|
'podcastRole': False,
|
||||||
|
'streamRole': True,
|
||||||
|
'jukeboxRole': False,
|
||||||
|
'shareRole': False
|
||||||
|
}
|
||||||
|
|
||||||
class Folder(Base):
|
class Folder(Base):
|
||||||
__tablename__ = 'folder'
|
__tablename__ = 'folder'
|
||||||
|
|
||||||
|
@ -76,6 +76,16 @@ class UserManager:
|
|||||||
session.commit()
|
session.commit()
|
||||||
return UserManager.SUCCESS
|
return UserManager.SUCCESS
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def change_password2(name, new_pass):
|
||||||
|
user = User.query.filter(User.name == name).first()
|
||||||
|
if not user:
|
||||||
|
return UserManager.NO_SUCH_USER
|
||||||
|
|
||||||
|
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
|
||||||
|
session.commit()
|
||||||
|
return UserManager.SUCCESS
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def error_str(err):
|
def error_str(err):
|
||||||
if err == UserManager.SUCCESS:
|
if err == UserManager.SUCCESS:
|
||||||
|
Loading…
Reference in New Issue
Block a user