[users][auth_ldap][auth_plain] delete avatar

2021-11-20 22:58:05 +01:00 · 2021-11-20 22:58:05 +01:00 · 26d63b7c7d
parent f7f27311db
commit 26d63b7c7d
6 changed files with 40 additions and 0 deletions
--- a/flaschengeist/controller/userController.py
+++ b/flaschengeist/controller/userController.py
@ -207,6 +207,11 @@ def save_avatar(user, avatar):
    db.session.commit()


+def delete_avatar(user):
+    current_app.config["FG_AUTH_BACKEND"].delete_avatar(user)
+    db.session.commit()
+
+
 def persist(user=None):
    if user:
        db.session.add(user)
--- a/flaschengeist/models/user.py
+++ b/flaschengeist/models/user.py
@ -94,6 +94,10 @@ class User(db.Model, ModelSerializeMixin):
            return self._attributes[name].value
        return default

+    def delete_attribute(self, name):
+        if name in self._attributes:
+            self._attributes.pop(name)
+
    def get_permissions(self):
        return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions]

--- a/flaschengeist/plugins/init.py
+++ b/flaschengeist/plugins/init.py
@ -191,3 +191,14 @@ class AuthPlugin(Plugin):
            MethodNotAllowed: If not supported by Backend
        """
        raise MethodNotAllowed
+
+    def delete_avatar(self, user):
+        """Delete the avatar for given user (if supported by auth backend)
+
+        Args:
+            user: Uset to delete the avatar for
+
+        Raises:
+            MethodNotAllowed: If not supported by Backend
+        """
+        raise MethodNotAllowed
--- a/flaschengeist/plugins/auth_ldap/init.py
+++ b/flaschengeist/plugins/auth_ldap/init.py
@ -178,6 +178,13 @@ class AuthLDAP(AuthPlugin):
        ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
        ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})

+    def delete_avatar(self, user):
+        if self.root_dn is None:
+            logger.error("root_dn missing in ldap config!")
+        dn = user.get_attribute("DN")
+        ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+        ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [])]})
+
    def __find(self, userid, mail=None):
        """Find attributes of an user by uid or mail in LDAP"""
        con = self.ldap.connection
--- a/flaschengeist/plugins/auth_plain/init.py
+++ b/flaschengeist/plugins/auth_plain/init.py
@ -64,6 +64,9 @@ class AuthPlain(AuthPlugin):
    def set_avatar(self, user, avatar):
        user.set_attribute("avatar", avatar)

+    def delete_avatar(self, user):
+        user.delete_attribute("avatar")
+
    @staticmethod
    def _hash_password(password):
        salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")
--- a/flaschengeist/plugins/users/init.py
+++ b/flaschengeist/plugins/users/init.py
@ -144,6 +144,16 @@ def set_avatar(userid, current_session):
        raise BadRequest


+@UsersPlugin.blueprint.route("/users/<userid>/avatar", methods=["DELETE"])
+@login_required()
+def delete_avatar(userid, current_session):
+    user = userController.get_user(userid)
+    if userid != current_session.user_.userid and not current_session.user_.has_permission(permissions.EDIT):
+        raise Forbidden
+    userController.delete_avatar(user)
+    return "", NO_CONTENT
+
+
@UsersPlugin.blueprint.route("/users/<userid>", methods=["DELETE"])
@login_required(permission=permissions.DELETE)
 def delete_user(userid, current_session):