From 26d63b7c7d2dcff099c008c6c97041cdc8913361 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= Date: Sat, 20 Nov 2021 22:58:05 +0100 Subject: [PATCH] [users][auth_ldap][auth_plain] delete avatar --- flaschengeist/controller/userController.py | 5 +++++ flaschengeist/models/user.py | 4 ++++ flaschengeist/plugins/__init__.py | 11 +++++++++++ flaschengeist/plugins/auth_ldap/__init__.py | 7 +++++++ flaschengeist/plugins/auth_plain/__init__.py | 3 +++ flaschengeist/plugins/users/__init__.py | 10 ++++++++++ 6 files changed, 40 insertions(+) diff --git a/flaschengeist/controller/userController.py b/flaschengeist/controller/userController.py index 2305f9a..7427ac1 100644 --- a/flaschengeist/controller/userController.py +++ b/flaschengeist/controller/userController.py @@ -207,6 +207,11 @@ def save_avatar(user, avatar): db.session.commit() +def delete_avatar(user): + current_app.config["FG_AUTH_BACKEND"].delete_avatar(user) + db.session.commit() + + def persist(user=None): if user: db.session.add(user) diff --git a/flaschengeist/models/user.py b/flaschengeist/models/user.py index 16b901c..2f3ac67 100644 --- a/flaschengeist/models/user.py +++ b/flaschengeist/models/user.py @@ -94,6 +94,10 @@ class User(db.Model, ModelSerializeMixin): return self._attributes[name].value return default + def delete_attribute(self, name): + if name in self._attributes: + self._attributes.pop(name) + def get_permissions(self): return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions] diff --git a/flaschengeist/plugins/__init__.py b/flaschengeist/plugins/__init__.py index da5bc84..1c42a71 100644 --- a/flaschengeist/plugins/__init__.py +++ b/flaschengeist/plugins/__init__.py @@ -191,3 +191,14 @@ class AuthPlugin(Plugin): MethodNotAllowed: If not supported by Backend """ raise MethodNotAllowed + + def delete_avatar(self, user): + """Delete the avatar for given user (if supported by auth backend) + + Args: + user: Uset to delete the avatar for + + Raises: + MethodNotAllowed: If not supported by Backend + """ + raise MethodNotAllowed diff --git a/flaschengeist/plugins/auth_ldap/__init__.py b/flaschengeist/plugins/auth_ldap/__init__.py index 846dc5d..1cfd5aa 100644 --- a/flaschengeist/plugins/auth_ldap/__init__.py +++ b/flaschengeist/plugins/auth_ldap/__init__.py @@ -178,6 +178,13 @@ class AuthLDAP(AuthPlugin): ldap_conn = self.ldap.connect(self.root_dn, self.root_secret) ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]}) + def delete_avatar(self, user): + if self.root_dn is None: + logger.error("root_dn missing in ldap config!") + dn = user.get_attribute("DN") + ldap_conn = self.ldap.connect(self.root_dn, self.root_secret) + ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [])]}) + def __find(self, userid, mail=None): """Find attributes of an user by uid or mail in LDAP""" con = self.ldap.connection diff --git a/flaschengeist/plugins/auth_plain/__init__.py b/flaschengeist/plugins/auth_plain/__init__.py index 3b2b8f7..a9f24a5 100644 --- a/flaschengeist/plugins/auth_plain/__init__.py +++ b/flaschengeist/plugins/auth_plain/__init__.py @@ -64,6 +64,9 @@ class AuthPlain(AuthPlugin): def set_avatar(self, user, avatar): user.set_attribute("avatar", avatar) + def delete_avatar(self, user): + user.delete_attribute("avatar") + @staticmethod def _hash_password(password): salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii") diff --git a/flaschengeist/plugins/users/__init__.py b/flaschengeist/plugins/users/__init__.py index 9b41070..d0f929e 100644 --- a/flaschengeist/plugins/users/__init__.py +++ b/flaschengeist/plugins/users/__init__.py @@ -144,6 +144,16 @@ def set_avatar(userid, current_session): raise BadRequest +@UsersPlugin.blueprint.route("/users//avatar", methods=["DELETE"]) +@login_required() +def delete_avatar(userid, current_session): + user = userController.get_user(userid) + if userid != current_session.user_.userid and not current_session.user_.has_permission(permissions.EDIT): + raise Forbidden + userController.delete_avatar(user) + return "", NO_CONTENT + + @UsersPlugin.blueprint.route("/users/", methods=["DELETE"]) @login_required(permission=permissions.DELETE) def delete_user(userid, current_session):