[users][auth_ldap][auth_plain] delete avatar

This commit is contained in:
Tim Gröger 2021-11-20 22:58:05 +01:00
parent f7f27311db
commit 26d63b7c7d
6 changed files with 40 additions and 0 deletions

View File

@ -207,6 +207,11 @@ def save_avatar(user, avatar):
db.session.commit() db.session.commit()
def delete_avatar(user):
current_app.config["FG_AUTH_BACKEND"].delete_avatar(user)
db.session.commit()
def persist(user=None): def persist(user=None):
if user: if user:
db.session.add(user) db.session.add(user)

View File

@ -94,6 +94,10 @@ class User(db.Model, ModelSerializeMixin):
return self._attributes[name].value return self._attributes[name].value
return default return default
def delete_attribute(self, name):
if name in self._attributes:
self._attributes.pop(name)
def get_permissions(self): def get_permissions(self):
return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions] return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions]

View File

@ -191,3 +191,14 @@ class AuthPlugin(Plugin):
MethodNotAllowed: If not supported by Backend MethodNotAllowed: If not supported by Backend
""" """
raise MethodNotAllowed raise MethodNotAllowed
def delete_avatar(self, user):
"""Delete the avatar for given user (if supported by auth backend)
Args:
user: Uset to delete the avatar for
Raises:
MethodNotAllowed: If not supported by Backend
"""
raise MethodNotAllowed

View File

@ -178,6 +178,13 @@ class AuthLDAP(AuthPlugin):
ldap_conn = self.ldap.connect(self.root_dn, self.root_secret) ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]}) ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})
def delete_avatar(self, user):
if self.root_dn is None:
logger.error("root_dn missing in ldap config!")
dn = user.get_attribute("DN")
ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [])]})
def __find(self, userid, mail=None): def __find(self, userid, mail=None):
"""Find attributes of an user by uid or mail in LDAP""" """Find attributes of an user by uid or mail in LDAP"""
con = self.ldap.connection con = self.ldap.connection

View File

@ -64,6 +64,9 @@ class AuthPlain(AuthPlugin):
def set_avatar(self, user, avatar): def set_avatar(self, user, avatar):
user.set_attribute("avatar", avatar) user.set_attribute("avatar", avatar)
def delete_avatar(self, user):
user.delete_attribute("avatar")
@staticmethod @staticmethod
def _hash_password(password): def _hash_password(password):
salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii") salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")

View File

@ -144,6 +144,16 @@ def set_avatar(userid, current_session):
raise BadRequest raise BadRequest
@UsersPlugin.blueprint.route("/users/<userid>/avatar", methods=["DELETE"])
@login_required()
def delete_avatar(userid, current_session):
user = userController.get_user(userid)
if userid != current_session.user_.userid and not current_session.user_.has_permission(permissions.EDIT):
raise Forbidden
userController.delete_avatar(user)
return "", NO_CONTENT
@UsersPlugin.blueprint.route("/users/<userid>", methods=["DELETE"]) @UsersPlugin.blueprint.route("/users/<userid>", methods=["DELETE"])
@login_required(permission=permissions.DELETE) @login_required(permission=permissions.DELETE)
def delete_user(userid, current_session): def delete_user(userid, current_session):