[users][auth_ldap][auth_plain] delete avatar
This commit is contained in:
parent
f7f27311db
commit
26d63b7c7d
|
@ -207,6 +207,11 @@ def save_avatar(user, avatar):
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
|
|
||||||
|
def delete_avatar(user):
|
||||||
|
current_app.config["FG_AUTH_BACKEND"].delete_avatar(user)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
|
||||||
def persist(user=None):
|
def persist(user=None):
|
||||||
if user:
|
if user:
|
||||||
db.session.add(user)
|
db.session.add(user)
|
||||||
|
|
|
@ -94,6 +94,10 @@ class User(db.Model, ModelSerializeMixin):
|
||||||
return self._attributes[name].value
|
return self._attributes[name].value
|
||||||
return default
|
return default
|
||||||
|
|
||||||
|
def delete_attribute(self, name):
|
||||||
|
if name in self._attributes:
|
||||||
|
self._attributes.pop(name)
|
||||||
|
|
||||||
def get_permissions(self):
|
def get_permissions(self):
|
||||||
return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions]
|
return ["user"] + [permission.name for role in self.roles_ for permission in role.permissions]
|
||||||
|
|
||||||
|
|
|
@ -191,3 +191,14 @@ class AuthPlugin(Plugin):
|
||||||
MethodNotAllowed: If not supported by Backend
|
MethodNotAllowed: If not supported by Backend
|
||||||
"""
|
"""
|
||||||
raise MethodNotAllowed
|
raise MethodNotAllowed
|
||||||
|
|
||||||
|
def delete_avatar(self, user):
|
||||||
|
"""Delete the avatar for given user (if supported by auth backend)
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user: Uset to delete the avatar for
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
MethodNotAllowed: If not supported by Backend
|
||||||
|
"""
|
||||||
|
raise MethodNotAllowed
|
||||||
|
|
|
@ -178,6 +178,13 @@ class AuthLDAP(AuthPlugin):
|
||||||
ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
|
ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
|
||||||
ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})
|
ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})
|
||||||
|
|
||||||
|
def delete_avatar(self, user):
|
||||||
|
if self.root_dn is None:
|
||||||
|
logger.error("root_dn missing in ldap config!")
|
||||||
|
dn = user.get_attribute("DN")
|
||||||
|
ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
|
||||||
|
ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [])]})
|
||||||
|
|
||||||
def __find(self, userid, mail=None):
|
def __find(self, userid, mail=None):
|
||||||
"""Find attributes of an user by uid or mail in LDAP"""
|
"""Find attributes of an user by uid or mail in LDAP"""
|
||||||
con = self.ldap.connection
|
con = self.ldap.connection
|
||||||
|
|
|
@ -64,6 +64,9 @@ class AuthPlain(AuthPlugin):
|
||||||
def set_avatar(self, user, avatar):
|
def set_avatar(self, user, avatar):
|
||||||
user.set_attribute("avatar", avatar)
|
user.set_attribute("avatar", avatar)
|
||||||
|
|
||||||
|
def delete_avatar(self, user):
|
||||||
|
user.delete_attribute("avatar")
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _hash_password(password):
|
def _hash_password(password):
|
||||||
salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")
|
salt = hashlib.sha256(os.urandom(60)).hexdigest().encode("ascii")
|
||||||
|
|
|
@ -144,6 +144,16 @@ def set_avatar(userid, current_session):
|
||||||
raise BadRequest
|
raise BadRequest
|
||||||
|
|
||||||
|
|
||||||
|
@UsersPlugin.blueprint.route("/users/<userid>/avatar", methods=["DELETE"])
|
||||||
|
@login_required()
|
||||||
|
def delete_avatar(userid, current_session):
|
||||||
|
user = userController.get_user(userid)
|
||||||
|
if userid != current_session.user_.userid and not current_session.user_.has_permission(permissions.EDIT):
|
||||||
|
raise Forbidden
|
||||||
|
userController.delete_avatar(user)
|
||||||
|
return "", NO_CONTENT
|
||||||
|
|
||||||
|
|
||||||
@UsersPlugin.blueprint.route("/users/<userid>", methods=["DELETE"])
|
@UsersPlugin.blueprint.route("/users/<userid>", methods=["DELETE"])
|
||||||
@login_required(permission=permissions.DELETE)
|
@login_required(permission=permissions.DELETE)
|
||||||
def delete_user(userid, current_session):
|
def delete_user(userid, current_session):
|
||||||
|
|
Loading…
Reference in New Issue