Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

[Plugin] Users now allows setting the role of an user

This commit is contained in:
Ferdinand Thiessen 2020-10-24 20:10:43 +02:00
parent dc6b30e4e7
commit d2858c8c76
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
flaschengeist/modules/users/__init__.py
View File

@ -8,12 +8,13 @@ from flaschengeist.system.controller import userController
users_bp = Blueprint("users", __name__) users_bp = Blueprint("users", __name__)
_permission_edit = "users_edit_other" _permission_edit = "users_edit_other"
_permission_set_roles = "users_set_roles"
_permission_delete = "users_delete_other" _permission_delete = "users_delete_other"
class UsersPlugin(Plugin): class UsersPlugin(Plugin):
def __init__(self, config): def __init__(self, config):
super().__init__(blueprint=users_bp, permissions=[_permission_edit, _permission_delete]) super().__init__(blueprint=users_bp, permissions=[_permission_edit, _permission_delete, _permission_set_roles])
################################################# #################################################
# Routes # # Routes #
@ -64,17 +65,28 @@ def __delete_user(uid, **kwargs):
def __edit_user(uid, **kwargs): def __edit_user(uid, **kwargs):
logger.debug("Modify information of user {{ {} }}".format(uid)) logger.debug("Modify information of user {{ {} }}".format(uid))
user = userController.get_user(uid) user = userController.get_user(uid)
if uid != kwargs["access_token"].user.userid and user.has_permission(_permission_edit):
return Forbidden
data = request.get_json() data = request.get_json()
if "password" not in data:
raise BadRequest("Password is missing") password = None
new_password = data["new_password"] if "new_password" in data else None
if uid != kwargs["access_token"].user.userid:
if not user.has_permission(_permission_edit):
return Forbidden
else:
if "password" not in data:
raise BadRequest("Password is missing")
password = data["password"]
for key in ["firstname", "lastname", "display_name", "mail"]: for key in ["firstname", "lastname", "display_name", "mail"]:
if key in data: if key in data:
setattr(user, key, data[key]) setattr(user, key, data[key])
new_password = data["new_password"] if "new_password" in data else None
userController.modify_user(user, data["password"], new_password) if "roles" in data:
if not user.has_permission(_permission_set_roles):
raise Forbidden
userController.set_roles(user, data["roles"])
userController.modify_user(user, password, new_password)
userController.update_user(user) userController.update_user(user)
return jsonify({"ok": "ok"}) return jsonify({"ok": "ok"})