ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server/users: implement RANK_MAP

Browse source
This commit is contained in:
rr- 2016-05-10 11:58:55 +02:00
parent cecf620126
commit 4ec842024c
4 changed files with 29 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/szurubooru/app.py
View file

@ -42,12 +42,12 @@ def validate_config():
Check whether config doesn't contain errors that might prove Check whether config doesn't contain errors that might prove
lethal at runtime. lethal at runtime.
''' '''
from szurubooru.db.user import User from szurubooru.func.auth import RANK_MAP
for privilege, rank in config.config['privileges'].items(): for privilege, rank in config.config['privileges'].items():
if rank not in User.ALL_RANKS: if rank not in RANK_MAP.values():
raise errors.ConfigError( raise errors.ConfigError(
'Rank %r for privilege %r is missing' % (rank, privilege)) 'Rank %r for privilege %r is missing' % (rank, privilege))
if config.config['default_rank'] not in User.ALL_RANKS: if config.config['default_rank'] not in RANK_MAP.values():
raise errors.ConfigError( raise errors.ConfigError(
'Default rank %r is not on the list of known ranks' % ( 'Default rank %r is not on the list of known ranks' % (
config.config['default_rank'])) config.config['default_rank']))

11
server/szurubooru/db/user.py
View file

@ -13,16 +13,7 @@ class User(Base):
RANK_POWER = 'power' RANK_POWER = 'power'
RANK_MODERATOR = 'moderator' RANK_MODERATOR = 'moderator'
RANK_ADMINISTRATOR = 'administrator' RANK_ADMINISTRATOR = 'administrator'
RANK_NOBODY = 'nobody' RANK_NOBODY = 'nobody' # used for privileges: "nobody can be higher than admin"
ALL_RANKS = [
RANK_ANONYMOUS,
RANK_RESTRICTED,
RANK_REGULAR,
RANK_POWER,
RANK_MODERATOR,
RANK_ADMINISTRATOR,
RANK_NOBODY, # nobody can have higher privileges than administrator
]
user_id = Column('id', Integer, primary_key=True) user_id = Column('id', Integer, primary_key=True)
name = Column('name', Unicode(50), nullable=False, unique=True) name = Column('name', Unicode(50), nullable=False, unique=True)

20
server/szurubooru/func/auth.py
View file

@ -1,6 +1,18 @@
import hashlib import hashlib
import random import random
from collections import OrderedDict
from szurubooru import config, db, errors from szurubooru import config, db, errors
from szurubooru.func import util
RANK_MAP = OrderedDict([
(db.User.RANK_ANONYMOUS, 'anonymous'),
(db.User.RANK_RESTRICTED, 'restricted'),
(db.User.RANK_REGULAR, 'regular'),
(db.User.RANK_POWER, 'power'),
(db.User.RANK_MODERATOR, 'moderator'),
(db.User.RANK_ADMINISTRATOR, 'administrator'),
(db.User.RANK_NOBODY, 'nobody'),
])
def get_password_hash(salt, password): def get_password_hash(salt, password):
''' Retrieve new-style password hash. ''' ''' Retrieve new-style password hash. '''
@ -36,10 +48,12 @@ def is_valid_password(user, password):
return valid_hash in possible_hashes return valid_hash in possible_hashes
def has_privilege(user, privilege_name): def has_privilege(user, privilege_name):
all_ranks = list(RANK_MAP.keys())
assert privilege_name in config.config['privileges'] assert privilege_name in config.config['privileges']
assert user.rank in db.User.ALL_RANKS assert user.rank in all_ranks
minimal_rank = config.config['privileges'][privilege_name] minimal_rank = util.flip(RANK_MAP)[
good_ranks = db.User.ALL_RANKS[db.User.ALL_RANKS.index(minimal_rank):] config.config['privileges'][privilege_name]]
good_ranks = all_ranks[all_ranks.index(minimal_rank):]
return user.rank in good_ranks return user.rank in good_ranks
def verify_privilege(user, privilege_name): def verify_privilege(user, privilege_name):

17
server/szurubooru/func/users.py
View file

@ -12,8 +12,6 @@ class InvalidPasswordError(errors.ValidationError): pass
class InvalidRankError(errors.ValidationError): pass class InvalidRankError(errors.ValidationError): pass
class InvalidAvatarError(errors.ValidationError): pass class InvalidAvatarError(errors.ValidationError): pass
# TODO: RANK_MAP
def serialize_user(user, authenticated_user, force_show_email=False): def serialize_user(user, authenticated_user, force_show_email=False):
if not user: if not user:
return {} return {}
@ -80,7 +78,7 @@ def create_user(name, password, email):
update_user_password(user, password) update_user_password(user, password)
update_user_email(user, email) update_user_email(user, email)
if get_user_count() > 0: if get_user_count() > 0:
user.rank = config.config['default_rank'] user.rank = util.flip(auth.RANK_MAP)[config.config['default_rank']]
else: else:
user.rank = db.User.RANK_ADMINISTRATOR user.rank = db.User.RANK_ADMINISTRATOR
user.creation_time = datetime.datetime.now() user.creation_time = datetime.datetime.now()
@ -126,14 +124,15 @@ def update_user_email(user, email):
def update_user_rank(user, rank, authenticated_user): def update_user_rank(user, rank, authenticated_user):
if not rank: if not rank:
raise InvalidRankError('Rank cannot be empty.') raise InvalidRankError('Rank cannot be empty.')
rank = rank.strip() rank = util.flip(auth.RANK_MAP).get(rank.strip(), None)
if not rank in db.User.ALL_RANKS: all_ranks = list(auth.RANK_MAP.values())
if not rank:
raise InvalidRankError( raise InvalidRankError(
'Rank %r is invalid. Valid ranks: %r' % (rank, db.User.ALL_RANKS)) 'Rank can be either of %r.' % all_ranks)
if rank in (db.User.RANK_ANONYMOUS, db.User.RANK_NOBODY): if rank in (db.User.RANK_ANONYMOUS, db.User.RANK_NOBODY):
raise InvalidRankError('Rank %r cannot be used.' % (rank)) raise InvalidRankError('Rank %r cannot be used.' % auth.RANK_MAP[rank])
if db.User.ALL_RANKS.index(authenticated_user.rank) \ if all_ranks.index(authenticated_user.rank) \
< db.User.ALL_RANKS.index(rank) and get_user_count() > 0: < all_ranks.index(rank) and get_user_count() > 0:
raise errors.AuthError('Trying to set higher rank than your own.') raise errors.AuthError('Trying to set higher rank than your own.')
user.rank = rank user.rank = rank