server/users: first user becomes an admin

2016-04-08 19:46:59 +02:00 · 2016-04-08 19:46:59 +02:00 · ee28d95537
commit ee28d95537
parent 2d8b657559
3 changed files with 23 additions and 4 deletions
--- a/server/szurubooru/api/user_api.py
+++ b/server/szurubooru/api/user_api.py
@ -61,7 +61,7 @@ class UserListApi(BaseApi):

        if users.get_by_name(context.session, name):
            raise errors.IntegrityError('User %r already exists.' % name)
-        user = users.create_user(name, password, email)
+        user = users.create_user(context.session, name, password, email)
        context.session.add(user)
        context.session.commit()
        return {'user': _serialize_user(context.user, user)}
--- a/server/szurubooru/tests/api/test_user_api.py
+++ b/server/szurubooru/tests/api/test_user_api.py
@ -84,7 +84,7 @@ class TestCreatingUser(DatabaseTestCase):
        util.mock_context(self)
        self.context.user.rank = 'anonymous'

-    def test_creating_valid_user(self):
+    def test_first_user_becomes_admin(self):
        self.context.request = {
            'name': 'chewie',
            'email': 'asd@asd.asd',
@ -94,6 +94,22 @@ class TestCreatingUser(DatabaseTestCase):
        created_user = self.session.query(db.User).filter_by(name='chewie').one()
        self.assertEqual(created_user.name, 'chewie')
        self.assertEqual(created_user.email, 'asd@asd.asd')
+        self.assertEqual(created_user.rank, 'admin')
+        self.assertTrue(auth.is_valid_password(created_user, 'oks'))
+        self.assertFalse(auth.is_valid_password(created_user, 'invalid'))
+
+    def test_subsequent_users_are_created_normally(self):
+        self.context.request = {
+            'name': 'chewie',
+            'email': 'asd@asd.asd',
+            'password': 'oks',
+        }
+        self.api.post(self.context)
+        self.context.request['name'] = 'chewie2'
+        self.api.post(self.context)
+        created_user = self.session.query(db.User).filter_by(name='chewie2').one()
+        self.assertEqual(created_user.name, 'chewie2')
+        self.assertEqual(created_user.email, 'asd@asd.asd')
        self.assertEqual(created_user.rank, 'regular_user')
        self.assertTrue(auth.is_valid_password(created_user, 'oks'))
        self.assertFalse(auth.is_valid_password(created_user, 'invalid'))
--- a/server/szurubooru/util/users.py
+++ b/server/szurubooru/util/users.py
@ -4,13 +4,16 @@ from sqlalchemy import func
 from szurubooru import config, db, errors
 from szurubooru.util import auth, misc

-def create_user(name, password, email):
+def create_user(session, name, password, email):
    ''' Create an user with given parameters and returns it. '''
    user = db.User()
    update_name(user, name)
    update_password(user, password)
    update_email(user, email)
-    user.rank = config.config['default_rank']
+    if not session.query(db.User).count():
+        user.rank = config.config['ranks'][-1]
+    else:
+        user.rank = config.config['default_rank']
    user.creation_time = datetime.now()
    user.avatar_style = db.User.AVATAR_GRAVATAR
    return user