Blob Blame Raw


import exception
from action.action import Action


class UserBase(Action):
  def parse_user_id(self, request):
    user_id = 0
    try:
      user_id = int(request.postvars.get('user_id', 0))
    except Exception:
      raise exception.ActionError( request.t('Used Id incorrect') )
    if not user_id:
      user_id = self.model.myrights.user_id
    if not user_id:
      raise exception.ActionError( request.t('Used Id incorrect') )
    return user_id
  

class UserLogin(UserBase):
  def __init__(self):
    super().__init__()
    self.readonly = True
  
  def process(self, request):
    login = str(request.postvars.get('login', ''))
    password = str(request.postvars.get('password', ''))
    if not login and not password:
      request.server.sessions.close_session(request)
    else:
      user_id = request.model.users.check_password(login, password)
      if not user_id:
        raise exception.ActionError( request.t('Login or password incorrect') )
      request.server.sessions.create_session(request, user_id)
    return request.answer.complete_redirect()


class UserCreate(UserBase):
  def process(self, request):
    login = str(request.postvars.get('login', ''))
    password = str(request.postvars.get('password', ''))
    passwordretry = str(request.postvars.get('passwordretry', ''))
    if password != passwordretry:
      raise exception.ActionError( request.t('Passwords mismatch') )
    name = str(request.postvars.get('name', ''))

    user = None
    try:
      user = request.model.users.create(login, password, name)
    except Exception as e:
      self.propagate_exception(e)

    request.connection.commit()
    return request.answer.complete_redirect(['user', str(user.login)])


class UserUpdate(UserBase):
  def process(self, request):
    user_id = self.parse_user_id(request)
    name = str(request.postvars.get('name', ''))
    
    user = request.model.users.get_by_id(user_id)
    if not user:
      raise exception.ActionError( request.t('Used not found') )
    
    try:
      user.update(name)
    except Exception as e:
      self.propagate_exception(e)

    request.connection.commit()
    return request.answer.complete_redirect(['user', str(user.login)])
    

class UserDelete(UserBase):
  def process(self, request):
    user_id = self.parse_user_id(request)
    password = request.postvars.get('password', '')
    if not password is None:
      password = str(password)
    
    user = request.model.users.get_by_id(user_id)
    if not user:
      raise exception.ActionError( request.t('Used not found') )
    
    try:
      user.delete(password)
    except Exception as e:
      self.propagate_exception(e)

    request.connection.commit()
    return request.answer.complete_redirect([])
    

class UserSetPassword(UserBase):
  def process(self, request):
    user_id = self.parse_user_id(request)
    oldpassword = request.postvars.get('oldpassword', '')
    newpassword = str(request.postvars.get('newpassword', ''))
    newpasswordretry = str(request.postvars.get('newpasswordretry', ''))
    if newpassword != newpasswordretry:
      raise exception.ActionError( request.t('Passwords mismatch') )
    if not oldpassword is None:
      oldpassword = str(oldpassword)
    
    user = request.model.users.get_by_id(user_id)
    if not user:
      raise exception.ActionError( request.t('Used not found') )
    
    try:
      user.change_password(newpassword, oldpassword)
    except Exception as e:
      self.propagate_exception(e)

    request.connection.commit()
    return request.answer.complete_redirect(['user', str(user.login)])
    

class UserSetSuperuser(UserBase):
  def process(self, request):
    user_id = self.parse_user_id(request)
    superuser = bool(request.postvars.get('superuser', False))
    
    user = request.model.users.get_by_id(user_id)
    if not user:
      raise exception.ActionError( request.t('User not found') )
    
    try:
      user.set_superuser(superuser)
    except Exception as e:
      self.propagate_exception(e)

    request.connection.commit()
    return request.answer.complete_redirect(['user', str(user.login)])


actions = {
  'login'        : UserLogin(),
  'create'       : UserCreate(),
  'update'       : UserUpdate(),
  'delete'       : UserDelete(),
  'setpassword'  : UserSetPassword(),
  'setsuperuser' : UserSetSuperuser(),
}