gallery.accords-library.com/server/szurubooru/func/users.py

import datetime
import re
from sqlalchemy import func
from szurubooru import config, db, errors
from szurubooru.func import auth, util, files, images

class UserNotFoundError(errors.NotFoundError): pass
class UserAlreadyExistsError(errors.ValidationError): pass
class InvalidUserNameError(errors.ValidationError): pass
class InvalidEmailError(errors.ValidationError): pass
class InvalidPasswordError(errors.ValidationError): pass
class InvalidRankError(errors.ValidationError): pass
class InvalidAvatarError(errors.ValidationError): pass

def serialize_user(user, authenticated_user, force_show_email=False):
    if not user:
        return {}

    ret = {
        'name': user.name,
        'rank': user.rank,
        'rankName': config.config['rank_names'].get(user.rank, 'Unknown'),
        'creationTime': user.creation_time,
        'lastLoginTime': user.last_login_time,
        'avatarStyle': user.avatar_style,
        'email': user.email,
    }

    if user.avatar_style == user.AVATAR_GRAVATAR:
        ret['avatarUrl'] = 'http://gravatar.com/avatar/%s?d=retro&s=%d' % (
            util.get_md5((user.email or user.name).lower()),
            config.config['thumbnails']['avatar_width'])
    else:
        ret['avatarUrl'] = '%s/avatars/%s.jpg' % (
            config.config['data_url'].rstrip('/'), user.name.lower())

    if authenticated_user.user_id != user.user_id \
        and not force_show_email \
        and not auth.has_privilege(authenticated_user, 'users:edit:any:email'):
        del ret['email']

    return ret

def serialize_user_with_details(user, authenticated_user, **kwargs):
    return {'user': serialize_user(user, authenticated_user, **kwargs)}

def get_user_count():
    return db.session.query(db.User).count()

def try_get_user_by_name(name):
    return db.session \
        .query(db.User) \
        .filter(func.lower(db.User.name) == func.lower(name)) \
        .one_or_none()

def get_user_by_name(name):
    user = try_get_user_by_name(name)
    if not user:
        raise UserNotFoundError('User %r not found.' % name)
    return user

def try_get_user_by_name_or_email(name_or_email):
    return db.session \
        .query(db.User) \
        .filter(
            (func.lower(db.User.name) == func.lower(name_or_email))
            | (func.lower(db.User.email) == func.lower(name_or_email))) \
        .one_or_none()

def get_user_by_name_or_email(name_or_email):
    user = try_get_user_by_name_or_email(name_or_email)
    if not user:
        raise UserNotFoundError('User %r not found.' % name_or_email)
    return user

def create_user(name, password, email, auth_user):
    user = db.User()
    update_user_name(user, name, auth_user)
    update_user_password(user, password)
    update_user_email(user, email)
    if get_user_count() > 0:
        user.rank = config.config['default_rank']
    else:
        user.rank = 'admin'
    user.creation_time = datetime.datetime.now()
    user.avatar_style = db.User.AVATAR_GRAVATAR
    return user

def update_user_name(user, name, auth_user):
    if not name:
        raise InvalidUserNameError('Name cannot be empty.')
    if util.value_exceeds_column_size(name, db.User.name):
        raise InvalidUserNameError('User name is too long.')
    other_user = try_get_user_by_name(name)
    if other_user and other_user.user_id != auth_user.user_id:
        raise UserAlreadyExistsError('User %r already exists.' % name)
    name = name.strip()
    name_regex = config.config['user_name_regex']
    if not re.match(name_regex, name):
        raise InvalidUserNameError(
            'User name %r must satisfy regex %r.' % (name, name_regex))
    user.name = name

def update_user_password(user, password):
    if not password:
        raise InvalidPasswordError('Password cannot be empty.')
    password_regex = config.config['password_regex']
    if not re.match(password_regex, password):
        raise InvalidPasswordError(
            'Password must satisfy regex %r.' % password_regex)
    user.password_salt = auth.create_password()
    user.password_hash = auth.get_password_hash(user.password_salt, password)

def update_user_email(user, email):
    if email:
        email = email.strip()
    if not email:
        email = None
    if email and util.value_exceeds_column_size(email, db.User.email):
        raise InvalidEmailError('Email is too long.')
    if not util.is_valid_email(email):
        raise InvalidEmailError('E-mail is invalid.')
    user.email = email

def update_user_rank(user, rank, authenticated_user):
    if not rank:
        raise InvalidRankError('Rank cannot be empty.')
    rank = rank.strip()
    available_ranks = config.config['ranks']
    if not rank in available_ranks:
        raise InvalidRankError(
            'Rank %r is invalid. Valid ranks: %r' % (rank, available_ranks))
    if available_ranks.index(authenticated_user.rank) \
            < available_ranks.index(rank) and get_user_count() > 0:
        raise errors.AuthError('Trying to set higher rank than your own.')
    user.rank = rank

def update_user_avatar(user, avatar_style, avatar_content):
    if avatar_style == 'gravatar':
        user.avatar_style = user.AVATAR_GRAVATAR
    elif avatar_style == 'manual':
        user.avatar_style = user.AVATAR_MANUAL
        if not avatar_content:
            raise InvalidAvatarError('Avatar content missing.')
        image = images.Image(avatar_content)
        image.resize_fill(
            int(config.config['thumbnails']['avatar_width']),
            int(config.config['thumbnails']['avatar_height']))
        files.save('avatars/' + user.name.lower() + '.jpg', image.to_jpeg())
    else:
        raise InvalidAvatarError(
            'Avatar style %r is invalid. Valid avatar styles: %r.' % (
                avatar_style, ['gravatar', 'manual']))

def bump_user_login_time(user):
    user.last_login_time = datetime.datetime.now()

def reset_user_password(user):
    password = auth.create_password()
    user.password_salt = auth.create_password()
    user.password_hash = auth.get_password_hash(user.password_salt, password)
    return password
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`import datetime`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`import re`
server/users: make user names case insensitive 2016-04-06 15:12:40 +00:00			`from sqlalchemy import func`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`from szurubooru import config, db, errors`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`from szurubooru.func import auth, util, files, images`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`class UserNotFoundError(errors.NotFoundError): pass`
			`class UserAlreadyExistsError(errors.ValidationError): pass`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`class InvalidUserNameError(errors.ValidationError): pass`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`class InvalidEmailError(errors.ValidationError): pass`
			`class InvalidPasswordError(errors.ValidationError): pass`
			`class InvalidRankError(errors.ValidationError): pass`
			`class InvalidAvatarError(errors.ValidationError): pass`

server/users: fix hiding email from admins etc 2016-04-29 11:08:41 +00:00			`def serialize_user(user, authenticated_user, force_show_email=False):`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`if not user:`
			`return {}`

			`ret = {`
			`'name': user.name,`
			`'rank': user.rank,`
			`'rankName': config.config['rank_names'].get(user.rank, 'Unknown'),`
			`'creationTime': user.creation_time,`
			`'lastLoginTime': user.last_login_time,`
server/users: fix hiding email from admins etc 2016-04-29 11:08:41 +00:00			`'avatarStyle': user.avatar_style,`
			`'email': user.email,`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`}`

			`if user.avatar_style == user.AVATAR_GRAVATAR:`
			`ret['avatarUrl'] = 'http://gravatar.com/avatar/%s?d=retro&s=%d' % (`
server/posts: add post creating 2016-04-30 21:17:08 +00:00			`util.get_md5((user.email or user.name).lower()),`
			`config.config['thumbnails']['avatar_width'])`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`else:`
			`ret['avatarUrl'] = '%s/avatars/%s.jpg' % (`
			`config.config['data_url'].rstrip('/'), user.name.lower())`

server/users: fix hiding email from admins etc 2016-04-29 11:08:41 +00:00			`if authenticated_user.user_id != user.user_id \`
			`and not force_show_email \`
			`and not auth.has_privilege(authenticated_user, 'users:edit:any:email'):`
			`del ret['email']`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00
			`return ret`

server/users: fix hiding email from admins etc 2016-04-29 11:08:41 +00:00			`def serialize_user_with_details(user, authenticated_user, **kwargs):`
			`return {'user': serialize_user(user, authenticated_user, **kwargs)}`
server/api + docs/api: organize responses 2016-04-28 16:20:50 +00:00
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`def get_user_count():`
			`return db.session.query(db.User).count()`

server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`def try_get_user_by_name(name):`
server/general: consistently use db.session 2016-04-19 15:39:16 +00:00			`return db.session \`
			`.query(db.User) \`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`.filter(func.lower(db.User.name) == func.lower(name)) \`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`.one_or_none()`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`def get_user_by_name(name):`
			`user = try_get_user_by_name(name)`
			`if not user:`
			`raise UserNotFoundError('User %r not found.' % name)`
			`return user`

			`def try_get_user_by_name_or_email(name_or_email):`
server/general: consistently use db.session 2016-04-19 15:39:16 +00:00			`return db.session \`
			`.query(db.User) \`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`.filter(`
			`(func.lower(db.User.name) == func.lower(name_or_email))`
			`\| (func.lower(db.User.email) == func.lower(name_or_email))) \`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`.one_or_none()`

			`def get_user_by_name_or_email(name_or_email):`
			`user = try_get_user_by_name_or_email(name_or_email)`
			`if not user:`
			`raise UserNotFoundError('User %r not found.' % name_or_email)`
			`return user`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`def create_user(name, password, email, auth_user):`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user = db.User()`
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`update_user_name(user, name, auth_user)`
			`update_user_password(user, password)`
			`update_user_email(user, email)`
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`if get_user_count() > 0:`
server/users: first user becomes an admin 2016-04-08 17:46:59 +00:00			`user.rank = config.config['default_rank']`
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`else:`
			`user.rank = 'admin'`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`user.creation_time = datetime.datetime.now()`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.avatar_style = db.User.AVATAR_GRAVATAR`
			`return user`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_name(user, name, auth_user):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not name:`
			`raise InvalidUserNameError('Name cannot be empty.')`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if util.value_exceeds_column_size(name, db.User.name):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`raise InvalidUserNameError('User name is too long.')`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`other_user = try_get_user_by_name(name)`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`if other_user and other_user.user_id != auth_user.user_id:`
			`raise UserAlreadyExistsError('User %r already exists.' % name)`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`name = name.strip()`
client+server: switch to yaml config 2016-04-06 18:38:45 +00:00			`name_regex = config.config['user_name_regex']`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`if not re.match(name_regex, name):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`raise InvalidUserNameError(`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`'User name %r must satisfy regex %r.' % (name, name_regex))`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.name = name`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_password(user, password):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not password:`
			`raise InvalidPasswordError('Password cannot be empty.')`
client+server: switch to yaml config 2016-04-06 18:38:45 +00:00			`password_regex = config.config['password_regex']`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`if not re.match(password_regex, password):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidPasswordError(`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`'Password must satisfy regex %r.' % password_regex)`
			`user.password_salt = auth.create_password()`
			`user.password_hash = auth.get_password_hash(user.password_salt, password)`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_email(user, email):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if email:`
			`email = email.strip()`
			`if not email:`
			`email = None`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if email and util.value_exceeds_column_size(email, db.User.email):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidEmailError('Email is too long.')`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if not util.is_valid_email(email):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidEmailError('E-mail is invalid.')`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.email = email`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_rank(user, rank, authenticated_user):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not rank:`
			`raise InvalidRankError('Rank cannot be empty.')`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`rank = rank.strip()`
client+server: switch to yaml config 2016-04-06 18:38:45 +00:00			`available_ranks = config.config['ranks']`
server: rename 'access ranks' to just 'ranks' 2016-04-06 17:16:44 +00:00			`if not rank in available_ranks:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidRankError(`
			`'Rank %r is invalid. Valid ranks: %r' % (rank, available_ranks))`
server: rename 'access ranks' to just 'ranks' 2016-04-06 17:16:44 +00:00			`if available_ranks.index(authenticated_user.rank) \`
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`< available_ranks.index(rank) and get_user_count() > 0:`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`raise errors.AuthError('Trying to set higher rank than your own.')`
server: rename 'access ranks' to just 'ranks' 2016-04-06 17:16:44 +00:00			`user.rank = rank`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_avatar(user, avatar_style, avatar_content):`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`if avatar_style == 'gravatar':`
			`user.avatar_style = user.AVATAR_GRAVATAR`
			`elif avatar_style == 'manual':`
			`user.avatar_style = user.AVATAR_MANUAL`
			`if not avatar_content:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidAvatarError('Avatar content missing.')`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`image = images.Image(avatar_content)`
			`image.resize_fill(`
			`int(config.config['thumbnails']['avatar_width']),`
			`int(config.config['thumbnails']['avatar_height']))`
			`files.save('avatars/' + user.name.lower() + '.jpg', image.to_jpeg())`
			`else:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidAvatarError(`
			`'Avatar style %r is invalid. Valid avatar styles: %r.' % (`
			`avatar_style, ['gravatar', 'manual']))`
server/users: add avatar support 2016-04-09 19:41:10 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def bump_user_login_time(user):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`user.last_login_time = datetime.datetime.now()`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def reset_user_password(user):`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`password = auth.create_password()`
			`user.password_salt = auth.create_password()`
			`user.password_hash = auth.get_password_hash(user.password_salt, password)`
			`return password`