gallery.accords-library.com/server/szurubooru/func/users.py

import datetime
import re
from sqlalchemy import func
from szurubooru import config, db, errors
from szurubooru.func import auth, util, files, images

class UserNotFoundError(errors.NotFoundError): pass
class UserAlreadyExistsError(errors.ValidationError): pass
class InvalidUserNameError(errors.ValidationError): pass
class InvalidEmailError(errors.ValidationError): pass
class InvalidPasswordError(errors.ValidationError): pass
class InvalidRankError(errors.ValidationError): pass
class InvalidAvatarError(errors.ValidationError): pass

def _get_avatar_url(user):
    if user.avatar_style == user.AVATAR_GRAVATAR:
        return 'http://gravatar.com/avatar/%s?d=retro&s=%d' % (
            util.get_md5((user.email or user.name).lower()),
            config.config['thumbnails']['avatar_width'])
    else:
        return '%s/avatars/%s.png' % (
            config.config['data_url'].rstrip('/'), user.name.lower())

def _get_email(user, authenticated_user, force_show_email):
    if not force_show_email \
            and authenticated_user.user_id != user.user_id \
            and not auth.has_privilege(authenticated_user, 'users:edit:any:email'):
        return False
    return user.email

def _get_liked_post_count(user, authenticated_user):
    if authenticated_user.user_id != user.user_id:
        return False
    return user.liked_post_count

def _get_disliked_post_count(user, authenticated_user):
    if authenticated_user.user_id != user.user_id:
        return False
    return user.disliked_post_count

def serialize_user(user, authenticated_user, options=None, force_show_email=False):
    return util.serialize_entity(
        user,
        {
            'name': lambda: user.name,
            'rank': lambda: user.rank,
            'creationTime': lambda: user.creation_time,
            'lastLoginTime': lambda: user.last_login_time,
            'avatarStyle': lambda: user.avatar_style,
            'avatarUrl': lambda: _get_avatar_url(user),
            'commentCount': lambda: user.comment_count,
            'uploadedPostCount': lambda: user.post_count,
            'favoritePostCount': lambda: user.favorite_post_count,
            'likedPostCount':
                lambda: _get_liked_post_count(user, authenticated_user),
            'dislikedPostCount':
                lambda: _get_disliked_post_count(user, authenticated_user),
            'email':
                lambda: _get_email(user, authenticated_user, force_show_email),
        },
        options)

def serialize_micro_user(user):
    return serialize_user(
        user,
        authenticated_user=None,
        options=['name', 'avatarUrl'])

def get_user_count():
    return db.session.query(db.User).count()

def try_get_user_by_name(name):
    return db.session \
        .query(db.User) \
        .filter(func.lower(db.User.name) == func.lower(name)) \
        .one_or_none()

def get_user_by_name(name):
    user = try_get_user_by_name(name)
    if not user:
        raise UserNotFoundError('User %r not found.' % name)
    return user

def try_get_user_by_name_or_email(name_or_email):
    return db.session \
        .query(db.User) \
        .filter(
            (func.lower(db.User.name) == func.lower(name_or_email))
            | (func.lower(db.User.email) == func.lower(name_or_email))) \
        .one_or_none()

def get_user_by_name_or_email(name_or_email):
    user = try_get_user_by_name_or_email(name_or_email)
    if not user:
        raise UserNotFoundError('User %r not found.' % name_or_email)
    return user

def create_user(name, password, email):
    user = db.User()
    update_user_name(user, name)
    update_user_password(user, password)
    update_user_email(user, email)
    if get_user_count() > 0:
        user.rank = util.flip(auth.RANK_MAP)[config.config['default_rank']]
    else:
        user.rank = db.User.RANK_ADMINISTRATOR
    user.creation_time = datetime.datetime.now()
    user.avatar_style = db.User.AVATAR_GRAVATAR
    return user

def update_user_name(user, name):
    if not name:
        raise InvalidUserNameError('Name cannot be empty.')
    if util.value_exceeds_column_size(name, db.User.name):
        raise InvalidUserNameError('User name is too long.')
    other_user = try_get_user_by_name(name)
    if other_user and other_user.user_id != user.user_id:
        raise UserAlreadyExistsError('User %r already exists.' % name)
    name = name.strip()
    name_regex = config.config['user_name_regex']
    if not re.match(name_regex, name):
        raise InvalidUserNameError(
            'User name %r must satisfy regex %r.' % (name, name_regex))
    user.name = name

def update_user_password(user, password):
    if not password:
        raise InvalidPasswordError('Password cannot be empty.')
    password_regex = config.config['password_regex']
    if not re.match(password_regex, password):
        raise InvalidPasswordError(
            'Password must satisfy regex %r.' % password_regex)
    user.password_salt = auth.create_password()
    user.password_hash = auth.get_password_hash(user.password_salt, password)

def update_user_email(user, email):
    if email:
        email = email.strip()
    if not email:
        email = None
    if email and util.value_exceeds_column_size(email, db.User.email):
        raise InvalidEmailError('Email is too long.')
    if not util.is_valid_email(email):
        raise InvalidEmailError('E-mail is invalid.')
    user.email = email

def update_user_rank(user, rank, authenticated_user):
    if not rank:
        raise InvalidRankError('Rank cannot be empty.')
    rank = util.flip(auth.RANK_MAP).get(rank.strip(), None)
    all_ranks = list(auth.RANK_MAP.values())
    if not rank:
        raise InvalidRankError(
            'Rank can be either of %r.' % all_ranks)
    if rank in (db.User.RANK_ANONYMOUS, db.User.RANK_NOBODY):
        raise InvalidRankError('Rank %r cannot be used.' % auth.RANK_MAP[rank])
    if all_ranks.index(authenticated_user.rank) \
            < all_ranks.index(rank) and get_user_count() > 0:
        raise errors.AuthError('Trying to set higher rank than your own.')
    user.rank = rank

def update_user_avatar(user, avatar_style, avatar_content):
    if avatar_style == 'gravatar':
        user.avatar_style = user.AVATAR_GRAVATAR
    elif avatar_style == 'manual':
        user.avatar_style = user.AVATAR_MANUAL
        if not avatar_content:
            raise InvalidAvatarError('Avatar content missing.')
        image = images.Image(avatar_content)
        image.resize_fill(
            int(config.config['thumbnails']['avatar_width']),
            int(config.config['thumbnails']['avatar_height']))
        files.save('avatars/' + user.name.lower() + '.png', image.to_png())
    else:
        raise InvalidAvatarError(
            'Avatar style %r is invalid. Valid avatar styles: %r.' % (
                avatar_style, ['gravatar', 'manual']))

def bump_user_login_time(user):
    user.last_login_time = datetime.datetime.now()

def reset_user_password(user):
    password = auth.create_password()
    user.password_salt = auth.create_password()
    user.password_hash = auth.get_password_hash(user.password_salt, password)
    return password
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`import datetime`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`import re`
server/users: make user names case insensitive 2016-04-06 15:12:40 +00:00			`from sqlalchemy import func`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`from szurubooru import config, db, errors`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`from szurubooru.func import auth, util, files, images`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`class UserNotFoundError(errors.NotFoundError): pass`
			`class UserAlreadyExistsError(errors.ValidationError): pass`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`class InvalidUserNameError(errors.ValidationError): pass`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`class InvalidEmailError(errors.ValidationError): pass`
			`class InvalidPasswordError(errors.ValidationError): pass`
			`class InvalidRankError(errors.ValidationError): pass`
			`class InvalidAvatarError(errors.ValidationError): pass`

server/general: move extra details to resources 2016-05-30 20:07:44 +00:00			`def _get_avatar_url(user):`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`if user.avatar_style == user.AVATAR_GRAVATAR:`
server/general: move extra details to resources 2016-05-30 20:07:44 +00:00			`return 'http://gravatar.com/avatar/%s?d=retro&s=%d' % (`
server/posts: add post creating 2016-04-30 21:17:08 +00:00			`util.get_md5((user.email or user.name).lower()),`
			`config.config['thumbnails']['avatar_width'])`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`else:`
server/general: move extra details to resources 2016-05-30 20:07:44 +00:00			`return '%s/avatars/%s.png' % (`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00			`config.config['data_url'].rstrip('/'), user.name.lower())`

server/general: move extra details to resources 2016-05-30 20:07:44 +00:00			`def _get_email(user, authenticated_user, force_show_email):`
			`if not force_show_email \`
			`and authenticated_user.user_id != user.user_id \`
			`and not auth.has_privilege(authenticated_user, 'users:edit:any:email'):`
			`return False`
			`return user.email`
server/api: move serializers to func layer 2016-04-24 07:47:58 +00:00
server/users: offer more stats in user entity 2016-06-03 19:18:17 +00:00			`def _get_liked_post_count(user, authenticated_user):`
			`if authenticated_user.user_id != user.user_id:`
			`return False`
			`return user.liked_post_count`

			`def _get_disliked_post_count(user, authenticated_user):`
			`if authenticated_user.user_id != user.user_id:`
			`return False`
			`return user.disliked_post_count`

server/api: add ability to select fields 2016-05-30 21:08:22 +00:00			`def serialize_user(user, authenticated_user, options=None, force_show_email=False):`
server/general: move extra details to resources 2016-05-30 20:07:44 +00:00			`return util.serialize_entity(`
			`user,`
			`{`
			`'name': lambda: user.name,`
			`'rank': lambda: user.rank,`
			`'creationTime': lambda: user.creation_time,`
			`'lastLoginTime': lambda: user.last_login_time,`
			`'avatarStyle': lambda: user.avatar_style,`
			`'avatarUrl': lambda: _get_avatar_url(user),`
server/users: offer more stats in user entity 2016-06-03 19:18:17 +00:00			`'commentCount': lambda: user.comment_count,`
			`'uploadedPostCount': lambda: user.post_count,`
			`'favoritePostCount': lambda: user.favorite_post_count,`
			`'likedPostCount':`
			`lambda: _get_liked_post_count(user, authenticated_user),`
			`'dislikedPostCount':`
			`lambda: _get_disliked_post_count(user, authenticated_user),`
			`'email':`
			`lambda: _get_email(user, authenticated_user, force_show_email),`
server/api: add ability to select fields 2016-05-30 21:08:22 +00:00			`},`
			`options)`
server/api + docs/api: organize responses 2016-04-28 16:20:50 +00:00
server/users: reduce user fields footprint 2016-06-03 18:10:25 +00:00			`def serialize_micro_user(user):`
			`return serialize_user(`
			`user,`
			`authenticated_user=None,`
			`options=['name', 'avatarUrl'])`

server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`def get_user_count():`
			`return db.session.query(db.User).count()`

server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`def try_get_user_by_name(name):`
server/general: consistently use db.session 2016-04-19 15:39:16 +00:00			`return db.session \`
			`.query(db.User) \`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`.filter(func.lower(db.User.name) == func.lower(name)) \`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`.one_or_none()`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`def get_user_by_name(name):`
			`user = try_get_user_by_name(name)`
			`if not user:`
			`raise UserNotFoundError('User %r not found.' % name)`
			`return user`

			`def try_get_user_by_name_or_email(name_or_email):`
server/general: consistently use db.session 2016-04-19 15:39:16 +00:00			`return db.session \`
			`.query(db.User) \`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`.filter(`
			`(func.lower(db.User.name) == func.lower(name_or_email))`
			`\| (func.lower(db.User.email) == func.lower(name_or_email))) \`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`.one_or_none()`

			`def get_user_by_name_or_email(name_or_email):`
			`user = try_get_user_by_name_or_email(name_or_email)`
			`if not user:`
			`raise UserNotFoundError('User %r not found.' % name_or_email)`
			`return user`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00
server/users: fix detecting duplicate user names 2016-05-08 15:03:55 +00:00			`def create_user(name, password, email):`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user = db.User()`
server/users: fix detecting duplicate user names 2016-05-08 15:03:55 +00:00			`update_user_name(user, name)`
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`update_user_password(user, password)`
			`update_user_email(user, email)`
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`if get_user_count() > 0:`
server/users: implement RANK_MAP 2016-05-10 09:58:55 +00:00			`user.rank = util.flip(auth.RANK_MAP)[config.config['default_rank']]`
server/db: refactor session usage 2016-04-18 20:41:39 +00:00			`else:`
server/users: hardcode available ranks 2016-05-08 14:59:25 +00:00			`user.rank = db.User.RANK_ADMINISTRATOR`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`user.creation_time = datetime.datetime.now()`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.avatar_style = db.User.AVATAR_GRAVATAR`
			`return user`

server/users: fix detecting duplicate user names 2016-05-08 15:03:55 +00:00			`def update_user_name(user, name):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not name:`
			`raise InvalidUserNameError('Name cannot be empty.')`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if util.value_exceeds_column_size(name, db.User.name):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`raise InvalidUserNameError('User name is too long.')`
server/general: move not found errors to func 2016-04-24 12:24:41 +00:00			`other_user = try_get_user_by_name(name)`
server/users: fix detecting duplicate user names 2016-05-08 15:03:55 +00:00			`if other_user and other_user.user_id != user.user_id:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise UserAlreadyExistsError('User %r already exists.' % name)`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`name = name.strip()`
client+server: switch to yaml config 2016-04-06 18:38:45 +00:00			`name_regex = config.config['user_name_regex']`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`if not re.match(name_regex, name):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`raise InvalidUserNameError(`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`'User name %r must satisfy regex %r.' % (name, name_regex))`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.name = name`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_password(user, password):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not password:`
			`raise InvalidPasswordError('Password cannot be empty.')`
client+server: switch to yaml config 2016-04-06 18:38:45 +00:00			`password_regex = config.config['password_regex']`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`if not re.match(password_regex, password):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidPasswordError(`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`'Password must satisfy regex %r.' % password_regex)`
			`user.password_salt = auth.create_password()`
			`user.password_hash = auth.get_password_hash(user.password_salt, password)`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_email(user, email):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if email:`
			`email = email.strip()`
			`if not email:`
			`email = None`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if email and util.value_exceeds_column_size(email, db.User.email):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidEmailError('Email is too long.')`
server/general: rename 'misc' to 'util' 2016-04-20 09:59:30 +00:00			`if not util.is_valid_email(email):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidEmailError('E-mail is invalid.')`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`user.email = email`

server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_rank(user, rank, authenticated_user):`
server/api: improve input sanitization, fix docs 2016-04-19 09:50:47 +00:00			`if not rank:`
			`raise InvalidRankError('Rank cannot be empty.')`
server/users: implement RANK_MAP 2016-05-10 09:58:55 +00:00			`rank = util.flip(auth.RANK_MAP).get(rank.strip(), None)`
			`all_ranks = list(auth.RANK_MAP.values())`
			`if not rank:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidRankError(`
server/users: implement RANK_MAP 2016-05-10 09:58:55 +00:00			`'Rank can be either of %r.' % all_ranks)`
server/users: prohibit using special ranks Anonymous is self explanatory. Nobody is used solely to mark certain operation as unavailable even to administrators (<- nobody is higher than administrator). 2016-05-08 16:02:19 +00:00			`if rank in (db.User.RANK_ANONYMOUS, db.User.RANK_NOBODY):`
server/users: implement RANK_MAP 2016-05-10 09:58:55 +00:00			`raise InvalidRankError('Rank %r cannot be used.' % auth.RANK_MAP[rank])`
			`if all_ranks.index(authenticated_user.rank) \`
			`< all_ranks.index(rank) and get_user_count() > 0:`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`raise errors.AuthError('Trying to set higher rank than your own.')`
server: rename 'access ranks' to just 'ranks' 2016-04-06 17:16:44 +00:00			`user.rank = rank`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def update_user_avatar(user, avatar_style, avatar_content):`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`if avatar_style == 'gravatar':`
			`user.avatar_style = user.AVATAR_GRAVATAR`
			`elif avatar_style == 'manual':`
			`user.avatar_style = user.AVATAR_MANUAL`
			`if not avatar_content:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidAvatarError('Avatar content missing.')`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`image = images.Image(avatar_content)`
			`image.resize_fill(`
			`int(config.config['thumbnails']['avatar_width']),`
			`int(config.config['thumbnails']['avatar_height']))`
server/users: change avatars to PNG 2016-05-08 15:29:23 +00:00			`files.save('avatars/' + user.name.lower() + '.png', image.to_png())`
server/users: add avatar support 2016-04-09 19:41:10 +00:00			`else:`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`raise InvalidAvatarError(`
			`'Avatar style %r is invalid. Valid avatar styles: %r.' % (`
			`avatar_style, ['gravatar', 'manual']))`
server/users: add avatar support 2016-04-09 19:41:10 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def bump_user_login_time(user):`
server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`user.last_login_time = datetime.datetime.now()`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00
server/general: refactor method names 2016-04-30 21:53:50 +00:00			`def reset_user_password(user):`
server/general: be more pythonic 2016-04-03 20:03:58 +00:00			`password = auth.create_password()`
			`user.password_salt = auth.create_password()`
			`user.password_hash = auth.get_password_hash(user.password_salt, password)`
			`return password`