From 19a357611bd667e2f443595bb536cda4150c19a8 Mon Sep 17 00:00:00 2001
From: rr- <rr-@sakuya.pl>
Date: Wed, 6 Apr 2016 19:16:44 +0200
Subject: [PATCH] server: rename 'access ranks' to just 'ranks'
---
server/szurubooru/api/user_api.py | 6 +-
server/szurubooru/db/user.py | 2 +-
server/szurubooru/middleware/authenticator.py | 2 +-
server/szurubooru/tests/api/test_user_api.py | 28 +++---
server/szurubooru/tests/api/util.py | 2 +-
.../tests/search/test_user_search_config.py | 87 ++++++++-----------
server/szurubooru/util/auth.py | 4 +-
server/szurubooru/util/users.py | 16 ++--
8 files changed, 68 insertions(+), 79 deletions(-)
diff --git a/server/szurubooru/api/user_api.py b/server/szurubooru/api/user_api.py
index a36110b..fd4cc26 100644
--- a/server/szurubooru/api/user_api.py
+++ b/server/szurubooru/api/user_api.py
@@ -6,7 +6,7 @@ def _serialize_user(authenticated_user, user):
ret = {
'id': user.user_id,
'name': user.name,
- 'accessRank': user.access_rank,
+ 'rank': user.rank,
'creationTime': user.creation_time,
'lastLoginTime': user.last_login_time,
'avatarStyle': user.avatar_style
@@ -91,9 +91,9 @@ class UserDetailApi(BaseApi):
auth.verify_privilege(context.user, 'users:edit:%s:email' % infix)
users.update_email(user, context.request['email'])
- if 'accessRank' in context.request:
+ if 'rank' in context.request:
auth.verify_privilege(context.user, 'users:edit:%s:rank' % infix)
- users.update_rank(user, context.request['accessRank'], context.user)
+ users.update_rank(user, context.request['rank'], context.user)
# TODO: avatar
diff --git a/server/szurubooru/db/user.py b/server/szurubooru/db/user.py
index 1b0f9be..0677734 100644
--- a/server/szurubooru/db/user.py
+++ b/server/szurubooru/db/user.py
@@ -12,7 +12,7 @@ class User(Base):
password_hash = sa.Column('password_hash', sa.String(64), nullable=False)
password_salt = sa.Column('pasword_salt', sa.String(32))
email = sa.Column('email', sa.String(200), nullable=True)
- access_rank = sa.Column('access_rank', sa.String(32), nullable=False)
+ rank = sa.Column('access_rank', sa.String(32), nullable=False)
creation_time = sa.Column('creation_time', sa.DateTime, nullable=False)
last_login_time = sa.Column('last_login_time', sa.DateTime)
avatar_style = sa.Column('avatar_style', sa.Integer, nullable=False)
diff --git a/server/szurubooru/middleware/authenticator.py b/server/szurubooru/middleware/authenticator.py
index 0f85027..8c506f9 100644
--- a/server/szurubooru/middleware/authenticator.py
+++ b/server/szurubooru/middleware/authenticator.py
@@ -50,6 +50,6 @@ class Authenticator(object):
def _create_anonymous_user(self):
user = db.User()
user.name = None
- user.access_rank = 'anonymous'
+ user.rank = 'anonymous'
user.password = None
return user
diff --git a/server/szurubooru/tests/api/test_user_api.py b/server/szurubooru/tests/api/test_user_api.py
index 5d106c2..b2b4b8c 100644
--- a/server/szurubooru/tests/api/test_user_api.py
+++ b/server/szurubooru/tests/api/test_user_api.py
@@ -29,7 +29,7 @@ class TestRetrievingUsers(DatabaseTestCase):
user2 = util.mock_user('u2', 'mod')
self.session.add_all([user1, user2])
util.mock_params(self.context, {'query': '', 'page': 1})
- self.context.user.access_rank = 'regular_user'
+ self.context.user.rank = 'regular_user'
api_ = api.UserListApi()
result = api_.get(self.context)
self.assertEqual(result['query'], '')
@@ -39,7 +39,7 @@ class TestRetrievingUsers(DatabaseTestCase):
self.assertEqual([u['name'] for u in result['users']], ['u1', 'u2'])
def test_retrieving_multiple_without_privileges(self):
- self.context.user.access_rank = 'anonymous'
+ self.context.user.rank = 'anonymous'
util.mock_params(self.context, {'query': '', 'page': 1})
api_ = api.UserListApi()
self.assertRaises(errors.AuthError, api_.get, self.context)
@@ -47,25 +47,25 @@ class TestRetrievingUsers(DatabaseTestCase):
def test_retrieving_single(self):
user = util.mock_user('u1', 'regular_user')
self.session.add(user)
- self.context.user.access_rank = 'regular_user'
+ self.context.user.rank = 'regular_user'
util.mock_params(self.context, {'query': '', 'page': 1})
api_ = api.UserDetailApi()
result = api_.get(self.context, 'u1')
self.assertEqual(result['user']['id'], user.user_id)
self.assertEqual(result['user']['name'], 'u1')
- self.assertEqual(result['user']['accessRank'], 'regular_user')
+ self.assertEqual(result['user']['rank'], 'regular_user')
self.assertEqual(result['user']['creationTime'], datetime(1997, 1, 1))
self.assertEqual(result['user']['lastLoginTime'], None)
self.assertEqual(result['user']['avatarStyle'], 1) # i.e. integer
def test_retrieving_non_existing(self):
- self.context.user.access_rank = 'regular_user'
+ self.context.user.rank = 'regular_user'
util.mock_params(self.context, {'query': '', 'page': 1})
api_ = api.UserDetailApi()
self.assertRaises(errors.NotFoundError, api_.get, self.context, '-')
def test_retrieving_single_without_privileges(self):
- self.context.user.access_rank = 'anonymous'
+ self.context.user.rank = 'anonymous'
util.mock_params(self.context, {'query': '', 'page': 1})
api_ = api.UserDetailApi()
self.assertRaises(errors.AuthError, api_.get, self.context, '-')
@@ -94,7 +94,7 @@ class TestCreatingUser(DatabaseTestCase):
self.context.session = self.session
self.context.request = {}
self.context.user = db.User()
- self.context.user.access_rank = 'anonymous'
+ self.context.user.rank = 'anonymous'
def tearDown(self):
config.config = self.old_config
@@ -109,7 +109,7 @@ class TestCreatingUser(DatabaseTestCase):
created_user = self.session.query(db.User).filter_by(name='chewie').one()
self.assertEqual(created_user.name, 'chewie')
self.assertEqual(created_user.email, 'asd@asd.asd')
- self.assertEqual(created_user.access_rank, 'regular_user')
+ self.assertEqual(created_user.rank, 'regular_user')
self.assertTrue(auth.is_valid_password(created_user, 'oks'))
self.assertFalse(auth.is_valid_password(created_user, 'invalid'))
@@ -184,7 +184,7 @@ class TestUpdatingUser(DatabaseTestCase):
admin_user = self.session.query(db.User).filter_by(name='u1').one()
self.assertEqual(admin_user.name, 'u1')
self.assertEqual(admin_user.email, 'dummy')
- self.assertEqual(admin_user.access_rank, 'admin')
+ self.assertEqual(admin_user.rank, 'admin')
def test_updating_non_existing_user(self):
admin_user = util.mock_user('u1', 'admin')
@@ -200,13 +200,13 @@ class TestUpdatingUser(DatabaseTestCase):
'name': 'chewie',
'email': 'asd@asd.asd',
'password': 'oks',
- 'accessRank': 'mod',
+ 'rank': 'mod',
}
self.api.put(self.context, 'u1')
admin_user = self.session.query(db.User).filter_by(name='chewie').one()
self.assertEqual(admin_user.name, 'chewie')
self.assertEqual(admin_user.email, 'asd@asd.asd')
- self.assertEqual(admin_user.access_rank, 'mod')
+ self.assertEqual(admin_user.rank, 'mod')
self.assertTrue(auth.is_valid_password(admin_user, 'oks'))
self.assertFalse(auth.is_valid_password(admin_user, 'invalid'))
@@ -229,7 +229,7 @@ class TestUpdatingUser(DatabaseTestCase):
self.context.request = {'password': '.'}
self.assertRaises(
errors.ValidationError, self.api.put, self.context, 'u1')
- self.context.request = {'accessRank': '.'}
+ self.context.request = {'rank': '.'}
self.assertRaises(
errors.ValidationError, self.api.put, self.context, 'u1')
self.context.request = {'email': '.'}
@@ -244,7 +244,7 @@ class TestUpdatingUser(DatabaseTestCase):
for request in [
{'name': 'whatever'},
{'email': 'whatever'},
- {'accessRank': 'whatever'},
+ {'rank': 'whatever'},
{'password': 'whatever'}]:
self.context.request = request
self.assertRaises(
@@ -275,7 +275,7 @@ class TestUpdatingUser(DatabaseTestCase):
user2 = util.mock_user('u2', 'mod')
self.session.add_all([user1, user2])
self.context.user = user1
- self.context.request = {'accessRank': 'admin'}
+ self.context.request = {'rank': 'admin'}
self.assertRaises(
errors.AuthError, self.api.put, self.context, user1.name)
self.assertRaises(
diff --git a/server/szurubooru/tests/api/util.py b/server/szurubooru/tests/api/util.py
index 31e1d20..26a1ad4 100644
--- a/server/szurubooru/tests/api/util.py
+++ b/server/szurubooru/tests/api/util.py
@@ -8,7 +8,7 @@ def mock_user(name, rank='admin'):
user.password_salt = 'dummy'
user.password_hash = 'dummy'
user.email = 'dummy'
- user.access_rank = rank
+ user.rank = rank
user.creation_time = datetime(1997, 1, 1)
user.avatar_style = db.User.AVATAR_GRAVATAR
return user
diff --git a/server/szurubooru/tests/search/test_user_search_config.py b/server/szurubooru/tests/search/test_user_search_config.py
index d1059ac..65e6585 100644
--- a/server/szurubooru/tests/search/test_user_search_config.py
+++ b/server/szurubooru/tests/search/test_user_search_config.py
@@ -1,6 +1,7 @@
from datetime import datetime
from szurubooru import db, errors, search
from szurubooru.tests.database_test_case import DatabaseTestCase
+from szurubooru.tests.api import util
class TestUserSearchExecutor(DatabaseTestCase):
def setUp(self):
@@ -8,26 +9,14 @@ class TestUserSearchExecutor(DatabaseTestCase):
self.search_config = search.UserSearchConfig()
self.executor = search.SearchExecutor(self.search_config)
- def _create_user(self, name):
- user = db.User()
- user.name = name
- user.password = 'dummy'
- user.password_salt = 'dummy'
- user.password_hash = 'dummy'
- user.email = 'dummy'
- user.access_rank = 'dummy'
- user.creation_time = datetime.now()
- user.avatar_style = db.User.AVATAR_GRAVATAR
- return user
-
def _test(self, query, page, expected_count, expected_user_names):
count, users = self.executor.execute(self.session, query, page)
self.assertEqual(count, expected_count)
self.assertEqual([u.name for u in users], expected_user_names)
def test_filter_by_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2015, 1, 1)
self.session.add_all([user1, user2])
@@ -35,8 +24,8 @@ class TestUserSearchExecutor(DatabaseTestCase):
self._test('%s:2014' % alias, 1, 1, ['u1'])
def test_filter_by_negated_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2015, 1, 1)
self.session.add_all([user1, user2])
@@ -44,9 +33,9 @@ class TestUserSearchExecutor(DatabaseTestCase):
self._test('-%s:2014' % alias, 1, 1, ['u2'])
def test_filter_by_ranged_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
- user3 = self._create_user('u3')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
+ user3 = util.mock_user('u3')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2014, 6, 1)
user3.creation_time = datetime(2015, 1, 1)
@@ -60,9 +49,9 @@ class TestUserSearchExecutor(DatabaseTestCase):
errors.SearchError, self.executor.execute, self.session, '%s:..', 1)
def test_filter_by_negated_ranged_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
- user3 = self._create_user('u3')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
+ user3 = util.mock_user('u3')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2014, 6, 1)
user3.creation_time = datetime(2015, 1, 1)
@@ -72,9 +61,9 @@ class TestUserSearchExecutor(DatabaseTestCase):
self._test('-%s:2014-06..2015-01-01' % alias, 1, 1, ['u1'])
def test_filter_by_composite_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
- user3 = self._create_user('u3')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
+ user3 = util.mock_user('u3')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2014, 6, 1)
user3.creation_time = datetime(2015, 1, 1)
@@ -83,9 +72,9 @@ class TestUserSearchExecutor(DatabaseTestCase):
self._test('%s:2014-01,2015' % alias, 1, 2, ['u1', 'u3'])
def test_filter_by_negated_composite_creation_time(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
- user3 = self._create_user('u3')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
+ user3 = util.mock_user('u3')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2014, 6, 1)
user3.creation_time = datetime(2015, 1, 1)
@@ -94,27 +83,27 @@ class TestUserSearchExecutor(DatabaseTestCase):
self._test('-%s:2014-01,2015' % alias, 1, 1, ['u2'])
def test_filter_by_name(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('name:u1', 1, 1, ['u1'])
self._test('name:u2', 1, 1, ['u2'])
def test_filter_by_negated_name(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('-name:u1', 1, 1, ['u2'])
self._test('-name:u2', 1, 1, ['u1'])
def test_filter_by_composite_name(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
- self.session.add(self._create_user('u3'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
+ self.session.add(util.mock_user('u3'))
self._test('name:u1,u2', 1, 2, ['u1', 'u2'])
def test_filter_by_negated_composite_name(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
- self.session.add(self._create_user('u3'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
+ self.session.add(util.mock_user('u3'))
self._test('-name:u1,u3', 1, 1, ['u2'])
def test_filter_by_ranged_name(self):
@@ -123,14 +112,14 @@ class TestUserSearchExecutor(DatabaseTestCase):
def test_paging(self):
self.executor.page_size = 1
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('', 1, 2, ['u1'])
self._test('', 2, 2, ['u2'])
def test_order_by_name(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('order:name', 1, 2, ['u1', 'u2'])
self._test('-order:name', 1, 2, ['u2', 'u1'])
self._test('order:name,asc', 1, 2, ['u1', 'u2'])
@@ -150,21 +139,21 @@ class TestUserSearchExecutor(DatabaseTestCase):
errors.SearchError, self.executor.execute, self.session, query, 1)
def test_anonymous(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('u1', 1, 1, ['u1'])
self._test('u2', 1, 1, ['u2'])
def test_negated_anonymous(self):
- self.session.add(self._create_user('u1'))
- self.session.add(self._create_user('u2'))
+ self.session.add(util.mock_user('u1'))
+ self.session.add(util.mock_user('u2'))
self._test('-u1', 1, 1, ['u2'])
self._test('-u2', 1, 1, ['u1'])
def test_combining(self):
- user1 = self._create_user('u1')
- user2 = self._create_user('u2')
- user3 = self._create_user('u3')
+ user1 = util.mock_user('u1')
+ user2 = util.mock_user('u2')
+ user3 = util.mock_user('u3')
user1.creation_time = datetime(2014, 1, 1)
user2.creation_time = datetime(2014, 6, 1)
user3.creation_time = datetime(2015, 1, 1)
diff --git a/server/szurubooru/util/auth.py b/server/szurubooru/util/auth.py
index 1283301..2f65b39 100644
--- a/server/szurubooru/util/auth.py
+++ b/server/szurubooru/util/auth.py
@@ -45,10 +45,10 @@ def verify_privilege(user, privilege_name):
all_ranks = config.config['service']['user_ranks']
assert privilege_name in config.config['privileges']
- assert user.access_rank in all_ranks
+ assert user.rank in all_ranks
minimal_rank = config.config['privileges'][privilege_name]
good_ranks = all_ranks[all_ranks.index(minimal_rank):]
- if user.access_rank not in good_ranks:
+ if user.rank not in good_ranks:
raise errors.AuthError('Insufficient privileges to do this.')
def generate_authentication_token(user):
diff --git a/server/szurubooru/util/users.py b/server/szurubooru/util/users.py
index 0455eb7..4e68ec6 100644
--- a/server/szurubooru/util/users.py
+++ b/server/szurubooru/util/users.py
@@ -10,7 +10,7 @@ def create_user(name, password, email):
update_name(user, name)
update_password(user, password)
update_email(user, email)
- user.access_rank = config.config['service']['default_user_rank']
+ user.rank = config.config['service']['default_user_rank']
user.creation_time = datetime.now()
user.avatar_style = db.User.AVATAR_GRAVATAR
return user
@@ -43,14 +43,14 @@ def update_email(user, email):
def update_rank(user, rank, authenticated_user):
rank = rank.strip()
- available_access_ranks = config.config['service']['user_ranks']
- if not rank in available_access_ranks:
+ available_ranks = config.config['service']['user_ranks']
+ if not rank in available_ranks:
raise errors.ValidationError(
- 'Bad access rank. Valid access ranks: %r' % available_access_ranks)
- if available_access_ranks.index(authenticated_user.access_rank) \
- < available_access_ranks.index(rank):
- raise errors.AuthError('Trying to set higher access rank than one has')
- user.access_rank = rank
+ 'Bad rank. Valid ranks: %r' % available_ranks)
+ if available_ranks.index(authenticated_user.rank) \
+ < available_ranks.index(rank):
+ raise errors.AuthError('Trying to set higher rank than your own')
+ user.rank = rank
def bump_login_time(user):
''' Update user's login time to current date. '''