From ee28d9553777b34993c1ab062803766bc245df29 Mon Sep 17 00:00:00 2001 From: rr- Date: Fri, 8 Apr 2016 19:46:59 +0200 Subject: [PATCH] server/users: first user becomes an admin --- server/szurubooru/api/user_api.py | 2 +- server/szurubooru/tests/api/test_user_api.py | 18 +++++++++++++++++- server/szurubooru/util/users.py | 7 +++++-- 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/server/szurubooru/api/user_api.py b/server/szurubooru/api/user_api.py index fa6a4e4..1c053bf 100644 --- a/server/szurubooru/api/user_api.py +++ b/server/szurubooru/api/user_api.py @@ -61,7 +61,7 @@ class UserListApi(BaseApi): if users.get_by_name(context.session, name): raise errors.IntegrityError('User %r already exists.' % name) - user = users.create_user(name, password, email) + user = users.create_user(context.session, name, password, email) context.session.add(user) context.session.commit() return {'user': _serialize_user(context.user, user)} diff --git a/server/szurubooru/tests/api/test_user_api.py b/server/szurubooru/tests/api/test_user_api.py index a714c01..210a4bd 100644 --- a/server/szurubooru/tests/api/test_user_api.py +++ b/server/szurubooru/tests/api/test_user_api.py @@ -84,7 +84,7 @@ class TestCreatingUser(DatabaseTestCase): util.mock_context(self) self.context.user.rank = 'anonymous' - def test_creating_valid_user(self): + def test_first_user_becomes_admin(self): self.context.request = { 'name': 'chewie', 'email': 'asd@asd.asd', @@ -94,6 +94,22 @@ class TestCreatingUser(DatabaseTestCase): created_user = self.session.query(db.User).filter_by(name='chewie').one() self.assertEqual(created_user.name, 'chewie') self.assertEqual(created_user.email, 'asd@asd.asd') + self.assertEqual(created_user.rank, 'admin') + self.assertTrue(auth.is_valid_password(created_user, 'oks')) + self.assertFalse(auth.is_valid_password(created_user, 'invalid')) + + def test_subsequent_users_are_created_normally(self): + self.context.request = { + 'name': 'chewie', + 'email': 'asd@asd.asd', + 'password': 'oks', + } + self.api.post(self.context) + self.context.request['name'] = 'chewie2' + self.api.post(self.context) + created_user = self.session.query(db.User).filter_by(name='chewie2').one() + self.assertEqual(created_user.name, 'chewie2') + self.assertEqual(created_user.email, 'asd@asd.asd') self.assertEqual(created_user.rank, 'regular_user') self.assertTrue(auth.is_valid_password(created_user, 'oks')) self.assertFalse(auth.is_valid_password(created_user, 'invalid')) diff --git a/server/szurubooru/util/users.py b/server/szurubooru/util/users.py index f1fb654..0c65304 100644 --- a/server/szurubooru/util/users.py +++ b/server/szurubooru/util/users.py @@ -4,13 +4,16 @@ from sqlalchemy import func from szurubooru import config, db, errors from szurubooru.util import auth, misc -def create_user(name, password, email): +def create_user(session, name, password, email): ''' Create an user with given parameters and returns it. ''' user = db.User() update_name(user, name) update_password(user, password) update_email(user, email) - user.rank = config.config['default_rank'] + if not session.query(db.User).count(): + user.rank = config.config['ranks'][-1] + else: + user.rank = config.config['default_rank'] user.creation_time = datetime.now() user.avatar_style = db.User.AVATAR_GRAVATAR return user