haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-21 11:27:18 +00:00
Code Issues Releases Wiki Activity

Merge pull request #1728 from haiwen/clear-token

Browse Source 
update clear token
This commit is contained in:
xiez
2017-08-01 16:35:16 +08:00
committed by GitHub
parent f031cbe74e 259655b6bd
commit 1e03661d2d
6 changed files with 59 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
seahub/api2/endpoints/admin/org_users.py
View File

@@ -10,7 +10,7 @@ from rest_framework import status
from constance import config from constance import config
from seaserv import ccnet_api, seafile_api from seaserv import ccnet_api, seafile_api
from seahub.utils import clear_token, is_valid_email from seahub.utils import is_valid_email
from seahub.utils.licenseparse import user_number_over_limit from seahub.utils.licenseparse import user_number_over_limit
from seahub.utils.file_size import get_file_size_unit from seahub.utils.file_size import get_file_size_unit
from seahub.base.accounts import User from seahub.base.accounts import User
@@ -213,13 +213,6 @@ class AdminOrgUser(APIView):
else: else:
user.is_active = False user.is_active = False
# clear web api and repo sync token
# when inactive an user
try:
clear_token(email)
except Exception as e:
logger.error(e)
try: try:
# update user status # update user status
result_code = user.save() result_code = user.save()

3
seahub/auth/forms.py
View File

@@ -9,7 +9,7 @@ from seahub.auth import authenticate
from seahub.auth.tokens import default_token_generator from seahub.auth.tokens import default_token_generator
from seahub.profile.models import Profile from seahub.profile.models import Profile
from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \ from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \
is_valid_username, is_ldap_user, is_user_password_strong, clear_token is_ldap_user, is_user_password_strong
from captcha.fields import CaptchaField from captcha.fields import CaptchaField
@@ -170,7 +170,6 @@ class SetPasswordForm(forms.Form):
self.user.set_password(self.cleaned_data['new_password1']) self.user.set_password(self.cleaned_data['new_password1'])
if commit: if commit:
self.user.save() self.user.save()
clear_token(self.user.username)
return self.user return self.user
class PasswordChangeForm(SetPasswordForm): class PasswordChangeForm(SetPasswordForm):

26
seahub/base/accounts.py
View File

@@ -1,6 +1,7 @@
# Copyright (c) 2012-2016 Seafile Ltd. # Copyright (c) 2012-2016 Seafile Ltd.
# encoding: utf-8 # encoding: utf-8
import re import re
import logging
from django import forms from django import forms
from django.core.mail import send_mail from django.core.mail import send_mail
@@ -32,6 +33,8 @@ try:
except ImportError: except ImportError:
MULTI_TENANCY = False MULTI_TENANCY = False
logger = logging.getLogger(__name__)
UNUSABLE_PASSWORD = '!' # This will never be a valid hash UNUSABLE_PASSWORD = '!' # This will never be a valid hash
class UserManager(object): class UserManager(object):
@@ -197,6 +200,14 @@ class User(object):
else: else:
source = "LDAP" source = "LDAP"
if not self.is_active:
# clear web api and repo sync token
# when inactive an user
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
result_code = ccnet_threaded_rpc.update_emailuser(source, result_code = ccnet_threaded_rpc.update_emailuser(source,
emailuser.id, emailuser.id,
self.password, self.password,
@@ -253,7 +264,13 @@ class User(object):
for r in shared_in_repos: for r in shared_in_repos:
seafile_api.remove_share(r.repo_id, r.user, username) seafile_api.remove_share(r.repo_id, r.user, username)
clear_token(username) # clear web api and repo sync token
# when delete user
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
# remove current user from joined groups # remove current user from joined groups
ccnet_api.remove_group_user(username) ccnet_api.remove_group_user(username)
ccnet_api.remove_emailuser(source, username) ccnet_api.remove_emailuser(source, username)
@@ -273,6 +290,13 @@ class User(object):
else: else:
self.password = '%s' % raw_password self.password = '%s' % raw_password
# clear web api and repo sync token
# when user password change
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
def check_password(self, raw_password): def check_password(self, raw_password):
""" """
Returns a boolean of whether the raw_password was correct. Handles Returns a boolean of whether the raw_password was correct. Handles

5
seahub/institutions/views.py
View File

@@ -20,7 +20,7 @@ from seahub.institutions.decorators import (inst_admin_required,
inst_admin_can_manage_user) inst_admin_can_manage_user)
from seahub.institutions.utils import get_institution_available_quota from seahub.institutions.utils import get_institution_available_quota
from seahub.profile.models import Profile, DetailedProfile from seahub.profile.models import Profile, DetailedProfile
from seahub.utils import is_valid_username, clear_token from seahub.utils import is_valid_username
from seahub.utils.rpc import mute_seafile_api from seahub.utils.rpc import mute_seafile_api
from seahub.utils.file_size import get_file_size_unit from seahub.utils.file_size import get_file_size_unit
from seahub.views.sysadmin import email_user_on_activation, populate_user_info from seahub.views.sysadmin import email_user_on_activation, populate_user_info
@@ -253,8 +253,7 @@ def user_toggle_status(request, email):
return HttpResponse(json.dumps({'success': True, return HttpResponse(json.dumps({'success': True,
'email_sent': email_sent, 'email_sent': email_sent,
}), content_type=content_type) }), content_type=content_type)
else:
clear_token(user.email)
return HttpResponse(json.dumps({'success': True}), return HttpResponse(json.dumps({'success': True}),
content_type=content_type) content_type=content_type)
except User.DoesNotExist: except User.DoesNotExist:

7
seahub/views/sysadmin.py
View File

@@ -42,7 +42,7 @@ from seahub.invitations.models import Invitation
from seahub.role_permissions.utils import get_available_roles from seahub.role_permissions.utils import get_available_roles
from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username, \ from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username, \
is_pro_version, send_html_email, get_user_traffic_list, get_server_id, \ is_pro_version, send_html_email, get_user_traffic_list, get_server_id, \
clear_token, handle_virus_record, get_virus_record_by_id, \ handle_virus_record, get_virus_record_by_id, \
get_virus_record, FILE_AUDIT_ENABLED, get_max_upload_file_size get_virus_record, FILE_AUDIT_ENABLED, get_max_upload_file_size
from seahub.utils.file_size import get_file_size_unit from seahub.utils.file_size import get_file_size_unit
from seahub.utils.ldap import get_ldap_info from seahub.utils.ldap import get_ldap_info
@@ -904,10 +904,10 @@ def user_toggle_status(request, email):
return HttpResponse(json.dumps({'success': True, return HttpResponse(json.dumps({'success': True,
'email_sent': email_sent, 'email_sent': email_sent,
}), content_type=content_type) }), content_type=content_type)
else:
clear_token(user.email)
return HttpResponse(json.dumps({'success': True}), return HttpResponse(json.dumps({'success': True}),
content_type=content_type) content_type=content_type)
except User.DoesNotExist: except User.DoesNotExist:
return HttpResponse(json.dumps({'success': False}), status=500, return HttpResponse(json.dumps({'success': False}), status=500,
content_type=content_type) content_type=content_type)
@@ -967,7 +967,6 @@ def user_reset(request, email):
user.set_password(new_password) user.set_password(new_password)
user.save() user.save()
clear_token(user.username)
if config.FORCE_PASSWORD_CHANGE: if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(user.username) UserOptions.objects.set_force_passwd_change(user.username)

29
tests/api/endpoints/test_account.py
View File

@@ -9,6 +9,8 @@ from seahub.base.templatetags.seahub_tags import email2nickname
from seahub.profile.models import Profile from seahub.profile.models import Profile
from seahub.test_utils import BaseTestCase from seahub.test_utils import BaseTestCase
from tests.common.utils import randstring from tests.common.utils import randstring
from tests.api.urls import TOKEN_URL
from seahub.api2.models import TokenV2
class AccountTest(BaseTestCase): class AccountTest(BaseTestCase):
def setUp(self): def setUp(self):
@@ -142,14 +144,14 @@ class AccountTest(BaseTestCase):
def test_update_name(self): def test_update_name(self):
"""only test name""" """only test name"""
self.login_as(self.admin) self.login_as(self.admin)
resp = self._do_update_name() self._do_update_name()
self.assertEqual(Profile.objects.get_profile_by_user( self.assertEqual(Profile.objects.get_profile_by_user(
self.user1.username).nickname, 'user1') self.user1.username).nickname, 'user1')
def test_update_loginid(self): def test_update_loginid(self):
"""only test loginid""" """only test loginid"""
self.login_as(self.admin) self.login_as(self.admin)
resp = self._do_update_loginid() self._do_update_loginid()
self.assertEqual(Profile.objects.get_profile_by_user( self.assertEqual(Profile.objects.get_profile_by_user(
self.user1.username).login_id, 'hello') self.user1.username).login_id, 'hello')
@@ -239,6 +241,29 @@ class AccountTest(BaseTestCase):
self.assertEqual(user2_groups[1].id, other_group.id) self.assertEqual(user2_groups[1].id, other_group.id)
self.assertEqual(user2_groups[1].creator_name, self.user.username) self.assertEqual(user2_groups[1].creator_name, self.user.username)
def test_inactive_user(self):
self.login_as(self.admin)
username = self.user1.username
data = {
'username': username,
'password': 'secret',
'platform': 'windows',
'device_id': randstring(length=40),
'device_name': 'fake-device-name',
'client_version': '4.1.0',
'platform_version': '',
}
self.client.post(TOKEN_URL, data=data)
assert len(TokenV2.objects.filter(user=username)) == 1
url = reverse('api2-account', args=[self.user1.username])
data = 'is_active=0'
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert len(TokenV2.objects.filter(user=username)) == 0
def test_delete(self): def test_delete(self):
self.login_as(self.admin) self.login_as(self.admin)