haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-21 19:37:28 +00:00
Code Issues Releases Wiki Activity

update clear token

Browse Source 
clear token when inactive user, delete user, change user password
This commit is contained in:
lian
2017-07-28 16:25:56 +08:00
parent d597623b14
commit 259655b6bd
6 changed files with 59 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
seahub/api2/endpoints/admin/org_users.py
View File

@@ -10,7 +10,7 @@ from rest_framework import status
from constance import config
from seaserv import ccnet_api, seafile_api
from seahub.utils import clear_token, is_valid_email
from seahub.utils import is_valid_email
from seahub.utils.licenseparse import user_number_over_limit
from seahub.utils.file_size import get_file_size_unit
from seahub.base.accounts import User
@@ -213,13 +213,6 @@ class AdminOrgUser(APIView):
else:
user.is_active = False
# clear web api and repo sync token
# when inactive an user
try:
clear_token(email)
except Exception as e:
logger.error(e)
try:
# update user status
result_code = user.save()

3
seahub/auth/forms.py
View File

@@ -9,7 +9,7 @@ from seahub.auth import authenticate
from seahub.auth.tokens import default_token_generator
from seahub.profile.models import Profile
from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \
is_valid_username, is_ldap_user, is_user_password_strong, clear_token
is_ldap_user, is_user_password_strong
from captcha.fields import CaptchaField
@@ -170,7 +170,6 @@ class SetPasswordForm(forms.Form):
self.user.set_password(self.cleaned_data['new_password1'])
if commit:
self.user.save()
clear_token(self.user.username)
return self.user
class PasswordChangeForm(SetPasswordForm):

26
seahub/base/accounts.py
View File

@@ -1,6 +1,7 @@
# Copyright (c) 2012-2016 Seafile Ltd.
# encoding: utf-8
import re
import logging
from django import forms
from django.core.mail import send_mail
@@ -32,6 +33,8 @@ try:
except ImportError:
MULTI_TENANCY = False
logger = logging.getLogger(__name__)
UNUSABLE_PASSWORD = '!' # This will never be a valid hash
class UserManager(object):
@@ -197,6 +200,14 @@ class User(object):
else:
source = "LDAP"
if not self.is_active:
# clear web api and repo sync token
# when inactive an user
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
result_code = ccnet_threaded_rpc.update_emailuser(source,
emailuser.id,
self.password,
@@ -253,7 +264,13 @@ class User(object):
for r in shared_in_repos:
seafile_api.remove_share(r.repo_id, r.user, username)
clear_token(username)
# clear web api and repo sync token
# when delete user
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
# remove current user from joined groups
ccnet_api.remove_group_user(username)
ccnet_api.remove_emailuser(source, username)
@@ -273,6 +290,13 @@ class User(object):
else:
self.password = '%s' % raw_password
# clear web api and repo sync token
# when user password change
try:
clear_token(self.username)
except Exception as e:
logger.error(e)
def check_password(self, raw_password):
"""
Returns a boolean of whether the raw_password was correct. Handles

5
seahub/institutions/views.py
View File

@@ -20,7 +20,7 @@ from seahub.institutions.decorators import (inst_admin_required,
inst_admin_can_manage_user)
from seahub.institutions.utils import get_institution_available_quota
from seahub.profile.models import Profile, DetailedProfile
from seahub.utils import is_valid_username, clear_token
from seahub.utils import is_valid_username
from seahub.utils.rpc import mute_seafile_api
from seahub.utils.file_size import get_file_size_unit
from seahub.views.sysadmin import email_user_on_activation, populate_user_info
@@ -253,8 +253,7 @@ def user_toggle_status(request, email):
return HttpResponse(json.dumps({'success': True,
'email_sent': email_sent,
}), content_type=content_type)
else:
clear_token(user.email)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
except User.DoesNotExist:

7
seahub/views/sysadmin.py
View File

@@ -42,7 +42,7 @@ from seahub.invitations.models import Invitation
from seahub.role_permissions.utils import get_available_roles
from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username, \
is_pro_version, send_html_email, get_user_traffic_list, get_server_id, \
clear_token, handle_virus_record, get_virus_record_by_id, \
handle_virus_record, get_virus_record_by_id, \
get_virus_record, FILE_AUDIT_ENABLED, get_max_upload_file_size
from seahub.utils.file_size import get_file_size_unit
from seahub.utils.ldap import get_ldap_info
@@ -880,10 +880,10 @@ def user_toggle_status(request, email):
return HttpResponse(json.dumps({'success': True,
'email_sent': email_sent,
}), content_type=content_type)
else:
clear_token(user.email)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
except User.DoesNotExist:
return HttpResponse(json.dumps({'success': False}), status=500,
content_type=content_type)
@@ -943,7 +943,6 @@ def user_reset(request, email):
user.set_password(new_password)
user.save()
clear_token(user.username)
if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(user.username)

29
tests/api/endpoints/test_account.py
View File

@@ -9,6 +9,8 @@ from seahub.base.templatetags.seahub_tags import email2nickname
from seahub.profile.models import Profile
from seahub.test_utils import BaseTestCase
from tests.common.utils import randstring
from tests.api.urls import TOKEN_URL
from seahub.api2.models import TokenV2
class AccountTest(BaseTestCase):
def setUp(self):
@@ -142,14 +144,14 @@ class AccountTest(BaseTestCase):
def test_update_name(self):
"""only test name"""
self.login_as(self.admin)
resp = self._do_update_name()
self._do_update_name()
self.assertEqual(Profile.objects.get_profile_by_user(
self.user1.username).nickname, 'user1')
def test_update_loginid(self):
"""only test loginid"""
self.login_as(self.admin)
resp = self._do_update_loginid()
self._do_update_loginid()
self.assertEqual(Profile.objects.get_profile_by_user(
self.user1.username).login_id, 'hello')
@@ -239,6 +241,29 @@ class AccountTest(BaseTestCase):
self.assertEqual(user2_groups[1].id, other_group.id)
self.assertEqual(user2_groups[1].creator_name, self.user.username)
def test_inactive_user(self):
self.login_as(self.admin)
username = self.user1.username
data = {
'username': username,
'password': 'secret',
'platform': 'windows',
'device_id': randstring(length=40),
'device_name': 'fake-device-name',
'client_version': '4.1.0',
'platform_version': '',
}
self.client.post(TOKEN_URL, data=data)
assert len(TokenV2.objects.filter(user=username)) == 1
url = reverse('api2-account', args=[self.user1.username])
data = 'is_active=0'
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert len(TokenV2.objects.filter(user=username)) == 0
def test_delete(self):
self.login_as(self.admin)