add error check when update user status and add user

2025-09-20 19:08:21 +00:00 · 2015-09-09 10:47:36 +08:00
parent 70e548cf14
commit fa5e4dfb60
3 changed files with 29 additions and 14 deletions
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -292,10 +292,15 @@ class Account(APIView):
        copy['email'] = email
        serializer = AccountSerializer(data=copy)
        if serializer.is_valid():
+            try:
                user = User.objects.create_user(serializer.object['email'],
                                                serializer.object['password'],
                                                serializer.object['is_staff'],
                                                serializer.object['is_active'])
+            except User.DoesNotExist as e:
+                logger.error(e)
+                return api_error(status.HTTP_403_FORBIDDEN,
+                                 'Fail to add user.')

            self._update_account_profile(request, user.username)

@@ -332,7 +337,11 @@ class Account(APIView):
        if is_active is not None:
            user.is_active = is_active

-        user.save()
+        result_code = user.save()
+        if result_code == -1:
+            return api_error(status.HTTP_403_FORBIDDEN,
+                             'Fail to update user.')
+
        self._update_account_profile(request, user.username)

        try:
--- a/seahub/base/accounts.py
+++ b/seahub/base/accounts.py
@@ -160,15 +160,18 @@ class User(object):
            else:
                source = "LDAP"

-            ccnet_threaded_rpc.update_emailuser(source,
+            result_code = ccnet_threaded_rpc.update_emailuser(source,
                                                              emailuser.id,
                                                              self.password,
                                                              int(self.is_staff),
                                                              int(self.is_active))
        else:
-            ccnet_threaded_rpc.add_emailuser(self.username, self.password,
+            result_code = ccnet_threaded_rpc.add_emailuser(self.username,
+                                                           self.password,
                                                           int(self.is_staff),
                                                           int(self.is_active))
+        # -1 stands for failed; 0 stands for success
+        return result_code

    def delete(self):
        """
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -867,7 +867,10 @@ def user_toggle_status(request, email):
    try:
        user = User.objects.get(email)
        user.is_active = bool(user_status)
-        user.save()
+        result_code = user.save()
+        if result_code == -1:
+            return HttpResponse(json.dumps({'success': False}), status=403,
+                                content_type=content_type)

        if user.is_active is True:
            try: