forked from s3lph/matemat
Merge branch 'staging' into 'master'
User bootstrapping See merge request s3lph/matemat!33
This commit is contained in:
commit
b478d4542b
7 changed files with 113 additions and 7 deletions
2
doc
2
doc
|
@ -1 +1 @@
|
|||
Subproject commit c3cbf1fdabc81c3e73d831655fe4d9c2d3d8330c
|
||||
Subproject commit 9449a6dc39843969d3b549f05848b5857c23cfa3
|
|
@ -62,9 +62,22 @@ class MatematDatabase(object):
|
|||
"""
|
||||
return self.db.transaction(exclusive=exclusive)
|
||||
|
||||
def list_users(self) -> List[User]:
|
||||
def has_admin_users(self) -> bool:
|
||||
"""
|
||||
Check whether the instance has any admin users configured.
|
||||
|
||||
:return: True if there are admin users, false otherwise.
|
||||
"""
|
||||
with self.db.transaction(exclusive=False) as c:
|
||||
c.execute('SELECT COUNT(user_id) FROM users WHERE is_admin = 1')
|
||||
n, = c.fetchone()
|
||||
return n > 0
|
||||
|
||||
def list_users(self, with_touchkey: bool = False) -> List[User]:
|
||||
"""
|
||||
Return a list of users in the database.
|
||||
|
||||
:param with_touchkey: If true, only lists those users that have a touchkey set. Defaults to false.
|
||||
:return: A list of users.
|
||||
"""
|
||||
users: List[User] = []
|
||||
|
@ -72,7 +85,10 @@ class MatematDatabase(object):
|
|||
for row in c.execute('''
|
||||
SELECT user_id, username, email, is_admin, is_member, balance
|
||||
FROM users
|
||||
'''):
|
||||
WHERE touchkey IS NOT NULL OR NOT :must_have_touchkey
|
||||
''', {
|
||||
'must_have_touchkey': with_touchkey
|
||||
}):
|
||||
# Decompose each row and put the values into a User object
|
||||
user_id, username, email, is_admin, is_member, balance = row
|
||||
users.append(User(user_id, username, balance, email, is_admin, is_member))
|
||||
|
|
|
@ -4,6 +4,7 @@ import unittest
|
|||
import crypt
|
||||
|
||||
from matemat.db import MatematDatabase
|
||||
from matemat.db.primitives import User
|
||||
from matemat.exceptions import AuthenticationError, DatabaseConsistencyError
|
||||
|
||||
|
||||
|
@ -43,10 +44,14 @@ class DatabaseTest(unittest.TestCase):
|
|||
with self.db as db:
|
||||
users = db.list_users()
|
||||
self.assertEqual(0, len(users))
|
||||
db.create_user('testuser', 'supersecurepassword', 'testuser@example.com', True, True)
|
||||
users = db.list_users(with_touchkey=True)
|
||||
self.assertEqual(0, len(users))
|
||||
testuser: User = db.create_user('testuser', 'supersecurepassword', 'testuser@example.com', True, True)
|
||||
db.change_touchkey(testuser, '', 'touchkey', verify_password=False)
|
||||
db.create_user('anothertestuser', 'otherpassword', 'anothertestuser@example.com', False, True)
|
||||
db.create_user('yatu', 'igotapasswordtoo', 'yatu@example.com', False, False)
|
||||
users = db.list_users()
|
||||
users_with_touchkey = db.list_users(with_touchkey=True)
|
||||
self.assertEqual(3, len(users))
|
||||
usercheck = {}
|
||||
for user in users:
|
||||
|
@ -64,6 +69,16 @@ class DatabaseTest(unittest.TestCase):
|
|||
self.assertFalse(user.is_admin)
|
||||
usercheck[user.id] = 1
|
||||
self.assertEqual(3, len(usercheck))
|
||||
self.assertEqual(1, len(users_with_touchkey))
|
||||
self.assertEqual('testuser', users_with_touchkey[0].name)
|
||||
|
||||
def test_has_admin_users(self):
|
||||
with self.db as db:
|
||||
self.assertFalse(db.has_admin_users())
|
||||
testuser: User = db.create_user('testuser', 'supersecurepassword', 'testuser@example.com', True, True)
|
||||
self.assertTrue(db.has_admin_users())
|
||||
db.change_user(testuser, agent=testuser, is_admin=False)
|
||||
self.assertFalse(db.has_admin_users())
|
||||
|
||||
def test_login(self) -> None:
|
||||
with self.db as db:
|
||||
|
|
|
@ -13,3 +13,4 @@ from .deposit import deposit
|
|||
from .admin import admin
|
||||
from .moduser import moduser
|
||||
from .modproduct import modproduct
|
||||
from .userbootstrap import userbootstrap
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
from typing import Any, Dict, Union
|
||||
|
||||
from matemat.webserver import pagelet, RequestArguments, PageletResponse, TemplateResponse
|
||||
from matemat.webserver import pagelet, RequestArguments, PageletResponse, TemplateResponse, RedirectResponse
|
||||
from matemat.db import MatematDatabase
|
||||
|
||||
|
||||
|
@ -30,7 +30,10 @@ def main_page(method: str,
|
|||
authuser=user, products=products, authlevel=authlevel,
|
||||
setupname=config['InstanceName'])
|
||||
else:
|
||||
# If there are no admin users registered, jump to the admin creation procedure
|
||||
if not db.has_admin_users():
|
||||
return RedirectResponse('/userbootstrap')
|
||||
# If no user is logged in, fetch the list of users and render the userlist template
|
||||
users = db.list_users()
|
||||
users = db.list_users(with_touchkey=True)
|
||||
return TemplateResponse('userlist.html',
|
||||
users=users, setupname=config['InstanceName'])
|
||||
|
|
43
matemat/webserver/pagelets/userbootstrap.py
Normal file
43
matemat/webserver/pagelets/userbootstrap.py
Normal file
|
@ -0,0 +1,43 @@
|
|||
|
||||
from typing import Any, Dict, Union
|
||||
|
||||
from matemat.db import MatematDatabase
|
||||
from matemat.webserver import pagelet, RequestArguments, PageletResponse, RedirectResponse, TemplateResponse
|
||||
from matemat.exceptions import HttpException
|
||||
|
||||
|
||||
@pagelet('/userbootstrap')
|
||||
def userbootstrap(method: str,
|
||||
path: str,
|
||||
args: RequestArguments,
|
||||
session_vars: Dict[str, Any],
|
||||
headers: Dict[str, str],
|
||||
config: Dict[str, str]) \
|
||||
-> Union[bytes, str, PageletResponse]:
|
||||
"""
|
||||
The page for creating a first admin user. To be used when the system is set up the first time, or when there are no
|
||||
admin users left.
|
||||
"""
|
||||
with MatematDatabase(config['DatabaseFile']) as db:
|
||||
# Redirect to main if there are still administrators registered
|
||||
if db.has_admin_users():
|
||||
return RedirectResponse('/')
|
||||
# Process submission
|
||||
if method == 'POST':
|
||||
# Make sure all required values are present
|
||||
if 'username' not in args or 'password' not in args or 'password2' not in args:
|
||||
raise HttpException(400, 'Some arguments are missing')
|
||||
username: str = str(args.username)
|
||||
password: str = str(args.password)
|
||||
password2: str = str(args.password2)
|
||||
# The 2 passwords must match
|
||||
if password != password2:
|
||||
return RedirectResponse('/userbootstrap')
|
||||
# Create the admin user
|
||||
db.create_user(username, password, None, True, False)
|
||||
# Redirect to the main page
|
||||
return RedirectResponse('/')
|
||||
# Requested via GET; show the user creation UI
|
||||
else:
|
||||
return TemplateResponse('userbootstrap.html',
|
||||
setupname=config['InstanceName'])
|
28
templates/userbootstrap.html
Normal file
28
templates/userbootstrap.html
Normal file
|
@ -0,0 +1,28 @@
|
|||
{% extends "base.html" %}
|
||||
|
||||
{% block header %}
|
||||
{# Show the setup name, as set in the config file, as page title followed by "Setup". Don't escape HTML entities. #}
|
||||
<h1>{{ setupname|safe }} Setup</h1>
|
||||
{{ super() }}
|
||||
{% endblock %}
|
||||
|
||||
{% block main %}
|
||||
|
||||
{# Show a user creation form #}
|
||||
Please create an admin user account
|
||||
<form method="post" action="/userbootstrap" accept-charset="UTF-8">
|
||||
<label for="username">Username: </label>
|
||||
<input id="username" type="text" name="username"/><br/>
|
||||
|
||||
<label for="password">Password: </label>
|
||||
<input id="password" type="password" name="password"/><br/>
|
||||
|
||||
<label for="password2">Repeat: </label>
|
||||
<input id="password2" type="password" name="password2"/><br/>
|
||||
|
||||
<input type="submit" value="Create user">
|
||||
</form>
|
||||
|
||||
{{ super() }}
|
||||
|
||||
{% endblock %}
|
Loading…
Reference in a new issue