diff options
author | Marcin Kuzminski <marcin@python-works.com> | 2012-07-25 00:38:05 +0200 |
---|---|---|
committer | Marcin Kuzminski <marcin@python-works.com> | 2012-07-25 00:38:05 +0200 |
commit | fd7ee08eefdf7085f5da1411c61be8f622d7e38c (patch) | |
tree | 012e4aaa66666ff5a4eb693c3479096034d95e8d | |
parent | 3318ff17146fbf46b62412b8f376893d5e610116 (diff) |
fixed api issue with changing username during update_user
--HG--
branch : beta
-rw-r--r-- | rhodecode/controllers/api/api.py | 31 | ||||
-rw-r--r-- | rhodecode/model/user.py | 22 | ||||
-rw-r--r-- | rhodecode/tests/api/api_base.py | 2 |
3 files changed, 39 insertions, 16 deletions
diff --git a/rhodecode/controllers/api/api.py b/rhodecode/controllers/api/api.py index c3a48d95..14512fb5 100644 --- a/rhodecode/controllers/api/api.py +++ b/rhodecode/controllers/api/api.py @@ -260,24 +260,25 @@ class ApiController(JSONRPCController): user = get_user_or_error(userid) - #return old attribute if Optional is passed. We don't change parameter - # so user doesn't get updated parameters - get = lambda attr, name: ( - getattr(user, name) if isinstance(attr, Optional) else attr - ) + # call function and store only updated arguments + updates = {} + + def store_update(attr, name): + if not isinstance(attr, Optional): + updates[name] = attr try: - user = UserModel().create_or_update( - username=get(username, 'username'), - password=get(password, 'password'), - email=get(email, 'email'), - firstname=get(firstname, 'name'), - lastname=get(lastname, 'lastname'), - active=get(active, 'active'), - admin=get(admin, 'admin'), - ldap_dn=get(ldap_dn, 'ldap_dn') - ) + store_update(username, 'username') + store_update(password, 'password') + store_update(email, 'email') + store_update(firstname, 'name') + store_update(lastname, 'lastname') + store_update(active, 'active') + store_update(admin, 'admin') + store_update(ldap_dn, 'ldap_dn') + + user = UserModel().update_user(user, **updates) Session().commit() return dict( msg='updated user ID:%s %s' % (user.user_id, user.username), diff --git a/rhodecode/model/user.py b/rhodecode/model/user.py index d9c98bea..8b5e3297 100644 --- a/rhodecode/model/user.py +++ b/rhodecode/model/user.py @@ -278,6 +278,28 @@ class UserModel(BaseModel): log.error(traceback.format_exc()) raise + def update_user(self, user, **kwargs): + from rhodecode.lib.auth import get_crypt_password + try: + user = self._get_user(user) + if user.username == 'default': + raise DefaultUserException( + _("You can't Edit this user since it's" + " crucial for entire application") + ) + + for k, v in kwargs.items(): + if k == 'password' and v: + v = get_crypt_password(v) + user.api_key = generate_api_key(user.username) + + setattr(user, k, v) + self.sa.add(user) + return user + except: + log.error(traceback.format_exc()) + raise + def update_my_account(self, user_id, form_data): from rhodecode.lib.auth import get_crypt_password try: diff --git a/rhodecode/tests/api/api_base.py b/rhodecode/tests/api/api_base.py index a86d9570..37fb1607 100644 --- a/rhodecode/tests/api/api_base.py +++ b/rhodecode/tests/api/api_base.py @@ -373,7 +373,7 @@ class BaseTestApi(object): expected = ret self._compare_ok(id_, expected, given=response.body) - @mock.patch.object(UserModel, 'create_or_update', crash) + @mock.patch.object(UserModel, 'update_user', crash) def test_api_update_user_when_exception_happens(self): usr = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) ret = jsonify(usr.get_api_data()) |