scl/szurubooru
1
0
Fork 0
mirror of https://github.com/rr-/szurubooru.git synced 2025-07-17 08:26:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

server/users: add user removal

Browse Source
This commit is contained in:
rr-
2016-04-09 09:21:56 +02:00
parent 6ff160b9c6
commit 450a61c1e1
3 changed files with 98 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/szurubooru/api/user_api.py
View File

@ -111,3 +111,19 @@ class UserDetailApi(BaseApi):
context.session.commit()
return {'user': _serialize_user(context.user, user)}
def delete(self, context, user_name):
''' Delete an existing user. '''
user = users.get_by_name(context.session, user_name)
if not user:
raise errors.NotFoundError('User %r not found.' % user_name)
if context.user.user_id == user.user_id:
infix = 'self'
else:
infix = 'any'
auth.verify_privilege(context.user, 'users:delete:%s' % infix)
context.session.delete(user)
context.session.commit()
return {}

68
server/szurubooru/tests/api/test_user_api.py
View File

@ -10,8 +10,6 @@ class TestRetrievingUsers(DatabaseTestCase):
util.mock_config({
'privileges': {
'users:list': 'regular_user',
'users:view': 'regular_user',
'users:create': 'regular_user',
},
'avatar_thumbnail_size': 200,
'ranks': ['anonymous', 'regular_user', 'mod', 'admin'],
@ -39,6 +37,30 @@ class TestRetrievingUsers(DatabaseTestCase):
api_ = api.UserListApi()
self.assertRaises(errors.AuthError, api_.get, self.context)
def test_retrieving_non_existing(self):
self.context.user.rank = 'regular_user'
util.mock_params(self.context, {'query': 'asd', 'page': 1})
api_ = api.UserListApi()
result = api_.get(self.context)
self.assertEqual(result['query'], 'asd')
self.assertEqual(result['page'], 1)
self.assertEqual(result['pageSize'], 100)
self.assertEqual(result['total'], 0)
self.assertEqual([u['name'] for u in result['users']], [])
class TestRetrievingUser(DatabaseTestCase):
def setUp(self):
super().setUp()
util.mock_config({
'privileges': {
'users:view': 'regular_user',
},
'avatar_thumbnail_size': 200,
'ranks': ['anonymous', 'regular_user', 'mod', 'admin'],
'rank_names': {},
})
util.mock_context(self)
def test_retrieving_single(self):
user = util.mock_user('u1', 'regular_user')
self.session.add(user)
@ -65,6 +87,48 @@ class TestRetrievingUsers(DatabaseTestCase):
api_ = api.UserDetailApi()
self.assertRaises(errors.AuthError, api_.get, self.context, '-')
class TestDeletingUser(DatabaseTestCase):
def setUp(self):
super().setUp()
util.mock_config({
'privileges': {
'users:delete:self': 'regular_user',
'users:delete:any': 'mod',
},
'ranks': ['anonymous', 'regular_user', 'mod', 'admin'],
'rank_names': {},
})
util.mock_context(self)
def test_removing_oneself(self):
user1 = util.mock_user('u1', 'regular_user')
user2 = util.mock_user('u2', 'regular_user')
self.session.add_all([user1, user2])
self.session.commit()
self.context.user.user_id = user1.user_id
self.context.user.rank = 'regular_user'
api_ = api.UserDetailApi()
self.assertRaises(errors.AuthError, api_.delete, self.context, 'u2')
api_.delete(self.context, 'u1')
self.assertEqual(self.session.query(db.User).filter_by(name='u1').all(), [])
def test_removing_someone_else(self):
user1 = util.mock_user('u1', 'regular_user')
user2 = util.mock_user('u2', 'regular_user')
self.session.add_all([user1, user2])
self.session.commit()
self.context.user.rank = 'mod'
api_ = api.UserDetailApi()
api_.delete(self.context, 'u1')
api_.delete(self.context, 'u2')
self.assertEqual(self.session.query(db.User).filter_by(name='u1').all(), [])
self.assertEqual(self.session.query(db.User).filter_by(name='u2').all(), [])
def test_removing_non_existing(self):
self.context.user.rank = 'regular_user'
api_ = api.UserDetailApi()
self.assertRaises(errors.NotFoundError, api_.delete, self.context, 'bad')
class TestCreatingUser(DatabaseTestCase):
def setUp(self):
super().setUp()