From 37f51ef983fb38ebc6f761842add961c446cdee0 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Fri, 7 Oct 2016 11:37:36 -0500 Subject: [PATCH] Botched the initial Flask-Login update -- is_active(), is_authenticated(), and is_anonymous() got converted into properties, so we should do the same --- src/octoprint/plugin/types.py | 4 ++-- src/octoprint/server/__init__.py | 4 ++-- src/octoprint/server/api/__init__.py | 4 ++-- src/octoprint/server/api/users.py | 12 ++++++------ src/octoprint/server/util/flask.py | 4 ++-- src/octoprint/users.py | 13 ++++++++----- 6 files changed, 22 insertions(+), 19 deletions(-) diff --git a/src/octoprint/plugin/types.py b/src/octoprint/plugin/types.py index f9659e7d..dd17d7a7 100644 --- a/src/octoprint/plugin/types.py +++ b/src/octoprint/plugin/types.py @@ -1400,8 +1400,8 @@ class SettingsPlugin(OctoPrintPlugin): if key in node: node[key] = None - conditions = dict(user=lambda: current_user is not None and not current_user.is_anonymous(), - admin=lambda: current_user is not None and not current_user.is_anonymous() and current_user.is_admin(), + conditions = dict(user=lambda: current_user is not None and not current_user.is_anonymous, + admin=lambda: current_user is not None and not current_user.is_anonymous and current_user.is_admin, never=lambda: False) for level, condition in conditions.items(): diff --git a/src/octoprint/server/__init__.py b/src/octoprint/server/__init__.py index aca26908..bbedc609 100644 --- a/src/octoprint/server/__init__.py +++ b/src/octoprint/server/__init__.py @@ -86,9 +86,9 @@ def on_identity_loaded(sender, identity): return identity.provides.add(UserNeed(user.get_id())) - if user.is_user(): + if user.is_user: identity.provides.add(RoleNeed("user")) - if user.is_admin(): + if user.is_admin: identity.provides.add(RoleNeed("admin")) def load_user(id): diff --git a/src/octoprint/server/api/__init__.py b/src/octoprint/server/api/__init__.py index 5e7afb35..7602ae18 100644 --- a/src/octoprint/server/api/__init__.py +++ b/src/octoprint/server/api/__init__.py @@ -60,7 +60,7 @@ def pluginData(name): return make_response("More than one api provider registered for {name}, can't proceed".format(name=name), 500) api_plugin = api_plugins[0] - if api_plugin.is_api_adminonly() and not current_user.is_admin(): + if api_plugin.is_api_adminonly() and not current_user.is_admin: return make_response("Forbidden", 403) response = api_plugin.on_api_get(request) @@ -87,7 +87,7 @@ def pluginCommand(name): if valid_commands is None: return make_response("Method not allowed", 405) - if api_plugin.is_api_adminonly() and not current_user.is_admin(): + if api_plugin.is_api_adminonly() and not current_user.is_admin: return make_response("Forbidden", 403) command, data, response = get_json_command_from_request(request, valid_commands) diff --git a/src/octoprint/server/api/users.py b/src/octoprint/server/api/users.py index 8335315f..fbee5c16 100644 --- a/src/octoprint/server/api/users.py +++ b/src/octoprint/server/api/users.py @@ -72,7 +72,7 @@ def getUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is not None and not current_user.is_anonymous() and (current_user.get_name() == username or current_user.is_admin()): + if current_user is not None and not current_user.is_anonymous and (current_user.get_name() == username or current_user.is_admin): user = userManager.findUser(username) if user is not None: return jsonify(user.asDict()) @@ -133,7 +133,7 @@ def changePasswordForUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is not None and not current_user.is_anonymous() and (current_user.get_name() == username or current_user.is_admin()): + if current_user is not None and not current_user.is_anonymous and (current_user.get_name() == username or current_user.is_admin): if not "application/json" in request.headers["Content-Type"]: return make_response("Expected content-type JSON", 400) @@ -161,7 +161,7 @@ def getSettingsForUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is None or current_user.is_anonymous() or (current_user.get_name() != username and not current_user.is_admin()): + if current_user is None or current_user.is_anonymous or (current_user.get_name() != username and not current_user.is_admin): return make_response("Forbidden", 403) try: @@ -175,7 +175,7 @@ def changeSettingsForUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is None or current_user.is_anonymous() or (current_user.get_name() != username and not current_user.is_admin()): + if current_user is None or current_user.is_anonymous or (current_user.get_name() != username and not current_user.is_admin): return make_response("Forbidden", 403) try: @@ -195,7 +195,7 @@ def deleteApikeyForUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is not None and not current_user.is_anonymous() and (current_user.get_name() == username or current_user.is_admin()): + if current_user is not None and not current_user.is_anonymous and (current_user.get_name() == username or current_user.is_admin): try: userManager.deleteApikey(username) except users.UnknownUser: @@ -211,7 +211,7 @@ def generateApikeyForUser(username): if not userManager.enabled: return jsonify(SUCCESS) - if current_user is not None and not current_user.is_anonymous() and (current_user.get_name() == username or current_user.is_admin()): + if current_user is not None and not current_user.is_anonymous and (current_user.get_name() == username or current_user.is_admin): try: apikey = userManager.generateApiKey(username) except users.UnknownUser: diff --git a/src/octoprint/server/util/flask.py b/src/octoprint/server/util/flask.py index ee7fe883..d7aca094 100644 --- a/src/octoprint/server/util/flask.py +++ b/src/octoprint/server/util/flask.py @@ -971,7 +971,7 @@ def admin_validator(request): """ user = _get_flask_user_from_request(request) - if user is None or not user.is_authenticated() or not user.is_admin(): + if user is None or not user.is_authenticated or not user.is_admin: raise tornado.web.HTTPError(403) @@ -986,7 +986,7 @@ def user_validator(request): """ user = _get_flask_user_from_request(request) - if user is None or not user.is_authenticated(): + if user is None or not user.is_authenticated: raise tornado.web.HTTPError(403) diff --git a/src/octoprint/users.py b/src/octoprint/users.py index e5761773..1ce377a0 100644 --- a/src/octoprint/users.py +++ b/src/octoprint/users.py @@ -428,9 +428,9 @@ class User(UserMixin): def asDict(self): return { "name": self._username, - "active": self.is_active(), - "admin": self.is_admin(), - "user": self.is_user(), + "active": self.is_active, + "admin": self.is_admin, + "user": self.is_user, "apikey": self._apikey, "settings": self._settings } @@ -444,12 +444,15 @@ class User(UserMixin): def get_name(self): return self._username + @property def is_active(self): return self._active + @property def is_user(self): return "user" in self._roles + @property def is_admin(self): return "admin" in self._roles @@ -496,7 +499,7 @@ class User(UserMixin): return True def __repr__(self): - return "User(id=%s,name=%s,active=%r,user=%r,admin=%r)" % (self.get_id(), self.get_name(), self.is_active(), self.is_user(), self.is_admin()) + return "User(id=%s,name=%s,active=%r,user=%r,admin=%r)" % (self.get_id(), self.get_name(), self.is_active, self.is_user, self.is_admin) class SessionUser(User): def __init__(self, user): @@ -526,7 +529,7 @@ class SessionUser(User): return self._session def __repr__(self): - return "SessionUser(id=%s,name=%s,active=%r,user=%r,admin=%r,session=%s,created=%s)" % (self.get_id(), self.get_name(), self.is_active(), self.is_user(), self.is_admin(), self._session, self._created) + return "SessionUser(id=%s,name=%s,active=%r,user=%r,admin=%r,session=%s,created=%s)" % (self.get_id(), self.get_name(), self.is_active, self.is_user, self.is_admin, self._session, self._created) ##~~ DummyUser object to use when accessControl is disabled