fix: use auth handler instead of deprecated auth functions
This commit is contained in:
Lance Edgar
parent
08a89c490a
commit
458c95696a
|
|
@ -28,8 +28,6 @@ import sqlalchemy as sa
|
||||||
from sqlalchemy import orm
|
from sqlalchemy import orm
|
||||||
|
|
||||||
from rattail.db.model import User, UserEvent
|
from rattail.db.model import User, UserEvent
|
||||||
from rattail.db.auth import (administrator_role, guest_role,
|
|
||||||
authenticated_role, set_user_password)
|
|
||||||
|
|
||||||
import colander
|
import colander
|
||||||
from deform import widget as dfwidget
|
from deform import widget as dfwidget
|
||||||
|
|
@ -360,17 +358,19 @@ class UserView(PrincipalMasterView):
|
||||||
return tokens
|
return tokens
|
||||||
|
|
||||||
def get_possible_roles(self):
|
def get_possible_roles(self):
|
||||||
model = self.model
|
app = self.get_rattail_app()
|
||||||
|
auth = app.get_auth_handler()
|
||||||
|
model = app.model
|
||||||
|
|
||||||
# some roles should never have users "belong" to them
|
# some roles should never have users "belong" to them
|
||||||
excluded = [
|
excluded = [
|
||||||
guest_role(self.Session()).uuid,
|
auth.get_role_anonymous(self.Session()).uuid,
|
||||||
authenticated_role(self.Session()).uuid,
|
auth.get_role_authenticated(self.Session()).uuid,
|
||||||
]
|
]
|
||||||
|
|
||||||
# only allow "root" user to change true admin role membership
|
# only allow "root" user to change true admin role membership
|
||||||
if not self.request.is_root:
|
if not self.request.is_root:
|
||||||
excluded.append(administrator_role(self.Session()).uuid)
|
excluded.append(auth.get_role_administrator(self.Session()).uuid)
|
||||||
|
|
||||||
# basic list, minus exclusions so far
|
# basic list, minus exclusions so far
|
||||||
roles = self.Session.query(model.Role)\
|
roles = self.Session.query(model.Role)\
|
||||||
|
|
@ -385,7 +385,9 @@ class UserView(PrincipalMasterView):
|
||||||
return roles.order_by(model.Role.name)
|
return roles.order_by(model.Role.name)
|
||||||
|
|
||||||
def objectify(self, form, data=None):
|
def objectify(self, form, data=None):
|
||||||
model = self.model
|
app = self.get_rattail_app()
|
||||||
|
auth = app.get_auth_handler()
|
||||||
|
model = app.model
|
||||||
|
|
||||||
# create/update user as per normal
|
# create/update user as per normal
|
||||||
if data is None:
|
if data is None:
|
||||||
|
|
@ -420,7 +422,7 @@ class UserView(PrincipalMasterView):
|
||||||
|
|
||||||
# maybe set user password
|
# maybe set user password
|
||||||
if 'set_password' in form and data['set_password']:
|
if 'set_password' in form and data['set_password']:
|
||||||
set_user_password(user, data['set_password'])
|
auth.set_user_password(user, data['set_password'])
|
||||||
|
|
||||||
# update roles for user
|
# update roles for user
|
||||||
self.update_roles(user, data)
|
self.update_roles(user, data)
|
||||||
|
|
@ -433,10 +435,12 @@ class UserView(PrincipalMasterView):
|
||||||
if 'roles' not in data:
|
if 'roles' not in data:
|
||||||
return
|
return
|
||||||
|
|
||||||
model = self.model
|
app = self.get_rattail_app()
|
||||||
|
auth = app.get_auth_handler()
|
||||||
|
model = app.model
|
||||||
old_roles = set([r.uuid for r in user.roles])
|
old_roles = set([r.uuid for r in user.roles])
|
||||||
new_roles = data['roles']
|
new_roles = data['roles']
|
||||||
admin = administrator_role(self.Session())
|
admin = auth.get_role_administrator(self.Session())
|
||||||
|
|
||||||
# add any new roles for the user, taking care not to add the admin role
|
# add any new roles for the user, taking care not to add the admin role
|
||||||
# unless acting as root
|
# unless acting as root
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue