fix: use auth handler instead of deprecated auth functions

2024-08-03 14:13:16 -05:00 · 2024-08-03 14:13:16 -05:00 · 458c95696a
parent 08a89c490a
commit 458c95696a
1 changed files with 14 additions and 10 deletions
--- a/tailbone/views/users.py
+++ b/tailbone/views/users.py
@ -28,8 +28,6 @@ import sqlalchemy as sa
 from sqlalchemy import orm

 from rattail.db.model import User, UserEvent
-from rattail.db.auth import (administrator_role, guest_role,
-                             authenticated_role, set_user_password)

 import colander
 from deform import widget as dfwidget
@ -360,17 +358,19 @@ class UserView(PrincipalMasterView):
        return tokens

    def get_possible_roles(self):
-        model = self.model
+        app = self.get_rattail_app()
+        auth = app.get_auth_handler()
+        model = app.model

        # some roles should never have users "belong" to them
        excluded = [
-            guest_role(self.Session()).uuid,
-            authenticated_role(self.Session()).uuid,
+            auth.get_role_anonymous(self.Session()).uuid,
+            auth.get_role_authenticated(self.Session()).uuid,
        ]

        # only allow "root" user to change true admin role membership
        if not self.request.is_root:
-            excluded.append(administrator_role(self.Session()).uuid)
+            excluded.append(auth.get_role_administrator(self.Session()).uuid)

        # basic list, minus exclusions so far
        roles = self.Session.query(model.Role)\
@ -385,7 +385,9 @@ class UserView(PrincipalMasterView):
        return roles.order_by(model.Role.name)

    def objectify(self, form, data=None):
-        model = self.model
+        app = self.get_rattail_app()
+        auth = app.get_auth_handler()
+        model = app.model

        # create/update user as per normal
        if data is None:
@ -420,7 +422,7 @@ class UserView(PrincipalMasterView):

        # maybe set user password
        if 'set_password' in form and data['set_password']:
-            set_user_password(user, data['set_password'])
+            auth.set_user_password(user, data['set_password'])

        # update roles for user
        self.update_roles(user, data)
@ -433,10 +435,12 @@ class UserView(PrincipalMasterView):
        if 'roles' not in data:
            return

-        model = self.model
+        app = self.get_rattail_app()
+        auth = app.get_auth_handler()
+        model = app.model
        old_roles = set([r.uuid for r in user.roles])
        new_roles = data['roles']
-        admin = administrator_role(self.Session())
+        admin = auth.get_role_administrator(self.Session())

        # add any new roles for the user, taking care not to add the admin role
        # unless acting as root