3
0
Fork 0

Compare commits

..

No commits in common. "3d9fbd598e9cfae092459559f6e0950b936b2420" and "ec75435704eee7343ef9b0874544559382a85d11" have entirely different histories.

8 changed files with 8 additions and 49 deletions

View file

@ -1002,7 +1002,7 @@ class Form:
# for now we explicitly translate here, ugh. also
# note this does not yet allow for null values.. :(
if isinstance(field.typ, colander.Boolean):
value = True if value == field.typ.true_val else False
value = True if field.typ.true_val else False
model_data[field.oid] = make_json_safe(value)

View file

@ -8,10 +8,10 @@
<div class="panel-block">
<div style="width: 100%;">
<b-field horizontal label="Distribution">
<span>${app.get_distribution() or f'?? - set config for `{app.appname}.app_dist`'}</span>
<span>${app.get_distribution(obj=app.get_web_handler()) or f'?? - set config for `{app.appname}.app_dist`'}</span>
</b-field>
<b-field horizontal label="Version">
<span>${app.get_version() or f'?? - set config for `{app.appname}.app_dist`'}</span>
<span>${app.get_version(obj=app.get_web_handler()) or f'?? - set config for `{app.appname}.app_dist`'}</span>
</b-field>
<b-field horizontal label="App Title">
<span>${app.get_title()}</span>

View file

@ -661,9 +661,7 @@
</a>
${h.end_form()}
% endif
% if request.is_root or not request.user.prevent_edit:
${h.link_to("Change Password", url('change_password'), class_='navbar-item')}
% endif
${h.link_to("Change Password", url('change_password'), class_='navbar-item')}
${h.link_to("Logout", url('logout'), class_='navbar-item')}
</div>
</div>

View file

@ -157,9 +157,6 @@ class AuthView(View):
if not self.request.user:
return self.redirect(self.request.route_url('home'))
if self.request.user.prevent_edit:
raise self.forbidden()
form = self.make_form(schema=self.change_password_make_schema(),
show_button_cancel=False,
show_button_reset=True)

View file

@ -29,8 +29,8 @@ Most apps should include this module::
That will in turn include the following modules:
* :mod:`wuttaweb.views.common`
* :mod:`wuttaweb.views.auth`
* :mod:`wuttaweb.views.common`
* :mod:`wuttaweb.views.settings`
* :mod:`wuttaweb.views.progress`
* :mod:`wuttaweb.views.people`
@ -43,8 +43,8 @@ That will in turn include the following modules:
def defaults(config, **kwargs):
mod = lambda spec: kwargs.get(spec, spec)
config.include(mod('wuttaweb.views.common'))
config.include(mod('wuttaweb.views.auth'))
config.include(mod('wuttaweb.views.common'))
config.include(mod('wuttaweb.views.settings'))
config.include(mod('wuttaweb.views.progress'))
config.include(mod('wuttaweb.views.people'))

View file

@ -95,15 +95,6 @@ class UserView(MasterView):
if not user.active:
return 'has-background-warning'
def is_editable(self, user):
""" """
# only root can edit certain users
if user.prevent_edit and not self.request.is_root:
return False
return True
def configure_form(self, f):
""" """
super().configure_form(f)

View file

@ -80,18 +80,11 @@ class TestAuthView(WebTestCase):
redirect = view.change_password()
self.assertIsInstance(redirect, HTTPFound)
# set initial password
# now "login" the user, and set initial password
self.request.user = barney
auth.set_user_password(barney, 'foo')
self.session.commit()
# forbidden if prevent_edit is set for user
self.request.user = barney
barney.prevent_edit = True
self.assertRaises(HTTPForbidden, view.change_password)
# okay let's test with edit allowed
barney.prevent_edit = False
# view should now return context w/ form
context = view.change_password()
self.assertIn('form', context)

View file

@ -42,26 +42,6 @@ class TestUserView(WebTestCase):
user.active = False
self.assertEqual(view.grid_row_class(user, data, 1), 'has-background-warning')
def test_is_editable(self):
model = self.app.model
view = self.make_view()
# active user is editable
user = model.User(username='barney', active=True)
self.assertTrue(view.is_editable(user))
# inactive also editable
user = model.User(username='barney', active=False)
self.assertTrue(view.is_editable(user))
# but not if prevent_edit flag is set
user = model.User(username='barney', prevent_edit=True)
self.assertFalse(view.is_editable(user))
# unless request user is root
self.request.is_root = True
self.assertTrue(view.is_editable(user))
def test_configure_form(self):
model = self.app.model
barney = model.User(username='barney')