1
0
forked from ScoDoc/ScoDoc

Améliore script import users ScoDoc7

This commit is contained in:
Emmanuel Viennet 2021-09-25 22:42:44 +02:00
parent ddf4bf788f
commit fa5539fd75
3 changed files with 32 additions and 4 deletions

View File

@ -25,7 +25,7 @@ from app.scodoc.sco_roles_default import SCO_ROLES_DEFAULTS
import app.scodoc.sco_utils as scu
from app.scodoc import sco_etud # a deplacer dans scu
VALID_LOGIN_EXP = re.compile(r"^[a-zA-Z0-9@\\\-_\\\.]+$")
VALID_LOGIN_EXP = re.compile(r"^[a-zA-Z0-9@\\\-_\.]+$")
class User(UserMixin, db.Model):

View File

@ -477,6 +477,22 @@ def suppress_accents(s):
return s # may be int
class PurgeChars:
"""delete all chars except those belonging to the specified string"""
def __init__(self, allowed_chars=""):
self.allowed_chars_set = {ord(c) for c in allowed_chars}
def __getitem__(self, x):
if x not in self.allowed_chars_set:
return None
raise LookupError()
def purge_chars(s, allowed_chars=""):
return s.translate(PurgeChars(allowed_chars=allowed_chars))
def sanitize_string(s):
"""s is an ordinary string, encoding given by SCO_ENCODING"
suppress accents and chars interpreted in XML
@ -564,7 +580,9 @@ class ScoDocJSONEncoder(json.JSONEncoder):
def sendJSON(data, attached=False):
js = json.dumps(data, indent=1, cls=ScoDocJSONEncoder)
return send_file(js, filename="sco_data.json", mime=JSON_MIMETYPE, attached=attached)
return send_file(
js, filename="sco_data.json", mime=JSON_MIMETYPE, attached=attached
)
def sendXML(data, tagname=None, force_outer_xml_tag=True, attached=False):
@ -581,7 +599,12 @@ def sendResult(data, name=None, format=None, force_outer_xml_tag=True, attached=
if (format is None) or (format == "html"):
return data
elif format == "xml": # name is outer tagname
return sendXML(data, tagname=name, force_outer_xml_tag=force_outer_xml_tag, attached=attached)
return sendXML(
data,
tagname=name,
force_outer_xml_tag=force_outer_xml_tag,
attached=attached,
)
elif format == "json":
return sendJSON(data, attached=attached)
else:

View File

@ -27,6 +27,11 @@ def import_scodoc7_user_db(scodoc7_db="dbname=SCOUSERS"):
cursor.execute("SELECT * FROM sco_users;")
for u7 in cursor:
user_name = scu.sanitize_string(u7["user_name"].strip())
# ensure that user_name will match VALID_LOGIN_EXP
user_name = scu.purge_chars(
user_name,
allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@\\-_.",
)
if user_name != u7["user_name"]:
msg = f"""Changing login '{u7["user_name"]}' to '{user_name}'"""
current_app.logger.warning(msg)