This commit is contained in:
Emmanuel Viennet 2024-11-01 09:47:35 +01:00
parent 8d85edbf1f
commit 83a5855f3d

View File

@ -101,9 +101,9 @@ class User(UserMixin, ScoDocModel):
"identifiant emplois du temps (unicité non imposée)"
password_hash = db.Column(db.Text()) # les hashs modernes peuvent être très longs
password_scodoc7 = db.Column(db.String(42))
last_seen = db.Column(db.DateTime, default=datetime.utcnow)
date_modif_passwd = db.Column(db.DateTime, default=datetime.utcnow)
date_created = db.Column(db.DateTime, default=datetime.utcnow)
last_seen = db.Column(db.DateTime, default=datetime.now)
date_modif_passwd = db.Column(db.DateTime, default=datetime.now)
date_created = db.Column(db.DateTime, default=datetime.now)
date_expiration = db.Column(db.DateTime, default=None)
passwd_temp = db.Column(db.Boolean, default=False)
"""champ obsolete. Si connexion alors que passwd_temp est vrai,
@ -130,7 +130,7 @@ class User(UserMixin, ScoDocModel):
self.roles = []
self.user_roles = []
# check login:
if not "user_name" in kwargs:
if "user_name" not in kwargs:
raise ValueError("missing user_name argument")
if not is_valid_user_name(kwargs["user_name"]):
raise ValueError(f"invalid user_name: {kwargs['user_name']}")
@ -250,7 +250,7 @@ class User(UserMixin, ScoDocModel):
)
except jwt.exceptions.ExpiredSignatureError:
log("verify_reset_password_token: token expired")
except:
except: # pylint: disable=bare-except
return None
try:
user_id = token["reset_password"]
@ -347,31 +347,31 @@ class User(UserMixin, ScoDocModel):
return args_dict
def from_dict(self, data: dict, new_user=False):
def from_dict(self, args: dict, new_user=False):
"""Set users' attributes from given dict values.
- roles_string : roles, encoded like "Ens_RT, Secr_CJ"
- date_expiration is a dateime object.
Does not check permissions here.
"""
if new_user:
if "user_name" in data:
if "user_name" in args:
# never change name of existing users
# (see change_user_name method to do that)
if not is_valid_user_name(data["user_name"]):
raise ValueError(f"invalid user_name: {data['user_name']}")
self.user_name = data["user_name"]
if "password" in data:
self.set_password(data["password"])
if not is_valid_user_name(args["user_name"]):
raise ValueError(f"invalid user_name: {args['user_name']}")
self.user_name = args["user_name"]
if "password" in args:
self.set_password(args["password"])
# Roles: roles_string is "Ens_RT, Secr_RT, ..."
if "roles_string" in data:
if "roles_string" in args:
self.user_roles = []
for r_d in data["roles_string"].split(","):
for r_d in args["roles_string"].split(","):
if r_d:
role, dept = UserRole.role_dept_from_string(r_d)
self.add_role(role, dept)
super().from_dict(data, excluded={"user_name", "roles_string", "roles"})
super().from_dict(args, excluded={"user_name", "roles_string", "roles"})
if ScoDocSiteConfig.cas_uid_use_scodoc():
self.cas_id = self.user_name
@ -438,7 +438,10 @@ class User(UserMixin, ScoDocModel):
# les role liés à ce département, et les roles avec dept=None (super-admin)
roles_in_dept = (
UserRole.query.filter_by(user_id=self.id)
.filter((UserRole.dept == dept) | (UserRole.dept == None))
.filter(
(UserRole.dept == dept)
| (UserRole.dept == None) # pylint: disable=C0121
)
.all()
)
for user_role in roles_in_dept:
@ -616,10 +619,12 @@ class User(UserMixin, ScoDocModel):
class AnonymousUser(AnonymousUserMixin):
"Notre utilisateur anonyme"
def has_permission(self, perm, dept=None):
def has_permission(self, perm, dept=None): # pylint: disable=unused-argument
"always false, anonymous has no permission"
return False
def is_administrator(self):
"always false, anonymous is not admin"
return False