/[glsr]/trunk/site/user.py
Gentoo

Contents of /trunk/site/user.py

Parent Directory Parent Directory | Revision Log Revision Log


Revision 152 - (show annotations) (download) (as text)
Mon Sep 26 07:35:06 2005 UTC (8 years, 11 months ago) by hadfield
File MIME type: text/x-python
File size: 7930 byte(s)
fixed a bug in the user update function.
1 # Copyright 2005 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 #
4
5 """The DB access module for the User table.
6
7 Implements all functions necessary for obtaining or setting any user database
8 attributes.
9 """
10
11 __revision__ = "$Id$"
12 __authors__ = ["Scott Hadfield <hadfield@gentoo.org>",
13 "Ian Leitch <port001@gentoo.org>"]
14 __modulename__ = "user"
15
16 import md5
17
18 from glsr.setup import config
19 from glsr.core.db.mysql import SQLdb
20
21 GUEST = 0
22 USER = 1
23 DEVELOPER = 2
24 ADMIN = 3
25
26 def md5_passwd(passwd):
27
28 md5_obj = md5.new()
29 md5_obj.update(passwd)
30
31 return md5_obj.hexdigest()
32
33 def create_user(username = "", email = "", passwd = "", fullname = "",
34 language = "", location = "", website = "", user_type = 0):
35 """Add a new user record to the database."""
36
37 SQLdb(config.db).query(
38 "INSERT INTO %(prefix)suser " % {'prefix': config.db['prefix']} +
39 "(user_alias, user_fullname, user_passwd, user_email, user_rank," +
40 " user_type, user_joined, user_language, user_location," +
41 " user_website) VALUES (%s, %s, %s, %s, 0, %s, NOW(), %s, %s, %s)",
42 (str(username), str(fullname), str(md5_passwd(passwd)), str(email),
43 str(user_type), str(language), str(location), str(website)),
44 fetch='none')
45
46 def list_all(columns = None, constraint = None):
47 """Return selected columns from all rows in the user table.
48
49 columns should be a list containing the desired columns.
50 The constraint variable is a dictionary of (column, value) pairs that
51 requires column == value in order for that row to be returned. Note that
52 multiple constraints are joined by AND, so the constraints are fairly
53 constrained ;).
54 """
55
56 # FIXME: Sanity checks on column names and contrainst keys.
57 # Without this we could have mysql injection attacks.
58
59 if columns is None:
60 return []
61 else:
62 columns = ", ".join(columns)
63
64 where_clause = ""
65 if constraint is not None:
66 where_clause = " AND ".join(["user_%s = %%s" % key
67 for key in constraint])
68 if where_clause != "":
69 where_clause = "WHERE " + where_clause
70 else:
71 constraint = {}
72
73 results = SQLdb(config.db).query(
74 "SELECT %(columns)s FROM %(prefix)suser %(where)s" %
75 {'columns': columns, 'prefix': config.db['prefix'],
76 'where': where_clause}, constraint.values(), fetch="all")
77
78 return results
79
80 def _get_uid_by_attr(attr, value):
81 """Return the uid described by the given attribute/value pair.
82
83 attr should be a valid field in the user table.
84 """
85
86 result = SQLdb(config.db).query(
87 "SELECT user_id FROM %(prefix)suser " %
88 {'prefix': config.db['prefix']} +
89 "WHERE %(attr)s = %%s" % {'attr': attr}, str(value), fetch = 'one')
90
91 if result != None:
92 return result['user_id']
93
94 return None
95
96 def get_uid_by_alias(alias):
97 """Return the uid described by the given alias."""
98 return _get_uid_by_attr("user_alias", str(alias))
99
100 def get_uid_by_sid(sid):
101 """Return the uid described by the given sid."""
102 return _get_uid_by_attr("user_sid", str(sid))
103
104 def get_uid_by_email(email):
105 """Return the uid described by the given email."""
106 return _get_uid_by_attr("user_email", str(email))
107
108 def uid_exists(uid):
109 """Verify the existance of the specified uid."""
110
111 result = SQLdb(config.db).query(
112 "SELECT user_id FROM %suser " % config.db["prefix"] +
113 "WHERE user_id = %s", uid, fetch = "one")
114
115 if result is None:
116 return False
117 return True
118
119 class User:
120 """Defines the get and set attributes for a User."""
121
122 def __init__(self, uid):
123
124 self._db = SQLdb(config.db)
125 self._uid = uid
126
127 def _get_attr(self, attr):
128 """Return the value of the specified attribute, or DB field."""
129
130 result = self._db.query(
131 "SELECT %(attr)s FROM %(prefix)suser " %
132 {'attr': attr, 'prefix': config.db['prefix']} +
133 "WHERE user_id = %s", str(self._uid), fetch='one')
134
135 if result != None:
136 return result[attr]
137
138 return None
139
140 def _set_attr(self, attr, value):
141 """Set attr to the specified value, where attr is a valid DB field."""
142
143 self._db.query(
144 "UPDATE %(prefix)suser " % {'prefix': config.db['prefix']} +
145 "SET %(attr)s = %%s WHERE user_id = %%s" % {'attr': attr},
146 (value, str(self._uid)), fetch='none')
147
148 def count_scripts(self):
149 """Returns the number of scripts this user has created."""
150
151 # TODO: Mabye this should only count finalized scripts?
152 results = self._db.query(
153 "SELECT COUNT(*) as count FROM %sscript " % config.db["prefix"] +
154 "WHERE script_submitter_id = %s" % self._uid,
155 fetch = "one")
156
157 return results["count"]
158
159 def get_alias(self):
160 """Return this user's alias."""
161 return self._get_attr("user_alias")
162
163 def get_email(self):
164 return self._get_attr("user_email")
165
166 def get_fullname(self):
167 return self._get_attr("user_fullname")
168
169 def get_joined(self):
170 return self._get_attr("user_joined")
171
172 def get_language(self):
173 return self._get_attr("user_language")
174
175 def get_last_ip(self):
176 """Return this user's last IP address."""
177 return self._get_attr("user_lastip")
178
179 def get_location(self):
180 return self._get_attr("user_location")
181
182 def get_passwd(self):
183 """Return this user's password."""
184 return self._get_attr("user_passwd")
185
186 def get_rank(self):
187 return self._get_attr("user_rank")
188
189 def get_session(self):
190 """Return this user's session ID."""
191 return self._get_attr("user_sid")
192
193 def get_type(self):
194 """Return the user's type"""
195 return self._get_attr("user_type")
196
197 def get_website(self):
198 return self._get_attr("user_website")
199
200 def remove_session(self):
201 """Remove the session associated with this user."""
202 self._db.query(
203 "UPDATE %(prefix)suser " % {'prefix': config.db['prefix']} +
204 "SET user_sid = NULL WHERE user_id = %s", str(self._uid),
205 fetch='none')
206
207 def set_session(self, sid):
208 """Set this user's session to the given session ID."""
209 return self._set_attr('user_sid', str(sid))
210
211 def set_last_ip(self, ip):
212 """Set this user's session to the given IP address."""
213 return self._set_attr('user_lastip', str(ip))
214
215 def type_name(self):
216
217 user_type = self.get_type()
218 if user_type == USER:
219 retval = "user"
220 elif user_type == DEVELOPER:
221 retval = "developer"
222 elif user_type == ADMIN:
223 retval = "admin"
224 else:
225 retval = "guest"
226
227 return retval
228
229 def update(self, email = "", passwd = None, fullname = "",
230 language = "", location = "", website = "", user_type = ""):
231
232 set_str = ("user_fullname = %s, user_email = %s, user_type = %s, " +
233 "user_language = %s, user_location = %s, user_website = %s")
234
235 if passwd is None or passwd == "":
236 self._db.query(
237 "UPDATE %(prefix)suser " % {'prefix': config.db['prefix']} +
238 "SET %s WHERE user_id = %%s" % set_str,
239 (fullname, email, user_type, language, location, website,
240 self._uid), fetch='none')
241
242 else:
243 self._db.query(
244 "UPDATE %(prefix)suser " % {'prefix': config.db['prefix']} +
245 "SET %s, user_passwd = %%s WHERE user_id = %%s" % set_str,
246 (fullname, email, user_type, language, location, website,
247 str(md5_passwd(passwd)), self._uid), fetch='none')
248
249

Properties

Name Value
svn:keywords Id

  ViewVC Help
Powered by ViewVC 1.1.20