1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
from fnmatch import fnmatch
from . import Backend
from accounts.models import Account
from accounts import AccountsFlask
from typing import Optional
def _match_filter(account: Account, filters: Optional[dict[str, str]],
wildcard: bool):
if filters is None:
return True
for key in filters:
if not hasattr(account, key):
return False
if wildcard:
if not fnmatch(getattr(account, key), filters[key]):
return False
else:
if getattr(account, key) != filters[key]:
return False
return True
class DummyBackend(Backend):
"""
This is a simple user backend that persists the users in a simple list.
The users are stored only in memory and during initialization two dummy
users (test and test2) are created.
"""
def __init__(self, app: AccountsFlask) -> None:
super(DummyBackend, self).__init__(app)
self._storage = {
"test": {
"uidNumber": 1,
"mail": "test@accounts.spline.de",
"password": "test"
},
"test2": {
"uidNumber": 2,
"mail": "test2@accounts.spline.de",
"password": "test2"
},
"admin": {
"uidNumber": 3,
"mail": "admin@accounts.spline.de",
"password": "admin"
},
}
self._next_uidNumber = 4
def _get_accounts(self):
accounts = []
for uid, attrs in self._storage.items():
accounts.append(
Account(
uid,
attrs["mail"],
uidNumber=attrs["uidNumber"]
)
)
return accounts
def auth(self, username: str, password: str):
"""
Tries to authenticate a user with a given password. If the
authentication is successful an Account object will be returned.
"""
acc = self.get_by_uid(username)
if not self._verify_password(acc, password):
raise self.InvalidPasswordError("Invalid password")
acc.password = password
return acc
def find(self, filters: Optional[dict[str, str]] = None,
wildcard=False) -> list[Account]:
"""
Find accounts by a given filter.
"""
return [acc for acc in self._get_accounts() if _match_filter(acc, filters, wildcard)]
def _store(self, account: Account) -> None:
self._storage[account.uid] = {
"uidNumber": account.uidNumber,
"mail": account.mail,
"password": account.password
}
def _verify_password(self, account: Account, password: Optional[str]):
return password == self._storage[account.uid]["password"]
def _alter_password(self, account: Account, password: Optional[str]):
self._storage[account.uid]["password"] = password
def update(self, account: Account, as_admin=False):
"""
Updates account information like passwords or email.
"""
stored_account: Account = self.get_by_uid(account.uid)
if not as_admin:
if not self._verify_password(stored_account, account.password):
raise self.InvalidPasswordError("Invalid password")
if account.new_password_root:
old, new = account.new_password_root
if self._verify_password(stored_account, old):
self._alter_password(stored_account, new)
def delete(self, account: Account, as_admin=False):
"""
Deletes an account permanently.
"""
stored_account: Account = self.get_by_uid(account.uid)
if not as_admin:
if stored_account.password != account.password:
raise self.InvalidPasswordError("Invalid password")
self._storage.pop(stored_account.uid)
def _get_next_uidNumber(self):
value = self._next_uidNumber
self._next_uidNumber += 1
return value
|
