Add reset-registration endpoint

1cc1c288 · Megan Henning · 59a018d3 · 1cc1c288 · 1cc1c288 · 1cc1c288
Commit 1cc1c288 authored 8 years ago by Megan Henning
--- a/api/api.py
+++ b/api/api.py
@@ -116,10 +116,11 @@ endpoints = [
            route('/self/avatar',          UserHandler, h='self_avatar',     m=['GET']),
            route('/self/key',             UserHandler, h='generate_api_key',m=['POST']),
-            route('/<_id:{uid}>',          UserHandler),
+            route('/<_id:{uid}>',                       UserHandler),
-            route('/<uid:{uid}>/groups',   GroupHandler,                h='get_all',          m=['GET']),
+            route('/<uid:{uid}>/groups',                GroupHandler,                h='get_all',               m=['GET']),
-            route('/<uid:{uid}>/avatar',   UserHandler,                 h='avatar',           m=['GET']),
+            route('/<uid:{uid}>/avatar',                UserHandler,                 h='avatar',                m=['GET']),
-            route('/<uid:{uid}>/<cont_name:{cname}>', ContainerHandler, h='get_all_for_user', m=['GET']),
+            route('/<uid:{uid}>/reset-registration',    UserHandler,                 h='reset_registration',    m=['POST']),
+            route('/<uid:{uid}>/<cont_name:{cname}>',   ContainerHandler, h='get_all_for_user', m=['GET']),
        ]),

--- a/api/auth/__init__.py
+++ b/api/auth/__init__.py
@@ -55,6 +55,18 @@ def require_login(handler_method):
        return handler_method(self, *args, **kwargs)
    return check_login
+def require_admin(handler_method):
+    """
+    A decorator to ensure the request is made as superuser.
+    Accepts drone and user requests.
+    """
+    def check_admin(self, *args, **kwargs):
+        if not self.user_is_admin:
+            raise APIPermissionException('Admin user required.')
+        return handler_method(self, *args, **kwargs)
+    return check_admin
 def require_superuser(handler_method):
    """
    A decorator to ensure the request is made as superuser.

--- a/api/handlers/userhandler.py
+++ b/api/handlers/userhandler.py
@@ -7,7 +7,7 @@ from ..web import base
 from .. import util
 from .. import config
 from .. import validators
-from ..auth import userauth
+from ..auth import userauth, require_admin
 from ..dao import containerstorage
 from ..dao import noop, APIStorageException
@@ -177,6 +177,21 @@ class UserHandler(base.RequestHandler):
        else:
            self.abort(500, 'New key for user {} not generated'.format(self.uid))
+    @require_admin
+    def reset_registration(self, uid):
+        new_registration_code = base64.urlsafe_b64encode(os.urandom(42))
+        update = {
+            'modified': datetime.datetime.utcnow(),
+            'wechat': {
+                'registration_code': new_registration_code
+            }
+        }
+        result = self.storage.exec_op('PUT', _id=uid, payload=update)
+        if result.modified_count == 1:
+            return {'registration_code': new_registration_code}
+        else:
+            self.abort(404, 'User {} not updated'.format(uid))
    def _get_user(self, _id):
        user = self.storage.get_container(_id)
        if user is not None:

--- a/api/web/base.py
+++ b/api/web/base.py
@@ -90,6 +90,8 @@ class RequestHandler(webapp2.RequestHandler):
                self.abort(402, 'user account ' + self.uid + ' is disabled')
            if user.get('root'):
                self.user_is_admin = True
+            else:
+                self.user_is_admin = False
            if self.is_true('root'):
                if user.get('root'):
                    self.superuser_request = True