Merge pull request #256 from scitran/disable-user

Allow users to be marked as disabled

Merge pull request #256 from scitran/disable-user
87a11071 · Megan Henning · 5cb0a14e · 7c48df6c · 87a11071 · 87a11071
Commit 87a11071 authored 9 years ago by Megan Henning
--- a/api/auth/userauth.py
+++ b/api/auth/userauth.py
@@ -11,10 +11,12 @@ def default(handler, user=None):
            elif handler.superuser_request and not (method == 'DELETE' and _id == handler.uid):
                pass
            elif method == 'PUT' and handler.uid == _id:
-                if 'root' not in payload or payload['root'] == user['root']:
-                    pass
-                else:
+                if 'root' in payload and payload['root'] != user['root']:
                    handler.abort(400, 'user cannot alter own superuser privilege')
+                elif 'disabled' in payload and payload['disabled'] != user.get('disabled'):
+                    handler.abort(400, 'user cannot alter own disabled status')
+                else:
+                    pass
            elif method == 'POST' and not handler.superuser_request:
                handler.abort(403, 'only superuser are allowed to create users')
            elif method == 'POST' and handler.superuser_request:

--- a/api/base.py
+++ b/api/base.py
@@ -79,9 +79,11 @@ class RequestHandler(webapp2.RequestHandler):
        elif drone_request:
            self.superuser_request = True
        else:
-            user = config.db.users.find_one({'_id': self.uid}, ['root'])
+            user = config.db.users.find_one({'_id': self.uid}, ['root', 'disabled'])
            if not user:
                self.abort(402, 'user ' + self.uid + ' does not exist')
+            if user.get('disabled', False) is True:
+                self.abort(402, 'user account ' + self.uid + ' is disabled')
            if self.is_true('root'):
                if user.get('root'):
                    self.superuser_request = True

--- a/api/schemas/input/user.json
+++ b/api/schemas/input/user.json
@@ -34,6 +34,7 @@
                          "type": "string"
                        },
    "root":             { "type": "boolean"},
+    "disabled":         { "type": "boolean"},
    "preferences":      {
                          "title": "Preferences",
                          "type": "object"

--- a/api/schemas/mongo/user.json
+++ b/api/schemas/mongo/user.json
@@ -27,6 +27,7 @@
                          "type": "string"
                        },
    "root":             { "type": "boolean"},
+    "disabled":         { "type": "boolean"},
    "preferences":      {
                          "title": "Preferences",
                          "type": "object"