Use gravatar as default if exists

c4cd558f · Megan Henning · 0020bad2 · c4cd558f · c4cd558f · c4cd558f
Commit c4cd558f authored 7 years ago by Megan Henning
--- a/api/auth/authproviders.py
+++ b/api/auth/authproviders.py
@@ -48,12 +48,19 @@ class AuthProvider(object):
            raise APIUnknownUserException('User {} is disabled.'.format(uid))

    def set_user_gravatar(self, uid, email):
+        """
+        Looks for user gravatar via email. If a gravatar is found, adds to avatar map.
+        If the user has not yet set an avatar (first time logging in), set the default
+        avatar to the gravatar image.
+        """
        if email and uid:
            gravatar = util.resolve_gravatar(email)
            if gravatar is not None:
                timestamp = datetime.datetime.utcnow()
                # Update the user's gravatar if it has changed.
-                config.db.users.update_one({'_id': uid, 'avatars.gravatar': {'$ne': gravatar}}, {'$set':{'avatars.gravatar': gravatar, 'modified': timestamp}})
+                config.db.users.update_one({'_id': uid, 'avatars.gravatar': {'$ne': gravatar}},{'$set':{'avatars.gravatar': gravatar,'modified': timestamp}})
+                # If the user has no avatar set, use gravar
+                config.db.users.update_one({'_id': uid, 'avatar': {'$exists': False}}, {'$set':{'avatar': gravatar, 'modified': timestamp}})

    def set_refresh_token_if_exists(self, uid, refresh_token):
        # Also check to make sure if refresh token is missing, that the user
@@ -163,8 +170,8 @@ class GoogleOAuthProvider(AuthProvider):
            raise APIAuthProviderException('Auth provider did not provide user email')

        self.ensure_user_exists(uid)
-        self.set_user_avatar(uid, identity)
        self.set_user_gravatar(uid, uid)
+        self.set_user_avatar(uid, identity)

        return uid


--- a/api/handlers/collectionshandler.py
+++ b/api/handlers/collectionshandler.py
@@ -109,9 +109,10 @@ class CollectionsHandler(ContainerHandler):
            permchecker = containerauth.list_permission_checker(self)
        query = {}
        results = permchecker(self.storage.exec_op)('GET', query=query, public=self.public_request, projection=projection)
-        if results is None:
-            self.abort(404, 'Element not found in collection {}'.format(self.storage.cont_name))
-        self._filter_all_permissions(results, self.uid, self.user_site)
+        if not self.superuser_request and not self.is_true('join_avatars'):
+            self._filter_all_permissions(results, self.uid, self.user_site)
+        if self.is_true('join_avatars'):
+            results = ContainerHandler.join_user_info(results)
        for result in results:
            if self.is_true('stats'):
                result = containerutil.get_stats(result, 'collections')

--- a/api/handlers/containerhandler.py
+++ b/api/handlers/containerhandler.py
@@ -190,7 +190,7 @@ class ContainerHandler(base.RequestHandler):
        users = {user['_id']: user for user in users_list}

        for r in results:
-            permissions = r.get('permissions', [])
+            permissions = r.get('permissions') or r.get('roles', [])

            for p in permissions:
                user = users[p['_id']]
@@ -325,8 +325,8 @@ class ContainerHandler(base.RequestHandler):
        results = permchecker(self.storage.exec_op)('GET', query=query, public=self.public_request, projection=projection)
        if results is None:
            self.abort(404, 'No elements found in container {}'.format(self.storage.cont_name))
-        # return only permissions of the current user
-        if not self.superuser_request and not self.is_true('avatars'):
+        # return only permissions of the current user unless superuser or getting avatars
+        if not self.superuser_request and not self.is_true('join_avatars'):
            self._filter_all_permissions(results, self.uid, self.user_site)
        # the "count" flag add a count for each container returned
        if self.is_true('counts'):
@@ -345,7 +345,7 @@ class ContainerHandler(base.RequestHandler):
            result = self.handle_origin(result)
            modified_results.append(result)

-        if self.is_true('avatars'):
+        if self.is_true('join_avatars'):
            modified_results = self.join_user_info(modified_results)

        return modified_results

--- a/api/handlers/grouphandler.py
+++ b/api/handlers/grouphandler.py
@@ -5,6 +5,7 @@ from .. import util
 from .. import validators
 from ..auth import groupauth
 from ..dao import containerstorage
+from .containerhandler import ContainerHandler


 class GroupHandler(base.RequestHandler):
@@ -41,10 +42,10 @@ class GroupHandler(base.RequestHandler):
        projection = {'name': 1, 'created': 1, 'modified': 1, 'roles': [], 'tags': []}
        permchecker = groupauth.list_permission_checker(self, uid)
        results = permchecker(self.storage.exec_op)('GET', projection=projection)
-        if results is None:
-            self.abort(404, 'Not found')
-        if not self.superuser_request:
+        if not self.superuser_request and not self.is_true('join_avatars'):
            self._filter_roles(results, self.uid, self.user_site)
+        if self.is_true('join_avatars'):
+            results = ContainerHandler.join_user_info(results)
        return results

    def put(self, _id):