From c4cd558f48aacd6c34fbfbbd1d23acfe6a98e591 Mon Sep 17 00:00:00 2001
From: Megan Henning <meganhenning@flywheel.io>
Date: Wed, 5 Apr 2017 15:34:15 -0500
Subject: [PATCH] Use gravatar as default if exists
---
api/auth/authproviders.py | 11 +++++++++--
api/handlers/collectionshandler.py | 7 ++++---
api/handlers/containerhandler.py | 8 ++++----
api/handlers/grouphandler.py | 7 ++++---
4 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/api/auth/authproviders.py b/api/auth/authproviders.py
index 1f11a91b..e3fb5238 100644
--- a/api/auth/authproviders.py
+++ b/api/auth/authproviders.py
@@ -48,12 +48,19 @@ class AuthProvider(object):
raise APIUnknownUserException('User {} is disabled.'.format(uid))
def set_user_gravatar(self, uid, email):
+ """
+ Looks for user gravatar via email. If a gravatar is found, adds to avatar map.
+ If the user has not yet set an avatar (first time logging in), set the default
+ avatar to the gravatar image.
+ """
if email and uid:
gravatar = util.resolve_gravatar(email)
if gravatar is not None:
timestamp = datetime.datetime.utcnow()
# Update the user's gravatar if it has changed.
- config.db.users.update_one({'_id': uid, 'avatars.gravatar': {'$ne': gravatar}}, {'$set':{'avatars.gravatar': gravatar, 'modified': timestamp}})
+ config.db.users.update_one({'_id': uid, 'avatars.gravatar': {'$ne': gravatar}},{'$set':{'avatars.gravatar': gravatar,'modified': timestamp}})
+ # If the user has no avatar set, use gravar
+ config.db.users.update_one({'_id': uid, 'avatar': {'$exists': False}}, {'$set':{'avatar': gravatar, 'modified': timestamp}})
def set_refresh_token_if_exists(self, uid, refresh_token):
# Also check to make sure if refresh token is missing, that the user
@@ -163,8 +170,8 @@ class GoogleOAuthProvider(AuthProvider):
raise APIAuthProviderException('Auth provider did not provide user email')
self.ensure_user_exists(uid)
- self.set_user_avatar(uid, identity)
self.set_user_gravatar(uid, uid)
+ self.set_user_avatar(uid, identity)
return uid
diff --git a/api/handlers/collectionshandler.py b/api/handlers/collectionshandler.py
index 2cede707..8076348c 100644
--- a/api/handlers/collectionshandler.py
+++ b/api/handlers/collectionshandler.py
@@ -109,9 +109,10 @@ class CollectionsHandler(ContainerHandler):
permchecker = containerauth.list_permission_checker(self)
query = {}
results = permchecker(self.storage.exec_op)('GET', query=query, public=self.public_request, projection=projection)
- if results is None:
- self.abort(404, 'Element not found in collection {}'.format(self.storage.cont_name))
- self._filter_all_permissions(results, self.uid, self.user_site)
+ if not self.superuser_request and not self.is_true('join_avatars'):
+ self._filter_all_permissions(results, self.uid, self.user_site)
+ if self.is_true('join_avatars'):
+ results = ContainerHandler.join_user_info(results)
for result in results:
if self.is_true('stats'):
result = containerutil.get_stats(result, 'collections')
diff --git a/api/handlers/containerhandler.py b/api/handlers/containerhandler.py
index 8d8b9ee6..853c9665 100644
--- a/api/handlers/containerhandler.py
+++ b/api/handlers/containerhandler.py
@@ -190,7 +190,7 @@ class ContainerHandler(base.RequestHandler):
users = {user['_id']: user for user in users_list}
for r in results:
- permissions = r.get('permissions', [])
+ permissions = r.get('permissions') or r.get('roles', [])
for p in permissions:
user = users[p['_id']]
@@ -325,8 +325,8 @@ class ContainerHandler(base.RequestHandler):
results = permchecker(self.storage.exec_op)('GET', query=query, public=self.public_request, projection=projection)
if results is None:
self.abort(404, 'No elements found in container {}'.format(self.storage.cont_name))
- # return only permissions of the current user
- if not self.superuser_request and not self.is_true('avatars'):
+ # return only permissions of the current user unless superuser or getting avatars
+ if not self.superuser_request and not self.is_true('join_avatars'):
self._filter_all_permissions(results, self.uid, self.user_site)
# the "count" flag add a count for each container returned
if self.is_true('counts'):
@@ -345,7 +345,7 @@ class ContainerHandler(base.RequestHandler):
result = self.handle_origin(result)
modified_results.append(result)
- if self.is_true('avatars'):
+ if self.is_true('join_avatars'):
modified_results = self.join_user_info(modified_results)
return modified_results
diff --git a/api/handlers/grouphandler.py b/api/handlers/grouphandler.py
index 86f3627e..97dd2d6a 100644
--- a/api/handlers/grouphandler.py
+++ b/api/handlers/grouphandler.py
@@ -5,6 +5,7 @@ from .. import util
from .. import validators
from ..auth import groupauth
from ..dao import containerstorage
+from .containerhandler import ContainerHandler
class GroupHandler(base.RequestHandler):
@@ -41,10 +42,10 @@ class GroupHandler(base.RequestHandler):
projection = {'name': 1, 'created': 1, 'modified': 1, 'roles': [], 'tags': []}
permchecker = groupauth.list_permission_checker(self, uid)
results = permchecker(self.storage.exec_op)('GET', projection=projection)
- if results is None:
- self.abort(404, 'Not found')
- if not self.superuser_request:
+ if not self.superuser_request and not self.is_true('join_avatars'):
self._filter_roles(results, self.uid, self.user_site)
+ if self.is_true('join_avatars'):
+ results = ContainerHandler.join_user_info(results)
return results
def put(self, _id):
--
GitLab