Mercurial > p > roundup > code
annotate tools/fixroles.py @ 5212:d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
This was an easy addon compared to the complexity of the CSRF nonce
support. It only works in chromium browsers (Chrome, Opera...) at
the moment. But there is recent activity on implementing it in
firefox. Who know when edge/ie will adopt it. So csrf nonce and
header analysis will be needed for a while.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 19:01:41 -0400 |
| parents | 52c8324d1539 |
| children |
| rev | line source |
|---|---|
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 import sys |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 from roundup import admin |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 class AdminTool(admin.AdminTool): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 def __init__(self): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 self.commands = admin.CommandDict() |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 for k in AdminTool.__dict__.keys(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 if k[:3] == 'do_': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
10 self.commands[k[3:]] = getattr(self, k) |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
11 self.help = {} |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
12 for k in AdminTool.__dict__.keys(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
13 if k[:5] == 'help_': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
14 self.help[k[5:]] = getattr(self, k) |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
15 self.instance_home = '' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
16 self.db = None |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
17 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
18 def do_fixroles(self, args): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
19 '''Usage: fixroles |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
20 Set the roles property for all users to reasonable defaults. |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
21 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
22 The admin user gets "Admin", the anonymous user gets "Anonymous" |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
23 and all other users get "User". |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
24 ''' |
| 2410 | 25 # get the user class |
| 26 cl = self.get_class('user') | |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
27 for userid in cl.list(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
28 username = cl.get(userid, 'username') |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
29 if username == 'admin': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
30 roles = 'Admin' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
31 elif username == 'anonymous': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
32 roles = 'Anonymous' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
33 else: |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
34 roles = 'User' |
| 2410 | 35 cl.set(userid, roles=roles) |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
36 return 0 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
37 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
38 if __name__ == '__main__': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
39 tool = AdminTool() |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
40 sys.exit(tool.main()) |