Skip to content
This repository has been archived by the owner on Jul 30, 2024. It is now read-only.

Make user data preparation more robust when dealing with roles #221

Closed
wants to merge 4 commits into from
Closed

Make user data preparation more robust when dealing with roles #221

wants to merge 4 commits into from

Conversation

synthsym
Copy link

@synthsym synthsym commented Feb 7, 2014

See issue #220

@coveralls
Copy link

Coverage Status

Coverage increased (+1.38%) when pulling b2078c4 on synthsym:single-roles into 0268a2d on mattupstate:develop.

@coveralls
Copy link

Coverage Status

Coverage decreased (-0.24%) when pulling 778e879 on synthsym:single-roles into 0268a2d on mattupstate:develop.

eriktaubeneck
eriktaubeneck reviewed Feb 7, 2014
View reviewed changes
flask_security/datastore.py
@@ -77,10 +77,15 @@ def _prepare_role_modify_args(self, user, role):
def _prepare_create_user_args(self, **kwargs):
kwargs.setdefault('active', True)
roles = kwargs.get('roles', [])
if not isinstance(roles, list):
# coerce single values to lists
roles = list(roles)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't doing this eliminate the need for the check of isinstance(roles, list) since list([1,2,3]) -> [1,2,3]?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i.e. chagne this to

def _prepare_create_user_args(self, **kwargs):
      kwargs.setdefault('active', True)
      roles = kwargs.get('roles', [])
      roles = list(roles)
...

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ooh clever, I will definitely integrate the change.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.04%) when pulling 778e879 on synthsym:single-roles into 0268a2d on mattupstate:develop.

eriktaubeneck
eriktaubeneck reviewed Feb 7, 2014
View reviewed changes
flask_security/datastore.py
if not isinstance(roles, list):
# coerce single values to lists
roles = list(roles)

for i, role in enumerate(roles):
rn = role.name if isinstance(role, self.role_model) else role
# see if the role exists
roles[i] = self.find_role(rn)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While we're at it, I don't see any reason why this shouldn't become:

for role in roles:
    rn = role.name if isinstance(role, self.role_model) else role
    roles.append(self.find_role(rn)

It's quite a bit more idiomatic.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The second line could also be updated to

rn = getattr(role, 'name', role)

but probably only because I don't really like the a if X else b syntax. Also the behavior is slightly different.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree, definitely more idomatic, a lot less roundabout

@coveralls
Copy link

Coverage Status

Coverage increased (+0.04%) when pulling 2fcdde1 on synthsym:single-roles into 0268a2d on mattupstate:develop.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.04%) when pulling 2fcdde1 on synthsym:single-roles into 0268a2d on mattupstate:develop.

eriktaubeneck
eriktaubeneck reviewed Feb 7, 2014
View reviewed changes
flask_security/datastore.py
rn = role.name if isinstance(role, self.role_model) else role
roles = list(kwargs.get('roles', []))

for role in enumerate(roles):
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for role in enumerate(roles): is going to make role the tuple (i,roles[i]) for each item in roles. Since we don't need i anymore, this can just be for role in roles:. Otherwise looks good.

@coveralls
Copy link

Coverage Status

Coverage increased (+0.29%) when pulling 16da3e7 on synthsym:single-roles into 0268a2d on mattupstate:develop.

galeo pushed a commit to galeo/flask-security-outdated that referenced this pull request Mar 4, 2020
@jwag956
Fix post-login redirect for already authenticated users. (pallets-eco…
a28e2f9 
…#222)

This was a regression when /login was changed from being decorated with @anonymous_user_required
to handling the already-authenticated case as part of the view.

That has been fixed. A subtle change in behavior is that it now uses
get_post_login_redirect() which will look for 'next' in the form or request params
and that will take precedence over POST_LOGIN_VIEW config setting. This actually makes
things more consistent, since it is EXACTLY the same now as the normal login process.

Add csrf errors to login_user.html - while this should never really occur in a real
application - it makes things much easier to debug.

Updated openapi.yaml.

closes: pallets-eco#221
closes: pallets-eco#172
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@synthsym @coveralls @eriktaubeneck @mattupstate