refactor set_email, set password into userAPI

tracim · Jul 24, 2018 · 765c3b3 · 765c3b3
1 parent 098e300
commit 765c3b3
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 17 deletions.
diff --git a/tracim/exceptions.py b/tracim/exceptions.py
@@ -171,3 +171,7 @@ class EmptyCommentContentNotAllowed(EmptyValueNotAllowed):
 
 class UserNotActive(TracimException):
     pass
+
+
+class NoUserSetted(TracimException):
+    pass
diff --git a/tracim/lib/core/user.py b/tracim/lib/core/user.py
@@ -10,6 +10,8 @@
 from tracim.models.auth import User
 from tracim.models.auth import Group
 from tracim.exceptions import WrongUserPassword
+from tracim.exceptions import NoUserSetted
+from tracim.exceptions import PasswordDoNotMatch
 from tracim.exceptions import UserDoesNotExist
 from tracim.exceptions import AuthenticationFailed
 from tracim.exceptions import NotificationNotSend
@@ -113,6 +115,72 @@ def authenticate_user(self, email: str, password: str) -> User:
             raise AuthenticationFailed('User "{}" authentication failed'.format(email)) from exc  # nopep8
 
     # Actions
+    def set_password(
+            self,
+            user: User,
+            loggedin_user_password: str,
+            new_password: str,
+            new_password2: str,
+            do_save: bool=True
+    ):
+        """
+        Set User password if loggedin user password is correct
+        and both new_password are the same.
+        :param user: User who need password changed
+        :param loggedin_user_password: cleartext password of logged user (not
+        same as user)
+        :param new_password: new password for user
+        :param new_password2: should be same as new_password
+        :param do_save: should we save new user password ?
+        :return:
+        """
+        if not self._user:
+            raise NoUserSetted('Current User should be set in UserApi to use this method')  # nopep8
+        if not self._user.validate_password(loggedin_user_password):  # nopep8
+            raise WrongUserPassword(
+                'Wrong password for authenticated user {}'. format(self._user.user_id)  # nopep8
+            )
+        if new_password != new_password2:
+            raise PasswordDoNotMatch('Passwords given are different')
+
+        self.update(
+            user=user,
+            password=new_password,
+            do_save=do_save,
+        )
+        if do_save:
+            # TODO - G.M - 2018-07-24 - Check why commit is needed here
+            transaction.commit()
+        return user
+
+    def set_email(
+            self,
+            user: User,
+            loggedin_user_password: str,
+            email: str,
+            do_save: bool = True
+    ):
+        """
+        Set email address of user if loggedin user password is correct
+        :param user: User who need email changed
+        :param loggedin_user_password: cleartext password of logged user (not
+        same as user)
+        :param email:
+        :param do_save:
+        :return:
+        """
+        if not self._user:
+            raise NoUserSetted('Current User should be set in UserApi to use this method')  # nopep8
+        if not self._user.validate_password(loggedin_user_password):  # nopep8
+            raise WrongUserPassword(
+                'Wrong password for authenticated user {}'. format(self._user.user_id)  # nopep8
+            )
+        self.update(
+            user=user,
+            email=email,
+            do_save=do_save,
+        )
+        return user
 
     def update(
             self,

diff --git a/tracim/views/core_api/user_controller.py b/tracim/views/core_api/user_controller.py
@@ -79,19 +79,16 @@ def set_user_email(self, context, request: TracimRequest, hapic_data=None):
         """
         Set user Email
         """
-        if not request.current_user.validate_password(hapic_data.body.loggedin_user_password):  # nopep8
-            raise WrongUserPassword(
-                'Wrong password for authenticated user {}'. format(request.current_user.user_id)  # nopep8
-            )
         app_config = request.registry.settings['CFG']
         uapi = UserApi(
             current_user=request.current_user,  # User
             session=request.dbsession,
             config=app_config,
         )
-        user = uapi.update(
+        user = uapi.set_email(
             request.candidate_user,
-            email=hapic_data.body.email,
+            hapic_data.body.loggedin_user_password,
+            hapic_data.body.email,
             do_save=True
         )
         return uapi.get_user_with_context(user)
@@ -107,26 +104,19 @@ def set_user_password(self, context, request: TracimRequest, hapic_data=None):
         """
         Set user password
         """
-        if not request.current_user.validate_password(hapic_data.body.loggedin_user_password):  # nopep8
-            raise WrongUserPassword(
-                'Wrong password for authenticated user {}'. format(request.current_user.user_id)  # nopep8
-            )
-        if hapic_data.body.new_password != hapic_data.body.new_password2:
-            raise PasswordDoNotMatch('Passwords given are different')
         app_config = request.registry.settings['CFG']
         uapi = UserApi(
             current_user=request.current_user,  # User
             session=request.dbsession,
             config=app_config,
         )
-        uapi.update(
+        uapi.set_password(
             request.candidate_user,
-            password=hapic_data.body.new_password,
+            hapic_data.body.loggedin_user_password,
+            hapic_data.body.new_password,
+            hapic_data.body.new_password2,
             do_save=True
         )
-        uapi.save(request.candidate_user)
-        # TODO - G.M - 2018-07-24 - Check why commit is needed here
-        transaction.commit()
         return
 
     @hapic.with_api_doc(tags=[USER_ENDPOINTS_TAG])