paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-03 21:43:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
38e97089fc549d7f89229fc725e4205cc1bcc0e9
zulip/zerver/lib/users.py
Umair Khan 1bbe84af49 user-groups: Add create API endpoint. 
Significantly modified by tabbott for better security structure.
2017-11-09 17:26:14 -08:00

64 lines
2.5 KiB
Python
Raw Blame History

from typing import List, Text
from django.utils.translation import ugettext as _
from zerver.lib.actions import do_change_full_name
from zerver.lib.request import JsonableError
from zerver.models import UserProfile, Service, Realm, \
get_user_profile_by_id
def check_full_name(full_name_raw):
# type: (Text) -> Text
full_name = full_name_raw.strip()
if len(full_name) > UserProfile.MAX_NAME_LENGTH:
raise JsonableError(_("Name too long!"))
if len(full_name) < UserProfile.MIN_NAME_LENGTH:
raise JsonableError(_("Name too short!"))
if list(set(full_name).intersection(UserProfile.NAME_INVALID_CHARS)):
raise JsonableError(_("Invalid characters in name!"))
return full_name
def check_short_name(short_name_raw):
# type: (Text) -> Text
short_name = short_name_raw.strip()
if len(short_name) == 0:
raise JsonableError(_("Bad name or username"))
return short_name
def check_change_full_name(user_profile, full_name_raw, acting_user):
# type: (UserProfile, Text, UserProfile) -> Text
"""Verifies that the user's proposed full name is valid. The caller
is responsible for checking check permissions. Returns the new
full name, which may differ from what was passed in (because this
function strips whitespace)."""
new_full_name = check_full_name(full_name_raw)
do_change_full_name(user_profile, new_full_name, acting_user)
return new_full_name
def check_valid_bot_type(bot_type):
# type: (int) -> None
if bot_type not in UserProfile.ALLOWED_BOT_TYPES:
raise JsonableError(_('Invalid bot type'))
def check_valid_interface_type(interface_type):
# type: (int) -> None
if interface_type not in Service.ALLOWED_INTERFACE_TYPES:
raise JsonableError(_('Invalid interface type'))
def user_ids_to_users(user_ids: List[int], realm: Realm) -> List[UserProfile]:
# TODO: Change this to do a single bulk query with
# generic_bulk_cached_fetch; it'll be faster.
#
# TODO: Consider adding a flag to control whether deactivated
# users should be included.
user_profiles = []
for user_id in user_ids:
try:
user_profile = get_user_profile_by_id(user_id)
except UserProfile.DoesNotExist:
raise JsonableError(_("Invalid user ID: %s" % (user_id,)))
if user_profile.realm != realm:
raise JsonableError(_("Invalid user ID: %s" % (user_id,)))
user_profiles.append(user_profile)
return user_profiles
Reference in New Issue View Git Blame Copy Permalink