Améliore script import users ScoDoc7

2021-09-25 22:42:44 +02:00 · 2021-09-25 22:42:44 +02:00 · fa5539fd75
parent ddf4bf788f
commit fa5539fd75
3 changed files with 32 additions and 4 deletions
--- a/app/auth/models.py
+++ b/app/auth/models.py
@ -25,7 +25,7 @@ from app.scodoc.sco_roles_default import SCO_ROLES_DEFAULTS
 import app.scodoc.sco_utils as scu
 from app.scodoc import sco_etud  # a deplacer dans scu

-VALID_LOGIN_EXP = re.compile(r"^[a-zA-Z0-9@\\\-_\\\.]+$")
+VALID_LOGIN_EXP = re.compile(r"^[a-zA-Z0-9@\\\-_\.]+$")


 class User(UserMixin, db.Model):
--- a/app/scodoc/sco_utils.py
+++ b/app/scodoc/sco_utils.py
@ -477,6 +477,22 @@ def suppress_accents(s):
    return s  # may be int


+class PurgeChars:
+    """delete all chars except those belonging to the specified string"""
+
+    def __init__(self, allowed_chars=""):
+        self.allowed_chars_set = {ord(c) for c in allowed_chars}
+
+    def __getitem__(self, x):
+        if x not in self.allowed_chars_set:
+            return None
+        raise LookupError()
+
+
+def purge_chars(s, allowed_chars=""):
+    return s.translate(PurgeChars(allowed_chars=allowed_chars))
+
+
 def sanitize_string(s):
    """s is an ordinary string, encoding given by SCO_ENCODING"
    suppress accents and chars interpreted in XML
@ -564,7 +580,9 @@ class ScoDocJSONEncoder(json.JSONEncoder):

 def sendJSON(data, attached=False):
    js = json.dumps(data, indent=1, cls=ScoDocJSONEncoder)
-    return send_file(js, filename="sco_data.json", mime=JSON_MIMETYPE, attached=attached)
+    return send_file(
+        js, filename="sco_data.json", mime=JSON_MIMETYPE, attached=attached
+    )


 def sendXML(data, tagname=None, force_outer_xml_tag=True, attached=False):
@ -581,7 +599,12 @@ def sendResult(data, name=None, format=None, force_outer_xml_tag=True, attached=
    if (format is None) or (format == "html"):
        return data
    elif format == "xml":  # name is outer tagname
-        return sendXML(data, tagname=name, force_outer_xml_tag=force_outer_xml_tag, attached=attached)
+        return sendXML(
+            data,
+            tagname=name,
+            force_outer_xml_tag=force_outer_xml_tag,
+            attached=attached,
+        )
    elif format == "json":
        return sendJSON(data, attached=attached)
    else:
--- a/tools/import_scodoc7_user_db.py
+++ b/tools/import_scodoc7_user_db.py
@ -27,6 +27,11 @@ def import_scodoc7_user_db(scodoc7_db="dbname=SCOUSERS"):
    cursor.execute("SELECT * FROM sco_users;")
    for u7 in cursor:
        user_name = scu.sanitize_string(u7["user_name"].strip())
+        # ensure that user_name will match VALID_LOGIN_EXP
+        user_name = scu.purge_chars(
+            user_name,
+            allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@\\-_.",
+        )
        if user_name != u7["user_name"]:
            msg = f"""Changing login '{u7["user_name"]}' to '{user_name}'"""
            current_app.logger.warning(msg)
@ -83,4 +88,4 @@ def import_scodoc7_user_db(scodoc7_db="dbname=SCOUSERS"):
            db.session.add(u)
            current_app.logger.info("imported user {}".format(u))
    db.session.commit()
-    return messages
+    return messages