Stage 2 pour le changement de config (#38)

app/models/users.py

@@ -109,7 +109,7 @@ class Member(User):
         self.name = name
         self.norm = unicode_names.normalize(name)
         self.email = email
-        if not app.config.USE_LDAP:
+        if not V5Config.USE_LDAP:
             self.set_password(password)
         # Workflow with LDAP enabled is User → Postgresql → LDAP → set password
         self.xp = 0
@@ -169,7 +169,7 @@ class Member(User):
         # Beware of LDAP injections
         if "email" in data:
             self.email = data["email"]
-            if app.config.USE_LDAP:
+            if V5Config.USE_LDAP:
                 ldap.set_email(self.norm, self.email)
         if "password" in data:
             self.set_password(data["password"])
@@ -209,7 +209,7 @@ class Member(User):
         Set the user's password. Check whether the request sender has the right
         to do this!
         """
-        if app.config.USE_LDAP:
+        if V5Config.USE_LDAP:
             ldap.set_password(self, password)
         else:
             self.password_hash = werkzeug.security.generate_password_hash(
@@ -217,7 +217,7 @@ class Member(User):
 
     def check_password(self, password):
         """Compares password against member hash."""
-        if app.config.USE_LDAP:
+        if V5Config.USE_LDAP:
             return ldap.check_password(self, password)
         else:
             return werkzeug.security.check_password_hash(self.password_hash,

app/routes/account/account.py

@@ -5,6 +5,7 @@ from app.forms.account import UpdateAccountForm, RegistrationForm, DeleteAccount
 from app.models.users import Member
 from app.utils.render import render
 import app.utils.ldap as ldap
+from config import V5Config
 
 
 @app.route('/account', methods=['GET', 'POST'])
@@ -62,7 +63,7 @@ def register():
         db.session.add(member)
         db.session.commit()
         # Workflow with LDAP is User → Postgresql → LDAP → Change password
-        if app.config.USE_LDAP:
+        if V5Config.USE_LDAP:
             ldap.add_member(member)
             ldap.set_password(member, form.password.data)
         flash('Inscription réussie', 'ok')

app/utils/ldap.py

@@ -1,13 +1,12 @@
 import ldap
-from app import app
 from ldap.modlist import addModlist, modifyModlist
-
+from config import V5Config
 
 def get_member(username):
     """ Get informations about member. Username must be normalized! """
     conn = ldap.initialize("ldap://localhost")
     # Search for user
-    r = conn.search_s(app.config.LDAP_ORGANIZATION, ldap.SCOPE_SUBTREE,
+    r = conn.search_s(V5Config.LDAP_ORGANIZATION, ldap.SCOPE_SUBTREE,
         f'(cn={username})')
     if len(r) > 0:
         return r[0]
@@ -35,9 +34,9 @@ def set_password(user, password):
     """ Set password for a user. """
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
-        app.config.LDAP_PASSWORD)
-    conn.passwd_s(f"cn={user.norm},{app.config.LDAP_ORGANIZATION}",
+    conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}',
+        V5Config.LDAP_PASSWORD)
+    conn.passwd_s(f"cn={user.norm},{V5Config.LDAP_ORGANIZATION}",
         None, password)
 
 
@@ -45,7 +44,7 @@ def check_password(user, password):
     """ Try to login a user through LDAP register. """
     conn = ldap.initialize("ldap://localhost")
     try:
-        conn.simple_bind_s(f"cn={user.norm},{app.config.LDAP_ORGANIZATION}",
+        conn.simple_bind_s(f"cn={user.norm},{V5Config.LDAP_ORGANIZATION}",
             password)
     except ldap.INVALID_CREDENTIALS:
         return False
@@ -59,10 +58,10 @@ def add_member(member):
         return
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
-        app.config.LDAP_PASSWORD)
+    conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}',
+        V5Config.LDAP_PASSWORD)
     # Create fields
-    dn = f'cn={member.norm},{app.config.LDAP_ORGANIZATION}'
+    dn = f'cn={member.norm},{V5Config.LDAP_ORGANIZATION}'
     modlist = addModlist({
         'objectClass': [bytes('inetOrgPerson', 'UTF8')],
         'cn': [bytes(member.norm, 'UTF8')],
@@ -80,9 +79,9 @@ def delete_member(member):
     """ Remove a member from LDAP register """
     conn = ldap.initialize("ldap://localhost")
     # Connect as root
-    conn.simple_bind_s(f'cn=ldap-root,{app.config.LDAP_ORGANIZATION}',
-        app.config.LDAP_PASSWORD)
+    conn.simple_bind_s(f'cn=ldap-root,{V5Config.LDAP_ORGANIZATION}',
+        V5Config.LDAP_PASSWORD)
     # Create fields
-    dn = f'cn={member.norm},{app.config.LDAP_ORGANIZATION}'
+    dn = f'cn={member.norm},{V5Config.LDAP_ORGANIZATION}'
     # Delete the user
     conn.delete_s(dn)

app/utils/validators.py

@@ -5,7 +5,6 @@ from app.utils.valid_name import valid_name
 from app.utils.unicode_names import normalize
 import app.utils.ldap as ldap
 from config import V5Config
-from app import app
 
 
 def name_valid(form, name):
@@ -45,7 +44,7 @@ def name_available(form, name):
         raise ValidationError("Ce nom d'utilisateur est indisponible.")
 
     # Double check with LDAP if needed
-    if app.config.USE_LDAP:
+    if V5Config.USE_LDAP:
         member = ldap.get_member(norm)
         if member is not None:
             raise ValidationError("Ce nom d'utilisateur est indisponible.")

config.py

@@ -2,7 +2,7 @@ import os
 import datetime
 from local_config import LocalConfig
 
-class Config(LocalConfig):
+class Config(object):
     SECRET_KEY = os.environ.get('SECRET_KEY') or LocalConfig.SECRET_KEY
     SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
         'postgresql+psycopg2://' + os.environ.get('USER') + ':@/' \
@@ -11,7 +11,7 @@ class Config(LocalConfig):
     UPLOAD_FOLDER = './app/static/avatars'
 
 
-class V5Config(object):
+class V5Config(LocalConfig):
     # Length allocated to privilege names (slugs)
     PRIVS_MAXLEN = 64
     # Forbidden user names