digimint/taskflower
1
0
Fork 0
Code Issues 13 Pull requests Projects 1 Releases Packages Wiki Activity Actions

Fix #14

Browse source
This commit is contained in:
digimint 2025-11-21 16:35:38 -06:00
parent 991717687b
commit 0fa7cc3be2
Signed by: digimint
GPG key ID: 8DF1C6FD85ABF748
4 changed files with 6 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,4 +1,5 @@
.ruff-cache .ruff-cache
.ruff_cache
/.vscode /.vscode
__pycache__ __pycache__
/instance /instance

6
src/taskflower/auth/startup.py
View file

@ -22,7 +22,7 @@ def _ensure_at_least_one_admin(db: SQLAlchemy) -> Either[Exception, None]:
).filter( ).filter(
SignUpCode.grants_admin SignUpCode.grants_admin
).filter( ).filter(
SignUpCode.created_by == -1 SignUpCode.created_by == None # noqa: E711
).one_or_none() ).one_or_none()
except Exception as e: except Exception as e:
log.error(f'Error while querying the database for admin sign-up codes: {e}!') log.error(f'Error while querying the database for admin sign-up codes: {e}!')
@ -35,7 +35,7 @@ def _ensure_at_least_one_admin(db: SQLAlchemy) -> Either[Exception, None]:
).filter( ).filter(
SignUpCode.grants_admin SignUpCode.grants_admin
).filter( ).filter(
SignUpCode.created_by == -1 SignUpCode.created_by == None # noqa:E711
).delete() ).delete()
log.warning(f'Deleted {delete_count} admin sign-up keys.') log.warning(f'Deleted {delete_count} admin sign-up keys.')
return None return None
@ -66,7 +66,7 @@ def _ensure_at_least_one_admin(db: SQLAlchemy) -> Either[Exception, None]:
code=token_hex(16), # pyright:ignore[reportCallIssue] code=token_hex(16), # pyright:ignore[reportCallIssue]
created=now(), # pyright:ignore[reportCallIssue] created=now(), # pyright:ignore[reportCallIssue]
expires=now() + timedelta(hours=1), # pyright:ignore[reportCallIssue] expires=now() + timedelta(hours=1), # pyright:ignore[reportCallIssue]
created_by=-1, # pyright:ignore[reportCallIssue] created_by=None, # pyright:ignore[reportCallIssue]
grants_admin=True # pyright:ignore[reportCallIssue] grants_admin=True # pyright:ignore[reportCallIssue]
) )
db.session.add(code) db.session.add(code)

2
src/taskflower/db/model/codes.py
View file

@ -11,7 +11,7 @@ class SignUpCode(db.Model):
expires: Mapped[datetime] = mapped_column(DateTime(timezone=False)) expires: Mapped[datetime] = mapped_column(DateTime(timezone=False))
grants_admin: Mapped[bool] = mapped_column(Boolean, default=False) grants_admin: Mapped[bool] = mapped_column(Boolean, default=False)
created_by: Mapped[int] = mapped_column(Integer, ForeignKey('user.id', ondelete='CASCADE')) created_by: Mapped[int|None] = mapped_column(Integer, ForeignKey('user.id', ondelete='CASCADE'), nullable=True)
class NamespaceInviteCode(db.Model): class NamespaceInviteCode(db.Model):
id: Mapped[int] = mapped_column(Integer, primary_key=True) id: Mapped[int] = mapped_column(Integer, primary_key=True)

2
src/taskflower/form/user.py
View file

@ -68,7 +68,7 @@ def code_valid(_: Form, field: Field):
f_data: str|None = field.data # pyright:ignore[reportAny] f_data: str|None = field.data # pyright:ignore[reportAny]
def _check_user_perms(code: SignUpCode) -> Either[Exception, SignUpCode]: def _check_user_perms(code: SignUpCode) -> Either[Exception, SignUpCode]:
if code.created_by == -1: if code.created_by is None:
# codes created by the system have UID -1. Bypass checks on these codes. # codes created by the system have UID -1. Bypass checks on these codes.
return Right(code) return Right(code)