From 8e1b718060cd7e2d54c9adf0bd7e2a0130a9ae89 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Tue, 18 Apr 2017 15:54:48 +0530 Subject: [PATCH] Fix restrictions for unknown users --- src/calibre/srv/standalone.py | 4 +++- src/calibre/srv/tests/auth.py | 1 + src/calibre/srv/users.py | 1 - 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/calibre/srv/standalone.py b/src/calibre/srv/standalone.py index c5f56deabf..429b626314 100644 --- a/src/calibre/srv/standalone.py +++ b/src/calibre/srv/standalone.py @@ -184,7 +184,9 @@ def manage_users(path=None): m.set_readonly(username, not readonly) def change_restriction(username): - r = m.restrictions(username) or {} + r = m.restrictions(username) + if r is None: + raise SystemExit('The user {} does not exist'.format(username)) if r['allowed_library_names']: prints(_('{} is currently only allowed to access the libraries named: {}').format( username, ', '.join(r['allowed_library_names']))) diff --git a/src/calibre/srv/tests/auth.py b/src/calibre/srv/tests/auth.py index ba459513f9..8fde82c62b 100644 --- a/src/calibre/srv/tests/auth.py +++ b/src/calibre/srv/tests/auth.py @@ -153,6 +153,7 @@ class TestAuth(BaseTest): self.assertEqual(library_info('a')[0], {'l%d'%i:'l%d'%i for i in range(1, 4) if i == 3}) self.assertEqual(library_info('a')[1], 'l3') self.assertRaises(HTTPForbidden, get_library, 'a', 'l1') + self.assertRaises(HTTPForbidden, get_library, 'xxx') # }}} diff --git a/src/calibre/srv/users.py b/src/calibre/srv/users.py index b84c4f36f5..2c41f78624 100644 --- a/src/calibre/srv/users.py +++ b/src/calibre/srv/users.py @@ -197,7 +197,6 @@ class UserManager(object): with self.lock: r = self._restrictions.get(username) if r is None: - r = self._restrictions[username] = parse_restriction('{}') for restriction, in self.conn.cursor().execute( 'SELECT restriction FROM users WHERE name=?', (username,)): self._restrictions[username] = r = parse_restriction(restriction)