def test_not_create_db_for_user():
email = random_lower_string()
password = random_lower_string()
user = create_or_get_user(email, password) # noqa
db_id = get_database_id_for_user(email)
client = get_client()
assert db_id not in client
def test_add_role_to_db_admins():
client = get_client()
db = client.create_database(random_lower_string())
role = "test"
add_role_to_db_admins(role, db)
sd = db.get_security_document()
assert "members" not in sd
assert "admins" in sd
assert role in sd["admins"]["roles"]
def test_add_user_to_db_admins():
client = get_client()
db = client.create_database(random_lower_string())
email = random_lower_string()
password = random_lower_string()
user = create_or_get_user(email, password) # noqa
add_user_to_db_admins(email, db)
sd = db.get_security_document()
assert "admins" in sd
assert "members" not in sd
assert email in sd["admins"]["names"]
def test_create_db_for_user():
email = random_lower_string()
password = random_lower_string()
user = create_or_get_user(email, password) # noqa
db_id = get_database_id_for_user(email)
db = get_database_for_user(email)
sd = db.get_security_document()
client = get_client()
assert db_id in client.keys(remote=True)
assert "members" not in sd
assert "admins" not in sd
def route_users_post_open(username=None, password=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
client = get_client()
db_users = get_db_users(client)
user = get_user(username, db_users, client)
if user:
return abort(
400, f"The user with this username already exists in the system")
user = create_user_with_default_db(username, password, db_users, client)
return user
def get_user(username, db_users=None, client=None):
user_id = get_user_id(username)
try:
if client is None:
client = get_client()
# Force a possible session renew, as the driver doesn't
# renew a session when it gets 404 errors, while they
# could be an expired session and not that the user
# doesn't exist
client.session()
if not db_users:
db_users = get_db_users(client)
doc = db_users[user_id]
# doc.fetch()
return doc
except KeyError:
return None
def init_db():
# Secure main DB access by adding a single dummy user 'app'
client = get_client()
db_app = get_db_app(client)
add_user_to_db_admins("app", db_app)
add_user_to_db_members("app", db_app)
# Create first superuser
db_users = get_db_users(client)
create_or_get_user(
config.FIRST_SUPERUSER,
config.FIRST_SUPERUSER_PASSWORD,
is_superuser=True,
db_users=db_users,
client=client,
)
create_user_with_default_db(config.FIRST_SUPERUSER, config.FIRST_SUPERUSER_PASSWORD)
db_app.create_query_index(fields=["type", "username"])
db_users.create_query_index(fields=["type"])
enable_cors()
setup_cookie()
def get_database_for_user(username: str, client=None) -> CloudantDatabase:
if not client:
client = get_client()
return client.create_database(get_database_id_for_user(username))
def init():
# Check CouchDB is awake
client = get_client() # noqa
def init():
# Wait for CouchDB to be awake
client = get_client() # noqa
# Wait for API to be awake, run one simple tests to authenticate
test_get_access_token()