def createsuperuser():
        team = Team()
        team.name = "CSGO_Admin"
        team.university = "UQUAM"
        team.token = "ADMINTOKEN"
        team.score = 0
        team.hidden = True
        team.save()

        univ_mail = "uqam.qc.ca"

        user = User()
        user.email = "player@" + univ_mail
        user.username = "******"
        user.first_name = "The"
        user.last_name = "Spear"
        user.is_staff = True
        user.is_superuser = True
        user.set_password("12qwaszx")
        user.save()

        player = Player()
        user.player = player
        player.last_name = "Spear"
        player.first_name = "The"
        player.display_name = "Klammydia"
        player.team = team

        player.save()
Beispiel #2
0
def register(request):

    form_data = request.POST.copy()
    
    form = RegistrationForm(form_data)
    errors = form.errors
    print request.POST
    print form.errors
    if errors:
        return render_to_response('login.html', {'form': form})

    # logout the existing user
    if (isinstance (request.user, AnonymousUser)):
        u = None
    else:
        u = request.user
        logout(request)

    email = request.POST['register_email']
    password = request.POST['register_password']

    try:
        u = User(username=email)
        u.set_password(password)
        u.email = email
        u.save()
    except:
        return render_to_response('login.html', {'form': form})
    response = render_to_response('login.html', {'registration_status': "Registered successfully! Now you can login with your credentials!" })
    return response
Beispiel #3
0
def initial_setup(request):
    if User.objects.all().exists():
        return redirect('/comic/')
    if request.POST:
        form = InitialSetupForm(request.POST)
        if form.is_valid():
            user = User(
                username=form.cleaned_data['username'],
                email=form.cleaned_data['email'],
                is_staff=True,
                is_superuser=True,
            )
            user.set_password(form.cleaned_data['password'])
            user.save()
            base_dir, _ = Setting.objects.get_or_create(name='BASE_DIR')
            base_dir.value = form.cleaned_data['base_dir']
            base_dir.save()
            user = authenticate(username=form.cleaned_data['username'],
                                password=form.cleaned_data['password'])
            login(request, user)
            return redirect('/comic/')
    else:
        form = InitialSetupForm()
    context = {
        'form': form,
        'title': 'CBWebReader - Setup',
        'error_message': form.errors,
    }
    return render(request, 'comic/settings_page.html', context)
Beispiel #4
0
    def setUp(self):
        user = User()
        user.is_superuser = 1
        user.username = '******'
        user.set_password('password2')
        user.email = '*****@*****.**'
        user.first_name = 'aa'
        user.is_active = 1
        user.save()
        self.user = user

        c = Client()
        self.c = c
        self.c.login( username='******', password='******')

        product = Products()
        product.name = '123123'
        product.price = 123
        product.price_type = 1
        product.total_price = 1*2
        product.order_time = datetime.datetime.strptime('2014-03-20','%Y-%m-%d')
        product.trip_start_time = datetime.datetime.strptime('2014-06-20','%Y-%m-%d')
        product.trip_end_time = datetime.datetime.strptime('2014-09-09','%Y-%m-%d')
        product.key_desc = '123'
        product.start_city = '123'
        product.end_city = '123'
        product.pics = ''
        product.trips = ''
        product.date_count = 4
        product.user = self.user
        product.save()

        self.product = product
Beispiel #5
0
def tester_registraion(request):
    if request.method == 'POST':
        form = TesterForm(request.POST)
        if form.is_valid():
            tester = Tester()
            user = User()
            user.username = user.email = form.cleaned_data['email']
            user.set_password(form.cleaned_data['password'])
            user.save()
            tester.user = user
            tester.surname = form.cleaned_data['last_name']
            tester.first_name = form.cleaned_data['first_name']
            tester.second_name = form.cleaned_data['second_name']
            tester.email = form.cleaned_data['email']
            tester.description = form.cleaned_data['description']
            tester.save()
            tester.osystems = form.cleaned_data['os']
            tester.program_languages = form.cleaned_data['program_languages']
            tester.testing_types = form.cleaned_data['testing_types']
            tester.browsers = form.cleaned_data['browsers']
            tester.save()
            return HttpResponseRedirect('/thanks')
    else:
        form = TesterForm()
    return render_to_response('tester_registraion.html',{'form': form})
def import_user(u):
    user_info = u["u"]
    up_info = u["up"]

    # HACK to handle dates
    user_info["last_login"] = dateutil.parser.parse(user_info["last_login"])
    user_info["date_joined"] = dateutil.parser.parse(user_info["date_joined"])

    user_keys = [
        "id",
        "username",
        "email",
        "password",
        "is_staff",
        "is_active",
        "is_superuser",
        "last_login",
        "date_joined",
        "password",
    ]
    up_keys = ["language", "location", "meta", "name", "id", "user_id"]

    u = User()
    for key in user_keys:
        u.__setattr__(key, user_info[key])
    u.save()

    up = UserProfile()
    up.user = u
    for key in up_keys:
        up.__setattr__(key, up_info[key])
    up.save()
Beispiel #7
0
def user_add_page(request):
    success_message = ''
    if request.POST:
        form = AddUserForm(request.POST)
        if form.is_valid():
            user = User(
                username=form.cleaned_data['username'],
                email=form.cleaned_data['email'],
            )
            user.set_password(form.cleaned_data['password'])
            user.save()
            UserMisc.objects.create(user=user)
            success_message = 'User {} created.'.format(user.username)

    else:
        form = AddUserForm()
    crumbs = [
        ('Users', '/comic/settings/users/'),
        ('Add', '/comic/settings/users/add/'),
    ]
    context = {
        'form': form,
        'menu': Menu(request.user, 'Users'),
        'breadcrumbs': generate_breadcrumbs_from_menu(crumbs),
        'error_message': form.errors,
        'success_message': success_message,
        'title': 'CBWebReader - Add User',
    }
    return render(request, 'comic/settings_page.html', context)
 def test_no_data_submission(self):
     """
     Form submission should add a submission with no data,
     which shouldn't generate any errors to the user.
     """
     user = User(
         username='******',
         email='*****@*****.**'
         )
     user.save()
     locker = Locker(
         form_url='http://equity.psu.edu/contact-form',
         form_identifier='contact-form',
         name='Contact Us',
         owner=user,
         create_timestamp='2015-01-14 15:00:00+05:00',
         archive_timestamp='2014-04-19 12:00:00+05:00',
         )
     response = self.client.post(
         reverse('datalocker:form_submission'),
         {
             'form-id': 'contact-form',
             'url': 'http://equity.psu.edu/contact-form',
             'owner': 'das66',
             'name': 'Contact Us',
         })
     self.assertEqual(response.status_code, 201)
     try:
         submission = Submission.objects.all()[0]
     except IndexError:
         self.assertTrue(False)
     else:
         self.assertDictEqual(submission.data_dict(), {})
Beispiel #9
0
def seed_users():
    for num in range(0, 10):
        username = fake.name()
        email = fake.free_email()
        new_user = User(username=username, email=email)
        new_user.set_password('password')
        new_user.save()
Beispiel #10
0
	def save(self):
		"Creates the User and Member records with the field data and returns the user"
		if not self.is_valid(): raise Exception('The form must be valid in order to save')
		user = User(username=self.cleaned_data['username'], first_name=self.cleaned_data['first_name'], last_name=self.cleaned_data['last_name'], email=self.cleaned_data['email'])
		user.save()
		member = user.get_profile()
		member.email2 = self.cleaned_data['email2']
		member.phone = self.cleaned_data['phone']
		member.phone = self.cleaned_data['phone2']
		member.address1 = self.cleaned_data['address1']
		member.address2 = self.cleaned_data['address2']
		member.city = self.cleaned_data['city']
		member.state = self.cleaned_data['state']
		member.zipcode = self.cleaned_data['zipcode']
		member.url_personal = self.cleaned_data['url_personal']
		member.url_professional = self.cleaned_data['url_professional']
		member.url_facebook = self.cleaned_data['url_facebook']
		member.url_twitter = self.cleaned_data['url_twitter']
		member.url_linkedin = self.cleaned_data['url_linkedin']
		member.url_biznik = self.cleaned_data['url_biznik']
		member.url_github = self.cleaned_data['url_github']
		member.url_aboutme = self.cleaned_data['url_aboutme']
		member.gender = self.cleaned_data['gender']
		member.howHeard = self.cleaned_data['howHeard']
		member.industry = self.cleaned_data['industry']
		member.neighborhood = self.cleaned_data['neighborhood']
		member.has_kids = self.cleaned_data['has_kids']
		member.self_emplyed = self.cleaned_data['self_employed']
		member.company_name = self.cleaned_data['company_name']
		member.notes = self.cleaned_data['notes']
		member.photo = self.cleaned_data['photo']
		member.save()
		return user
 def test_new_form_entry(self):
     """
     Form submission should create a new locker and save the submission.
     """
     user = User(
         username='******',
         email='*****@*****.**'
         )
     user.save()
     response = self.client.post(
         reverse('datalocker:form_submission'),
         {
             'form-id': 'contact-form',
             'url': 'http://equity.psu.edu/contact-form',
             'owner': 'das66',
             'name': 'Contact Us',
             'data': json.dumps({
                 'Your E-mail Address': '*****@*****.**',
                 'Subject': 'New Form Entry Test',
                 'Comments': 'Testing locker creation from initial form submission',
                 }),
         })
     self.assertEqual(response.status_code, 201)
     try:
         locker = Locker.objects.get(form_identifier='contact-form')
     except Locker.DoesNotExist:
         self.assertTrue(False)
     else:
         self.assertEqual(len(locker.submissions.all()), 1)
Beispiel #12
0
def user_signup(request):
	context = RequestContext(request)
	registered = False
	user = User(username = '')
	next_link = ""
	if request.GET:
		next_link = request.GET['next']	
	
	if request.method == 'POST':
		next_link = request.POST['signup_next']
		user.first_name = request.POST['user[full_name]']
		user.last_name = request.POST['user[sur_name]']
		user.username = request.POST['user[email]']
		user.email = request.POST['user[email]']
		user.password = request.POST['user[password]']
		user.set_password(user.password)
		user.save()
		patron = Patron(user = user)
		account = PatronAccount(balance = 0,  frozen = False, valid = True )
		account.save()
		patron.account = account
		patron.save()
		user = authenticate(username = request.POST['user[email]'], password = request.POST['user[password]'])
                if user is not None:
                        if user.is_active:
                                login(request, user)

		if next_link == "":
			return HttpResponseRedirect('/giftcards')
		else:
			return HttpResponseRedirect(next_link)
	
	else:
		return render_to_response('login.html', {'next':next_link}, context)		
	return 
Beispiel #13
0
    def test_get_quota(self):
        """
        Tests cluster.get_quota() method

        Verifies:
            * if no user is passed, return default quota values
            * if user has quota, return values from Quota
            * if user doesn't have quota, return default cluster values
        """
        default_quota = {'default': 1, 'ram': 1,
                         'virtual_cpus': None, 'disk': 3}
        user_quota = {'default': 0, 'ram': 4, 'virtual_cpus': 5, 'disk': None}

        cluster = Cluster(hostname='foo.fake.hostname')
        cluster.__dict__.update(default_quota)
        cluster.save()
        user = User(username='******')
        user.save()

        # default quota
        self.assertEqual(default_quota, cluster.get_quota())

        # user without quota, defaults to default
        self.assertEqual(default_quota, cluster.get_quota(user.get_profile()))

        # user with custom quota
        quota = Quota(cluster=cluster, user=user.get_profile())
        quota.__dict__.update(user_quota)
        quota.save()
        self.assertEqual(user_quota, cluster.get_quota(user.get_profile()))

        quota.delete()
        cluster.delete()
        user.delete()
    def get_or_create_user(self, username, passwd=None):
        import nis

        username = username.strip()

        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            try:
                first_name = username
                last_name = None

                email = u'%s@%s' % (username, settings.EMAIL_DOMAIN)

                user = User(username=username,
                            password='',
                            first_name=first_name,
                            last_name=last_name or '',
                            email=email)
                user.is_staff = True
                user.is_superuser = False
                user.set_unusable_password()
                user.save()
            except nis.error:
                pass
        return user
def web_register(request):
    """This view handles the register requests on the web client."""
    form_class = UserReg
    register_form = form_class(request.POST)
    
    if request.method == 'POST':
        if register_form.is_valid():
            new_user = User()
            username = register_form.cleaned_data['usermail']
            password = register_form.cleaned_data['password']
            name = register_form.cleaned_data['name']
            try:
                duplicate_check = User.objects.get(username = username)
                return render(request, 
                    'portal/welcome.html', {'error': 'Username already registered'})
            except User.DoesNotExist:
                new_user.username = username
                new_user.set_password(password)
                new_user.first_name = name
                new_user.save()
                new_owner = Owner(owner = new_user)
                new_owner.save()
                user = authenticate(username=username, password=password)
                login(request, user)
                return redirect('portal:home')
        else:
            return render(request, 'portal/welcome.html', {'error': 'Invalid register form'})
    else:
        return render(request, 'portal/forbidden.html', {})
Beispiel #16
0
def create_new_user_from_current_session(session):
    """
    This function creates a user from the session after shib validates
    """
    now = timezone.now()

    new_user = User(username=session.get(SESSION_VARS['gatorlink']),
                    email=session.get(SESSION_VARS['email']),
                    last_login=now,
                    last_name=session.get(SESSION_VARS['last_name']),
                    first_name=session.get(SESSION_VARS['first_name']))

    new_user.save()

    new_person = Person(user=new_user,
                        gatorlink=new_user.username,
                        first_name=new_user.first_name,
                        last_name=new_user.last_name,
                        email_address=new_user.email,
                        last_login_time=now,
                        account_expiration_time=utils.get_account_expiration_date(now))

    new_person.save(last_modified_by=new_user)

    return new_user
class MonitorUpdateTestCase(ResourceTestCase):
    def setUp(self):
        super(MonitorUpdateTestCase, self).setUp()
        self.user = User(username='******', password='******', email='*****@*****.**')
        self.user.save()
        fixture = AutoFixture(MonitorUpdate)
        fixture.create(10)

        try:
            self.api_key = ApiKey.objects.get(user=self.user)
        except ApiKey.DoesNotExist:
            self.api_key = ApiKey.objects.create(user=self.user)
        self.auth_string = '&username={0}&api_key={1}'.format(
            self.user.username, self.api_key.key)

    def tearDown(self):
        MonitorUpdate.objects.all().delete()

    def test_source_get(self):
        url = '/api/v1/monitorUpdate/1/?format=json{}'.format(self.auth_string)
        response = self.api_client.get(url)
        self.assertEqual(response.status_code, 200)
        unauth_url = '/api/v1/source/?format=json'
        response = self.api_client.get(unauth_url)
        self.assertEqual(response.status_code, 401)
Beispiel #18
0
def admin_reader_add(request):
    if request.method == 'POST':
        # Handle form submission.
        form = ReaderForm(request.POST) # Initialize form with data.
        if form.is_valid():
            
            # First create a new User object.
            user = User()
            # Process the data in form.cleaned_data
            user.email = form.cleaned_data['email']
            user.first_name = form.cleaned_data['first_name']
            user.last_name = form.cleaned_data['last_name']
            user.username = form.cleaned_data['username']
            user.password = make_password(form.cleaned_data['password'])
            user.save()
            # New create a reader object.
            reader = Reader()
            reader.user = user
            reader.address = form.cleaned_data['address']
            reader.phone_number = form.cleaned_data['phone_number']
            reader.save()
            
            return HttpResponseRedirect(reverse('admin_reader')) # Redirect after POST
    else:
        form = ReaderForm() # An unbound form

    return render(request, 'library/admin_reader_add.html', {
        'form': form,
    })
    def authenticate(self, access_token):
        '''authenticates the token by requesting user information from twitter
        '''
        twitter = oauthtwitter.OAuthApi(TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET, access_token)
        try:
            userinfo = twitter.GetUserInfo()
        except:
            # If we cannot get the user information, user cannot be authenticated
            raise

        screen_name = userinfo.screen_name
        
        try:
            user = User.objects.get(username = '******'%screen_name )
            return user
        except User.DoesNotExist:
            user = User(username = '******'%screen_name)
            temp_password = User.objects.make_random_password(length=12)
            user.set_password(temp_password)
            user.first_name = userinfo.name
            user.email = '%s@twitteruser.%s.com'%(userinfo.screen_name, settings.SITE_NAME)
            user.save()
            userprofile = TwitterUserProfile(user = user)
            userprofile.access_token = access_token.key
            userprofile.url = userinfo.url
            userprofile.location = userinfo.location
            userprofile.description = userinfo.description
            userprofile.profile_image_url = userinfo.profile_image_url
            userprofile.save()
            auth_meta = AuthMeta(user=user, provider='Twitter').save()
            return user
    def authenticate(self, linkedin_access_token, user=None):
        linkedin = LinkedIn(LINKEDIN_CONSUMER_KEY, LINKEDIN_CONSUMER_SECRET)
        # get their profile

        profile = ProfileApi(linkedin).getMyProfile(access_token=linkedin_access_token)

        try:
            user_profile = LinkedInUserProfile.objects.get(linkedin_uid=profile.id)
            user = user_profile.user
            return user
        except LinkedInUserProfile.DoesNotExist:
            # Create a new user
            username = "******" % profile.id

            if not user:
                user = User(username=username)
                user.first_name, user.last_name = (profile.firstname, profile.lastname)
                user.email = "%s@socialauth" % (username)
                user.save()

            userprofile = LinkedInUserProfile(user=user, linkedin_uid=profile.id)
            userprofile.save()

            auth_meta = AuthMeta(user=user, provider="LinkedIn").save()
            return user
Beispiel #21
0
    def test_object_tools(self):
        autodiscover()
        context = template.Context({
            'model': User,
            'request': RequestFactory().get('/'),
        })
        t = Template("{% load object_tools_inclusion_tags %}{% object_tools \
                model request.user %}")

        # Anon user should not have any tools.
        result = t.render(context)
        expected_result = '\n'
        self.failUnlessEqual(result, expected_result)

        # User without permissions should not have any tools.
        user = User()
        user.save()
        context['request'].user = user
        result = t.render(context)
        expected_result = '\n'
        self.failUnlessEqual(result, expected_result)

        # Superuser should have tools.
        user.is_superuser = True
        user.save()
        result = t.render(context)
        expected_result = u'\n    <li><a href="/object-tools/auth/user/\
test_tool/" title=""class="historylink">Test Tool</a></li>\n\n    \
<li><a href="/object-tools/auth/user/test_media_tool/" title=""\
class="historylink"></a></li>\n\n'
        self.failUnlessEqual(result, expected_result)
Beispiel #22
0
    def get_or_create_user(self, username, request, passwd=None):
        import nis

        username = username.strip()

        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            try:
                if not passwd:
                    passwd = nis.match(username, 'passwd').split(':')

                names = passwd[4].split(',')[0].split(' ', 1)
                first_name = names[0]
                last_name = None
                if len(names) > 1:
                    last_name = names[1]

                email = '%s@%s' % (username, settings.NIS_EMAIL_DOMAIN)

                user = User(username=username,
                            password='',
                            first_name=first_name,
                            last_name=last_name or '',
                            email=email)
                user.is_staff = False
                user.is_superuser = False
                user.set_unusable_password()
                user.save()
            except nis.error:
                pass
        return user
Beispiel #23
0
 def build_user(self, user_data):
     extra_data = user_data.pop('extra_data')
     cloud_id = extra_data['cloud_id']
     try:
         account = AldrynCloudUser.objects.get(cloud_id=cloud_id)
     except AldrynCloudUser.DoesNotExist:
         username = user_data.pop('username')
         email = user_data.pop('email')
         try:
             user = User.objects.get(username=username)
         except User.DoesNotExist:
             user = User(username=username, email=email)
             user.save()
         else:
             # User with this username already exists. Checking if the emails
             # matches, otherwise creating a new user.
             if user.email != email:
                 free_username = self._get_free_username(username)
                 user = User(username=free_username, email=email)
         account = AldrynCloudUser(cloud_id=cloud_id, user=user)
         account.save()
     else:
         user = account.user
     for key, value in user_data.items():
         setattr(user, key, value)
     user.set_unusable_password()
     user.save()
     return user
Beispiel #24
0
    def handle(self, *args, **options):
        reader = csv.DictReader(open(args[0], 'rb'), fields)
        
        csvfile = open('new_' + args[0], 'wb')
        writer = csv.writer(csvfile)

        for row in reader:
            for key in row:
                if isinstance(row[key], str):
                    row[key] = unicode(row[key], 'UTF-8').strip()
                if isinstance(row[key], basestring):
                    row[key] = row[key].strip()

            login = ''.join(random.choice(string.ascii_lowercase + string.digits) for x in range(6))
            password = ''.join(random.choice(string.ascii_lowercase + string.digits) for x in range(6))

            user = User(
                username=login,
                first_name=row['first_name'],
                last_name=row['last_name'],
                email=row['email']
            )
            user.set_password(password)
            user.save()

            new_row = [row['last_name'], row['first_name'], row['second_name'], row['email'], row['phone'], login, password]

            new_row = [s.encode('UTF-8') for s in new_row]

            writer.writerow(new_row)
            
        csvfile.close()
            
 def authenticate(self, **kwargs):
     result = None
     tenantKey = kwargs.get('tenant')
     userId = kwargs.get('userId')
     if tenantKey != None and userId != None:
         tenantPackages = get_subpackages(tenant)
         logger.warn(str(tenantPackages))
         if tenantKey in tenantPackages:
             result = self.get_user(userId)
             logger.warn(str(tenantKey))
             if result == None:
                 if 'emailAddress'in kwargs.keys():
                     # 'Long' call has been issued
                     userId = kwargs['userId']
                     emailAddress = kwargs['emailAddress']
                     firstname = kwargs['firstname']
                     lastname = kwargs['lastname']
                     role = kwargs['role']
                     raw_password = userId[::-1]
                     user = User(username=userId, email=emailAddress, first_name=firstname,
                                 last_name=lastname)
                     user.set_password(raw_password)
                     user.save()
                     result = user
     return result
     
     
Beispiel #26
0
    def testOverallRankWithPoints(self):
        """Check that calculating the rank is correct based on point value."""
        # Create a test user.
        user = User(username="******", password="******")
        user.save()
        user_points = 10
        user.get_profile().floor = self.test_floor

        # Test the floor is ranked last if they haven't done anything yet.
        floor_rank = (
            Floor.objects.annotate(
                floor_points=Sum("profile__points"), last_awarded_submission=Max("profile__last_awarded_submission")
            )
            .filter(floor_points__gt=self.test_floor.points)
            .count()
            + 1
        )
        self.assertEqual(self.test_floor.rank(), floor_rank, "Check the floor is ranked last.")

        user.get_profile().add_points(user_points, datetime.datetime.today())
        user.get_profile().save()

        self.assertEqual(self.test_floor.rank(), 1, "Check the floor is now ranked number 1.")

        # Create a test user on a different floor.
        test_floor2 = Floor(number="B", dorm=self.dorm)
        test_floor2.save()

        user2 = User(username="******", password="******")
        user2.save()
        user2.get_profile().floor = test_floor2
        user2.get_profile().add_points(user_points + 1, datetime.datetime.today())
        user2.get_profile().save()

        self.assertEqual(self.test_floor.rank(), 2, "Check that the floor is now ranked number 2.")
Beispiel #27
0
class LocationLocationTest(TestCase):
    def setUp(self):
        # create the objects needed
        self.client = Client()
        self.location = Location()

        self.user = User(username='******')
        self.user.set_password('google')
        self.user.is_active = True
        self.user.save()

    def tearDown(self):
        self.client = None
        self.location = None
        self.user = None

    def test_save(self):
        self.location.location_name = 'Unit Testing'
        self.location.description = 'Unit Testing'

        # required fields
        self.location.creator = self.user
        self.location.creator_username = self.user.username
        self.location.owner = self.user
        self.location.owner_username = self.user.username
        self.location.status = True
        self.location.status_detail = 'active'
        self.location.enclosure_length = 0
        self.location.timezone = 'America/Chicago'

        self.location.save()

        self.assertTrue(isinstance(self.location.id, int))
    def authenticate(request=None):
        _module_name, _function_name = settings.USER_DATA_FN.rsplit('.', 1)
        _module = __import__(_module_name, fromlist=[None])  # We need a non-empty fromlist
        USER_DATA_FN = getattr(_module, _function_name)

        if not request.is_secure():
            logger.debug("insecure request")
            return None
        authentication_status = request.META.get('HTTP_X_SSL_AUTHENTICATED',
                                                 None)
        if (authentication_status != "SUCCESS" or
                    'HTTP_X_SSL_USER_DN' not in request.META):
            logger.warn(
                "HTTP_X_SSL_AUTHENTICATED marked failed or "
                "HTTP_X_SSL_USER_DN "
                "header missing")
            return None
        dn = request.META.get('HTTP_X_SSL_USER_DN')
        user_data = USER_DATA_FN(dn)
        username = user_data['username']
        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            logger.info("user {0} not found".format(username))
            if settings.AUTOCREATE_VALID_SSL_USERS:
                user = User(**user_data)
                user.save()
            else:
                return None
        if not user.is_active:
            logger.warning("user {0} inactive".format(username))
            return None
        logger.info("user {0} authenticated using a certificate issued to "
                    "{1}".format(username, dn))
        return user
Beispiel #29
0
    def testOverallPoints(self):
        """Check that retrieving the points for the floor is correct."""
        # Create a test user.
        user = User(username="******", password="******")
        user.save()
        user_points = 10
        user.get_profile().floor = self.test_floor

        self.assertEqual(self.test_floor.points(), 0, "Check that the floor does not have any points yet.")

        user.get_profile().add_points(user_points, datetime.datetime.today())
        user.get_profile().save()

        self.assertEqual(
            self.test_floor.points(), user_points, "Check that the number of points are equal for one user."
        )

        # Create another test user and check again.
        user = User(username="******", password="******")
        user.save()
        user.get_profile().floor = self.test_floor
        user.get_profile().add_points(user_points, datetime.datetime.today())
        user.get_profile().save()

        self.assertEqual(
            self.test_floor.points(), 2 * user_points, "Check that the number of points are equal for two users."
        )
Beispiel #30
0
    def get_or_create_user(self, username, request, ad_user_data):
        username = re.sub(INVALID_USERNAME_CHAR_REGEX, '', username).lower()

        try:
            user = User.objects.get(username=username)
            return user
        except User.DoesNotExist:
            try:
                user_info = ad_user_data[0][1]

                first_name = user_info.get('givenName', [username])[0]
                last_name = user_info.get('sn', [""])[0]
                email = user_info.get(
                    'mail',
                    ['%s@%s' % (username, settings.AD_DOMAIN_NAME)])[0]

                user = User(username=username,
                            password='',
                            first_name=first_name,
                            last_name=last_name,
                            email=email)
                user.is_staff = False
                user.is_superuser = False
                user.set_unusable_password()
                user.save()
                return user
            except:
                return None
Beispiel #31
0
class ApiPaymentTestCase(TestCase):

    def setUp(self):
        self.client = APIClient()
        self.sender_user = User(id=101, username='******', password='******')
        self.sender_user.save()
        self.client.force_authenticate(user=self.sender_user)
        self.receiver_user = User(id=102, username='******', password='******')
        self.receiver_user.save()
        self.friend_of_receiver = User(username='******', password='******')
        self.friend_of_receiver.save()

    def test_payment_get(self):
        empty_response = self.client.get('/api/payments/')
        self.assertEqual(empty_response.status_code, 200)
        self.assertEqual(empty_response.data, [])

        payment1 = Payment(
            sender=self.sender_user, receiver=self.receiver_user, amount=10
        )
        payment1.save()
        payment2 = Payment(
            sender=self.receiver_user, receiver=self.sender_user, amount=50
        )
        payment2.save()
        payment3 = Payment(
            sender=self.receiver_user,
            receiver=self.friend_of_receiver,
            amount=50,
        )
        payment3.save()

        response = self.client.get('/api/payments/')
        self.assertEqual(len(response.data), 2)

        first_payment = response.data[0]
        self.assertEqual(first_payment['sender']['username'], 'admin')
        self.assertEqual(first_payment['receiver']['username'], 'oriol')
        self.assertEqual(first_payment['amount'], '10.00')

        second_payment = response.data[1]
        self.assertEqual(second_payment['sender']['username'], 'oriol')
        self.assertEqual(second_payment['receiver']['username'], 'admin')
        self.assertEqual(second_payment['amount'], '50.00')

    def test_payment_post(self):
        receiver_not_found_response = self.client.post(
            '/api/payments/',
            '{"amount": 1, "receiver": 123}',
            content_type='application/json',
        )
        self.assertEqual(
            receiver_not_found_response.status_code,
            status.HTTP_404_NOT_FOUND,
        )
        self.assertEqual(
            receiver_not_found_response.data,
            {'error': 'Receiver user not found'},
        )

        same_receiver_and_sender_response = self.client.post(
            '/api/payments/',
            '{"amount": 1, "receiver": 101}',
            content_type='application/json',
        )
        self.assertEqual(
            same_receiver_and_sender_response.status_code,
            status.HTTP_400_BAD_REQUEST,
        )
        self.assertEqual(
            same_receiver_and_sender_response.data,
            {'error': 'Receiver user is the same as sender'},
        )

        not_enough_money_response = self.client.post(
            '/api/payments/',
            '{"amount": 100.01, "receiver": 102}',
            content_type='application/json',
        )
        self.assertEqual(
            not_enough_money_response.status_code,
            status.HTTP_400_BAD_REQUEST,
        )
        self.assertEqual(
            not_enough_money_response.data,
            {'error': 'You don\'t have enough money'},
        )

        created_response = self.client.post(
            '/api/payments/',
            '{"amount": 100, "receiver": 102}',
            content_type='application/json',
        )
        self.assertEqual(created_response.status_code, status.HTTP_201_CREATED)
        self.assertEqual(created_response.data['sender'], 101)
        self.assertEqual(created_response.data['receiver'], 102)
        self.assertEqual(created_response.data['amount'], '100.00')

        self.sender_user.refresh_from_db()
        self.receiver_user.refresh_from_db()
        self.assertEqual(self.sender_user.account.balance, Money(0, 'EUR'))
        self.assertEqual(self.receiver_user.account.balance, Money(200, 'EUR'))
Beispiel #32
0
class TestGitBackend(TestCase):
    def setUp(self):
        git_repo = make_test_git()
        super().setUp()
        self.eric = User(username='******')
        self.eric.set_password('test')
        self.eric.save()
        self.project = Project.objects.create(
            name='Test Project',
            repo_type='git',
            #Our top-level checkout
            repo=git_repo,
        )
        self.project.users.add(self.eric)
        self.dummy_conf = Mock()
        # These are the default values from v1
        self.dummy_conf.submodules.include = ALL
        self.dummy_conf.submodules.exclude = []

    def test_git_lsremote(self):
        repo_path = self.project.repo
        default_branches = [
            # comes from ``make_test_git`` function
            'submodule',
            'invalidsubmodule',
        ]
        branches = [
            'develop',
            'master',
            '2.0.X',
            'release/2.0.0',
            'release/foo/bar',
        ]
        for branch in branches:
            create_git_branch(repo_path, branch)

        create_git_tag(repo_path, 'v01')
        create_git_tag(repo_path, 'v02', annotated=True)
        create_git_tag(repo_path, 'release-ünîø∂é')

        repo = self.project.vcs_repo()
        # create the working dir if it not exists. It's required to ``cwd`` to
        # execute the command
        repo.check_working_dir()
        repo_branches, repo_tags = repo.lsremote

        self.assertEqual(
            set(branches + default_branches),
            {branch.verbose_name
             for branch in repo_branches},
        )

        self.assertEqual(
            {'v01', 'v02', 'release-ünîø∂é'},
            {vcs.verbose_name
             for vcs in repo_tags},
        )

    @patch('readthedocs.projects.models.Project.checkout_path')
    def test_git_branches(self, checkout_path):
        repo_path = self.project.repo
        default_branches = [
            # comes from ``make_test_git`` function
            'submodule',
            'invalidsubmodule',
        ]
        branches = [
            'develop',
            'master',
            '2.0.X',
            'release/2.0.0',
            'release/foo/bar',
        ]
        for branch in branches:
            create_git_branch(repo_path, branch)

        # Create dir where to clone the repo
        local_repo = os.path.join(mkdtemp(), 'local')
        os.mkdir(local_repo)
        checkout_path.return_value = local_repo

        repo = self.project.vcs_repo()
        repo.clone()

        self.assertEqual(
            set(branches + default_branches),
            {branch.verbose_name
             for branch in repo.branches},
        )

    @patch('readthedocs.projects.models.Project.checkout_path')
    def test_git_branches_unicode(self, checkout_path):
        repo_path = self.project.repo
        default_branches = [
            # comes from ``make_test_git`` function
            'submodule',
            'invalidsubmodule',
        ]
        branches = [
            'master',
            'release-ünîø∂é',
        ]
        for branch in branches:
            create_git_branch(repo_path, branch)

        # Create dir where to clone the repo
        local_repo = os.path.join(mkdtemp(), 'local')
        os.mkdir(local_repo)
        checkout_path.return_value = local_repo

        repo = self.project.vcs_repo()
        repo.clone()

        self.assertEqual(
            set(branches + default_branches),
            {branch.verbose_name
             for branch in repo.branches},
        )

    def test_git_update_and_checkout(self):
        repo = self.project.vcs_repo()
        code, _, _ = repo.update()
        self.assertEqual(code, 0)
        code, _, _ = repo.checkout()
        self.assertEqual(code, 0)
        self.assertTrue(exists(repo.working_dir))

    @patch('readthedocs.vcs_support.backends.git.Backend.fetch')
    def test_git_update_with_external_version(self, fetch):
        version = fixture.get(Version,
                              project=self.project,
                              type=EXTERNAL,
                              active=True)
        repo = self.project.vcs_repo(verbose_name=version.verbose_name,
                                     version_type=version.type)
        repo.update()
        fetch.assert_called_once()

    def test_git_fetch_with_external_version(self):
        version = fixture.get(Version,
                              project=self.project,
                              type=EXTERNAL,
                              active=True)
        repo = self.project.vcs_repo(verbose_name=version.verbose_name,
                                     version_type=version.type)
        repo.update()
        code, _, _ = repo.fetch()
        self.assertEqual(code, 0)

    def test_git_checkout_invalid_revision(self):
        repo = self.project.vcs_repo()
        repo.update()
        version = 'invalid-revision'
        with self.assertRaises(RepositoryError) as e:
            repo.checkout(version)
        self.assertEqual(
            str(e.exception),
            RepositoryError.FAILED_TO_CHECKOUT.format(version),
        )

    def test_git_tags(self):
        repo_path = self.project.repo
        create_git_tag(repo_path, 'v01')
        create_git_tag(repo_path, 'v02', annotated=True)
        create_git_tag(repo_path, 'release-ünîø∂é')
        repo = self.project.vcs_repo()
        # We aren't cloning the repo,
        # so we need to hack the repo path
        repo.working_dir = repo_path
        self.assertEqual(
            {'v01', 'v02', 'release-ünîø∂é'},
            {vcs.verbose_name
             for vcs in repo.tags},
        )

    def test_check_for_submodules(self):
        repo = self.project.vcs_repo()

        repo.update()
        self.assertFalse(repo.are_submodules_available(self.dummy_conf))

        # The submodule branch contains one submodule
        repo.checkout('submodule')
        self.assertTrue(repo.are_submodules_available(self.dummy_conf))

    def test_skip_submodule_checkout(self):
        repo = self.project.vcs_repo()
        repo.update()
        repo.checkout('submodule')
        self.assertTrue(repo.are_submodules_available(self.dummy_conf))

    def test_use_shallow_clone(self):
        repo = self.project.vcs_repo()
        repo.update()
        repo.checkout('submodule')
        self.assertTrue(repo.use_shallow_clone())
        fixture.get(
            Feature,
            projects=[self.project],
            feature_id=Feature.DONT_SHALLOW_CLONE,
        )
        self.assertTrue(self.project.has_feature(Feature.DONT_SHALLOW_CLONE))
        self.assertFalse(repo.use_shallow_clone())

    def test_check_submodule_urls(self):
        repo = self.project.vcs_repo()
        repo.update()
        repo.checkout('submodule')
        valid, _ = repo.validate_submodules(self.dummy_conf)
        self.assertTrue(valid)

    def test_check_invalid_submodule_urls(self):
        repo = self.project.vcs_repo()
        repo.update()
        repo.checkout('invalidsubmodule')
        with self.assertRaises(RepositoryError) as e:
            repo.update_submodules(self.dummy_conf)
        # `invalid` is created in `make_test_git`
        # it's a url in ssh form.
        self.assertEqual(
            str(e.exception),
            RepositoryError.INVALID_SUBMODULES.format(['invalid']),
        )

    def test_invalid_submodule_is_ignored(self):
        repo = self.project.vcs_repo()
        repo.update()
        repo.checkout('submodule')
        gitmodules_path = os.path.join(repo.working_dir, '.gitmodules')

        with open(gitmodules_path, 'a') as f:
            content = textwrap.dedent("""
                [submodule "not-valid-path"]
                    path = not-valid-path
                    url = https://github.com/readthedocs/readthedocs.org
            """)
            f.write(content)

        valid, submodules = repo.validate_submodules(self.dummy_conf)
        self.assertTrue(valid)
        self.assertEqual(list(submodules), ['foobar'])

    @patch('readthedocs.projects.models.Project.checkout_path')
    def test_fetch_clean_tags_and_branches(self, checkout_path):
        upstream_repo = self.project.repo
        create_git_tag(upstream_repo, 'v01')
        create_git_tag(upstream_repo, 'v02')
        create_git_branch(upstream_repo, 'newbranch')

        local_repo = os.path.join(mkdtemp(), 'local')
        os.mkdir(local_repo)
        checkout_path.return_value = local_repo

        repo = self.project.vcs_repo()
        repo.clone()

        delete_git_tag(upstream_repo, 'v02')
        delete_git_branch(upstream_repo, 'newbranch')

        # We still have all branches and tags in the local repo
        self.assertEqual(
            {'v01', 'v02'},
            {vcs.verbose_name
             for vcs in repo.tags},
        )
        self.assertEqual(
            {
                'invalidsubmodule',
                'master',
                'submodule',
                'newbranch',
            },
            {vcs.verbose_name
             for vcs in repo.branches},
        )

        repo.update()

        # We don't have the eliminated branches and tags in the local repo
        self.assertEqual(
            {'v01'},
            {vcs.verbose_name
             for vcs in repo.tags},
        )
        self.assertEqual(
            {
                'invalidsubmodule',
                'master',
                'submodule',
            },
            {vcs.verbose_name
             for vcs in repo.branches},
        )
Beispiel #33
0
def start_project(name, USERLAND_HERE):
    """
    In which we perform the steps required to start a new Opal project.

    1. Run Django' Startproject
    2. Create a data/lookuplists dir
    3. Copy across the scaffolding directory
    4. Interpolate our project data into the templates.
    5. Swap our scaffold app with the Django created app
    6. Interpolate the code templates from our scaffold app
    7. Create extra directories we need
    8. Run Django's migrations
    9. Create a superuser
    10. Initialise our git repo
    """

    project_dir = USERLAND_HERE/name
    if project_dir:
        write("\n\nDirectory {0} already exists !".format(project_dir))
        write("Please remove it or choose a new name.\n\n")
        sys.exit(1)

    # 1. Run Django Startproject
    write("Creating project dir at {0}".format(project_dir))
    os.system('django-admin.py startproject {0}'.format(name))

    write("Bootstrapping your Opal project...")

    if not project_dir:
        project_dir.mkdir()

    # Copy across the scaffold
    with SCAFFOLD:
        for p in SCAFFOLD.ls():
            target = project_dir/p[-1]
            p.cp(target)

    # Dotfiles need their dot back
    gitignore = project_dir/'gitignore'
    gitignore.mv(project_dir/'.gitignore')

    # Interpolate the project data
    interpolate_dir(project_dir, name=name, secret_key=get_random_secret_key(),
                    version=opal.__version__)

    app_dir = project_dir/name

    # Django Startproject creates some things - let's kill them &
    # replace with our own things.
    nix.rm(app_dir, recursive=True, force=True)
    nix.mv(project_dir/'app', app_dir)

    #  Create extra directories we need
    js = app_dir/'static/js/{0}'.format(name)
    css = app_dir/'static/css'
    js.mkdir()
    css.mkdir()
    nix.mv(app_dir/'static/js/app/routes.js',
           app_dir/'static/js/{0}/routes.js'.format(name))
    nix.mv(app_dir/'static/js/app/flow.js',
           app_dir/'static/js/{0}/flow.js'.format(name))

    templates = app_dir/'templates'/name
    templates.mkdir()

    assets = app_dir/'assets'
    assets.mkdir()
    assets_explainer = assets/'README.md'
    assets_explainer << """
    This placeholder file is here to ensure that there we still have our
    STATICFILES_DIRS target if we commit generated code to source control.

    This means that we can run collectstatic OK.
    """

    # Create lookup lists
    create_lookuplists(app_dir)

    # We have this here because it uses name from above.
    def manage(command):
        args = ['python', '{0}/manage.py'.format(name)]
        args += command.split()
        args.append('--traceback')

        try:
            subprocess.check_call(args)
        except subprocess.CalledProcessError:
            sys.exit(1)
        return

    # 8. Run Django's migrations
    write('Creating Database')
    manage('makemigrations {0}'.format(name))
    manage('migrate')

    # 9. Create a superuser
    sys.path.append(os.path.join(os.path.abspath('.'), name))
    _set_settings_module(name)

    from django.contrib.auth.models import User
    user = User(username='******')
    user.set_password('super1')
    user.is_superuser = True
    user.is_staff = True
    user.save()
    from opal.models import UserProfile
    profile, _ = UserProfile.objects.get_or_create(user=user)
    profile.force_password_change = False
    profile.save()

    # 11. Initialise git repo
    os.system('cd {0}; git init'.format(name))
Beispiel #34
0
class AppTestCase(TestCase):
    def setUp(self):
        """init users, book and product"""
        self.clientUser = User()
        self.clientUser.username = '******'
        self.clientUser.email = '*****@*****.**'
        self.clientUser.password = '******'
        self.clientUser.save()
        self.infoUser = InfoUser()
        self.infoUser.number = 3
        self.infoUser.street = "la campagne"
        self.infoUser.country = "Lamballe"
        self.infoUser.postalCode = "22400"
        self.infoUser.telephone = 43344543
        self.infoUser.information = "belle femme"
        self.infoUser.idUser = self.clientUser
        self.infoUser.save()
        self.farmer = User.objects.create_user(username='******',
                                               email='*****@*****.**',
                                               password='******',
                                               is_staff=True)
        self.infoFarmer = InfoUser()
        self.infoFarmer.number = 1
        self.infoFarmer.street = "de la campagne"
        self.infoFarmer.country = "Lamballe"
        self.infoFarmer.postalCode = 22400
        self.infoFarmer.telephone = 675454323
        self.infoFarmer.information = "Mieux que seguin"
        self.infoFarmer.idUser = self.farmer
        self.infoFarmer.save()
        self.product = Product()
        self.product.name = "cidre de bretagne"
        self.product.category = "Boisson"
        self.product.price = 1.00
        self.product.picture = 'media/pic/cidre.jpeg'
        self.product.information = "Bon produit"
        self.product.idSeller = self.farmer
        self.product.save()
        self.book = Bascket()
        self.book.cmdNumber = 6
        self.book.quantity = 3
        self.book.idClient = self.infoUser
        self.book.idSeller = self.farmer
        self.book.idProduct = self.product
        self.book.save()

    def test_index_page(self):
        """Test the main page"""
        factory = RequestFactory()
        req = factory.get(r'^$')
        req.user = self.clientUser
        response = index(req)
        self.assertEqual(response.status_code, 200)

    def test_register_page(self):
        """Test the register page """
        response = self.client.get(reverse('store:register'))
        self.assertEqual(response.status_code, 200)
        dataRegister = {
            'name': u'tester',
            'email': u'*****@*****.**',
            'passwd': u'test',
            'confPasswd': u'test',
            'number': 3,
            'street': u'du test',
            'country': u'testland',
            'postalCode': 22345,
            'telephone': 339876545,
            'information': u'oui'
        }
        responsePost = self.client.post(reverse('store:register'),
                                        data=dataRegister)
        self.assertEqual(responsePost.status_code, 200)

    def test_connection_page(self):
        """Test page connect user"""
        response = self.client.get(reverse('store:conUser'))
        self.assertEqual(response.status_code, 200)
        dataConnection = {'name': u'tester', 'passwd': u'test'}
        responsePost = self.client.post(reverse('store:conUser'),
                                        data=dataConnection)
        self.assertEqual(responsePost.status_code, 200)

    def test_register_user(self):
        """Test put user in database"""
        bot = User.objects.get_by_natural_key(username='******')
        self.assertIsNotNone(bot)
        self.assertEqual(bot.id, self.infoUser.idUser.id)
        self.assertEqual(bot.is_staff, False)
        """test my place page"""
        response = self.client.get(reverse('store:myPlace'))
        self.assertEqual(response.status_code, 302)

    def test_register_farmer(self):
        """test farmer object"""
        self.assertIsNotNone(self.farmer)
        self.assertEqual(self.farmer.is_staff, True)
        self.assertEqual(self.infoFarmer.postalCode, 22400)
        self.assertEqual(self.infoFarmer.idUser.id, self.farmer.id)
        userauth = authenticate(username='******', password='******')
        self.assertIsNotNone(userauth)
        response = self.client.get(reverse('store:myPlace'))
        self.assertEqual(response.status_code, 302)

    def test_add_product_case(self):
        """test addProduct page"""
        response = self.client.get(reverse('store:addProduct'))
        self.assertEqual(response.status_code, 200)
        """test product exist"""
        self.assertIsNotNone(self.product)
        """Add a product"""
        dataProduct = {
            'name': u'cidre',
            'category': u'Boisson',
            'picture': u'other.png',
            'price': 0.50,
            'information': u'oui'
        }
        responsePost = self.client.post(reverse('store:addProduct'),
                                        data=dataProduct)
        self.assertEqual(responsePost.status_code, 200)

    def display_all_product(self):
        """test if all products can be display"""
        response = self.client.get(reverse('store:allProducts'))
        print(response.status_code)
        self.assertTemplateUsed(response, 'store/display_product_farmer.html')

    def test_display_prds_farmer(self):
        """test if products farmer can be display"""
        factory = RequestFactory()
        req = factory.get(r'diplay_product_farmer/$')
        req.user = self.farmer
        response = display_my_product(req)
        self.assertEqual(response.status_code, 200)

    def test_detail_product(self):
        """test display detail product"""
        factory = RequestFactory()
        req = factory.get('^(?P<product_id>[0-9]+)/$')
        req.user = self.clientUser
        response = detail(req, self.product.id)
        self.assertEqual(response.status_code, 200)

    def test_modif_product(self):
        """test change product information"""
        responseGet = self.client.get(
            reverse('store:infoProduct', args=[
                self.product.id,
            ]))
        self.assertEqual(responseGet.status_code, 200)
        factory = RequestFactory()
        dataModifPrd = {
            'name': u'salade',
            'category': u'Fruit/Légume',
            'picture': u'salade.png',
            'price': 0.50,
            'information': u'oui'
        }
        req = factory.post(r'modif_product/(?P<prdId>[0-9]+)/$',
                           data=dataModifPrd)
        req.user = self.farmer
        req.method = 'POST'
        response = modif_product_info(req, self.product.id)
        self.assertEqual(response.status_code, 302)

    def test_search_product(self):
        """test if you can search a product"""
        factory = RequestFactory()
        req = factory.post(r'^search_product/$', data={'query': u'salade'})
        req.user = self.clientUser
        req.method = 'POST'
        response = search_product(req)
        self.assertEqual(response.status_code, 200)

    def test_add_product_to_book(self):
        """book product"""
        factory = RequestFactory()
        quantity = {'quantity': 5}
        req = factory.post(r'^book/(?P<prd_id>[0-9]+)/', data=quantity)
        req.user = self.clientUser
        req.method = "POST"
        response = book_product(req, self.product.id)
        self.assertEqual(response.status_code, 200)

    def test_manage_book(self):
        """test if farmer can connect to manage book"""
        factory = RequestFactory()
        req = factory.get(r'^my_book/$')
        req.user = self.farmer
        response = manage_book(req)
        self.assertEqual(response.status_code, 200)

    def test_book_detail(self):
        """test if farmer can connect to book detail"""
        factory = RequestFactory()
        req = factory.get(
            r'^detail_book/(?P<idProduct>[0-9]+)/(?P<idBook>[0-9]+)$')
        req.user = self.farmer
        response = book_detail(req, self.product.id, self.book.id)
        self.assertEqual(response.status_code, 200)

    def test_change_status_book(self):
        """test if farmer can change status book"""
        factory = RequestFactory()
        dataStatus = {'status': u'2'}
        req = factory.post(r'^change_status/(?P<bookId>[0-9]+)/',
                           data=dataStatus)
        req.method = "POST"
        response = change_book_status(req, self.book.id)
        self.assertEqual(response.status_code, 302)

    def test_change_info_user(self):
        factory = RequestFactory()
        req = factory.get(r'^modif_info/$')
        req.user = self.clientUser
        response = change_info(req)
        self.assertEqual(response.status_code, 200)
        dataChangeInfo = {
            'name': u'le bon',
            'email': u'*****@*****.**',
            'passwd': u'test',
            'confPasswd': u'test',
            'number': 3,
            'street': u'du test',
            'country': u'testland',
            'postalCode': 22345,
            'telephone': 339876545,
            'information': 'hello world'
        }
        reqPost = factory.post(r'^modif_info/$', data=dataChangeInfo)
        reqPost.user = self.clientUser
        responsePost = change_info(reqPost)
        self.assertEqual(responsePost.status_code, 302)

    def test_del_product(self):
        """test if farmer can delete a product"""
        response = self.client.get(
            reverse('store:delPrd', args=[
                self.product.id,
            ]))
        self.assertEqual(response.status_code, 302)

    def test_if_user_logout(self):
        """Test disconnect user"""
        response = self.client.get(reverse('store:logOut'))
        self.assertEqual(response.status_code, 302)

    def test_display_terms(self):
        """test display terms page"""
        response = self.client.get(reverse('store:terms'))
        self.assertEqual(response.status_code, 200)
        self.assertTemplateUsed(response, 'store/terms.html')
Beispiel #35
0
 def setUp(self):
     user = User()
     user.username = "******"
     user.set_password("teste")
     user.save()
     self.token = Token.objects.get(user=user)
	def create(self, validated_data):
		new_user = User(**validated_data)
		new_user.set_password(validated_data['password'])
		new_user.save()
		return validated_data
Beispiel #37
0
class VersionAdminTest(TestCase):
    def setUp(self):
        self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS
        settings.TEMPLATE_DIRS = (os.path.join(os.path.dirname(admin.__file__),
                                               "templates"), )
        self.user = User(
            username="******",
            is_staff=True,
            is_superuser=True,
        )
        self.user.set_password("bar")
        self.user.save()
        # Log the user in.
        self.client.login(
            username="******",
            password="******",
        )

    def testAutoRegisterWorks(self):
        self.assertTrue(reversion.is_registered(ChildTestAdminModel))
        self.assertTrue(reversion.is_registered(ParentTestAdminModel))
        self.assertTrue(reversion.is_registered(InlineTestChildModel))
        self.assertTrue(reversion.is_registered(InlineTestChildGenericModel))
        self.assertTrue(reversion.is_registered(InlineTestParentModel))

    def testChangelist(self):
        response = self.client.get(
            "/admin/test_reversion/childtestadminmodel/")
        self.assertEqual(response.status_code, 200)

    def testRevisionSavedOnPost(self):
        self.assertEqual(ChildTestAdminModel.objects.count(), 0)
        # Create an instance via the admin.
        response = self.client.post(
            "/admin/test_reversion/childtestadminmodel/add/", {
                "parent_name": "parent instance1 version1",
                "child_name": "child instance1 version1",
                "_continue": 1,
            })
        self.assertEqual(response.status_code, 302)
        obj_pk = response["Location"].split("/")[-2]
        obj = ChildTestAdminModel.objects.get(id=obj_pk)
        # Check that a version is created.
        versions = reversion.get_for_object(obj)
        self.assertEqual(versions.count(), 1)
        self.assertEqual(versions[0].field_dict["parent_name"],
                         "parent instance1 version1")
        self.assertEqual(versions[0].field_dict["child_name"],
                         "child instance1 version1")
        # Save a new version.
        response = self.client.post(
            "/admin/test_reversion/childtestadminmodel/%s/" % obj_pk, {
                "parent_name": "parent instance1 version2",
                "child_name": "child instance1 version2",
                "_continue": 1,
            })
        self.assertEqual(response.status_code, 302)
        # Check that a version is created.
        versions = reversion.get_for_object(obj)
        self.assertEqual(versions.count(), 2)
        self.assertEqual(versions[0].field_dict["parent_name"],
                         "parent instance1 version2")
        self.assertEqual(versions[0].field_dict["child_name"],
                         "child instance1 version2")
        # Check that the versions can be listed.
        response = self.client.get(
            "/admin/test_reversion/childtestadminmodel/%s/history/" % obj_pk)
        self.assertContains(response, "child instance1 version2")
        self.assertContains(response, "child instance1 version1")
        # Check that version data can be loaded.
        response = self.client.get(
            "/admin/test_reversion/childtestadminmodel/%s/history/%s/" %
            (obj_pk, versions[1].pk))
        self.assertContains(response, "parent instance1 version1")
        self.assertContains(response, "child instance1 version1")
        # Check that loading the version data didn't roll it back!
        obj = ChildTestAdminModel.objects.get(pk=obj.pk)
        self.assertEqual(obj.child_name, "child instance1 version2")
        self.assertEqual(obj.parent_name, "parent instance1 version2")
        self.assertEqual(reversion.get_for_object(obj).count(), 2)
        # Check that a version can be rolled back.
        response = self.client.post(
            "/admin/test_reversion/childtestadminmodel/%s/history/%s/" %
            (obj_pk, versions[1].pk), {
                "parent_name": "parent instance1 version3",
                "child_name": "child instance1 version3",
            })
        self.assertEqual(response.status_code, 302)
        # Check that the models were rolled back.
        obj = ChildTestAdminModel.objects.get(pk=obj.pk)
        self.assertEqual(obj.child_name, "child instance1 version3")
        self.assertEqual(obj.parent_name, "parent instance1 version3")
        # Check that a version is created.
        versions = reversion.get_for_object(obj)
        self.assertEqual(versions.count(), 3)
        self.assertEqual(versions[0].field_dict["child_name"],
                         "child instance1 version3")
        self.assertEqual(versions[0].field_dict["parent_name"],
                         "parent instance1 version3")
        # Check that a deleted version can be viewed in the list.
        obj.delete()
        response = self.client.get(
            "/admin/test_reversion/childtestadminmodel/recover/")
        self.assertContains(response, "child instance1 version3")
        # Check that a delete version can be viewed in detail.
        response = self.client.get(
            "/admin/test_reversion/childtestadminmodel/recover/%s/" %
            versions[0].pk)
        self.assertContains(response, "parent instance1 version3")
        self.assertContains(response, "child instance1 version3")
        # Check that a deleted version can be recovered.
        response = self.client.post(
            "/admin/test_reversion/childtestadminmodel/recover/%s/" %
            versions[0].pk, {
                "parent_name": "parent instance1 version4",
                "child_name": "child instance1 version4",
            })
        # Check that the models were rolled back.
        obj = ChildTestAdminModel.objects.get(pk=obj_pk)
        self.assertEqual(obj.child_name, "child instance1 version4")
        self.assertEqual(obj.parent_name, "parent instance1 version4")
        # Check that a version is created.
        versions = reversion.get_for_object_reference(ChildTestAdminModel,
                                                      obj_pk)
        self.assertEqual(versions.count(), 4)
        self.assertEqual(versions[0].field_dict["parent_name"],
                         "parent instance1 version4")
        self.assertEqual(versions[0].field_dict["child_name"],
                         "child instance1 version4")

    def createInlineObjects(self):
        # Create an instance via the admin without a child.
        response = self.client.post(
            "/admin/test_reversion/inlinetestparentmodel/add/", {
                "name":
                "parent version1",
                "children-TOTAL_FORMS":
                "0",
                "children-INITIAL_FORMS":
                "0",
                "test_reversion-inlinetestchildgenericmodel-content_type-object_id-TOTAL_FORMS":
                "0",
                "test_reversion-inlinetestchildgenericmodel-content_type-object_id-INITIAL_FORMS":
                "0",
                "_continue":
                1,
            })
        self.assertEqual(response.status_code, 302)
        parent_pk = response["Location"].split("/")[-2]
        parent = InlineTestParentModel.objects.get(id=parent_pk)
        # Update  instance via the admin to add a child
        response = self.client.post(
            "/admin/test_reversion/inlinetestparentmodel/%s/" % parent_pk, {
                "name":
                "parent version1",
                "children-TOTAL_FORMS":
                "1",
                "children-INITIAL_FORMS":
                "0",
                "children-0-name":
                "child version 1",
                "test_reversion-inlinetestchildgenericmodel-content_type-object_id-TOTAL_FORMS":
                "1",
                "test_reversion-inlinetestchildgenericmodel-content_type-object_id-INITIAL_FORMS":
                "0",
                "test_reversion-inlinetestchildgenericmodel-content_type-object_id-0-name":
                "generic child version 1",
                "_continue":
                1,
            })
        self.assertEqual(response.status_code, 302)
        children = InlineTestChildModel.objects.filter(parent=parent_pk)
        self.assertEqual(children.count(), 1)
        generic_children = parent.generic_children.all()
        self.assertEqual(generic_children.count(), 1)
        # get list of versions
        version_list = reversion.get_for_object(parent)
        self.assertEqual(len(version_list), 2)

    def testInlineAdmin(self):
        self.assertTrue(reversion.is_registered(InlineTestParentModel))
        # make sure model is following the child FK
        self.assertTrue(
            'children' in reversion.get_adapter(InlineTestParentModel).follow)
        self.createInlineObjects()
        # unregister model
        reversion.unregister(InlineTestParentModel)
        self.assertFalse(reversion.is_registered(InlineTestParentModel))
        # re-register without following
        reversion.register(InlineTestParentModel)
        self.assertTrue(reversion.is_registered(InlineTestParentModel))
        # make sure model is NOT following the child FK
        self.assertFalse(
            'children' in reversion.get_adapter(InlineTestParentModel).follow)
        self.createInlineObjects()

    def tearDown(self):
        self.client.logout()
        self.user.delete()
        del self.user
        ChildTestAdminModel.objects.all().delete()
        settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS
Beispiel #38
0
class TestInlinePermissions(TestCase):
    """
    Make sure the admin respects permissions for objects that are edited
    inline. Refs #8060.
    """
    def setUp(self):
        self.user = User(username='******')
        self.user.is_staff = True
        self.user.is_active = True
        self.user.set_password('secret')
        self.user.save()

        self.author_ct = ContentType.objects.get_for_model(Author)
        self.holder_ct = ContentType.objects.get_for_model(Holder2)
        self.book_ct = ContentType.objects.get_for_model(Book)
        self.inner_ct = ContentType.objects.get_for_model(Inner2)

        # User always has permissions to add and change Authors, and Holders,
        # the main (parent) models of the inlines. Permissions on the inlines
        # vary per test.
        permission = Permission.objects.get(codename='add_author',
                                            content_type=self.author_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='change_author',
                                            content_type=self.author_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='add_holder2',
                                            content_type=self.holder_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='change_holder2',
                                            content_type=self.holder_ct)
        self.user.user_permissions.add(permission)

        author = Author.objects.create(pk=1, name='The Author')
        book = author.books.create(name='The inline Book')
        self.author_change_url = reverse('admin:admin_inlines_author_change',
                                         args=(author.id, ))
        # Get the ID of the automatically created intermediate model for the Author-Book m2m
        author_book_auto_m2m_intermediate = Author.books.through.objects.get(
            author=author, book=book)
        self.author_book_auto_m2m_intermediate_id = author_book_auto_m2m_intermediate.pk

        holder = Holder2.objects.create(dummy=13)
        inner2 = Inner2.objects.create(dummy=42, holder=holder)
        self.holder_change_url = reverse('admin:admin_inlines_holder2_change',
                                         args=(holder.id, ))
        self.inner2_id = inner2.id

        self.client.force_login(self.user)

    def test_inline_add_m2m_noperm(self):
        response = self.client.get(reverse('admin:admin_inlines_author_add'))
        # No change permission on books, so no inline
        self.assertNotContains(response, '<h2>Author-book relationships</h2>')
        self.assertNotContains(response,
                               'Add another Author-Book Relationship')
        self.assertNotContains(response, 'id="id_Author_books-TOTAL_FORMS"')

    def test_inline_add_fk_noperm(self):
        response = self.client.get(reverse('admin:admin_inlines_holder2_add'))
        # No permissions on Inner2s, so no inline
        self.assertNotContains(response, '<h2>Inner2s</h2>')
        self.assertNotContains(response, 'Add another Inner2')
        self.assertNotContains(response, 'id="id_inner2_set-TOTAL_FORMS"')

    def test_inline_change_m2m_noperm(self):
        response = self.client.get(self.author_change_url)
        # No change permission on books, so no inline
        self.assertNotContains(response, '<h2>Author-book relationships</h2>')
        self.assertNotContains(response,
                               'Add another Author-Book Relationship')
        self.assertNotContains(response, 'id="id_Author_books-TOTAL_FORMS"')

    def test_inline_change_fk_noperm(self):
        response = self.client.get(self.holder_change_url)
        # No permissions on Inner2s, so no inline
        self.assertNotContains(response, '<h2>Inner2s</h2>')
        self.assertNotContains(response, 'Add another Inner2')
        self.assertNotContains(response, 'id="id_inner2_set-TOTAL_FORMS"')

    def test_inline_add_m2m_add_perm(self):
        permission = Permission.objects.get(codename='add_book',
                                            content_type=self.book_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(reverse('admin:admin_inlines_author_add'))
        # No change permission on Books, so no inline
        self.assertNotContains(response, '<h2>Author-book relationships</h2>')
        self.assertNotContains(response,
                               'Add another Author-Book Relationship')
        self.assertNotContains(response, 'id="id_Author_books-TOTAL_FORMS"')

    def test_inline_add_fk_add_perm(self):
        permission = Permission.objects.get(codename='add_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(reverse('admin:admin_inlines_holder2_add'))
        # Add permission on inner2s, so we get the inline
        self.assertContains(response, '<h2>Inner2s</h2>')
        self.assertContains(response, 'Add another Inner2')
        self.assertContains(
            response, '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" '
            'value="3" name="inner2_set-TOTAL_FORMS">',
            html=True)

    def test_inline_change_m2m_add_perm(self):
        permission = Permission.objects.get(codename='add_book',
                                            content_type=self.book_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.author_change_url)
        # No change permission on books, so no inline
        self.assertNotContains(response, '<h2>Author-book relationships</h2>')
        self.assertNotContains(response,
                               'Add another Author-Book Relationship')
        self.assertNotContains(response, 'id="id_Author_books-TOTAL_FORMS"')
        self.assertNotContains(response, 'id="id_Author_books-0-DELETE"')

    def test_inline_change_m2m_change_perm(self):
        permission = Permission.objects.get(codename='change_book',
                                            content_type=self.book_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.author_change_url)
        # We have change perm on books, so we can add/change/delete inlines
        self.assertContains(response, '<h2>Author-book relationships</h2>')
        self.assertContains(response, 'Add another Author-book relationship')
        self.assertContains(
            response, '<input type="hidden" id="id_Author_books-TOTAL_FORMS" '
            'value="4" name="Author_books-TOTAL_FORMS">',
            html=True)
        self.assertContains(
            response,
            '<input type="hidden" id="id_Author_books-0-id" value="%i" '
            'name="Author_books-0-id">' %
            self.author_book_auto_m2m_intermediate_id,
            html=True)
        self.assertContains(response, 'id="id_Author_books-0-DELETE"')

    def test_inline_change_fk_add_perm(self):
        permission = Permission.objects.get(codename='add_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.holder_change_url)
        # Add permission on inner2s, so we can add but not modify existing
        self.assertContains(response, '<h2>Inner2s</h2>')
        self.assertContains(response, 'Add another Inner2')
        # 3 extra forms only, not the existing instance form
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" value="3" '
            'name="inner2_set-TOTAL_FORMS">',
            html=True)
        self.assertNotContains(
            response,
            '<input type="hidden" id="id_inner2_set-0-id" value="%i" name="inner2_set-0-id">'
            % self.inner2_id,
            html=True)

    def test_inline_change_fk_change_perm(self):
        permission = Permission.objects.get(codename='change_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.holder_change_url)
        # Change permission on inner2s, so we can change existing but not add new
        self.assertContains(response, '<h2>Inner2s</h2>')
        # Just the one form for existing instances
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" value="1" name="inner2_set-TOTAL_FORMS">',
            html=True)
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-0-id" value="%i" name="inner2_set-0-id">'
            % self.inner2_id,
            html=True)
        # max-num 0 means we can't add new ones
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-MAX_NUM_FORMS" value="0" name="inner2_set-MAX_NUM_FORMS">',
            html=True)

    def test_inline_change_fk_add_change_perm(self):
        permission = Permission.objects.get(codename='add_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='change_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.holder_change_url)
        # Add/change perm, so we can add new and change existing
        self.assertContains(response, '<h2>Inner2s</h2>')
        # One form for existing instance and three extra for new
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" value="4" name="inner2_set-TOTAL_FORMS">',
            html=True)
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-0-id" value="%i" name="inner2_set-0-id">'
            % self.inner2_id,
            html=True)

    def test_inline_change_fk_change_del_perm(self):
        permission = Permission.objects.get(codename='change_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='delete_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.holder_change_url)
        # Change/delete perm on inner2s, so we can change/delete existing
        self.assertContains(response, '<h2>Inner2s</h2>')
        # One form for existing instance only, no new
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" value="1" name="inner2_set-TOTAL_FORMS">',
            html=True)
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-0-id" value="%i" name="inner2_set-0-id">'
            % self.inner2_id,
            html=True)
        self.assertContains(response, 'id="id_inner2_set-0-DELETE"')

    def test_inline_change_fk_all_perms(self):
        permission = Permission.objects.get(codename='add_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='change_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        permission = Permission.objects.get(codename='delete_inner2',
                                            content_type=self.inner_ct)
        self.user.user_permissions.add(permission)
        response = self.client.get(self.holder_change_url)
        # All perms on inner2s, so we can add/change/delete
        self.assertContains(response, '<h2>Inner2s</h2>')
        # One form for existing instance only, three for new
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-TOTAL_FORMS" value="4" name="inner2_set-TOTAL_FORMS">',
            html=True)
        self.assertContains(
            response,
            '<input type="hidden" id="id_inner2_set-0-id" value="%i" name="inner2_set-0-id">'
            % self.inner2_id,
            html=True)
        self.assertContains(response, 'id="id_inner2_set-0-DELETE"')
Beispiel #39
0
def generate_public_user(request):
    user = User(username=middleware.PUBLIC_NAME)
    user.set_password(middleware.PUBLIC_PWD)
    user.save()

    return user
Beispiel #40
0
    def _createObjects(self):
        '''Method to populate the database with some initial objects.'''

        # Site: reuse default site 'example.com'
        site = Site.objects.get(pk=1)
        logging.info("Updating site: %s" % site)
        site.name = self.siteManager.get('SITE_NAME')
        site.domain = self.siteManager.get('SITE_DOMAIN')
        site.save()

        # Test project
        #if not Project.objects.filter(short_name=DEFAULT_PROJECT_SHORT_NAME).exists():
        if Project.objects.count() == 0:
            logging.info("Creating project: %s" % DEFAULT_PROJECT_SHORT_NAME)
            project = Project.objects.create(
                short_name=DEFAULT_PROJECT_SHORT_NAME,
                long_name='Test Project',
                description='This is a test project',
                site=site,
                active=True)
            initProject(project)
            project.save()

        # create Administrator user - one time only
        if User.objects.count() == 0:

            # create User object
            logging.info("Creating admin user")
            user = User(first_name='Admin',
                        last_name='User',
                        username=ROOTADMIN_USERNAME,
                        email=self.siteManager.get('EMAIL_SENDER',
                                                   section=SECTION_EMAIL),
                        is_staff=True,
                        is_superuser=True)
            if settings.ESGF_CONFIG:
                password = self._getRootAdminPassword()
            else:
                password = DEFAULT_ROOTADMIN_PWD
            user.set_password(password)
            user.save()

            # create UserProfile object
            userp = UserProfile(user=user,
                                institution='Institution',
                                city='City',
                                state='State',
                                country='Country',
                                site=site,
                                last_password_update=datetime.datetime.now())
            userp.clearTextPwd = password  # needed by esgfDatabaseManager, NOT saved as clear text in any database
            userp.save()

            # ESGF database setup
            if settings.ESGF_CONFIG:

                # create rootAdmin openid: https://<ESGF_HOSTNAME>/esgf-idp/openid/rootAdmin
                openid = esgfDatabaseManager.buildOpenid(ROOTADMIN_USERNAME)
                UserOpenID.objects.create(user=user,
                                          claimed_id=openid,
                                          display_id=openid)
                logging.info("Created openid:%s for CoG administrator: %s" %
                             (openid, user.username))

                # insert rootAdmin user in ESGF database
                logging.info(
                    "Inserting CoG administrator: %s in ESGF database" %
                    user.username)
                esgfDatabaseManager.insertEsgfUser(user.profile)

        # must create and enable 'esgf.idp.peer" as federated CoG peer
        if settings.IDP_REDIRECT is not None and settings.IDP_REDIRECT.strip(
        ) != '':
            idpHostname = settings.IDP_REDIRECT.lower().replace(
                'http://', '').replace('https://', '')
            try:
                idpPeerSite = PeerSite.objects.get(site__domain=idpHostname)
                idpPeerSite.enabled = True
                idpPeerSite.save()
            except ObjectDoesNotExist:
                site = Site.objects.create(name=idpHostname,
                                           domain=idpHostname)
                idpPeerSite = PeerSite.objects.create(site=site, enabled=True)
            print '\tCreated IdP Peer site: %s with enabled=%s' % (
                idpPeerSite, idpPeerSite.enabled)
Beispiel #41
0
 def create(self, validated_data):
     password = validated_data.pop('password')
     user = User(**validated_data)
     user.set_password(password)
     user.save()
     return user
Beispiel #42
0
def create_user(username="", password="", **kwargs):
    user = User(username=username, **kwargs)
    if password:
        user.set_password(password)
    user.save()
    return user
Beispiel #43
0
 def create(self, validated_data):
     raw_password = validated_data.pop('password')
     instance = User(**validated_data)
     instance.set_password(raw_password)
     instance.save()
     return instance
Beispiel #44
0
def do_create_account(form, custom_form=None):
    """
    Given cleaned post variables, create the User and UserProfile objects, as well as the
    registration for this user.

    Returns a tuple (User, UserProfile, Registration).

    Note: this function is also used for creating test users.
    """
    # Check if ALLOW_PUBLIC_ACCOUNT_CREATION flag turned off to restrict user account creation
    if not configuration_helpers.get_value(
            'ALLOW_PUBLIC_ACCOUNT_CREATION',
            settings.FEATURES.get('ALLOW_PUBLIC_ACCOUNT_CREATION', True)):
        raise PermissionDenied()

    errors = {}
    errors.update(form.errors)
    if custom_form:
        errors.update(custom_form.errors)

    if errors:
        raise ValidationError(errors)

    proposed_username = form.cleaned_data["username"]
    user = User(username=proposed_username,
                email=form.cleaned_data["email"],
                is_active=False)
    password = normalize_password(form.cleaned_data["password"])
    user.set_password(password)
    registration = Registration()

    # TODO: Rearrange so that if part of the process fails, the whole process fails.
    # Right now, we can have e.g. no registration e-mail sent out and a zombie account
    try:
        with transaction.atomic():
            user.save()
            if custom_form:
                custom_model = custom_form.save(commit=False)
                custom_model.user = user
                custom_model.save()
    except IntegrityError:
        # Figure out the cause of the integrity error
        # TODO duplicate email is already handled by form.errors above as a ValidationError.
        # The checks for duplicate email/username should occur in the same place with an
        # AccountValidationError and a consistent user message returned (i.e. both should
        # return "It looks like {username} belongs to an existing account. Try again with a
        # different username.")
        if username_exists_or_retired(user.username):  # lint-amnesty, pylint: disable=no-else-raise
            raise AccountValidationError(  # lint-amnesty, pylint: disable=raise-missing-from
                USERNAME_EXISTS_MSG_FMT.format(username=proposed_username),
                field="username",
                error_code='duplicate-username',
            )
        elif email_exists_or_retired(user.email):
            raise AccountValidationError(  # lint-amnesty, pylint: disable=raise-missing-from
                _("An account with the Email '{email}' already exists.").
                format(email=user.email),
                field="email",
                error_code='duplicate-email')
        else:
            raise

    registration.register(user)

    profile_fields = [
        "name", "level_of_education", "gender", "mailing_address", "city",
        "country", "goals", "year_of_birth"
    ]
    profile = UserProfile(
        user=user,
        **{key: form.cleaned_data.get(key)
           for key in profile_fields})
    extended_profile = form.cleaned_extended_profile
    if extended_profile:
        profile.meta = json.dumps(extended_profile)
    try:
        profile.save()
    except Exception:
        log.exception(f"UserProfile creation failed for user {user.id}.")
        raise

    return user, profile, registration
Beispiel #45
0
class MiddlewareChatTest(TestCase):

    "Midleware chat tests"
    username = "******"
    password = "******"
    prepared = False

    def setUp(self):
        "Initial Setup"

        if not self.prepared:
            Object.objects.all().delete()

            # Create objects
            try:
                self.group = Group.objects.get(name='test')
            except Group.DoesNotExist:
                Group.objects.all().delete()
                self.group = Group(name='test')
                self.group.save()

            try:
                self.user = DjangoUser.objects.get(username=self.username)
                self.user.set_password(self.password)
                try:
                    self.profile = self.user.get_profile()
                except Exception:
                    User.objects.all().delete()
                    self.user = DjangoUser(username=self.username, password='')
                    self.user.set_password(self.password)
                    self.user.save()
            except DjangoUser.DoesNotExist:
                User.objects.all().delete()
                self.user = DjangoUser(username=self.username, password='')
                self.user.set_password(self.password)
                self.user.save()

            try:
                perspective = Perspective.objects.get(name='default')
            except Perspective.DoesNotExist:
                Perspective.objects.all().delete()
                perspective = Perspective(name='default')
                perspective.set_default_user()
                perspective.save()
            ModuleSetting.set('default_perspective', perspective.id)

            self.client = Client()

            self.prepared = True

    def test_chat_get_new_messages(self):
        "Test get_new_messages"
        response = self.client.post('/chat',
                                    {'json': '{"cmd":"Get", "location":"#"}'})
        self.assertEqual(response.status_code, 200)

    def test_chat_connect(self):
        "Test connect"
        response = self.client.post(
            '/chat', {'json': '{"cmd":"Connect", "location":"#"}'})
        self.assertEqual(response.status_code, 200)

    def test_chat_disconnect(self):
        "Test disconnect"
        response = self.client.post(
            '/chat', {'json': '{"cmd":"Disconnect", "location":"#"}'})
        self.assertEqual(response.status_code, 200)

    def test_chat_add_new_message(self):
        "Test add_new_message"
        response = self.client.post(
            '/chat', {
                'json':
                '{"cmd":"Message","data":{"id":"test_b5e6d0470a5f4656c3bc77f879c3dbbc","text":"test message"},"location":"#"}'
            })
        self.assertEqual(response.status_code, 200)

    def test_chat_exit_from_conference(self):
        "Test exit_from_conference"
        response = self.client.post(
            '/chat', {
                'json':
                '{"cmd":"Exit","data":{"id":"test_b5e6d0470a5f4656c3bc77f879c3dbbc"},"location":"#"}'
            })
        self.assertEqual(response.status_code, 200)

    def test_chat_add_users_in_conference(self):
        "Test add_users_in_conference"
        response = self.client.post(
            '/chat', {
                'json':
                '{"cmd":"Add","data":{"id":"guest_006f721c4a59a44d969b9f73fb6360a5","users":["test"]},"location":"#"}'
            })
        self.assertEqual(response.status_code, 200)

    def test_chat_create_conference(self):
        "Test create_conference"
        response = self.client.post(
            '/chat', {
                'json':
                '{"cmd":"Create","data":{"title":["Admin"],"users":["admin"]},"location":"#"}'
            })
        self.assertEqual(response.status_code, 200)
Beispiel #46
0
class TestModels(TestCase):
    def setUp(self):

        # create user
        self.username = '******'
        self.email = '*****@*****.**'
        self.password = '******'
        self.user = User(username=self.username, email=self.email)
        self.user.set_password(self.password)
        self.user.save()
        login = self.client.login(username=self.username,
                                  password=self.password)
        self.assertEqual(login, True)

        # create category
        self.category = Course.objects.create(course_id='1', course_name='OOP')

        # create degree
        self.software_eng_degree = Degree.objects.create(
            degree_id='1', degree_name='Software Engineering')

        self.social_worker_degree = Degree.objects.create(
            degree_id='2', degree_name='Social Worker')

        # upload legal file
        self.legal = SimpleUploadedFile('test.pdf', b'test context')

        # create file model object
        self.legal_file = File(
            category=self.category,
            create_at=timezone.now(),
            file_url=self.legal,
            owner=self.user,
        )
        try:
            self.legal_file.save()
        except FileExistsError as e:
            print(e)
        self.legal_file.related_degrees.add(self.software_eng_degree)
        self.legal_file.related_degrees.add(self.social_worker_degree)

    def test_create_file_successfully(self):
        self.assertEqual(str(self.legal_file.category), 'OOP')
        self.assertEqual(self.legal_file.create_at.date(),
                         timezone.now().date())
        self.assertEqual(self.legal_file.file_url, 'files/1_testuser_OOP.pdf')
        self.assertEqual(self.legal_file.owner, self.user)

    def test_file_extension(self):
        self.assertEqual(self.legal_file.file_type, 'pdf')

    def test_upload_file_not_allowed(self):
        # upload illegal file
        illegal = SimpleUploadedFile('test.py', b'print("Wrong!")')

        # create file model object
        self.illegal_file = File(
            category=self.category,
            create_at=timezone.now(),
            file_url=illegal,
            owner=self.user,
        )
        with self.assertRaises(ValidationError):
            self.illegal_file.save()

    def test_name_start_with_id(self):
        file_id = str(self.legal_file.id)
        self.assertTrue(self.legal_file.file_name.startswith(file_id))

    def test_file_category(self):
        self.assertEqual(self.legal_file.category, self.category)

    def test_related_degrees(self):
        degrees = (self.social_worker_degree.degree_name,
                   self.software_eng_degree.degree_name)
        for degree in self.legal_file.related_degrees.all():
            self.assertTrue(degree.degree_name in degrees)
        for degree_name in degrees:
            self.assertTrue(degree_name in (
                d.degree_name for d in self.legal_file.related_degrees.all()))

    def test_file_name_contains_owner(self):
        owner_username = self.user.username
        self.assertTrue(owner_username in self.legal_file.file_name)

    def test_owner(self):
        self.assertEqual(self.legal_file.owner, self.user)

    def test_upload_at(self):
        self.assertEqual(self.legal_file.upload_at.date(),
                         timezone.now().date())

    def test_file_size(self):
        self.assertEqual(self.legal_file.file_size, '12 B')

    def test_admin(self):
        self.assertEqual(self.legal_file.owner, self.user)

    def tearDown(self):
        try:
            os.remove(self.legal_file.file_url.path)
        except FileNotFoundError as e:
            print(e)
Beispiel #47
0
 def create_test_user(username, password):
     testuser = User()
     testuser.username = username
     testuser.password = make_password(password)
     testuser.save()
Beispiel #48
0
class Login2FA(StaticLiveServerTestCase):

    def create_voting(self):
        self.q = Question(desc='Prueba votación')
        self.q.save()
        for i in range(2):
            opt = QuestionOption(question=self.q, option='Opción {}'.format(i+1))
            opt.save()
        self.v= Voting(name='Prueba votación', question=self.q, slug="prueba")
        self.v.save()
        self.a, _ = Auth.objects.get_or_create(url=settings.BASEURL,defaults={'me': True, 'name': 'test auth'})
        self.a.save()
        self.v.auths.add(self.a)
        self.v.create_pubkey()
        self.v.start_date = timezone.now()
        self.v.save()
        
    def createUsers(self):
        self.user_with_2fa = User(username='******')
        self.user_with_2fa.set_password('qwerty')
        self.user_with_2fa.save()

        self.user_no_2fa = User(username="******")
        self.user_no_2fa.set_password('qwerty')
        self.user_no_2fa.save()

        self.extra = Extra(phone='020304050')
        self.extra.totp_code = 'S3K3TPI5MYA2M67V'
        self.extra.user = self.user_with_2fa
        self.extra.save()


    def setUp(self):

        self.base = BaseTestCase()
        self.base.setUp()

        self.vars = {}
        self.create_voting()
        self.createUsers()
        options = webdriver.ChromeOptions()
        options.headless = True
        self.driver = webdriver.Chrome(options=options)

        super().setUp()

    def tearDown(self):
        super().tearDown()
        self.driver.quit()
        self.base.tearDown()
        self.v.delete()

    #Un usuario con 2fa no puede logearse si no lo introduce
    def test_login2faWithoutIt(self):
        self.driver.get(f'{self.live_server_url}/booth/{self.v.pk}')
        self.driver.set_window_size(1366, 728)
        self.driver.find_element(By.ID, "username").click()
        self.driver.find_element(By.ID, "username").send_keys("user2fa")
        self.driver.find_element(By.ID, "password").click()
        self.driver.find_element(By.ID, "password").send_keys("qwerty")
        self.driver.find_element(By.CSS_SELECTOR, ".btn").click()
        assert self.driver.find_element(By.ID, "__BVID__11__BV_label_").text == "Username"

    #Un usuario sin 2fa puede logearse bien
    def test_logino2fa(self):
        self.driver.get(f'{self.live_server_url}/booth/{self.v.pk}')
        self.driver.set_window_size(1366, 728)
        # self.driver.find_element(By.ID, "__BVID__19__BV_label_").click()
        self.driver.find_element(By.ID, "username").click()
        self.driver.find_element(By.ID, "username").send_keys("usernofa")
        self.driver.find_element(By.ID, "password").send_keys("qwerty")
        self.driver.find_element(By.CSS_SELECTOR, ".btn").click()
        elements = self.driver.find_elements(By.CSS_SELECTOR, ".btn")
        assert len(elements) > 0

    #Un usuario sin 2fa no puede logearse en el formulario para 2fa
    def test_loginno2fain2fa(self):
        self.driver.get(f'{self.live_server_url}/booth/{self.v.pk}')
        self.driver.set_window_size(1366, 728)
        self.driver.find_element(By.CSS_SELECTOR, ".custom-control:nth-child(2) > .custom-control-label").click()
        self.driver.find_element(By.ID, "username").click()
        self.driver.find_element(By.ID, "username").send_keys("usuarionofa")
        self.driver.find_element(By.ID, "password").send_keys("qwerty")
        self.driver.find_element(By.CSS_SELECTOR, ".btn").click()
        assert self.driver.find_element(By.ID, "__BVID__11__BV_label_").text == "Username"
Beispiel #49
0
def user_login(request):
    def get_user_login_success_response(user):
        expires = timezone.now() + timezone.timedelta(days=7)
        jwt_payload = get_user_private_dict(user.account)
        jwt_payload['expires'] = expires.strftime("%Y-%m-%d %H:%M:%S")
        jwt_token = jwt.encode(jwt_payload, PRIVATE_KEY,
                               algorithm="RS256").decode("utf-8")
        response = JsonResponse(
            get_json_dict(data={}, err_code=0, message="Login success"))
        response.set_cookie('jwt', jwt_token, max_age=604800)
        return response

    received_data = json.loads(request.body.decode('utf-8'))
    username = received_data['username']
    password = received_data['password']

    json_dict = get_json_dict(data={})

    user = authenticate(username=username, password=password)
    if user:  # user auth success
        if user.is_active:  # user have confirmed its email, login success

            response = get_user_login_success_response(user)
            return response

        else:  # user have not confirmed its email
            json_dict['err_code'] = -1
            json_dict['message'] = "请验证您的学号邮箱"
            response = JsonResponse(json_dict)
            response.status_code = 403
            return response
    else:  # user auth fail
        try:
            User.objects.get(username=username)
        except ObjectDoesNotExist as e:  # user object does not exist
            if (re.match("\d{3,11}", username)
                ):  # username is the form of a student/staff account
                nickname = check_fdu_auth(
                    username, password
                )  # check username and password via mail.fudan.edu.cn
                if nickname != None:  # check success, create user
                    user = User(username=username)
                    user.set_password(password)
                    user.is_active = True
                    user.save()
                    account = Account(user=user)
                    account.nickname = nickname
                    account.save()
                    user_icon_response = requests.get(
                        "https://www.gravatar.com/avatar/{0}?s=256&d=identicon&r=PG"
                        .format(user.username))
                    account.icon.save(name='default_icon',
                                      content=ContentFile(
                                          user_icon_response.content))
                    return get_user_login_success_response(user)
            # user does not exists
            json_dict['err_code'] = -1
            json_dict['message'] = "用户不存在"
            response = JsonResponse(json_dict)
            response.status_code = 403
            return response
        else:  # user exists, password is incorrect
            json_dict['err_code'] = -1
            json_dict['message'] = "密码错误"
            response = JsonResponse(json_dict)
            response.status_code = 403
            return response
Beispiel #50
0
 def test_submitted_games_no_games(self):
     user = User(username="******")
     user.save()
     self.run_submitted_game_test(user)
Beispiel #51
0
    def get_or_create_user(self,
                           username,
                           request=None,
                           ldapo=None,
                           userdn=None):
        """Return a user account, importing from LDAP if necessary.

        If the user already exists in the database, it will be returned
        directly. Otherwise, this will attempt to look up the user in LDAP
        and create a local user account representing that user.

        Args:
            username (unicode):
                The username to look up.

            request (django.http.HttpRequest, optional):
                The optional HTTP request for this operation.

            ldapo (ldap.LDAPObject, optional):
                The existing LDAP connection, if the caller has one. If not
                provided, a new connection will be created.

            userdn (unicode, optional):
                The DN for the user being looked up, if the caller knows it.
                If not provided, the DN will be looked up.

        Returns:
            django.contrib.auth.models.User:
            The resulting user, if it could be found either locally or in
            LDAP. If the user does not exist, ``None`` is returned.
        """
        username = re.sub(INVALID_USERNAME_CHAR_REGEX, '', username).lower()

        try:
            return User.objects.get(username=username)
        except User.DoesNotExist:
            # The user wasn't in the database, so we'll look it up in
            # LDAP below.
            pass

        if ldap is None:
            logging.error(
                'Attempted to look up user "%s" in LDAP, but the '
                'python-ldap package is not installed!', username)
            return None

        try:
            if ldapo is None:
                ldapo = self._connect(request=request)

                if ldapo is None:
                    return None

            if userdn is None:
                userdn = self._get_user_dn(ldapo=ldapo,
                                           username=username,
                                           request=request)

                if userdn is None:
                    return None

            # Perform a BASE search since we already know the DN of
            # the user
            search_result = ldapo.search_s(userdn, ldap.SCOPE_BASE)
            user_info = search_result[0][1]

            given_name_attr = getattr(settings, 'LDAP_GIVEN_NAME_ATTRIBUTE',
                                      'givenName')
            first_name = user_info.get(given_name_attr, [username])[0]

            surname_attr = getattr(settings, 'LDAP_SURNAME_ATTRIBUTE', 'sn')
            last_name = user_info.get(surname_attr, [''])[0]

            # If a single ldap attribute is used to hold the full name of
            # a user, split it into two parts.  Where to split was a coin
            # toss and I went with a left split for the first name and
            # dumped the remainder into the last name field.  The system
            # admin can handle the corner cases.
            #
            # If the full name has no white space to split on, then the
            # entire full name is dumped into the first name and the
            # last name becomes an empty string.
            try:
                if settings.LDAP_FULL_NAME_ATTRIBUTE:
                    full_name = \
                        user_info[settings.LDAP_FULL_NAME_ATTRIBUTE][0]
                    full_name = full_name.decode('utf-8')

                    try:
                        first_name, last_name = full_name.split(' ', 1)
                    except ValueError:
                        first_name = full_name
                        last_name = ''

            except AttributeError:
                pass

            if settings.LDAP_EMAIL_DOMAIN:
                email = '%s@%s' % (username, settings.LDAP_EMAIL_DOMAIN)
            elif settings.LDAP_EMAIL_ATTRIBUTE:
                try:
                    email = user_info[settings.LDAP_EMAIL_ATTRIBUTE][0]
                except KeyError:
                    logging.error(
                        'LDAP: could not get e-mail address for '
                        'user %s using attribute %s', username,
                        settings.LDAP_EMAIL_ATTRIBUTE)
                    email = ''
            else:
                logging.warning('LDAP: e-mail for user %s is not specified',
                                username)
                email = ''

            user = User(username=username,
                        password='',
                        first_name=first_name,
                        last_name=last_name,
                        email=email)
            user.set_unusable_password()
            user.save()

            return user
        except ldap.NO_SUCH_OBJECT as e:
            logging.warning(
                "LDAP error: %s settings.LDAP_BASE_DN: %s "
                "User DN: %s",
                e,
                settings.LDAP_BASE_DN,
                userdn,
                exc_info=1)
        except ldap.LDAPError as e:
            logging.warning("LDAP error: %s", e, exc_info=1)

        return None
Beispiel #52
0
def create_user(username, email, password):
    user = User(username=username, email=email)
    user.set_password(password)
    user.save()
    return user
Beispiel #53
0
    def test_adding_user_create_default_preferences(self):

        u = User(username="******")
        u.save()

        self.assertEqual(len(u.preferences), len(registry.preferences()))
Beispiel #54
0
class TestUiDatabaseTransactions:
    def setup(self):
        self.m = Meeting()
        self.m.save()
        self.old_ts = TokenSet(meeting=self.m)
        self.old_ts.save()
        self.ts = TokenSet(meeting=self.m)
        self.ts.save()
        self.admin = User()
        self.admin.is_superuser = True
        self.admin.save()
        self.client = Client()
        self.client.force_login(self.admin)

    async def authenticate(self, proxy):
        at = AuthToken(token_set=self.ts, has_proxy=proxy)
        at.save()
        session = Session(auth_token=at)
        session.save()
        communicator = WebsocketCommunicator(UIConsumer, "")
        connected, subprotocol = await communicator.connect()
        assert connected
        return session, communicator

    def test_setup(self):
        assert self.m in Meeting.objects.all()
        assert self.ts in self.m.tokenset_set.all()
        assert self.old_ts in self.m.tokenset_set.all()

    async def check_votes(self, expected_votes, communicator):
        v_set = expected_votes
        vote_count = 0
        vote_ids = []
        for v in v_set.all():
            response = await communicator.receive_json_from()
            while response['type'] == 'auth_response':
                response = await communicator.receive_json_from(timeout=10)
            assert 'ballot' == response['type']
            assert response['ballot_id']
            vote = v_set.filter(id=response['ballot_id']).first()
            assert vote
            assert vote in v_set.all()
            assert vote.id not in vote_ids
            vote_ids.append(vote.id)
            assert vote.name == response['title']
            assert vote.description == response['desc']
            assert vote.method == response['method']
            options = response['options']
            assert vote.option_set.count() == len(options)
            for o in vote.option_set.all():
                op = [op for op in options if op['id'] == o.id]
                assert op
                assert o.name == op[0]['name']
            assert response['proxies']
            assert not response['existing_ballots']
            vote_count += 1
        assert v_set.count() == vote_count

    @pytest.mark.asyncio
    async def test_authenticate_single(self):
        session, communicator = await self.authenticate(False)
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': str(session.id)
        })
        response = await communicator.receive_json_from()
        assert "success" == response['result']
        assert 1 == len(response['voters'])
        primary = session.auth_token.votertoken_set.filter(
            proxy=False).first().id
        primary_dict_list = [
            voter for voter in response['voters'] if voter['token'] == primary
        ]
        assert primary_dict_list  # checks the list has an entry
        assert "primary" == primary_dict_list[0]['type']

    @pytest.mark.asyncio
    async def test_authenticate_proxy(self):
        session, communicator = await self.authenticate(True)
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': str(session.id)
        })
        response = await communicator.receive_json_from()
        assert "success" == response['result']
        assert 2 == len(response['voters'])
        primary = session.auth_token.votertoken_set.filter(
            proxy=False).first().id
        primary_dict_list = [
            voter for voter in response['voters'] if voter['token'] == primary
        ]
        assert primary_dict_list  # checks the list has an entry
        assert "primary" == primary_dict_list[0]['type']
        proxy = session.auth_token.votertoken_set.filter(proxy=True).first().id
        poxy_dict_list = [
            voter for voter in response['voters'] if voter['token'] == proxy
        ]
        assert poxy_dict_list  # checks the list has an entry
        assert "proxy" == poxy_dict_list[0]['type']

    @pytest.mark.asyncio
    @pytest.mark.xfail(reason='stuff refuses to be awaited for unknown reasons'
                       )
    async def test_votes_are_dispatched_as_they_are_opened(self):
        # TODO(Figure out why this only passes if run on its own)
        v1 = Vote(name='y n a test',
                  token_set=self.ts,
                  method=Vote.YES_NO_ABS,
                  state=Vote.READY)
        v1.save()
        v2 = Vote(token_set=self.ts,
                  name='stv test',
                  method=Vote.STV,
                  state=Vote.READY)
        v2.save()
        for x in range(0, 5):
            Option(name=x, vote=v2).save()
        session, communicator = await self.authenticate(False)
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': str(session.id)
        })
        response = await communicator.receive_json_from()
        assert "success" == response['result']
        channel_layer = get_channel_layer()
        await channel_layer.group_send(self.m.channel_group_name(), {
            "type": "vote.opening",
            "vote_id": v1.id
        })
        await self.check_votes(Vote.objects.filter(pk=v1.id), communicator)
        await channel_layer.group_send(self.m.channel_group_name(), {
            "type": "vote.opening",
            "vote_id": v2.id
        })
        await self.check_votes(Vote.objects.filter(pk=v2.id), communicator)

    @pytest.mark.asyncio
    async def test_authenticate_with_open_votes(self):
        v = Vote(name='y n a test',
                 token_set=self.ts,
                 method=Vote.YES_NO_ABS,
                 state=Vote.LIVE)
        v.save()
        v = Vote(token_set=self.ts, method=Vote.STV, state=Vote.LIVE)
        v.save()
        for x in range(0, 5):
            Option(name=x, vote=v).save()
        session, communicator = await self.authenticate(False)
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': str(session.id)
        })
        await self.check_votes(
            Vote.objects.filter(state=Vote.LIVE, token_set=self.ts),
            communicator)

    @pytest.mark.asycio
    async def test_authenticate_invalid_session(self):
        assert False
        communicator = WebsocketCommunicator(UIConsumer, "")
        connected, _ = await communicator.connect()
        assert connected
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': 'garbage'
        })
        response = await communicator.receive_json_from()
        assert response['result'] == "failure"

    @pytest.mark.asycio
    async def test_authenticate_old_token(self):
        _, communicator = await self.authenticate(False)
        outdated_token = AuthToken(TokenSet=self.old_ts, has_proxy=False)
        session = Session(auth_token=outdated_token)
        session.save()
        await communicator.send_json_to({
            'type': 'auth_request',
            'session_token': str(session.id)
        })
        response = await communicator.receive_json_from()
        assert "failure" == response['result']
Beispiel #55
0
 def create(self, validated_data):
     user = User(email=validated_data['email'],
                 username=validated_data['username'])
     user.set_password(validated_data['password'])
     user.save()
     return user
 def save(self):
     user = User(**self.cleaned_data)
     user.save()
     return user
Beispiel #57
0
 def get_superuser(self):
     admin = User(username="******", is_staff=True, is_active=True, is_superuser=True)
     admin.set_password("admin")
     admin.save()
     return admin
Beispiel #58
0
class TestViewSets(BaseTest, TestCase):
    def setUp(self):
        self.user = User(username="******",
                         email="*****@*****.**",
                         is_superuser=True,
                         is_staff=True)
        self.user.set_password('test')
        self.user.save()

    def test_preference_list_requires_authentication(self):
        url = reverse('api:user-list')

        # anonymous
        response = self.client.get(url)
        self.assertEqual(response.status_code, 403)

    def test_can_list_preferences(self):
        manager = registry.manager(instance=self.user)
        url = reverse('api:user-list')
        self.client.login(username='******', password="******")
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)

        payload = json.loads(response.content.decode('utf-8'))

        self.assertEqual(len(payload), len(registry.preferences()))

        for e in payload:
            pref = manager.get_db_pref(section=e['section'], name=e['name'])
            serializer = serializers.UserPreferenceSerializer(pref)
            self.assertEqual(pref.preference.identifier(), e['identifier'])

    def test_can_list_preference_of_requeting_user(self):
        second_user = User(username="******",
                           email="*****@*****.**",
                           is_superuser=True,
                           is_staff=True)
        second_user.set_password('test')
        second_user.save()

        manager = registry.manager(instance=self.user)
        url = reverse('api:user-list')
        self.client.login(username='******', password="******")
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)

        payload = json.loads(response.content.decode('utf-8'))

        self.assertEqual(len(payload), len(registry.preferences()))

        url = reverse('api:user-list')
        self.client.login(username='******', password="******")
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)

        payload = json.loads(response.content.decode('utf-8'))

        # This should be 7 because each user gets 7 preferences by default.
        self.assertEqual(len(payload), 7)

        for e in payload:
            pref = manager.get_db_pref(section=e['section'], name=e['name'])
            serializer = serializers.UserPreferenceSerializer(pref)
            self.assertEqual(pref.preference.identifier(), e['identifier'])

    def test_can_detail_preference(self):
        manager = registry.manager(instance=self.user)
        pref = manager.get_db_pref(section='user', name='favorite_vegetable')
        url = reverse('api:user-detail',
                      kwargs={'pk': pref.preference.identifier()})
        self.client.login(username='******', password="******")
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)

        payload = json.loads(response.content.decode('utf-8'))
        self.assertEqual(pref.preference.identifier(), payload['identifier'])
        self.assertEqual(pref.value, payload['value'])

    def test_can_update_preference(self):
        manager = registry.manager(instance=self.user)
        pref = manager.get_db_pref(section='user', name='favorite_vegetable')
        url = reverse('api:user-detail',
                      kwargs={'pk': pref.preference.identifier()})
        self.client.login(username='******', password="******")
        response = self.client.patch(url,
                                     json.dumps({'value': 'P'}),
                                     content_type='application/json')
        self.assertEqual(response.status_code, 200)

        pref = manager.get_db_pref(section='user', name='favorite_vegetable')

        self.assertEqual(pref.value, 'P')

    def test_can_update_multiple_preferences(self):
        manager = registry.manager(instance=self.user)
        pref = manager.get_db_pref(section='user', name='favorite_vegetable')
        url = reverse('api:user-bulk')
        self.client.login(username='******', password="******")
        payload = {
            'user__favorite_vegetable': 'C',
            'misc__favourite_colour': 'Blue',
        }
        response = self.client.post(url,
                                    json.dumps(payload),
                                    content_type='application/json')
        self.assertEqual(response.status_code, 200)

        pref1 = manager.get_db_pref(section='user', name='favorite_vegetable')
        pref2 = manager.get_db_pref(section='misc', name='favourite_colour')

        self.assertEqual(pref1.value, 'C')
        self.assertEqual(pref2.value, 'Blue')

    def test_update_preference_returns_validation_error(self):
        manager = registry.manager(instance=self.user)
        pref = manager.get_db_pref(section='user', name='favorite_vegetable')
        url = reverse('api:user-detail',
                      kwargs={'pk': pref.preference.identifier()})
        self.client.login(username='******', password="******")
        response = self.client.patch(url,
                                     json.dumps({'value': 'Z'}),
                                     content_type='application/json')
        self.assertEqual(response.status_code, 400)

        payload = json.loads(response.content.decode('utf-8'))

        self.assertIn('valid choice', payload['value'][0])

    def test_update_multiple_preferences_with_validation_errors_rollback(self):
        manager = registry.manager(instance=self.user)
        pref = manager.get_db_pref(section='user', name='favorite_vegetable')
        url = reverse('api:user-bulk')
        self.client.login(username='******', password="******")
        payload = {
            'user__favorite_vegetable': 'Z',
            'misc__favourite_colour': 'Blue',
        }
        response = self.client.post(url,
                                    json.dumps(payload),
                                    content_type='application/json')
        self.assertEqual(response.status_code, 400)

        errors = json.loads(response.content.decode('utf-8'))
        self.assertIn('valid choice',
                      errors[pref.preference.identifier()]['value'][0])

        pref1 = manager.get_db_pref(section='user', name='favorite_vegetable')
        pref2 = manager.get_db_pref(section='misc', name='favourite_colour')

        self.assertEqual(pref1.value, pref1.preference.default)
        self.assertEqual(pref2.value, pref2.preference.default)
Beispiel #59
0
def user_register(request):
    registered = False
    if request.user.is_authenticated:
        return HttpResponse("You are already Logged in")
    if request.method == 'POST' and not request.user.is_authenticated:
        Name = request.POST.get("Name")
        Email = request.POST.get("email")
        Passwd = request.POST.get("passwd")
        Mobile = request.POST.get("mobile")
        DOB_date = request.POST.get("birth_year_day")
        DOB_month = request.POST.get("birth_year_month")
        DOB_year = request.POST.get("birth_year_year")
        address = request.POST.get("address")
        city = request.POST.get("city")
        state = request.POST.get("state")
        #print(Name,Email,DOB_date+'-'+DOB_month+'-'+DOB_year,address)
        errors = {
            'err': False,
            'username': False,
            'email': False,
            'address': False,
            'city': False,
            'state': False,
            'pincode': False,
            'phone': False
        }
        errors = sql_script.check_for_user(Name, Email, errors)
        errors = sql_script.check_for_customer(Name, Email, Mobile, errors)
        if Name == None or Name == '':
            errors['username'] = True
            errors['err'] = True
        if Email == None or Email == '':
            errors['email'] = True
            errors['err'] = True
        if Mobile == None or Mobile == '':
            errors['phone'] = True
            errors['err'] = True

        birth_date = DOB_year + '-' + DOB_month + '-' + DOB_date
        #print(errors)

        if errors['err'] == False:
            user = User(username=Name, email=Email)
            user.set_password(Passwd)
            user.save()

            id = sql_script.select(
                "SELECT id FROM auth_user WHERE email = %s ", (Email, ))[0][0]

            # try:
            #     img = Image.open(request.FILES["profile"])
            #     img.save(path.join(img_dir,str(id)+'.jpg'))
            #     pro = str(id)+'.jpg'
            # except:
            #     pro = 'no_image.jpg'
            # sql_script.save_profile(id,'/media/profile/'+pro)
            print(id)
            sql_script.insert_to_customer(Name, Email, address, city, state,
                                          "110025", Mobile, birth_date, id)

            registered = True
            return HttpResponse(
                "<p>You are registered</p><a href ='/'>Home</a> ")
        else:
            dic = {
                'States': States_DIC,
                'registered': registered,
                'errors': errors,
                'range': range(1900, 2010)
            }

            return render(request, 'user/register.html', dic)

    else:
        dic = {
            'States': States_DIC,
            'registered': registered,
            'range': range(1900, 2010)
        }

        return render(request, 'user/register.html', dic)
Beispiel #60
0
def qq_oauth(request):
    if request.method == 'GET':
        if (not request.GET['code']) or (request.GET['state'] != 'fairybbs'):
            return error(request, '请求错误')
        code = request.GET['code']
        url = 'https://graph.qq.com/oauth2.0/token'
        data = {
            'grant_type': 'authorization_code',
            'client_id': '',
            'client_secret': '',
            'code': code,
            'redirect_uri': ''
        }
        req = urllib2.Request(url, urllib.urlencode(data))
        res = urllib2.urlopen(req)
        try:
            access_token = re.findall(r'access_token=(.*?)&', res.read())[0]
        except:
            return error(request, u'抱歉,未从腾讯获取到有效的授权信息,可能是和腾讯通信失败,请重试\n')
        url_openid = 'https://graph.qq.com/oauth2.0/me'
        data_openid = {'access_token': access_token}
        req_openid = urllib2.Request(url_openid, urllib.urlencode(data_openid))
        res_openid = urllib2.urlopen(req_openid)
        try:
            JSON_openid = json.loads(res_openid.read()[10:-3])
        except:
            return error(request, u'抱歉,未从腾讯获取到有效的授权信息,可能是和腾讯通信失败,请重试')
        openid = JSON_openid['openid']
        try:
            u = social.objects.get(openid=openid).user
        except:
            url_info = 'https://graph.qq.com/user/get_user_info'
            data_info = {
                'oauth_consumer_key': '',
                'access_token': access_token,
                'openid': openid
            }
            req_info = urllib2.Request(url_info, urllib.urlencode(data_info))
            res_info = urllib2.urlopen(req_info)
            JSON_info = json.loads(res_info.read())
            username = JSON_info['nickname']
            nickname = username
            if JSON_info['figureurl_qq_2']:
                avatar = JSON_info['figureurl_qq_2']
            else:
                avatar = JSON_info['figureurl_2']
            password = User.objects.make_random_password()
            try:
                u = User.objects.get(username=username)
            except:
                pass
            else:
                username = GenerateUsername(nickname)
            u = User(username=username)
            u.set_password(password)
            u.save()
            p = profile(
                user=u,
                #avatar=avatar,
                nickname=nickname,
                avatar_url=avatar,
                use_gravatar=False)
            p.save()
            s = social(
                user=u,
                access_token=access_token,
                openid=openid,
                avatar=avatar,
            )
            s.save()
            user = auth.authenticate(username=username, password=password)
            if user is not None and user.is_active:
                auth.login(request, user)
                return HttpResponseRedirect(reverse('index'))  #login succeed
        else:
            u.social.access_token = access_token
            u.social.save()
            u.backend = 'django.contrib.auth.backends.ModelBackend'
            if u is not None and u.is_active:
                auth.login(request, u)
                return HttpResponseRedirect(reverse('index'))  #login succeed
            else:
                return error(request, u'授权失败,请重试')