Beispiel #1
0
 def test_get_user_by_username(self):
     user = User()
     self.assertEqual(self.expected_users_data["user_1"],
                      user.get_user_by_username("user_1"))
     self.assertEqual(self.expected_users_data["user_2"],
                      user.get_user_by_username("user_2"))
     self.assertFalse(user.get_user_by_username("user_3"))
    def test_change_account_public(self):
        user = User()
        data = user.get_user_by_username("user_1")
        self.assertTrue(data["is_public"])

        event_change = dict(
            headers=dict(
                Cookie="user=user_1&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="0",
        )
        self.assertEqual(200, change_account_public(event_change, None)["statusCode"])
        data = user.get_user_by_username("user_1")
        self.assertFalse(data["is_public"])

        event_change = dict(
            headers=dict(
                Cookie="user=user_1&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="1",
        )
        self.assertEqual(200, change_account_public(event_change, None)["statusCode"])
        data = user.get_user_by_username("user_1")
        self.assertTrue(data["is_public"])

        # Wrong cookie
        event_2 = dict(
            headers=dict(
                Cookie="user=user_2&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="0",
        )
        self.assertEqual(400, change_account_public(event_2, None)["statusCode"])
Beispiel #3
0
    def test_update_user_password(self, _):
        user = User()

        # Test valid password hash
        user_1 = user.get_user_by_username("user_1")
        user_1[
            "password_hash"] = "$2b$12$nChdB1EJj1DZbtJgNSOFz.fTxPXu565.ic3xtXJvjLf64F4ELnuXG"

        user.update_user_password("user_1", "test3")
        self.assertEqual(user_1, user.get_user_by_username("user_1"))

        # Test invalid password hash
        self.assertRaises(ValueError, user.update_user_password, "user_1", "")
        self.assertRaises(ValueError, user.update_user_password, "user_1", "a")
        self.assertRaises(ValueError, user.update_user_password, "user_1",
                          "aa")
        self.assertRaises(ValueError, user.update_user_password, "user_1",
                          "aaa")

        # Test invalid user
        self.assertRaises(
            ValueError,
            user.update_user_password,
            "user_x",
            "$2b$12$G/Kb.r3YAJbenM7Ul9gQXO6bIjMZtVAt1uY.nKZMQL.1i6L50LLTW",
        )
Beispiel #4
0
def remove_single_voting_project(event, _):
    """
    Remove a project from the user's single voting projects list
    """
    project = event["body"]

    # Check if the project name is valid
    if not re.fullmatch(r"[a-z0-9_\.\-]{1,100}", project):
        return create_response(400, "POST", "Invalid project name")

    # Get the logged in user data
    user = User()
    username = get_logged_in_user(event)
    user_data = user.get_user_by_username(username)
    if not user_data:
        return create_response(400, "POST", "User not logged in correctly")

    # Update the list of single voting projects
    if "single_voting_projects" in user_data:
        if project in user_data["single_voting_projects"]:
            user_data["single_voting_projects"].remove(project)

            user.change_single_voting_projects(
                username, user_data["single_voting_projects"])

    return create_response(200, "POST")
Beispiel #5
0
def get_user_data(event, _):
    """
    Get the data for the logged in user.
    :param event: event
    :return: dict with the main data attributes for the logged in user
    """
    # Check if the user is logged in correctly and return empty dict if not
    username = get_logged_in_user(event)
    if not username:
        return create_response(200, body=json.dumps(dict()))

    # Get the user data
    user = User()
    data = user.get_user_by_username(username)

    # Choose fileds to provide
    return create_response(
        200,
        body=json.dumps({
            key: data[key]
            for key in [
                "user",
                "email",
                "is_public",
                "voted_message",
                "voted_redirect",
            ]
        }),
    )
def add_vote_and_redirect(event, _):
    """
    Handle add vote requests and redirect to a info page
    :param event: event
    :return: redirect to a page explaining that the vote was added
    """
    # Save the vote
    do_vote(event, None)

    redirect_url = "/voted"

    # Find the user and determine the redirect page
    username = event["pathParameters"]["user"].lower()
    user = User()
    user_data = user.get_user_by_username(username)

    if user_data:
        # If the user has a redirect page configured
        if user_data["voted_redirect"]:
            redirect_url = user_data["voted_redirect"]
        elif user_data["voted_message"]:
            redirect_url = f"/voted?message={quote_plus(user_data['voted_message'])}"

    # Return response
    return create_response(302, additional_headers={"Location": redirect_url})
def get_votes_for_project(event, _):
    """
    Handle get votes request for a project
    :param event: event
    :return: votes data as JSON
    """
    # Get all parameters
    username = event["pathParameters"]["user"]
    project = event["pathParameters"]["project"]

    # Check if the user stats are public or the user is logged in
    user = User()
    user_data = user.get_user_by_username(username)

    if user_data and (user_data["is_public"]
                      or username == get_logged_in_user(event)):
        vote = Vote()
        votes_data = vote.get_votes_for_project(username, project)
        result = dict(
            single_voting_projects=user_data.get("single_voting_projects"),
            votes=votes_data,
        )
        return create_response(200, body=json.dumps(result))
    else:
        return create_response(400, "GET", "Invalid user")
    def test_add_single_voting_project(self):
        cookie = "user=user_1&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
        cookie2 = "user=user_2&signature=$2b$12$VTqno3w/ALCThRCNZQO2wu91wRvULXLhcD.Q06tbRJW9wWBFSYMRG"

        user = User()

        # Positive case
        event = dict(headers=dict(Cookie=cookie), body="project_c",)
        self.assertEqual(200, add_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_a", "project_b", "project_c"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Repeated case
        event = dict(headers=dict(Cookie=cookie), body="project_c",)
        self.assertEqual(200, add_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_a", "project_b", "project_c"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Positive case (no single voting projects yet)
        event = dict(headers=dict(Cookie=cookie2), body="project_a",)
        self.assertEqual(200, add_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_a"],
            user.get_user_by_username("user_2")["single_voting_projects"],
        )

        # Wrong cookie
        event = dict(
            headers=dict(
                Cookie="user=user_2&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="project_d",
        )
        self.assertEqual(400, add_single_voting_project(event, None)["statusCode"])

        # Invalid project name
        event = dict(headers=dict(Cookie=cookie), body="project_invalid_<>",)
        self.assertEqual(400, add_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_a", "project_b", "project_c"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )
Beispiel #9
0
    def test_login_user(self, _):
        user = User()
        # Test correct identifier and password
        self.assertEqual("user_1", user.login_user("user_1", "test"))
        self.assertEqual("user_1", user.login_user("*****@*****.**", "test"))

        # Test wrong identifier or password
        self.assertFalse(user.login_user("user_1", "wrong_password"))
        self.assertFalse(user.login_user("user_1", "test2"))
        self.assertFalse(user.login_user("user_3", "test3"))
        self.assertFalse(user.login_user("*****@*****.**", "test3"))

        # Test last active password
        self.assertEqual("1111",
                         user.get_user_by_username("user_2")["last_active"])
        user.login_user("user_2", "test2")
        self.assertEqual("9999",
                         user.get_user_by_username("user_2")["last_active"])
    def test_remove_single_voting_project(self):
        cookie = "user=user_1&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"

        user = User()

        # Positive case
        event = dict(headers=dict(Cookie=cookie), body="project_a",)
        self.assertEqual(200, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_b"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Repeated case
        event = dict(headers=dict(Cookie=cookie), body="project_a",)
        self.assertEqual(200, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_b"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Non existing case
        event = dict(headers=dict(Cookie=cookie), body="project_c",)
        self.assertEqual(200, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            ["project_b"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Last case
        event = dict(headers=dict(Cookie=cookie), body="project_b",)
        self.assertEqual(200, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            [], user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Empty case
        event = dict(headers=dict(Cookie=cookie), body="project_b",)
        self.assertEqual(200, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            [], user.get_user_by_username("user_1")["single_voting_projects"],
        )

        # Wrong cookie
        event = dict(
            headers=dict(
                Cookie="user=user_2&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="project_d",
        )
        self.assertEqual(400, remove_single_voting_project(event, None)["statusCode"])
        self.assertNotIn("single_voting_projects", user.get_user_by_username("user_2"))

        # Invalid project name
        event = dict(headers=dict(Cookie=cookie), body="project_invalid_<>",)
        self.assertEqual(400, remove_single_voting_project(event, None)["statusCode"])
        self.assertEqual(
            [], user.get_user_by_username("user_1")["single_voting_projects"],
        )
Beispiel #11
0
    def test_update_user_last_active(self, _):
        user = User()

        # Test valid password hash
        user.update_user_last_active("user_1")
        self.assertEqual("9999",
                         user.get_user_by_username("user_1")["last_active"])

        # Test invalid user
        self.assertRaises(ValueError, user.update_user_last_active, "user_x")
Beispiel #12
0
    def test_update_user_email(self):
        user = User()

        # Test valid email
        user_1 = user.get_user_by_username("user_1")
        user_1["email"] = "*****@*****.**"

        user.update_user_email("user_1", user_1["email"])
        self.assertEqual(user_1, user.get_user_by_username("user_1"))

        # Test invalid email
        self.assertRaises(ValueError, user.update_user_email, "user_1", "")
        self.assertRaises(ValueError, user.update_user_email, "user_1",
                          "aaaaaa")
        self.assertRaises(ValueError, user.update_user_email, "user_1",
                          "bbbb@cccc")

        # Test invalid user
        self.assertRaises(ValueError, user.update_user_email, "user_x",
                          "*****@*****.**")
Beispiel #13
0
 def test_get_user_by_email(self):
     user = User()
     self.assertEqual(
         self.expected_users_data["user_1"],
         user.get_user_by_email("*****@*****.**"),
     )
     self.assertEqual(
         self.expected_users_data["user_2"],
         user.get_user_by_email("*****@*****.**"),
     )
     self.assertFalse(user.get_user_by_username("*****@*****.**"))
Beispiel #14
0
    def test_change_single_voting_projects(self):
        user = User()

        user.change_single_voting_projects("user_1", ["project_a"])
        self.assertEqual(
            ["project_a"],
            user.get_user_by_username("user_1")["single_voting_projects"])

        user.change_single_voting_projects(
            "user_1", ["project_a", "project_b", "project_c"])
        self.assertEqual(
            ["project_a", "project_b", "project_c"],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        user.change_single_voting_projects("user_1", [])
        self.assertEqual(
            [],
            user.get_user_by_username("user_1")["single_voting_projects"],
        )

        self.assertRaises(ValueError, user.change_single_voting_projects,
                          "user_x", [])
def do_vote(event, _):
    """
    Post a vote to the database
    :param event: event
    """
    # Get all parameters
    username = event["pathParameters"]["user"].lower()
    project = event["pathParameters"]["project"].lower()
    topic = event["pathParameters"]["topic"].lower()
    log.debug("Voting for: %s, %s, %s", username, project, topic)

    # Check all parameters for validity and return if some of them is not valid
    if not re.fullmatch(r"[a-z0-9_\.\-]{3,30}", username):
        return

    if not re.fullmatch(r"[a-z0-9_\.\-]{1,100}", project):
        return

    if not re.fullmatch(r"[a-z0-9_\.\-]{1,100}", topic):
        return

    # Check if this IP address already voted for this topic
    log.debug(f"Event: {event}")
    ip_address = get_ip_address(event)

    vote_history = VoteHistory()
    if vote_history.check_ip_voted(username, get_topic_key(project, topic),
                                   ip_address):
        return

    # Check if the user has multiple voting for a project disabled
    user = User()
    user_data = user.get_user_by_username(username)

    # Stop if the user is not registered
    if not user_data:
        return

    # Stop ff the project is a single voting and the user already voted
    if ("single_voting_projects" in user_data
            and project in user_data["single_voting_projects"]
            and vote_history.check_ip_voted_project(username, project,
                                                    ip_address)):
        return

    # Do the voting
    vote = Vote()
    vote.add_vote(username, project, topic)
    vote_history.add_vote_history(username, project, topic, ip_address)
Beispiel #16
0
    def test_create_user(self, _, __):
        user = User()
        # Test creation of a valid user
        user.create_user("user_3", "*****@*****.**", "test3")
        self.assertEqual(self.expected_users_data["user_3"],
                         user.get_user_by_username("user_3"))

        # Test invalid values
        self.assertRaises(ValueError, user.create_user, "user_4",
                          "*****@*****.**", "a")
        self.assertRaises(ValueError, user.create_user, "u",
                          "*****@*****.**", "test4")
        self.assertRaises(ValueError, user.create_user, "user_4",
                          "user_4@gmail", "test4")

        # Test creation of duplicate username or e-mail
        self.assertRaises(ValueError, user.create_user, "user_2",
                          "*****@*****.**", "test4")
        self.assertRaises(ValueError, user.create_user, "user_4",
                          "*****@*****.**", "test4")
    def test_change_voted_message_and_redirect(self):
        cookie = "user=user_1&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"

        # Correct empty
        event = dict(
            headers=dict(Cookie=cookie), body="voted_message=&voted_redirect=",
        )
        self.assertEqual(
            200, change_voted_message_and_redirect(event, None)["statusCode"]
        )

        # Correct voted message
        event = dict(
            headers=dict(Cookie=cookie),
            body="voted_message=New voted message&voted_redirect=",
        )
        self.assertEqual(
            200, change_voted_message_and_redirect(event, None)["statusCode"]
        )

        # Correct voted redirect
        event = dict(
            headers=dict(Cookie=cookie),
            body="voted_message=&voted_redirect=http://iwanttoreadmore.com/voted",
        )
        self.assertEqual(
            200, change_voted_message_and_redirect(event, None)["statusCode"]
        )

        # Correct voted message and redirect
        event = dict(
            headers=dict(Cookie=cookie),
            body="voted_message=Some message&voted_redirect=http://iwanttoreadmore.com/voted",
        )
        self.assertEqual(
            200, change_voted_message_and_redirect(event, None)["statusCode"]
        )
        user = User()
        user_data = user.get_user_by_username("user_1")
        self.assertEqual("Some message", user_data["voted_message"])
        self.assertEqual(
            "http://iwanttoreadmore.com/voted", user_data["voted_redirect"]
        )

        # Wrong cookie
        event = dict(
            headers=dict(
                Cookie="user=user_2&signature=$2b$12$oGAaQWkNrjCWI0ugg8Go8uZ1ld2828dTeTk2cE/WZAO2yOB4aUxQm"
            ),
            body="voted_message=New voted message&voted_redirect=",
        )
        self.assertEqual(
            400, change_voted_message_and_redirect(event, None)["statusCode"]
        )

        # Invalid message
        event = dict(
            headers=dict(Cookie=cookie),
            body="voted_message=Invalid <message>&voted_redirect=",
        )
        self.assertEqual(
            400, change_voted_message_and_redirect(event, None)["statusCode"]
        )

        # Invalid redirect
        event = dict(
            headers=dict(Cookie=cookie),
            body="voted_message=&voted_redirect=invalidurl",
        )
        self.assertEqual(
            400, change_voted_message_and_redirect(event, None)["statusCode"]
        )
Beispiel #18
0
    def set_voted_message_and_redirect(self):
        user = User()

        # Positive cases voted message
        user.set_voted_message_and_redirect("user_1", "New voted message",
                                            None)
        user_data = user.get_user_by_username("user_1")
        self.assertEqual(user_data["voted_message"], "New voted message")
        self.assertEqual(user_data["voted_redirect"], None)

        user.set_voted_message_and_redirect("user_2",
                                            "Other new voted message", None)
        user_data = user.get_user_by_username("user_2")
        self.assertEqual(user_data["voted_message"], "Other new voted message")
        self.assertEqual(user_data["voted_redirect"], None)

        # Positive cases voted redirect
        user.set_voted_message_and_redirect(
            "user_1", None, "https://iwanttoreadmore.com/voted")
        user_data = user.get_user_by_username("user_1")
        self.assertEqual(user_data["voted_redirect"],
                         "https://iwanttoreadmore.com/voted")
        self.assertEqual(user_data["voted_message"], None)

        # Positive cases both
        user.set_voted_message_and_redirect(
            "user_1", "Some message", "https://iwanttoreadmore.com/voted")
        user_data = user.get_user_by_username("user_1")
        self.assertEqual(user_data["voted_message"], "Some message")
        self.assertEqual(user_data["voted_redirect"],
                         "https://iwanttoreadmore.com/voted")

        # Negative case user
        self.assertRaises(ValueError, user.set_voted_message_and_redirect,
                          "user_X", "Message", None)

        # Negative cases voted message
        self.assertRaises(
            ValueError,
            user.set_voted_message_and_redirect,
            "user_1",
            "<b>Tags</b>",
            None,
        )
        self.assertRaises(ValueError, user.set_voted_message_and_redirect,
                          "user_1", "M" * 501, None)

        # Negative cases voted redirect
        user.set_voted_message_and_redirect(
            "user_2", None, "https://iwanttoreadmore.com/voted2")
        user_data = user.get_user_by_username("user_2")
        self.assertEqual(user_data["voted_redirect"],
                         "https://iwanttoreadmore.com/voted2")
        self.assertEqual(user_data["voted_message"], None)

        self.assertRaises(
            ValueError,
            user.set_voted_message_and_redirect,
            "user_1",
            None,
            "nonurltext",
        )
        self.assertRaises(ValueError, user.set_voted_message_and_redirect,
                          "user_1", None, "a" * 501)