def run(self, name, uid):
flags_given = name or uid
if not flags_given:
print('incorrect number of arguments')
import sys
sys.exit()
before_wiki()
if uid:
u = user.User(uid)
elif name:
u = user.User(auth_username=name)
if not u.exists():
print('This user "{0!r}" does not exists!'.format(u.name))
return
print(" {0:<20} {1!r:<25} {2:<35}".format(u.itemid, u.name, u.email),
end=' ')
if not u.disabled: # only disable once
u.disabled = 1
u.name = "{0}-{1}".format(u.name, u.id)
if u.email:
u.email = "{0}-{1}".format(u.email, u.id)
u.subscriptions = []
u.save()
print("- disabled.")
else:
print("- is already disabled.")
def test_get_subscribers(self, item, item_name, namespace, tag_name):
users = get_subscribers(**item.meta)
assert users == set()
name1 = u'baz'
password = u'password'
email1 = u'*****@*****.**'
name2 = u"bar"
email2 = u"*****@*****.**"
name3 = u"barbaz"
email3 = u"*****@*****.**"
user.create_user(username=name1,
password=password,
email=email1,
validate=False,
locale=u'en')
user1 = user.User(name=name1, password=password)
user.create_user(username=name2,
password=password,
email=email2,
validate=False)
user2 = user.User(name=name2, password=password)
user.create_user(username=name3,
password=password,
email=email3,
verify_email=True,
locale=u"en")
user3 = user.User(name=name3, password=password, email=email3)
subscribers = get_subscribers(**item.meta)
assert subscribers == set()
namere = r'.*'
nameprefix = u"fo"
subscription_lists = [
["{0}:{1}".format(ITEMID, item.meta[ITEMID])],
["{0}:{1}:{2}".format(TAGS, namespace, tag_name)],
["{0}:{1}:{2}".format(NAME, namespace, item_name)],
["{0}:{1}:{2}".format(NAMERE, namespace, namere)],
["{0}:{1}:{2}".format(NAMEPREFIX, namespace, nameprefix)],
]
users = [user1, user2, user3]
expected_names = {user1.name0, user2.name0}
for subscriptions in subscription_lists:
for user_ in users:
user_.profile._meta[SUBSCRIPTIONS] = subscriptions
user_.save(force=True)
subscribers = get_subscribers(**item.meta)
subscribers_names = {subscriber.name for subscriber in subscribers}
assert subscribers_names == expected_names
meta = {
CONTENTTYPE: u'text/plain;charset=utf-8',
ACL: u"{0}: All:read,write".format(user1.name0)
}
item._save(meta, comment=u"")
item = Item.create(item_name)
subscribers = get_subscribers(**item.meta)
assert {subscriber.name for subscriber in subscribers} == {user2.name0}
def get_assigned_to_info(meta):
display_name = ''
userid = meta.get(ASSIGNED_TO)
if userid:
u = user.User(userid)
display_name = u.display_name or u.name0
return display_name
def test_fail_user_password_change_pw_mismatch(self):
self.createUser('moin', 'Xiwejr622')
flaskg.user = user.User(name='moin', password='******')
form = self.fillPasswordChangeForm('Xiwejr622', 'Piped33', 'Woodoo645')
valid = form.validate()
# form data is invalid because password1 != password2
assert not valid
def request(self, user_obj, **kw):
u = None
# always revalidate auth
if user_obj and user_obj.auth_method == self.name:
user_obj = None
# something else authenticated before us
if user_obj:
logging.debug("already authenticated, doing nothing")
return user_obj, True
if self.user_name is not None:
auth_username = self.user_name
elif self.env_var is None:
auth_username = request.remote_user
else:
auth_username = request.environ.get(self.env_var)
logging.debug("auth_username = {0!r}".format(auth_username))
if auth_username:
auth_username = self.decode_username(auth_username)
auth_username = self.transform_username(auth_username)
logging.debug("auth_username (after decode/transform) = {0!r}".format(auth_username))
u = user.User(auth_username=auth_username,
auth_method=self.name, auth_attribs=('name', 'password'), trusted=self.trusted)
logging.debug("u: {0!r}".format(u))
if u and self.autocreate:
logging.debug("autocreating user")
u.create_or_update()
if u and u.valid:
logging.debug("returning valid user {0!r}".format(u))
return u, True # True to get other methods called, too
else:
logging.debug("returning {0!r}".format(user_obj))
return user_obj, True
def register_new_user():
"""
Create a new account and send email with link to create password.
"""
if not _using_moin_auth():
return Response('No MoinAuth in auth list', 403)
title_name = _('Register New User')
FormClass = RegisterNewUserForm
if request.method in ['GET', 'HEAD']:
form = FormClass.from_defaults()
elif request.method == 'POST':
form = FormClass.from_flat(request.form)
if form.validate():
username = form['username'].value
email = form['email'].value
user_profile = user.UserProfile()
user_profile[ITEMID] = make_uuid()
user_profile[NAME] = [
username,
]
user_profile[EMAIL] = email
user_profile[DISABLED] = False
user_profile[ACTION] = ACTION_SAVE
users = user.search_users(**{NAME_EXACT: username})
if users:
flash(_('User already exists'), 'error')
emails = None
if app.cfg.user_email_unique:
emails = user.search_users(email=email)
if emails:
flash(_("This email already belongs to somebody else."),
'error')
if not (users or emails):
user_profile.save()
flash(_("Account for %(username)s created", username=username),
"info")
form = FormClass.from_defaults()
u = user.User(auth_username=username)
if u.valid:
is_ok, msg = u.mail_password_recovery()
if not is_ok:
flash(msg, "error")
else:
flash(
L_("%(username)s has been sent a password recovery email.",
username=username), "info")
else:
flash(
_("%(username)s is an invalid user, no email has been sent.",
username=username), "error")
return render_template(
'admin/register_new_user.html',
title_name=title_name,
form=form,
)
def test_quicklinks(self):
"""
Test for the quicklinks
"""
pagename = u'Test_page_quicklink'
name = u'Test_User_quicklink'
password = name
self.createUser(name, password)
theUser = user.User(name=name, password=password)
# no quick links exist yet
result_before = theUser.quicklinks
assert result_before == []
result = theUser.is_quicklinked_to([pagename])
assert not result
# add quicklink
theUser.quicklink(u'Test_page_added')
result_on_addition = theUser.quicklinks
expected = [u'MoinTest/Test_page_added']
assert result_on_addition == expected
# remove quicklink
theUser.quickunlink(u'Test_page_added')
result_on_removal = theUser.quicklinks
expected = []
assert result_on_removal == expected
def login(self, user_obj, **kw):
username = kw.get('username')
password = kw.get('password')
# simply continue if something else already logged in successfully
if user_obj and user_obj.valid:
return ContinueLogin(user_obj)
if not username and not password:
return ContinueLogin(user_obj)
logging.debug("{0}: performing login action".format(self.name))
if username and not password:
return ContinueLogin(
user_obj,
_('Missing password. Please enter user name and password.'))
u = user.User(name=username,
password=password,
auth_method=self.name,
trusted=self.trusted)
if u.valid:
logging.debug(
"{0}: successfully authenticated user {1!r} (valid)".format(
self.name, u.name))
return ContinueLogin(u)
else:
logging.debug(
"{0}: could not authenticate user {1!r} (not valid)".format(
self.name, username))
return ContinueLogin(user_obj, _("Invalid username or password."))
def setup_from_session():
userobj = None
if 'user.itemid' in session:
itemid = session['user.itemid']
trusted = session['user.trusted']
auth_method = session['user.auth_method']
auth_attribs = session['user.auth_attribs']
session_token = session['user.session_token']
logging.debug("got from session: {0!r} {1!r} {2!r} {3!r}".format(
itemid, trusted, auth_method, auth_attribs))
logging.debug("current auth methods: {0!r}".format(
app.cfg.auth_methods))
if auth_method and auth_method in app.cfg.auth_methods:
userobj = user.User(itemid,
auth_method=auth_method,
auth_attribs=auth_attribs,
trusted=trusted)
if not userobj.validate_session(session_token):
logging.debug("session token doesn't validate")
# Destroy current session since it's no longer valid.
userobj.logout_session(False)
# We didn't find user in session data.
userobj = None
logging.debug("session started for user {0!r}".format(userobj))
return userobj
def test_subscriptions(self):
pagename = u"Foo:foo 123"
tagname = u"xxx"
regexp = r"\d+"
item = Item.create(pagename)
item._save({NAMESPACE: u"", TAGS: [tagname]})
item = Item.create(pagename)
meta = item.meta
name = u'bar'
password = name
email = "*****@*****.**"
user.create_user(name, password, email)
the_user = user.User(name=name, password=password)
assert not the_user.is_subscribed_to(item)
the_user.subscribe(NAME, u"SomeOtherPageName", u"")
result = the_user.unsubscribe(NAME, u"OneMorePageName", u"")
assert result is False
subscriptions = [(ITEMID, meta[ITEMID], None),
(NAME, pagename, meta[NAMESPACE]),
(TAGS, tagname, meta[NAMESPACE]),
(NAMEPREFIX, pagename[:4], meta[NAMESPACE]),
(NAMERE, regexp, meta[NAMESPACE])]
for subscription in subscriptions:
keyword, value, namespace = subscription
the_user.subscribe(keyword, value, namespace)
assert the_user.is_subscribed_to(item)
the_user.unsubscribe(keyword, value, namespace, item)
assert not the_user.is_subscribed_to(item)
def test_user_password_change(self):
self.createUser('moin', 'Xiwejr622')
flaskg.user = user.User(name='moin', password='******')
form = self.fillPasswordChangeForm('Xiwejr622', 'Woodoo645',
'Woodoo645')
valid = form.validate()
assert valid # form data is valid
def test_fail_password_change(self):
self.createUser('moin', 'Xiwejr622')
flaskg.user = user.User(name='moin', password='******')
form = self.fillPasswordChangeForm('Xinetd33', 'Woodoo645', 'Woodoo645')
valid = form.validate()
# form data is invalid because password_current != user.password
assert not valid
def userprofile(user_name):
"""
Set values in user profile
"""
u = user.User(auth_username=user_name)
if request.method == 'GET':
return _("User profile of %(username)s: %(email)s %(disabled)s", username=user_name,
email=u.email, disabled=u.disabled)
if request.method == 'POST':
key = request.form.get('key', '')
val = request.form.get('val', '')
ok = False
if hasattr(u, key):
ok = True
oldval = u.profile[key]
if isinstance(oldval, bool):
val = bool(int(val))
elif isinstance(oldval, int):
val = int(val)
elif isinstance(oldval, str):
val = str(val)
else:
ok = False
if ok:
u.profile[key] = val
u.save()
flash('{0}.{1}: {2} -> {3}'.format(user_name, key, str(oldval), str(val), ), "info")
else:
flash('modifying {0}.{1} failed'.format(user_name, key, ), "error")
return redirect(url_for('.userbrowser'))
def testPasswordHash(self):
"""
Create user, set a specific pw hash and check that user can login
with the correct password and can not log in with a wrong password.
"""
# Create test user
name = u'Test User'
# sha512_crypt passlib hash for '12345':
pw_hash = '$6$rounds=1001$y9ObPHKb8cvRCs5G$39IW1i5w6LqXPRi4xqAu3OKv1UOpVKNkwk7zPnidsKZWqi1CrQBpl2wuq36J/s6yTxjCnmaGzv/2.dAmM8fDY/'
self.createUser(name, pw_hash, True)
# Try to "login" with correct password
theuser = user.User(name=name, password='******')
assert theuser.valid
# Try to "login" with a wrong password
theuser = user.User(name=name, password='******')
assert not theuser.valid
def test_trail(self):
pagename = u'Test_page_trail'
name = u'Test_User_trail'
password = name
self.createUser(name, password)
theUser = user.User(name=name, password=password)
# no item name added to trail
result = theUser.get_trail()
expected = []
assert result == expected
# item name added to trail
theUser.add_trail(u'item_added')
theUser = user.User(name=name, password=password)
result = theUser.get_trail()
expected = [u'MoinTest/item_added']
assert result == expected
def test_bookmark(self):
name = u'Test_User_bookmark'
password = name
self.createUser(name, password)
theUser = user.User(name=name, password=password)
# set / retrieve the bookmark
bookmark = 1234567
theUser.bookmark = bookmark
theUser = user.User(name=name, password=password)
result = theUser.bookmark
assert result == bookmark
# delete the bookmark
theUser.bookmark = None
theUser = user.User(name=name, password=password)
result = theUser.bookmark
assert result is None
def test_user_unicode_password_change(self):
name = 'moin'
password = '******' # Hebrew
self.createUser(name, password)
flaskg.user = user.User(name=name, password=password)
form = self.fillPasswordChangeForm(password, 'Woodoo645', 'Woodoo645')
valid = form.validate()
assert valid # form data is valid
def get_editor_info(meta, external=False):
"""
Create a dict of formatted user info.
:rtype: dict
:returns: dict of formatted user info such as name, ip addr, email,...
"""
addr = meta.get(ADDRESS)
hostname = meta.get(HOSTNAME)
text = _('anonymous') # link text
title = '' # link title
css = 'editor' # link/span css class
name = None # author name
uri = None # author homepage uri
email = None # pure email address of author
if app.cfg.show_hosts and addr:
# only tell ip / hostname if show_hosts is True
if hostname:
text = hostname[:15] # 15 = len(ipaddr)
name = title = u'{0}[{1}]'.format(hostname, addr)
css = 'editor host'
else:
name = text = addr
title = u'[{0}]'.format(addr)
css = 'editor ip'
userid = meta.get(USERID)
if userid:
u = user.User(userid)
name = u.name0
text = name
display_name = u.display_name or name
if title:
# we already have some address info
title = u"{0} @ {1}".format(display_name, title)
else:
title = display_name
if u.mailto_author and u.email:
email = u.email
css = 'editor mail'
else:
homewiki = app.cfg.user_homewiki
if is_local_wiki(homewiki):
css = 'editor homepage local'
else:
css = 'editor homepage interwiki'
uri = url_for_item(name,
wiki_name=homewiki,
_external=external,
namespace=NAMESPACE_USERS)
result = dict(name=name, text=text, css=css, title=title)
if uri:
result['uri'] = uri
if email:
result['email'] = email
return result
def testAsciiPassword(self):
""" user: login with ascii password """
# Create test user
name = u'__Non Existent User Name__'
password = name
self.createUser(name, password)
# Try to "login"
theUser = user.User(name=name, password=password)
assert theUser.valid
def testUnicodePassword(self):
""" user: login with non-ascii password """
# Create test user
name = u'__שם משתמש לא קיים__' # Hebrew
password = name
self.createUser(name, password)
# Try to "login"
theUser = user.User(name=name, password=password)
assert theUser.valid
def test_user_password_change_to_unicode_pw(self):
name = 'moin'
password = '******'
new_password = '******' # Hebrew
self.createUser(name, password)
flaskg.user = user.User(name=name, password=password)
form = self.fillPasswordChangeForm(password, new_password, new_password)
valid = form.validate()
assert valid # form data is valid
def run(self, name, display_name, email, password):
before_wiki()
msg = user.create_user(username=name,
password=password,
email=email)
if msg:
print msg
else:
u = user.User(auth_username=name)
print " %-20s %-25s %-35s - created." % (u.itemid, u.name, u.email),
def test_create_retrieve(self):
name = u"foo"
password = u"barbaz4711"
email = u"*****@*****.**"
# nonexisting user
u = user.User(name=name, password=password)
assert u.name == [
name,
]
assert not u.valid
assert not u.exists()
# create a user
ret = user.create_user(name, password, email, validate=False)
assert ret is None, "create_user returned: {0}".format(ret)
# existing user
u = user.User(name=name, password=password)
assert u.name == [
name,
]
assert u.email == email
assert u.valid
assert u.exists()
def testInvalidatePassword(self):
""" user: test invalidation of password """
# Create test user
name = u'__Non Existent User Name__'
password = name
self.createUser(name, password)
# Try to "login"
theUser = user.User(name=name, password=password)
assert theUser.valid
# invalidate the stored password (hash)
theUser.set_password("") # emptry str or None means "invalidate"
theUser.save()
# Try to "login" with previous password
theUser = user.User(name=name, password=password)
assert not theUser.valid
# Try to "login" with empty password
theUser = user.User(name=name, password="")
assert not theUser.valid
def user_acl_report(uid):
query = And([
Term(WIKINAME, app.cfg.interwikiname),
Not(Term(NAMESPACE, NAMESPACE_USERPROFILES))
])
all_items = flaskg.storage.search_meta(query,
idx_name=LATEST_REVS,
sortedby=[NAMESPACE, NAME],
limit=None)
theuser = user.User(uid=uid)
itemwise_acl = []
last_item_acl_parts = (None, None, None)
last_item_result = {
'read': False,
'write': False,
'create': False,
'admin': False,
'destroy': False
}
for item in all_items:
if item.meta.get(NAME):
fqname = CompositeName(item.meta.get(NAMESPACE), NAME_EXACT,
item.meta.get(NAME)[0])
else:
fqname = CompositeName(item.meta.get(NAMESPACE), ITEMID,
item.meta.get(ITEMID))
this_rev_acl_parts = (item.meta[NAMESPACE], item.meta.get(PARENTNAMES),
item.meta.get(ACL))
name_parts = {
'name': item.meta.get(NAME),
'namespace': item.meta.get(NAMESPACE),
'itemid': item.meta.get(ITEMID),
'fqname': fqname
}
if not last_item_acl_parts == this_rev_acl_parts:
last_item_acl_parts = this_rev_acl_parts
last_item_result = {
'read': theuser.may.read(fqname),
'write': theuser.may.write(fqname),
'create': theuser.may.create(fqname),
'admin': theuser.may.admin(fqname),
'destroy': theuser.may.destroy(fqname)
}
itemwise_acl.append({**name_parts, **last_item_result})
return render_template('admin/user_acl_report.html',
title_name=_('User ACL Report'),
user_names=theuser.name,
itemwise_acl=itemwise_acl)
def test_recovery_token(self):
name = u'Test_User_other'
password = name
self.createUser(name, password)
theUser = user.User(name=name, password=password)
# use recovery token to generate new password
test_token = theUser.generate_recovery_token()
result_success = theUser.apply_recovery_token(test_token,
u'test_newpass')
assert result_success
# wrong token
result_failure = theUser.apply_recovery_token('test_wrong_token',
u'test_newpass')
assert not result_failure
def test_perf_get_subscribers(self):
pytest.skip("usually we do no performance tests")
password = u"password"
subscriptions = [
"{0}:{1}".format(ITEMID, self.item.meta[ITEMID]),
"{0}:{1}:{2}".format(NAME, self.namespace, self.item_name),
"{0}:{1}:{2}".format(TAGS, self.namespace, self.tagname),
"{0}:{1}:{2}".format(NAMEPREFIX, self.namespace, u"fo"),
"{0}:{1}:{2}".format(NAMERE, self.namespace, r"\wo")
]
users = set()
expected_names = set()
for i in xrange(10000):
i = unicode(i)
user.create_user(username=i,
password=password,
email="{0}@example.org".format(i),
validate=False,
locale=u'en')
user_ = user.User(name=i, password=password)
users.add(user_)
expected_names.add(user_.name0)
users_sliced = list(users)[:100]
expected_names_sliced = {user_.name0 for user_ in users_sliced}
tests = [(users_sliced, expected_names_sliced),
(users, expected_names)]
import time
for users_, expected_names_ in tests:
print "\nTesting {0} subscribers from a total of {1} users".format(
len(users_), len(users))
for subscription in subscriptions:
for user_ in users_:
user_.profile._meta[SUBSCRIPTIONS] = [subscription]
user_.save(force=True)
t = time.time()
subscribers = get_subscribers(**self.item.meta)
elapsed_time = time.time() - t
print "{0}: {1} s".format(
subscription.split(':', 1)[0], elapsed_time)
subscribers_names = {
subscriber.name
for subscriber in subscribers
}
assert subscribers_names == expected_names_
def mail_recovery_token():
"""
Send user an email so he can reset his password.
"""
username = request.form.get('username', '')
if username:
u = user.User(auth_username=username)
if u.valid:
is_ok, msg = u.mail_password_recovery()
if not is_ok:
flash(msg, "error")
else:
flash(_("{0} has been sent a password recovery email.".format(username)), "info")
else:
flash(_("{0} is an invalid user, no email has been sent.".format(username)), "error")
else:
flash(_("No user name provided, no email sent."), "error")
return redirect(url_for('.userbrowser'))
def user_acl_report(uid):
query = And([
Term(WIKINAME, app.cfg.interwikiname),
Not(Term(NAMESPACE, NAMESPACE_USERPROFILES))
])
all_metas = flaskg.storage.search_meta(query,
idx_name=LATEST_REVS,
sortedby=[NAMESPACE, NAME],
limit=None)
theuser = user.User(uid=uid)
itemwise_acl = []
for meta in all_metas:
fqname = gen_fqnames(meta)
acl_parts = {
'name': meta.get(NAME),
'namespace': meta.get(NAMESPACE),
'itemid': meta.get(ITEMID),
'fqname': fqname
}
parentnames = tuple(parent_names(meta[NAME]))
usernames = tuple(theuser.name)
acl = meta.get(ACL, None)
last_item_result = {
'read':
flaskg.storage.allows(usernames, acl, parentnames, meta[NAMESPACE],
READ),
'write':
flaskg.storage.allows(usernames, acl, parentnames, meta[NAMESPACE],
WRITE),
'create':
flaskg.storage.allows(usernames, acl, parentnames, meta[NAMESPACE],
CREATE),
'admin':
flaskg.storage.allows(usernames, acl, parentnames, meta[NAMESPACE],
ADMIN),
'destroy':
flaskg.storage.allows(usernames, acl, parentnames, meta[NAMESPACE],
DESTROY)
}
itemwise_acl.append({**acl_parts, **last_item_result})
return render_template('admin/user_acl_report.html',
title_name=_('User ACL Report'),
user_names=theuser.name,
itemwise_acl=itemwise_acl)
def user_acl_report(uid):
all_items = flaskg.storage.documents(wikiname=app.cfg.interwikiname)
groups = flaskg.groups
theuser = user.User(uid=uid)
itemwise_acl = []
for item in all_items:
fqname = CompositeName(item.meta.get(NAMESPACE), 'itemid', item.meta.get(ITEMID))
itemwise_acl.append({'name': item.meta.get(NAME),
'itemid': item.meta.get(ITEMID),
'fqname': fqname,
'read': theuser.may.read(fqname),
'write': theuser.may.write(fqname),
'create': theuser.may.create(fqname),
'admin': theuser.may.admin(fqname),
'destroy': theuser.may.destroy(fqname)})
return render_template('admin/user_acl_report.html',
title_name=_('User ACL Report'),
user_names=theuser.name,
itemwise_acl=itemwise_acl)
