def handle(self, *args, **options):
# Sanity check that the database is ready --- make sure the system
# modules exist (since we need them before creating an Organization).
try:
if not Module.objects.filter(app__source__is_system_source=True,
app__appname="organization",
app__system_app=True,
module_name="app").exists():
raise OperationalError() # to trigger below
except OperationalError:
print("The database is not initialized yet.")
sys.exit(1)
# Create AppSources that we want.
if os.path.exists("/mnt/apps"):
# For our docker image.
AppSource.objects.get_or_create(
slug="host",
defaults={"spec": {
"type": "local",
"path": "/mnt/apps"
}})
AppSource.objects.get_or_create(
slug="samples",
defaults={
"spec": {
"type": "git",
"url": "https://github.com/GovReady/govready-sample-apps"
}
})
# Create the first user.
if not User.objects.filter(is_superuser=True).exists():
if not options['non_interactive']:
print(
"Let's create your first Q user. This user will have superuser privileges in the Q administrative interface."
)
call_command('createsuperuser')
else:
# Create an "admin" account with a random password and
# print it on stdout.
user = User.objects.create(username="******",
is_superuser=True,
is_staff=True)
password = User.objects.make_random_password(length=24)
user.set_password(password)
user.save()
print(
"Created administrator account (username: {}) with password: {}"
.format(user.username, password))
# Get the admin user - it was just created and should be the only admin user.
user = User.objects.filter(is_superuser=True).get()
# Create the first organization.
if not Organization.objects.filter(subdomain="main").exists():
if not options['non_interactive']:
print("Let's create your Q organization.")
name = Organization._meta.get_field("name")
get_input = createsuperuser.Command().get_input_data
name = get_input(name, "Organization Name: ",
"Test Organization")
else:
name = "The Secure Company"
org = Organization.create(name=name,
subdomain="main",
admin_user=user)
else:
org = Organization.objects.get(subdomain="main")
# Add the user to the org's help squad and reviewers lists.
if user not in org.help_squad.all(): org.help_squad.add(user)
if user not in org.reviewers.all(): org.reviewers.add(user)
def setUp(self):
super().setUp()
# Load the Q modules from the fixtures directory.
from guidedmodules.models import AppSource
from guidedmodules.management.commands.load_modules import Command as load_modules
AppSource.objects.all().delete()
AppSource.objects.get_or_create(
# this one exists on first db load because it's created by
# migrations, but because the testing framework seems to
# get rid of it after the first test in this class
slug="system",
is_system_source=True,
defaults={
"spec": { # required system projects
"type": "local",
"path": "fixtures/modules/system",
}
}
)
load_modules().handle() # load system modules
AppSource.objects.create(
slug="project",
spec={ # contains a test project
"type": "local",
"path": "fixtures/modules/other",
},
trust_assets=True
)\
.add_app_to_catalog("simple_project")
# Create a default user that is a member of the organization.
# Log the user into the test client, which is used for API
# tests. The Selenium tests require a separate log in via the
# headless browser.
self.user = User.objects.create(username="******",
email="*****@*****.**",
is_staff=True)
self.user.clear_password = get_random_string(16)
self.user.set_password(self.user.clear_password)
self.user.save()
self.user.reset_api_keys()
self.client.login(username=self.user.username,
password=self.user.clear_password)
# Create a Portfolio and Grant Access
portfolio = Portfolio.objects.create(title=self.user.username)
portfolio.assign_owner_permissions(self.user)
# Create the Organization.
self.org = Organization.create(name="Our Organization",
slug="testorg",
admin_user=self.user)
# Grant the user permission to change the review state of answers.
self.org.reviewers.add(self.user)
# create a second user
self.user2 = User.objects.create(username="******",
email="*****@*****.**")
self.user2.clear_password = get_random_string(16)
self.user2.set_password(self.user2.clear_password)
self.user2.save()
self.user2.reset_api_keys()
self.client.login(username=self.user2.username,
password=self.user2.clear_password)
portfolio = Portfolio.objects.create(title=self.user2.username)
portfolio.assign_owner_permissions(self.user2)
# create a third user
self.user3 = User.objects.create(username="******",
email="*****@*****.**")
self.user3.clear_password = get_random_string(16)
self.user3.set_password(self.user3.clear_password)
self.user3.save()
self.user3.reset_api_keys()
self.client.login(username=self.user3.username,
password=self.user3.clear_password)
portfolio = Portfolio.objects.create(title=self.user3.username)
portfolio.assign_owner_permissions(self.user3)
# Grant second user membership in the organization
# from https://github.com/GovReady/govready-q/blob/master/siteapp/admin.py#L41
mb, isnew = ProjectMembership.objects.get_or_create(
user=self.user2,
project=self.org.get_organization_project(),
)
def test_organizational_parameters_via_project(self):
# for this test, we need a Project, System, and Organization
# REMIND: it would be nice to refactor all this setup code so
# it could be easily reused ...
from guidedmodules.models import AppSource
from guidedmodules.management.commands.load_modules import Command as load_modules
try:
AppSource.objects.all().delete()
except Exception as ex:
print(f"Exception: {ex}")
print(f"App Sources:{AppSource.objects.all()}")
AppSource.objects.get_or_create(
slug="system",
is_system_source=True,
defaults={
"spec": { # required system projects
"type": "local",
"path": "fixtures/modules/system",
}
}
)
load_modules().handle() # load system modules
AppSource.objects.create(
slug="project",
spec={ # contains a test project
"type": "local",
"path": "fixtures/modules/other",
},
trust_assets=True
)\
.add_app_to_catalog("simple_project")
user = User.objects.create(
username="******",
email="*****@*****.**",
is_staff=True
)
org = Organization.create(name="Our Organization", slug="testorg",
admin_user=user)
root_element = Element(name="My Root Element",
description="Description of my root element")
root_element.save()
system = System()
system.root_element = root_element
system.save()
project = org.get_organization_project()
project.system = system
project.save()
parameter_values = project.get_parameter_values(Catalogs.NIST_SP_800_53_rev4)
self.assertEquals(parameter_values["ac-1_prm_2"], "at least every 3 years")
# now, add an organizational setting and try again
OrganizationalSetting.objects.create(organization=org,
catalog_key=Catalogs.NIST_SP_800_53_rev4,
parameter_key="ac-1_prm_2",
value="at least every 100 years")
# we should now see the organizational setting override
parameter_values = project.get_parameter_values(Catalogs.NIST_SP_800_53_rev4)
self.assertEquals(parameter_values["ac-1_prm_2"], "at least every 100 years")
def handle(self, *args, **options):
# Sanity check that the database is ready --- make sure the system
# modules exist (since we need them before creating an Organization).
try:
if not Module.objects.filter(app__source__is_system_source=True,
app__appname="organization",
app__system_app=True,
module_name="app").exists():
raise OperationalError() # to trigger below
except OperationalError:
print("The database is not initialized yet.")
sys.exit(1)
# Create AppSources that we want.
if os.path.exists("/mnt/q-files-host"):
# For our docker image.
AppSource.objects.get_or_create(slug="host",
defaults={
"spec": {
"type": "local",
"path": "/mnt/q-files-host"
}
})
# Second, for 0.9.x startpack
# We can use forward slashes because we are storing the path in the database
# and the path will be applied correctly to the operating OS.
qfiles_path = 'q-files/vendors/govready/govready-q-files-startpack/q-files'
if os.path.exists(qfiles_path):
# For 0.9.x+.
AppSource.objects.get_or_create(
slug="govready-q-files-startpack",
defaults={"spec": {
"type": "local",
"path": qfiles_path
}})
# Load the AppSource's assessments (apps) we want
# We will do some hard-coding here temporarily
created_appsource = AppSource.objects.get(
slug="govready-q-files-startpack")
for appname in [
"System-Description-Demo", "PTA-Demo", "rules-of-behavior"
]:
print("Adding appname '{}' from AppSource '{}' to catalog.".
format(appname, created_appsource))
try:
appver = created_appsource.add_app_to_catalog(appname)
except Exception as e:
raise
# Finally, for authoring, create an AppSource to the stub file
qfiles_path = 'guidedmodules/stubs/q-files'
if os.path.exists(qfiles_path):
# For 0.9.x+.
AppSource.objects.get_or_create(
slug="govready-q-files-stubs",
defaults={"spec": {
"type": "local",
"path": qfiles_path
}})
print("Adding AppSource for authoring.")
# Create GovReady admin users, if specified in local/environment.json
if len(settings.GOVREADY_ADMINS):
for admin_user in settings.GOVREADY_ADMINS:
username = admin_user["username"]
if not User.objects.filter(username=username).exists():
user = User.objects.create(username=username,
is_superuser=True,
is_staff=True)
user.set_password(admin_user["password"])
user.email = admin_user["email"]
user.save()
print(
"Created administrator account: username '{}' with email '{}'."
.format(user.username, user.email))
else:
print(
"\n[WARNING] Skipping create admin account '{}' - username already exists.\n"
.format(username))
# Create the first user.
if not User.objects.filter(is_superuser=True).exists():
if not options['non_interactive']:
print(
"Let's create your first Q user. This user will have superuser privileges in the Q administrative interface."
)
call_command('createsuperuser')
else:
# Create an "admin" account with a random password and
# print it on stdout.
user = User.objects.create(username="******",
is_superuser=True,
is_staff=True)
password = User.objects.make_random_password(length=24)
user.set_password(password)
user.save()
print(
"Created administrator account (username: {}) with password: {}"
.format(user.username, password))
# Get the admin user - it was just created and should be the only admin user.
user = User.objects.filter(is_superuser=True).get()
# Create the first portfolio
portfolio = Portfolio.objects.create(title=user.username)
portfolio.assign_owner_permissions(user)
print("Created administrator portfolio {}".format(portfolio.title))
else:
# One or more superusers already exist
print(
"\n[WARNING] Superuser(s) already exist, not creating default admin superuser. Did you specify 'govready_admins' in 'local/environment.json'? Are you connecting to a persistent database?\n"
)
# Create the first organization.
if not Organization.objects.filter(slug="main").exists():
if not options['non_interactive']:
print("Let's create your organization.")
name = Organization._meta.get_field("name")
get_input = createsuperuser.Command().get_input_data
name = get_input(name, "Organization name: ",
"My Organization")
else:
name = "The Secure Organization"
org = Organization.create(name=name, slug="main", admin_user=user)
else:
org = Organization.objects.get(slug="main")
# Add the user to the org's help squad and reviewers lists.
try:
user
except NameError:
print("[WARNING] Admin already added to Help Squad and Reviewers")
else:
if user not in org.help_squad.all(): org.help_squad.add(user)
if user not in org.reviewers.all(): org.reviewers.add(user)
# Provide feedback to user
print("You can now login into GovReady-Q...")
