def create_user(): from walkoff import executiondb from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \ initialize_default_resources_guest db.create_all() # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() apps = set(helpers.list_apps()) - set([ _app.name for _app in executiondb.execution_db.session.query(App).all() ]) app.logger.debug('Found apps: {0}'.format(apps)) for app_name in apps: executiondb.execution_db.session.add(App(name=app_name, devices=[])) db.session.commit() executiondb.execution_db.session.commit() CaseSubscription.sync_to_subscriptions() app.logger.handlers = logging.getLogger('server').handlers
def create_user(): from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \ initialize_default_resources_guest db.create_all() # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([ _app.name for _app in current_app.running_context.execution_db.session.query(App).all() ]) current_app.logger.debug('Found new apps: {0}'.format(apps)) for app_name in apps: current_app.running_context.execution_db.session.add( App(name=app_name, devices=[])) db.session.commit() current_app.running_context.execution_db.session.commit() send_all_cases_to_workers() current_app.logger.handlers = logging.getLogger('server').handlers
def test_logout_mismatched_tokens(self): response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) headers = {'Authorization': 'Bearer {}'.format(key['access_token'])} add_user(username='******', password='******') db.session.commit() response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] response = self.test_client.post('/api/auth/logout', headers=headers, content_type="application/json", data=json.dumps( dict(refresh_token=token))) self.assertEqual(response.status_code, BAD_REQUEST) self.assertEqual(len(BlacklistedToken.query.all()), 0)
def setUp(self): import walkoff.server.flaskserver self.app = walkoff.server.flaskserver.app.test_client(self) self.app.testing = True self.context = walkoff.server.flaskserver.app.test_request_context() self.context.push() from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role db.create_all() # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() self.admin_id = db.session.query(User).filter_by( username='******').first().id
def test_login_updates_user(self): user = add_user(username='******', password='******') self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) self.assertEqual(user.login_count, self.admin_id) self.assertTrue(user.active)
def create_user(): from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \ initialize_default_resources_guest from sqlalchemy_utils import database_exists, create_database if not database_exists(db.engine.url): create_database(db.engine.url) db.create_all() alembic_cfg = Config(walkoff.config.Config.ALEMBIC_CONFIG, ini_section="walkoff", attributes={'configure_logger': False}) # This is necessary for a flask database connection = db.engine.connect() context = MigrationContext.configure(connection) script = ScriptDirectory.from_config(alembic_cfg) context.stamp(script, "head") # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([ _app.name for _app in current_app.running_context.execution_db.session.query(App).all() ]) current_app.logger.debug('Found new apps: {0}'.format(apps)) for app_name in apps: current_app.running_context.execution_db.session.add( App(name=app_name, devices=[])) db.session.commit() current_app.running_context.execution_db.session.commit() reschedule_all_workflows() current_app.logger.handlers = logging.getLogger('server').handlers
def test_login_inactive_user(self): user = add_user(username='******', password='******') user.active = False response = self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) self.assertEqual(response.status_code, UNAUTHORIZED_ERROR)
def test_logout_mismatched_tokens(self): response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) headers = {'Authorization': 'Bearer {}'.format(key['access_token'])} add_user(username='******', password='******') db.session.commit() response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] response = self.test_client.post('/api/auth/logout', headers=headers, content_type="application/json", data=json.dumps(dict(refresh_token=token))) self.assertEqual(response.status_code, BAD_REQUEST) self.assertEqual(len(BlacklistedToken.query.all()), 0)
def test_delete_current_user(self): user = add_user('test', 'test') user.set_roles({1}) response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) access_token = key['access_token'] headers = {'Authorization': 'Bearer {}'.format(access_token)} self.delete_with_status_check('/api/users/{}'.format(user.id), headers=headers, status_code=FORBIDDEN_ERROR)
def test_delete_current_user(self): user = add_user('test', 'test') user.set_roles({'admin'}) response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) access_token = key['access_token'] headers = {'Authorization': 'Bearer {}'.format(access_token)} self.delete_with_status_check('/api/users/{}'.format(user.id), headers=headers, status_code=FORBIDDEN_ERROR)
def create_user(): from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \ initialize_default_resources_guest from sqlalchemy_utils import database_exists, create_database if not database_exists(db.engine.url): create_database(db.engine.url) db.create_all() alembic_cfg = Config(walkoff.config.Config.ALEMBIC_CONFIG, ini_section="walkoff", attributes={'configure_logger': False}) # This is necessary for a flask database connection = db.engine.connect() context = MigrationContext.configure(connection) script = ScriptDirectory.from_config(alembic_cfg) context.stamp(script, "head") # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([_app.name for _app in current_app.running_context.execution_db.session.query( App).all()]) current_app.logger.debug('Found new apps: {0}'.format(apps)) for app_name in apps: current_app.running_context.execution_db.session.add(App(name=app_name, devices=[])) db.session.commit() current_app.running_context.execution_db.session.commit() reschedule_all_workflows() current_app.logger.handlers = logging.getLogger('server').handlers
def setUp(self): from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role db.create_all() # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() self.admin_role_id = db.session.query(Role).filter_by(name='admin').first().id self.admin_user_id = db.session.query(User).filter_by(username='******').first().id
def test_logout_updates_user(self): user = add_user('testlogout', 'test') response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) access_token = key['access_token'] refresh_token = key['refresh_token'] headers = {'Authorization': 'Bearer {}'.format(access_token)} self.test_client.post('/api/auth/logout', headers=headers, content_type="application/json", data=json.dumps(dict(refresh_token=refresh_token))) self.assertEqual(user.login_count, 0)
def test_refresh_deactivated_user(self): user = add_user(username='******', password='******') db.session.commit() response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] headers = {'Authorization': 'Bearer {}'.format(token)} user.active = False refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
def setUp(self): from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role db.create_all() # Setup admin and guest roles initialize_default_resources_admin() initialize_default_resources_guest() # Setup admin user admin_role = Role.query.filter_by(id=1).first() admin_user = User.query.filter_by(username="******").first() if not admin_user: add_user(username='******', password='******', roles=[1]) elif admin_role not in admin_user.roles: admin_user.roles.append(admin_role) db.session.commit() self.admin_role_id = db.session.query(Role).filter_by( name='admin').first().id self.admin_user_id = db.session.query(User).filter_by( username='******').first().id
def test_refresh_deactivated_user(self): user = add_user(username='******', password='******') db.session.commit() response = self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] headers = {'Authorization': 'Bearer {}'.format(token)} user.active = False refresh = self.app.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
def test_refresh_with_blacklisted_token(self): user = add_user(username='******', password='******') db.session.commit() response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] db.session.delete(user) db.session.commit() headers = {'Authorization': 'Bearer {}'.format(token)} self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers) refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR) response = json.loads(refresh.get_data(as_text=True)) self.assertDictEqual(response, {'error': 'Token is revoked'})
def test_logout_updates_user(self): user = add_user('testlogout', 'test') response = self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) access_token = key['access_token'] refresh_token = key['refresh_token'] headers = {'Authorization': 'Bearer {}'.format(access_token)} self.app.post('/api/auth/logout', headers=headers, content_type="application/json", data=json.dumps(dict(refresh_token=refresh_token))) self.assertEqual(user.login_count, 0)
def test_refresh_invalid_user_blacklists_token(self): user = add_user(username='******', password='******') db.session.commit() response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] db.session.delete(user) db.session.commit() headers = {'Authorization': 'Bearer {}'.format(token)} refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR) token = decode_token(token) tokens = BlacklistedToken.query.filter_by(jti=token['jti']).all() self.assertEqual(len(tokens), 1)
def __func(): data = request.get_json() username = data['username'] if not User.query.filter_by(username=username).first(): user = add_user(username=username, password=data['password']) if 'roles' in data or 'active' in data: role_update_user_fields(data, user) db.session.commit() current_app.logger.info('User added: {0}'.format(user.as_json())) return user.as_json(), OBJECT_CREATED else: current_app.logger.warning( 'Cannot create user {0}. User already exists.'.format( username)) return Problem.from_crud_resource( OBJECT_EXISTS_ERROR, 'user', 'create', 'User with username {} already exists'.format(username))
def test_refresh_invalid_user_blacklists_token(self): user = add_user(username='******', password='******') db.session.commit() response = self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] db.session.delete(user) db.session.commit() headers = {'Authorization': 'Bearer {}'.format(token)} refresh = self.app.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR) token = decode_token(token) tokens = BlacklistedToken.query.filter_by(jti=token['jti']).all() self.assertEqual(len(tokens), 1)
def test_refresh_with_blacklisted_token(self): user = add_user(username='******', password='******') db.session.commit() response = self.app.post('/api/auth', content_type="application/json", data=json.dumps( dict(username='******', password='******'))) key = json.loads(response.get_data(as_text=True)) token = key['refresh_token'] db.session.delete(user) db.session.commit() headers = {'Authorization': 'Bearer {}'.format(token)} self.app.post('/api/auth/refresh', content_type="application/json", headers=headers) refresh = self.app.post('/api/auth/refresh', content_type="application/json", headers=headers) self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR) response = json.loads(refresh.get_data(as_text=True)) self.assertDictEqual(response, {'error': 'Token is revoked'})
def test_add_user_already_exists(self): user = User('username', 'password') db.session.add(user) db.session.commit() user = add_user('username', 'password') self.assertIsNone(user)
def test_add_user(self): user = add_user('username', 'password') self.assertIsNotNone(user) self.assertEqual(user.username, 'username') self.assertIsNotNone(User.query.filter_by(username='******').first())
def test_login_inactive_user(self): user = add_user(username='******', password='******') user.active = False response = self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) self.assertEqual(response.status_code, UNAUTHORIZED_ERROR)
def test_login_updates_user(self): user = add_user(username='******', password='******') self.test_client.post('/api/auth', content_type="application/json", data=json.dumps(dict(username='******', password='******'))) self.assertEqual(user.login_count, 1) self.assertTrue(user.active)
def setup_guest_user(self): user = add_user('guest', 'guest', ['guest']) db.session.add(user) db.session.commit() return user
def setup_guest_user(self): user = add_user('guest', 'guest', ['guest']) db.session.add(user) db.session.commit() return user