def apply_migrations():
"""Applies all alembic migrations."""
alembic_config = os.path.join(os.path.dirname(__file__), "../",
"alembic.ini")
config = alembic.config.Config(alembic_config)
app_config = make_config()
config.set_main_option("sqlalchemy.url", app_config["DATABASE_URI"])
alembic.command.upgrade(config, "head")
def blowup_app(notification_sender):
_blowup_app = make_app(make_config(direct_config={"DEBUG": False}))
_blowup_app.notification_sender = notification_sender
@_blowup_app.route("/throw")
def throw():
raise ValueError()
yield _blowup_app
def app(request):
config = make_config(direct_config={"DEBUG": False})
_app = make_app(config)
ctx = _app.app_context()
ctx.push()
yield _app
ctx.pop()
def skip_audit_log(request):
"""
Conditionally skip tests marked with 'audit_log' based on the
USE_AUDIT_LOG config value.
"""
config = make_config()
if request.node.get_closest_marker("audit_log"):
use_audit_log = config.get("USE_AUDIT_LOG", False)
if not use_audit_log:
pytest.skip("audit log feature flag disabled")
def app(request):
config = make_config()
_app = make_app(config)
ctx = _app.app_context()
ctx.push()
yield _app
ctx.pop()
from atst.app import make_config, make_app
from atst.database import db
from atst.models import *
app = make_app(make_config())
ctx = app.app_context()
ctx.push()
print(
"\nWelcome to atst. This shell has all models in scope, and a SQLAlchemy session called db."
)
def protected_routes(app):
_protected_routes = []
for rule in app.url_map.iter_rules():
args = [1] * len(rule.arguments)
mock_args = dict(zip(rule.arguments, args))
_n, route = rule.build(mock_args)
if rule.endpoint in _NO_ACCESS_CHECK_REQUIRED or "/static" in route:
continue
_protected_routes.append((rule, route))
return _protected_routes
sample_config = make_config({"CRL_STORAGE_PROVIDER": "LOCAL"})
sample_app = make_app(sample_config)
_PROTECTED_ROUTES = protected_routes(sample_app)
@pytest.mark.access_check
@pytest.mark.parametrize("rule,route", _PROTECTED_ROUTES)
def test_all_protected_routes_have_access_control(
rule, route, mocker, client, user_session, monkeypatch
):
"""
This tests that all routes, except the ones in
_NO_ACCESS_CHECK_REQUIRED, are protected by the access
decorator.
"""
# monkeypatch any object lookups that might happen in the access decorator
sys.path.append(parent_dir)
from atst.app import make_config, make_app
from atst.domain.exceptions import NotFoundError
from atst.domain.users import Users
def grant_ccpo_perms(dod_id):
try:
user = Users.get_by_dod_id(dod_id)
if user.permission_sets:
print("%s (DoD ID: %s) already CCPO user." %
(user.full_name, user.dod_id))
else:
Users.give_ccpo_perms(user)
print("CCPO permissions successfully granted to %s (DoD ID: %s)." %
(user.full_name, user.dod_id))
except NotFoundError:
print("User not found.")
if __name__ == "__main__":
config = make_config({"DISABLE_CRL_CHECK": True, "DEBUG": False})
app = make_app(config)
with app.app_context():
dod_id = sys.argv[1]
grant_ccpo_perms(dod_id)
# target_metadata = mymodel.Base.metadata
target_metadata = None
# other values from the config, defined by the needs of env.py,
# can be acquired:
# my_important_option = config.get_main_option("my_important_option")
# ... etc.
import sys
from unipath import Path
parent_dir = Path(__file__).parent.parent
sys.path.append(parent_dir)
from atst.app import make_config
app_config = make_config()
config.set_main_option('sqlalchemy.url', app_config['DATABASE_URI'])
from atst.database import db
from atst.models import *
target_metadata = Base.metadata
def run_migrations_offline():
"""Run migrations in 'offline' mode.
This configures the context with just a URL
and not an Engine, though an Engine is acceptable
here as well. By skipping the Engine creation
we don't even need a DBAPI to be available.
for permission_set_info in (ATAT_PERMISSION_SETS +
PORTFOLIO_PERMISSION_SETS +
APPLICATION_PERMISSION_SETS):
permission_set = PermissionSet(**permission_set_info)
try:
existing_permission_set = (
db.session.query(PermissionSet).filter_by(
name=permission_set.name).one())
existing_permission_set.description = permission_set.description
existing_permission_set.permissions = permission_set.permissions
existing_permission_set.display_name = permission_set.display_name
db.session.add(existing_permission_set)
print("Updated existing permission_set {}".format(
existing_permission_set.name))
except NoResultFound:
db.session.add(permission_set)
print("Added new permission_set {}".format(permission_set.name))
db.session.commit()
if __name__ == "__main__":
config = make_config({
"DISABLE_CRL_CHECK": True,
"CRL_STORAGE_PROVIDER": "LOCAL",
"DEBUG": False
})
app = make_app(config)
with app.app_context():
seed_roles()
