def _create(cls,
model_class,
role="superuser",
orcid=None,
email=None,
allow_push=None,
token=None,
*args,
**kwargs):
ds = current_app.extensions["invenio-accounts"].datastore
role = ds.find_or_create_role(role)
user = ds.create_user(
id=fake.random_number(digits=8, fix_len=True),
email=fake.email() if not email else email,
password=hash_password(fake.password()),
active=True,
roles=[role],
)
if orcid:
user_orcid_id = UserIdentity(id=orcid,
method="orcid",
id_user=user.get_id())
db.session.add(user_orcid_id)
RemoteToken.create(
user_id=user.get_id(),
client_id="orcid",
token=token,
secret=None,
extra_data={
"orcid": orcid,
"allow_push": allow_push
},
)
return user
def system_user(app, db):
"""Create a regular system user."""
user = User(**dict(email="*****@*****.**", active=True))
db.session.add(user)
db.session.commit()
user_id = user.id
identity = UserIdentity(**dict(id="1", method="cern", id_user=user_id))
db.session.add(identity)
profile = UserProfile(**dict(user_id=user_id,
_displayname="id_" + str(user_id),
full_name="System User"))
db.session.add(profile)
remote_account = RemoteAccount(client_id="CLIENT_ID",
**dict(user_id=user_id,
extra_data=dict(
person_id="1",
department="Department")))
db.session.add(remote_account)
db.session.commit()
return user
def test_existent_token_for_same_user_but_different_orcid(self):
# Create existing token: RemoteToken, RemoteAccount, UserIdentity.
other_orcid = "otherorcid"
with db.session.begin_nested():
# Create RemoteToken and RemoteAccount.
RemoteToken.create(
user_id=self.user.id,
client_id=current_app.config["ORCID_APP_CREDENTIALS"]
["consumer_key"],
token=self.token,
secret=None,
extra_data={
"orcid": other_orcid,
"full_name": self.name,
"allow_push": True,
},
)
user_identity = UserIdentity(id=other_orcid,
method="orcid",
id_user=self.user.id)
db.session.add(user_identity)
with pytest.raises(RemoteTokenOrcidMismatch):
_link_user_and_token(self.user, self.name, self.orcid, self.token)
def create_invenio_user_identity(self, user_id, ldap_user):
"""Return new user identity entry."""
uid_number = ldap_user["user_identity_id"]
return UserIdentity(id=uid_number,
method=OAUTH_REMOTE_APP_NAME,
id_user=user_id)
def users(app, db):
"""Create users."""
user1 = create_test_user(email='*****@*****.**',
password='******',
confirmed_at=datetime.now())
user2 = create_test_user(email='*****@*****.**',
password='******',
confirmed_at=datetime.now())
user_admin = create_test_user(email='*****@*****.**',
password='******',
confirmed_at=datetime.now())
non_validated_user = create_test_user(email='*****@*****.**',
password='******')
user_with_blacklisted_domain = create_test_user(
email='*****@*****.**',
password='******',
confirmed_at=datetime.now())
longtime_validated_user_with_blacklisted_domain = create_test_user(
email='*****@*****.**',
password='******',
confirmed_at=datetime.now() - timedelta(days=40))
user_with_blacklisted_domain_and_ext_id = create_test_user(
email='*****@*****.**', password='******')
ud = UserIdentity(id='1',
method='github',
id_user=user_with_blacklisted_domain_and_ext_id.id)
db.session.add(ud)
with db.session.begin_nested():
# set admin permissions
db.session.add(
ActionUsers(action=action_admin_access.value, user=user_admin))
db.session.add(
ActionUsers(action=deposit_admin_access.value, user=user_admin))
db.session.commit()
return [
{
'email': user1.email,
'id': user1.id
},
{
'email': user2.email,
'id': user2.id
},
{
'email': user_admin.email,
'id': user_admin.id
},
{
'email': non_validated_user.email,
'id': non_validated_user.id
},
{
'email': user_with_blacklisted_domain.email,
'id': user_with_blacklisted_domain.id
},
{
'email': longtime_validated_user_with_blacklisted_domain.email,
'id': longtime_validated_user_with_blacklisted_domain.id
},
]