def flush_context():
ThreadLocalODMSession.close_all()
try:
yield
ThreadLocalODMSession.flush_all()
finally:
ThreadLocalODMSession.close_all()
def test_bearer_token_valid_via_headers(self, request):
user = M.User.by_username('test-admin')
consumer_token = M.OAuthConsumerToken(
name='foo',
description='foo app',
)
request_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
user_id=user._id,
callback='manual',
validation_pin=h.nonce(20),
is_bearer=True,
)
access_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id,
request_token_id=request_token._id,
user_id=user._id,
is_bearer=True,
)
ThreadLocalODMSession.flush_all()
token = access_token.api_key
request.headers = {
'Authorization': 'Bearer {}'.format(token)
}
request.scheme = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200)
# reverse proxy situation
request.scheme = 'http'
request.environ['paste.testing'] = False
request.environ['HTTP_X_FORWARDED_PROTOx'] = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200)
def test_bearer_token_valid_via_headers(self, request):
user = M.User.by_username('test-admin')
consumer_token = M.OAuthConsumerToken(
name='foo',
description='foo app',
)
request_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
user_id=user._id,
callback='manual',
validation_pin=h.nonce(20),
is_bearer=True,
)
access_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id,
request_token_id=request_token._id,
user_id=user._id,
is_bearer=True,
)
ThreadLocalODMSession.flush_all()
token = access_token.api_key
request.headers = {'Authorization': 'Bearer {}'.format(token)}
request.scheme = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200)
# reverse proxy situation
request.scheme = 'http'
request.environ['paste.testing'] = False
request.environ['HTTP_X_FORWARDED_PROTOx'] = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo', status=200)
def test_project_data(self):
project = M.Project.query.get(shortname='test')
project.summary = 'A Summary'
project.short_description = 'A Short Description'
ThreadLocalODMSession.flush_all()
r = self.app.get('/rest/p/test?doap')
assert_equal(r.content_type, 'application/rdf+xml')
p = r.xml.find(self.ns + 'Project')
assert_equal(p.attrib[self.rdf + 'about'],
'http://localhost/rest/p/test?doap#')
assert_equal(p.find(self.ns + 'name').text, 'test')
assert_equal(p.find(self.dc + 'title').text, 'Test Project')
assert_equal(p.find(self.ns_sf + 'private').text, '0')
assert_equal(p.find(self.ns + 'shortdesc').text, 'A Summary')
assert_equal(
p.find(self.ns + 'description').text, 'A Short Description')
assert_equal(
p.find(self.ns + 'created').text,
project._id.generation_time.strftime('%Y-%m-%d'))
maintainers = p.findall(self.ns + 'maintainer')
assert_equal(len(maintainers), 1)
user = maintainers[0].find(self.foaf + 'Person')
assert_equal(user.find(self.foaf + 'name').text, 'Test Admin')
assert_equal(user.find(self.foaf + 'nick').text, 'test-admin')
assert_equal(
list(user.find(self.foaf + 'homepage').items())[0][1],
'http://localhost/u/test-admin/')
def generate_wiki_thread(test):
# automagically instantiate the app
test.app.get('/wiki/')
project = M.Project.query.get(shortname='test')
app = project.app_instance('wiki')
page = WM.Page.query.get(app_config_id=app.config._id, title='Home')
thread = page.discussion_thread
# create a few posts by a few users
with push_config(c,
user=M.User.query.get(username='******'),
app=app,
project=project):
thread.add_post(text='This is very helpful')
thread.add_post(text="But it's not **super** helpful")
with push_config(c, user=M.User.query.get(username='******')):
thread.add_post(text='I disagree')
with push_config(c, user=M.User.query.get(username='******')):
thread.add_post(text='But what about foo?')
ThreadLocalODMSession.flush_all()
url = '/p/test/wiki/_discuss/thread/{}/'.format(thread._id)
return url
def test_bearer_token_valid(self, request):
user = M.User.by_username('test-admin')
consumer_token = M.OAuthConsumerToken(
name='foo',
description='foo app',
)
request_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
user_id=user._id,
callback='manual',
validation_pin=h.nonce(20),
is_bearer=True,
)
access_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id,
request_token_id=request_token._id,
user_id=user._id,
is_bearer=True,
)
ThreadLocalODMSession.flush_all()
request.headers = {}
request.params = {'access_token': access_token.api_key}
request.scheme = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo')
assert_equal(r.status_int, 200)
def test_bearer_token_valid(self, request):
user = M.User.by_username('test-admin')
consumer_token = M.OAuthConsumerToken(
name='foo',
description='foo app',
)
request_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
user_id=user._id,
callback='manual',
validation_pin=h.nonce(20),
is_bearer=True,
)
access_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id,
request_token_id=request_token._id,
user_id=user._id,
is_bearer=True,
)
ThreadLocalODMSession.flush_all()
request.headers = {}
request.params = {'access_token': access_token.api_key}
request.scheme = 'https'
r = self.api_post('/rest/p/test/wiki', access_token='foo')
assert_equal(r.status_int, 200)
def test_delete_item_success(self):
activity_data = {
"obj": {
"activity_extras": {
"summary": "Sensitive private info, oops"
},
"activity_url": "/p/test/tickets/34/?limit=25#ed7c",
"activity_name": "a comment"
},
"target": {
"activity_extras": {
"allura_id": "Ticket:529f57a6033c5e5985db2efa",
"summary": "Make activitystream timeline look better"
},
"activity_url": "/p/test/tickets/34/",
"activity_name": "ticket #34"
},
"actor": {
"activity_extras": {
"icon_url": "/u/test-admin/user_icon",
"allura_id": "User:521f96cb033c5e2587adbdff"
},
"activity_url": "/u/test-admin/",
"activity_name": "Administrator 1",
"node_id": "User:521f96cb033c5e2587adbdff"
},
"verb": "posted",
"published": dateutil.parser.parse("2013-12-04T21:48:19.817"),
"score": 1386193699,
"node_id": "Project:527a6584033c5e62126f5a60",
"owner_id": "Project:527a6584033c5e62126f5a60"
}
activity = Activity(**activity_data)
activity2 = Activity(
**dict(activity_data, node_id='Project:123', owner_id='User:456'))
activity3 = Activity(
**dict(activity_data, node_id='User:abc', owner_id='User:abc'))
ThreadLocalODMSession.flush_all()
activity_id = str(activity._id)
assert_equal(
Activity.query.find({
'obj.activity_extras.summary':
'Sensitive private info, oops'
}).count(), 3)
self.app.post(
'/u/test-user-1/activity/delete_item',
{'activity_id': activity_id},
extra_environ={'username': str('root')}, # nbhd admin
status=200)
ThreadLocalODMSession.flush_all()
assert_equal(
Activity.query.find({
'obj.activity_extras.summary':
'Sensitive private info, oops'
}).count(), 0)
def test_delete_item_success(self):
activity_data = {
"obj": {
"activity_extras": {
"summary": "Sensitive private info, oops"
},
"activity_url": "/p/test/tickets/34/?limit=25#ed7c",
"activity_name": "a comment"
},
"target": {
"activity_extras": {
"allura_id": "Ticket:529f57a6033c5e5985db2efa",
"summary": "Make activitystream timeline look better"
},
"activity_url": "/p/test/tickets/34/",
"activity_name": "ticket #34"
},
"actor": {
"activity_extras": {
"icon_url": "/u/test-admin/user_icon",
"allura_id": "User:521f96cb033c5e2587adbdff"
},
"activity_url": "/u/test-admin/",
"activity_name": "Administrator 1",
"node_id": "User:521f96cb033c5e2587adbdff"
},
"verb": "posted",
"published": dateutil.parser.parse("2013-12-04T21:48:19.817"),
"score": 1386193699,
"node_id": "Project:527a6584033c5e62126f5a60",
"owner_id": "Project:527a6584033c5e62126f5a60"
}
activity = Activity(**activity_data)
activity2 = Activity(**dict(activity_data, node_id='Project:123', owner_id='User:456'))
activity3 = Activity(**dict(activity_data, node_id='User:abc', owner_id='User:abc'))
ThreadLocalODMSession.flush_all()
activity_id = str(activity._id)
assert_equal(Activity.query.find({'obj.activity_extras.summary': 'Sensitive private info, oops'}).count(), 3)
self.app.post('/u/test-user-1/activity/delete_item',
{'activity_id': activity_id},
extra_environ={'username': '******'}, # nbhd admin
status=200)
ThreadLocalODMSession.flush_all()
assert_equal(Activity.query.find({'obj.activity_extras.summary': 'Sensitive private info, oops'}).count(), 0)
def _disable_users(self, disable):
dev = M.User.by_username('test-user')
self.proj.add_user(dev, ['Developer'])
ThreadLocalODMSession.flush_all()
g.credentials.clear()
proj = u'p/{}'.format(self.p_shortname)
msg = u'Account disabled because project /{} is deleted. Reason: The Reason'.format(proj)
opts = ['-r', 'The Reason', proj]
if disable:
opts.insert(0, '--disable-users')
_audit = audits if disable else out_audits
with _audit(msg, user=True):
self.run_script(opts)
admin = M.User.by_username('test-admin')
dev = M.User.by_username('test-user')
assert admin.disabled is disable
assert dev.disabled is disable
def _disable_users(self, disable):
dev = M.User.by_username('test-user')
self.proj.add_user(dev, ['Developer'])
ThreadLocalODMSession.flush_all()
g.credentials.clear()
proj = u'p/{}'.format(self.p_shortname)
msg = u'Account disabled because project /{} is deleted. Reason: The Reason'.format(proj)
opts = ['-r', 'The Reason', proj]
if disable:
opts.insert(0, '--disable-users')
_audit = audits if disable else out_audits
with _audit(msg):
self.run_script(opts)
admin = M.User.by_username('test-admin')
dev = M.User.by_username('test-user')
assert admin.disabled is disable
assert dev.disabled is disable
def test_bearer_token_valid(self, request):
user = M.User.by_username("test-admin")
consumer_token = M.OAuthConsumerToken(name="foo", description="foo app")
request_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
user_id=user._id,
callback="manual",
validation_pin=h.nonce(20),
is_bearer=True,
)
access_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id, request_token_id=request_token._id, user_id=user._id, is_bearer=True
)
ThreadLocalODMSession.flush_all()
request.params = {"access_token": access_token.api_key}
request.scheme = "https"
r = self.api_post("/rest/p/test/wiki", access_token="foo")
assert_equal(r.status_int, 200)
def generate_wiki_thread(test):
# automagically instantiate the app
test.app.get("/wiki/")
project = M.Project.query.get(shortname="test")
app = project.app_instance("wiki")
page = WM.Page.query.get(app_config_id=app.config._id, title="Home")
thread = page.discussion_thread
# create a few posts by a few users
with push_config(c, user=M.User.query.get(username="******"), app=app, project=project):
thread.add_post(text="This is very helpful")
thread.add_post(text="But it's not **super** helpful")
with push_config(c, user=M.User.query.get(username="******")):
thread.add_post(text="I disagree")
with push_config(c, user=M.User.query.get(username="******")):
thread.add_post(text="But what about foo?")
ThreadLocalODMSession.flush_all()
url = "/p/test/wiki/_discuss/thread/{}/".format(thread._id)
return url
def test_project_data(self):
project = M.Project.query.get(shortname='test')
project.summary = 'A Summary'
project.short_description = 'A Short Description'
ThreadLocalODMSession.flush_all()
r = self.app.get('/rest/p/test?doap')
assert_equal(r.content_type, 'application/rdf+xml')
p = r.xml.find(self.ns + 'Project')
assert_equal(p.attrib[self.rdf + 'about'], 'http://localhost/rest/p/test?doap#')
assert_equal(p.find(self.ns + 'name').text, 'test')
assert_equal(p.find(self.dc + 'title').text, 'Test Project')
assert_equal(p.find(self.ns_sf + 'private').text, '0')
assert_equal(p.find(self.ns + 'shortdesc').text, 'A Summary')
assert_equal(p.find(self.ns + 'description').text, 'A Short Description')
assert_equal(p.find(self.ns + 'created').text, project._id.generation_time.strftime('%Y-%m-%d'))
maintainers = p.findall(self.ns + 'maintainer')
assert_equal(len(maintainers), 1)
user = maintainers[0].find(self.foaf + 'Person')
assert_equal(user.find(self.foaf + 'name').text, 'Test Admin')
assert_equal(user.find(self.foaf + 'nick').text, 'test-admin')
assert_equal(user.find(self.foaf + 'homepage').items()[0][1],
'http://localhost/u/test-admin/')
def generate_wiki_thread(test):
# automagically instantiate the app
test.app.get('/wiki/')
project = M.Project.query.get(shortname='test')
app = project.app_instance('wiki')
page = WM.Page.query.get(app_config_id=app.config._id, title='Home')
thread = page.discussion_thread
# create a few posts by a few users
with push_config(c, user=M.User.query.get(username='******'),
app=app,
project=project):
thread.add_post(text='This is very helpful')
thread.add_post(text="But it's not **super** helpful")
with push_config(c, user=M.User.query.get(username='******')):
thread.add_post(text='I disagree')
with push_config(c, user=M.User.query.get(username='******')):
thread.add_post(text='But what about foo?')
ThreadLocalODMSession.flush_all()
url = '/p/test/wiki/_discuss/thread/{}/'.format(thread._id)
return url
def _cleanup_request():
ThreadLocalODMSession.flush_all()
ThreadLocalODMSession.close_all()
def _deny(obj, role, perm):
obj.acl.insert(0, M.ACE.deny(role._id, perm))
ThreadLocalODMSession.flush_all()
Credentials.get().clear()
def _cleanup_request(self):
context = self._context_func()
ThreadLocalODMSession.flush_all()
ContextualODMSession.flush_all(context)
ThreadLocalODMSession.close_all()
ContextualODMSession.close_all(context)
def _cleanup_request(self):
context = self._context_func()
ThreadLocalODMSession.flush_all()
ContextualODMSession.flush_all(context)
ThreadLocalODMSession.close_all()
ContextualODMSession.close_all(context)
def _add_to_group(user, role):
M.ProjectRole.by_user(user, upsert=True).roles.append(role._id)
ThreadLocalODMSession.flush_all()
Credentials.get().clear()
#tp = TPremiumSize(name="first",description="For good work",min=1000,max=5000)
tp = TPremiumSize.query.find().all()[0]
tw = TWorker.query.find().all()[0]
print(TPremiumSize.query.find().all())
print(tp.get_by_id("4e8")._id)
print(tw.get_by_id("4c0")._id)
tpr = TPremium(premium_id = tp._id, worker_id = tw._id,
earning_date = datetime.datetime(2017, 11, 10), premium_size = 2100,
note = "the best worker!")
#print(tw.get_by_id("4c9"))
#print(TWorker.query.find())
#for item in TWorker.query.find().all():
# print(str(item._id) == "5a22f36e89ad9319709cd4c0")
session.flush_all()
#class SampleDocument(Document):
#def my_sum(self):
#return self["a"] + self["b"]
#class SampleCollection(Collection):
#document_class = SampleDocument
#def find_by_a(self, a_value):
#return self.find_one({"a": a_value})
# Then use it in your code like this:
#print(config["mongo"]["login"])
def _add_to_group(user, role):
M.ProjectRole.by_user(user, upsert=True).roles.append(role._id)
ThreadLocalODMSession.flush_all()
Credentials.get().clear()
def _deny(obj, role, perm):
obj.acl.insert(0, M.ACE.deny(role._id, perm))
ThreadLocalODMSession.flush_all()
Credentials.get().clear()
def _add_to_group(user, role):
user.project_role().roles.append(role._id)
ThreadLocalODMSession.flush_all()
Credentials.get().clear()
