def test_admins_unlock(self, loggedin_client):
test_admin = Admins().from_json({
'username': '******',
'password': '******',
'name': 'Test Admin'
})
test_admin.failed_attempts = 5
test_admin.last_failed_date = datetime.utcnow()
test_admin.unlock_date = datetime.utcnow() + timedelta(minutes=30)
db.session.add(test_admin)
db.session.commit()
new_test_admin = Admins.query.filter_by(username='******').one()
rv = loggedin_client.put("/api/v1/admins/unlock/{0}".format(new_test_admin.id), follow_redirects=True)
assert rv.status_code == 200
def test_admins_twofactor_verify_invalid(self, loggedin_client):
test_admin = Admins().from_json({
'username': '******',
'password': '******',
'name': 'Test Admin'
})
test_admin.generate_otp_secret()
test_admin.otp_active = 1
db.session.add(test_admin)
db.session.commit()
rv = loggedin_client.post("/api/v1/admins/{0}/twofactor/verify".format(test_admin.id), data=json.dumps({"code": 123456}))
try:
json.loads(rv.data.decode('utf-8'))
except:
assert False, "Not json"
assert rv.status_code == 400
assert "invalid code" in rv.data.decode('utf-8')
def test_admins_twofactor_verify_invalid(self, loggedin_client):
test_admin = Admins().from_json({
'username': '******',
'password': '******',
'name': 'Test Admin'
})
test_admin.generate_otp_secret()
test_admin.otp_active = 1
db.session.add(test_admin)
db.session.commit()
api_url = "/api/v1/admins/{0}/twofactor/verify".format(test_admin.id)
rv = loggedin_client.post(api_url, data=json.dumps({"code": 123456}))
try:
json.loads(rv.data.decode('utf-8'))
except json.decoder.JSONDecodeError:
assert False, "Not json"
assert rv.status_code == 400
assert "invalid code" in rv.data.decode('utf-8')
def new_admin():
""" Creates a new admin user in Admins, and returns HTTP 201 on success
"""
admin = Admins().from_json(request.get_json(force=True))
db.session.add(admin)
try:
db.session.commit()
json_logger(
'audit', current_user.username,
'The administrator "{0}" was created successfully'.format(
admin.username))
except ValidationError as e:
raise e
except Exception as e:
db.session.rollback()
json_logger(
'error', current_user.username,
'The following error occurred in new_admin: {0}'.format(str(e)))
raise GenericError('The admininstrator could not be created')
finally:
db.session.close()
return {}, 201
