def test_set_password(self, api_client_mgmt, cli, clean_db):
user = {
"password": "******",
"new_password": "******",
"email": "*****@*****.**",
"tenant": TENANT_ONE,
}
users_db = {user["tenant"]: [user["email"]]}
with tenantadm.run_fake_create_user(user):
cli.create_user(user["email"],
user["password"],
tenant_id=user["tenant"])
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(user["email"], user["password"])
assert r.status_code == 200
cli.set_password(user["email"], user["new_password"],
user["tenant"])
status_code = 200
try:
_, r = api_client_mgmt.login(user["email"], user["password"])
except bravado.exception.HTTPError as e:
assert e.response.status_code == 401
status_code = 401
assert status_code == 401
_, r = api_client_mgmt.login(user["email"], user["new_password"])
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims["mender.tenant"] == user["tenant"]
def test_fail_duplicate_email(self, tenant_id, api_client_mgmt,
init_users_mt):
new_user = {"email": "*****@*****.**", "password": "******"}
with tenantadm.run_fake_create_user(new_user, 422):
self._do_test_fail_duplicate_email(api_client_mgmt,
init_users_mt[tenant_id],
new_user, tenant_id)
def test_fail_duplicate_email(self, tenant_id, api_client_mgmt, init_users_mt_f):
new_user = {
"email": init_users_mt_f[tenant_id][0]["email"],
"password": "******",
}
with tenantadm.run_fake_create_user(new_user, 422):
self._do_test_fail_unprocessable_entity(
api_client_mgmt, init_users_mt_f[tenant_id], new_user, tenant_id,
)
def test_ok(self, api_client_int,api_client_mgmt, clean_db, ):
user = {"email":"*****@*****.**", "password":"******"}
with tenantadm.run_fake_create_user(user):
api_client_int.create_user_for_tenant('foobar', user)
auth = make_auth("foo", 'foobar')
users = api_client_mgmt.get_users(auth)
assert len(users) == 1
def test_ok_pwd_hash(self, api_client_int, api_client_mgmt, clean_db_f):
user = {
"email": "*****@*****.**",
"password_hash": "secret12345",
"propagate": False,
}
with tenantadm.run_fake_create_user(user):
api_client_int.create_user_for_tenant("foobar", user)
auth = make_auth("foo", "foobar")
users = api_client_mgmt.get_users(auth)
assert len(users) == 1
def test_create_user_login(self, api_client_mgmt, cli, clean_db):
user = {"email": "*****@*****.**", "password": "******"}
users_db = {TENANT_ONE: [user["email"]]}
with tenantadm.run_fake_create_user(user):
cli.create_user(user["email"],
user["password"],
tenant_id=TENANT_ONE)
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(user["email"], user["password"])
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims["mender.tenant"] == TENANT_ONE
def init_users_mt(cli, clean_migrated_db, api_client_mgmt, mongo):
tenant_users = {TENANT_ONE: [], TENANT_TWO: []}
for t in tenant_users:
for i in range(5):
user = {
"email": f"user={i}-{t}@foo.com",
"password": "******",
}
with tenantadm.run_fake_create_user(user):
cli.create_user(
user["email"],
user["password"],
None,
t,
)
tenant_users[t] = api_client_mgmt.get_users(make_auth("foo", t))
yield tenant_users
mongo_cleanup(mongo)
def test_create_user(self, api_client_mgmt, cli):
user = {
"email": f"foo-{TENANT_ONE}@bar.com",
"password": "******"
}
with tenantadm.run_fake_create_user(user):
cli.create_user(user["email"],
user["password"],
tenant_id=TENANT_ONE)
users = api_client_mgmt.get_users(make_auth("foo", tenant=TENANT_ONE))
assert [
user for user in users if user.email == f"foo-{TENANT_ONE}@bar.com"
]
other_tenant_users = api_client_mgmt.get_users(
make_auth("foo", tenant=TENANT_TWO))
assert not other_tenant_users
