def test_api___simple_search_ok__no_search_string(self) -> None:
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
groups = [gapi.get_one_with_name("trusted-users")]
user = uapi.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
groups=groups,
)
workspace_api = WorkspaceApi(
current_user=admin, session=dbsession, config=self.app_config, show_deleted=True
)
workspace = workspace_api.create_workspace("test", save_now=True)
rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config)
rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
api = ContentApi(session=dbsession, current_user=user, config=self.app_config)
api.create(
content_type_slug="html-document", workspace=workspace, label="test", do_save=True
)
transaction.commit()
self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**"))
res = self.testapp.get("/api/v2/search/content".format(), status=200)
search_result = res.json_body
assert search_result
assert search_result["total_hits"] == 0
assert search_result["is_total_hits_accurate"] is True
assert len(search_result["contents"]) == 0
def test__unit__get_notifiable_roles__ok__nominal_case(self):
admin = self.session.query(User).filter(
User.email == "*****@*****.**").one()
wapi = WorkspaceApi(session=self.session,
config=self.app_config,
current_user=admin)
workspace = wapi.create_workspace(label="workspace w", save_now=True)
uapi = UserApi(session=self.session,
current_user=admin,
config=self.app_config)
user_1 = uapi.create_user(email="[email protected]",
auth_type=AuthType.INTERNAL,
do_save=True,
do_notify=False)
user_2 = uapi.create_user(email="[email protected]",
auth_type=AuthType.INTERNAL,
do_save=True,
do_notify=False)
assert wapi.get_notifiable_roles(workspace=workspace) == []
rapi = RoleApi(session=self.session,
current_user=admin,
config=self.app_config)
role_1 = rapi.create_one(user_1,
workspace,
UserRoleInWorkspace.READER,
with_notif=True)
role_2 = rapi.create_one(user_2,
workspace,
UserRoleInWorkspace.READER,
with_notif=False)
assert role_1 in wapi.get_notifiable_roles(workspace=workspace)
assert role_2 not in wapi.get_notifiable_roles(workspace=workspace)
def test_unit__get_all_for_usages(self, admin_user, session, app_config, workspace_api_factory):
rapi = RoleApi(current_user=admin_user, session=session, config=app_config)
workspace = workspace_api_factory.get().create_workspace("workspace_1", save_now=True)
roles = rapi.get_all_for_workspace(workspace)
assert len(roles) == 1
assert roles[0].user_id == admin_user.user_id
assert roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace_and_name(
self
):
admin = self.session.query(User).filter(User.email == "*****@*****.**").one()
api = UserApi(current_user=None, session=self.session, config=self.app_config)
u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True)
u2 = api.create_user(email="email2@email2", name="name2", do_notify=False, do_save=True)
u3 = api.create_user(
email="notfound@notfound", name="notfound", do_notify=False, do_save=True
)
u4 = api.create_user(email="email3@email3", name="name3", do_notify=False, do_save=True)
wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config)
workspace = wapi.create_workspace("test workspace n°1", save_now=True)
wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config)
workspace_2 = wapi.create_workspace("test workspace n°2", save_now=True)
role_api = RoleApi(current_user=admin, session=self.session, config=self.app_config)
role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False)
role_api.create_one(u4, workspace_2, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False)
api2 = UserApi(current_user=u3, session=self.session, config=self.app_config)
users = api2.get_known_user(
"name", exclude_workspace_ids=[workspace.workspace_id], exclude_user_ids=[u4.user_id]
)
assert len(users) == 1
assert users[0] == u2
def update_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None
) -> UserRoleWorkspaceInContext:
"""
Update role of the given space member.
This feature is for workspace managers, trusted users and administrators.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
workspace_role = WorkspaceRoles.get_role_from_slug(hapic_data.body.role)
role = rapi.update_role(
role,
role_level=workspace_role.level
)
return rapi.get_user_role_workspace_with_context(role)
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self):
admin = self.session.query(models.User) \
.filter(models.User.email == '*****@*****.**') \
.one()
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
u1 = api.create_user(
email='email@email',
name='name',
do_notify=False,
do_save=True,
)
u2 = api.create_user(
email='email2@email2',
name='name2',
do_notify=False,
do_save=True,
)
u3 = api.create_user(
email='notfound@notfound',
name='notfound',
do_notify=False,
do_save=True,
)
wapi = WorkspaceApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
workspace = wapi.create_workspace(
'test workspace n°1',
save_now=True)
wapi = WorkspaceApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
workspace_2 = wapi.create_workspace(
'test workspace n°2',
save_now=True)
role_api = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False)
api2 = UserApi(
current_user=u3,
session=self.session,
config=self.config,
)
users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id])
assert len(users) == 1
assert users[0] == u2
def test_get_notifiable_roles(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(
session=self.session,
config=self.app_config,
current_user=admin,
)
w = wapi.create_workspace(label='workspace w', save_now=True)
uapi = UserApi(session=self.session,
current_user=admin,
config=self.app_config)
u = uapi.create_minimal_user(email='[email protected]', save_now=True)
eq_([], wapi.get_notifiable_roles(workspace=w))
rapi = RoleApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True)
eq_([
r,
], wapi.get_notifiable_roles(workspace=w))
u.is_active = False
eq_([], wapi.get_notifiable_roles(workspace=w))
def enable_workspace_notification(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
enable workspace notification
"""
app_config = request.registry.settings['CFG']
api = ContentApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
wapi = WorkspaceApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.get_one(hapic_data.path.workspace_id)
wapi.enable_notifications(request.candidate_user, workspace)
rapi = RoleApi(
current_user=request.candidate_user, # User
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(request.candidate_user.user_id,
workspace.workspace_id)
wapi.save(workspace)
return
def test_unit__get_one__ok__nominal_case(self):
admin = self.session.query(User).filter(
User.email == "*****@*****.**").one()
rapi = RoleApi(current_user=admin,
session=self.session,
config=self.app_config)
rapi.get_one(admin.user_id, 1)
def add_current_user_as_member(self, workspace_id: int) -> Workspace:
"""
Adds the current user as a member of the given workspace id.
Only works for OPEN workspaces.
Role is set to the workspace default role.
"""
query = self._base_query_without_roles().filter(
Workspace.workspace_id == workspace_id)
query = query.filter(Workspace.access_type == WorkspaceAccessType.OPEN)
try:
workspace = query.one()
except NoResultFound as exc:
raise WorkspaceNotFound(
"workspace {} does not exist or not visible for user".format(
workspace_id)) from exc
rapi = RoleApi(
current_user=self._user,
session=self._session,
config=self._config,
)
rapi.create_one(self._user,
workspace,
workspace.default_user_role.level,
with_notif=True)
return workspace
def get_all_for_user(
self,
user: User,
include_owned: bool = True,
include_with_role: bool = True,
parents_ids: typing.Optional[typing.List[int]] = None,
) -> typing.List[Workspace]:
"""
Get all workspaces of user
:param user: just an user
:param include_owned: include workspace where user is owner
:param include_with_role: include workspace where user has a role
:return: list of workspaces found
"""
query = self._base_query()
workspace_ids = []
rapi = RoleApi(session=self._session,
current_user=self._user,
config=self._config)
if include_with_role:
workspace_ids.extend(
rapi.get_user_workspaces_ids(
user_id=user.user_id, min_role=UserRoleInWorkspace.READER))
if include_owned:
owned_workspaces = self._get_workspaces_owned_by_user(user.user_id)
workspace_ids.extend(
[workspace.workspace_id for workspace in owned_workspaces])
query = self._parent_id_filter(query, parent_ids=parents_ids)
query = query.filter(Workspace.workspace_id.in_(workspace_ids))
query = query.order_by(Workspace.label)
return query.all()
def enable_account_workspace_notification(self, context, request: TracimRequest, hapic_data=None): # nopep8
"""
enable workspace notification
"""
app_config = request.registry.settings['CFG']
api = ContentApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
wapi = WorkspaceApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
workspace = wapi.get_one(hapic_data.path.workspace_id)
wapi.enable_notifications(request.current_user, workspace)
rapi = RoleApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(request.current_user.user_id, workspace.workspace_id) # nopep8
wapi.save(workspace)
return
def test_api___simple_search_ok__by_comment_content(
self,
created_content_name,
search_string,
nb_content_result,
first_search_result_content_name,
first_created_comment_content,
second_created_comment_content,
) -> None:
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
groups = [gapi.get_one_with_name("trusted-users")]
user = uapi.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
groups=groups,
)
workspace_api = WorkspaceApi(
current_user=admin, session=dbsession, config=self.app_config, show_deleted=True
)
workspace = workspace_api.create_workspace("test", save_now=True)
rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config)
rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
api = ContentApi(session=dbsession, current_user=user, config=self.app_config)
content = api.create(
content_type_slug="html-document",
workspace=workspace,
label=created_content_name,
do_save=True,
)
api.create_comment(
workspace=workspace, parent=content, content=first_created_comment_content, do_save=True
)
api.create_comment(
workspace=workspace,
parent=content,
content=second_created_comment_content,
do_save=True,
)
api.create(
content_type_slug="html-document", workspace=workspace, label="report", do_save=True
)
api.create(
content_type_slug="thread", workspace=workspace, label="discussion", do_save=True
)
transaction.commit()
self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**"))
params = {"search_string": search_string}
res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params)
search_result = res.json_body
assert search_result
assert search_result["total_hits"] == nb_content_result
assert search_result["is_total_hits_accurate"] is False
assert search_result["contents"][0]["label"] == first_search_result_content_name
def __init__(self, current_user: Optional[User], session: TracimSession, config: CFG,) -> None:
session.assert_event_mechanism()
self._session = session
self._user = current_user
self._config = config
self._role_lib = RoleApi(
session=self._session, config=self._config, current_user=self._user
)
def on_user_role_in_workspace_deleted(self, role: UserRoleInWorkspace,
context: TracimContext) -> None:
wapi = WorkspaceApi(context.dbsession, None, context.app_config)
rapi = RoleApi(context.dbsession, None, context.app_config)
for workspace in wapi.get_all_for_user(role.user):
rapi.delete_one(role.user.user_id,
workspace.workspace_id,
flush=False)
def _get_user_workspaces_id(self, min_role: int) -> typing.Optional[typing.List[int]]:
"""
Get user workspace list or None if no user set
"""
if self._user:
rapi = RoleApi(config=self._config, session=self._session, current_user=self._user)
return rapi.get_user_workspaces_ids(self._user.user_id, min_role)
return None
def test_unit__get_one__err__role_does_not_exist(self):
admin = self.session.query(User).filter(
User.email == "*****@*****.**").one()
rapi = RoleApi(current_user=admin,
session=self.session,
config=self.app_config)
with pytest.raises(UserRoleNotFound):
rapi.get_one(admin.user_id, 100) # workspace 100 does not exist
def test_api__elasticsearch_search__ok__in_file_ingest_search(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(
User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin,
session=dbsession,
config=self.app_config)
gapi = GroupApi(current_user=admin,
session=dbsession,
config=self.app_config)
groups = [gapi.get_one_with_name("trusted-users")]
user = uapi.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
groups=groups,
)
workspace_api = WorkspaceApi(current_user=admin,
session=dbsession,
config=self.app_config,
show_deleted=True)
workspace = workspace_api.create_workspace("test", save_now=True)
rapi = RoleApi(current_user=admin,
session=dbsession,
config=self.app_config)
rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER,
False)
api = ContentApi(session=dbsession,
current_user=user,
config=self.app_config)
with self.session.no_autoflush:
text_file = api.create(
content_type_slug=content_type_list.File.slug,
workspace=workspace,
label="important",
do_save=False,
)
api.update_file_data(text_file, "test_file", "text/plain",
b"we need to find stringtosearch here !")
api.save(text_file)
api.execute_created_content_actions(text_file)
content_id = text_file.content_id
transaction.commit()
self.refresh_elasticsearch()
params = {"search_string": "stringtosearch"}
self.testapp.authorization = ("Basic", ("*****@*****.**",
"*****@*****.**"))
res = self.testapp.get("/api/v2/search/content".format(),
status=200,
params=params)
search_result = res.json_body
assert search_result
assert search_result["total_hits"] == 1
assert search_result["is_total_hits_accurate"] is True
assert len(search_result["contents"]) == 1
assert search_result["contents"][0]["content_id"] == content_id
def test_unit__get_one__ok__nominal_case(self):
admin = self.session.query(User)\
.filter(User.email == '*****@*****.**').one()
rapi = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
rapi.get_one(admin.user_id, 1)
def test_unit__get_one__err__role_does_not_exist(self):
admin = self.session.query(User)\
.filter(User.email == '*****@*****.**').one()
rapi = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
with pytest.raises(UserRoleNotFound):
rapi.get_one(admin.user_id, 100) # workspace 100 does not exist
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
api = UserApi(
current_user=None,
session=self.session,
config=self.app_config,
)
u1 = api.create_user(
email='email@email',
name='name',
do_notify=False,
do_save=True,
)
u2 = api.create_user(
email='email2@email2',
name='name2',
do_notify=False,
do_save=True,
)
u3 = api.create_user(
email='notfound@notfound',
name='notfound',
do_notify=False,
do_save=True,
)
wapi = WorkspaceApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
workspace = wapi.create_workspace(
'test workspace n°1',
save_now=True)
wapi = WorkspaceApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
workspace_2 = wapi.create_workspace(
'test workspace n°2',
save_now=True)
role_api = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False)
role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False)
api2 = UserApi(
current_user=u3,
session=self.session,
config=self.app_config,
)
users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id])
assert len(users) == 1
assert users[0] == u2
def _get_workspace_subscription_event_receiver_ids(event: Event,
session: TracimSession,
config: CFG) -> Set[int]:
user_api = UserApi(current_user=None, session=session, config=config)
administrators = user_api.get_user_ids_from_profile(Profile.ADMIN)
author = event.subscription["author"]["user_id"]
role_api = RoleApi(current_user=None, session=session, config=config)
workspace_managers = role_api.get_workspace_member_ids(
event.workspace["workspace_id"],
min_role=WorkspaceRoles.WORKSPACE_MANAGER)
return set(administrators + workspace_managers + [author])
def test_unit__get_all_for_usages(self):
admin = self.session.query(User).filter(
User.email == "*****@*****.**").one()
rapi = RoleApi(current_user=admin,
session=self.session,
config=self.app_config)
workspace = self._create_workspace_and_test("workspace_1", admin)
roles = rapi.get_all_for_workspace(workspace)
len(roles) == 1
roles[0].user_id == admin.user_id
roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def test__unit__get_notifiable_roles__ok__do_not_show_inactive(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(
session=self.session,
config=self.app_config,
current_user=admin,
)
workspace = wapi.create_workspace(label='workspace w',
save_now=True)
uapi = UserApi(
session=self.session,
current_user=admin,
config=self.app_config
)
user_1 = uapi.create_user(
email='[email protected]',
auth_type=AuthType.INTERNAL,
do_save=True,
do_notify=False
)
user_2 = uapi.create_user(
email='[email protected]',
auth_type=AuthType.INTERNAL,
do_save=True,
do_notify = False
)
assert wapi.get_notifiable_roles(workspace=workspace) == []
rapi = RoleApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
role_1 = rapi.create_one(
user_1,
workspace,
UserRoleInWorkspace.READER,
with_notif=True
)
role_2 = rapi.create_one(
user_2,
workspace,
UserRoleInWorkspace.READER,
with_notif=True
)
assert role_1 in wapi.get_notifiable_roles(workspace=workspace)
assert role_2 in wapi.get_notifiable_roles(workspace=workspace)
user_1.is_active = False
assert not role_1 in wapi.get_notifiable_roles(workspace=workspace)
assert role_2 in wapi.get_notifiable_roles(workspace=workspace)
def create_workspace(
self,
label: str = "",
description: str = "",
agenda_enabled: bool = True,
public_download_enabled: bool = True,
public_upload_enabled: bool = True,
access_type: WorkspaceAccessType = WorkspaceAccessType.CONFIDENTIAL,
default_user_role: WorkspaceRoles = WorkspaceRoles.READER,
parent: Workspace = None,
save_now: bool = False,
) -> Workspace:
if not self._user or not self._user_allowed_to_create_new_workspaces(
self._user):
raise UserNotAllowedToCreateMoreWorkspace(
"User not allowed to create more workspace")
if not label:
raise EmptyLabelNotAllowed("Workspace label cannot be empty")
if access_type not in self._config.WORKSPACE__ALLOWED_ACCESS_TYPES:
raise DisallowedWorkspaceAccessType(
'Access type "{}" is not allowed for this workspace'.format(
access_type.name))
workspace = Workspace()
workspace.label = label
workspace.description = description
workspace.agenda_enabled = agenda_enabled
workspace.public_download_enabled = public_download_enabled
workspace.public_upload_enabled = public_upload_enabled
workspace.created = datetime.utcnow()
workspace.updated = datetime.utcnow()
workspace.owner = self._user
workspace.access_type = access_type
workspace.default_user_role = default_user_role
workspace.parent = parent
# By default, we force the current user to be the workspace manager
# And to receive email notifications
role_api = RoleApi(session=self._session,
current_user=self._user,
config=self._config)
with self._session.no_autoflush:
role = role_api.create_one(
self._user,
workspace,
UserRoleInWorkspace.WORKSPACE_MANAGER,
with_notif=True,
flush=False,
)
self._session.add(workspace)
self._session.add(role)
if save_now:
self._session.flush()
return workspace
def test_unit__create_one__nominal_case(
self, admin_user, session, app_config, workspace_api_factory
):
workspace = workspace_api_factory.get().create_workspace("workspace_1", save_now=True)
bob = session.query(User).filter(User.email == "*****@*****.**").one()
rapi = RoleApi(current_user=admin_user, session=session, config=app_config)
created_role = rapi.create_one(
user=bob,
workspace=workspace,
role_level=WorkspaceRoles.CONTENT_MANAGER.level,
with_notif=False,
)
obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id)
assert created_role == obtain_role
def get_receiver_ids(
cls, event: Event, session: TracimSession, config: CFG
) -> typing.Iterable[int]:
recipient = event.fields[cls.MENTION_FIELD]["recipient"]
if recipient in ALL__GROUP_MENTIONS:
# send to all workspace users
role_api = RoleApi(session=session, config=config, current_user=None)
workspace_id = event.workspace["workspace_id"]
return role_api.get_workspace_member_ids(workspace_id)
else:
# send to mentioned user
user_api = UserApi(session=session, config=config, current_user=None)
user = user_api.get_one_by_username(recipient)
return [user.user_id]
def get_user_orphan_workspaces(self, user: User):
"""Get all user workspaces where the users is not member of the parent and parent exists"""
query = self._base_query()
workspace_ids = []
rapi = RoleApi(session=self._session,
current_user=self._user,
config=self._config)
workspace_ids.extend(
rapi.get_user_workspaces_ids(user_id=user.user_id,
min_role=UserRoleInWorkspace.READER))
query = query.filter(Workspace.workspace_id.in_(workspace_ids))
query = query.filter(Workspace.parent_id.isnot(None))
query = query.filter(Workspace.parent_id.notin_(workspace_ids))
return self.default_order_workspace(query).all()
def workspaces_member_role(self,
context,
request: TracimRequest,
hapic_data=None) -> UserRoleWorkspaceInContext:
"""
Returns given space member with its role, avatar, etc.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
role = rapi.get_one(user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
return rapi.get_user_role_workspace_with_context(role)
def test__unit__get_notifiable_roles__ok__do_not_show_unknown_auth(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(
session=self.session,
config=self.app_config,
current_user=admin,
)
workspace = wapi.create_workspace(label='workspace w', save_now=True)
uapi = UserApi(session=self.session,
current_user=admin,
config=self.app_config)
user_1 = uapi.create_user(email='[email protected]',
auth_type=AuthType.INTERNAL,
do_save=True,
do_notify=False)
user_2 = uapi.create_user(email='[email protected]',
auth_type=AuthType.UNKNOWN,
do_save=True,
do_notify=False)
user_3 = uapi.create_user(email='[email protected]',
auth_type=AuthType.REMOTE,
do_save=True,
do_notify=False)
assert wapi.get_notifiable_roles(workspace=workspace) == []
rapi = RoleApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
role_1 = rapi.create_one(user_1,
workspace,
UserRoleInWorkspace.READER,
with_notif=True)
role_2 = rapi.create_one(user_2,
workspace,
UserRoleInWorkspace.READER,
with_notif=True)
role_3 = rapi.create_one(user_3,
workspace,
UserRoleInWorkspace.READER,
with_notif=True)
assert role_1 in wapi.get_notifiable_roles(workspace=workspace)
assert not role_2 in wapi.get_notifiable_roles(workspace=workspace)
assert role_3 in wapi.get_notifiable_roles(workspace=workspace)
def test_proxy_workspace_agenda__ok__nominal_case(self) -> None:
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(
User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin,
session=dbsession,
config=self.app_config)
gapi = GroupApi(current_user=admin,
session=dbsession,
config=self.app_config)
groups = [gapi.get_one_with_name("users")]
user = uapi.create_user(
"*****@*****.**",
password="******",
do_save=True,
do_notify=False,
groups=groups,
)
workspace_api = WorkspaceApi(current_user=admin,
session=dbsession,
config=self.app_config,
show_deleted=True)
workspace = workspace_api.create_workspace("test", save_now=True)
workspace.agenda_enabled = True
rapi = RoleApi(current_user=admin,
session=dbsession,
config=self.app_config)
rapi.create_one(user, workspace, UserRoleInWorkspace.CONTENT_MANAGER,
False)
transaction.commit()
self.testapp.authorization = ("Basic", ("*****@*****.**",
"*****@*****.**"))
self.testapp.get("/agenda/workspace/{}/".format(
workspace.workspace_id),
status=404)
event = VALID_CALDAV_BODY_PUT_EVENT
self.testapp.put(
"/agenda/workspace/{}/".format(workspace.workspace_id),
event,
content_type="text/agenda",
status=201,
)
self.testapp.get("/agenda/workspace/{}/".format(
workspace.workspace_id),
status=200)
self.testapp.delete("/agenda/workspace/{}/".format(
workspace.workspace_id),
status=200)
def test_unit__get_all_for_usages(self):
admin = self.session.query(User)\
.filter(User.email == '*****@*****.**').one()
rapi = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
workspace = self._create_workspace_and_test(
'workspace_1',
admin
)
roles = rapi.get_all_for_workspace(workspace)
len(roles) == 1
roles[0].user_id == admin.user_id
roles[0].role == WorkspaceRoles.WORKSPACE_MANAGER.level
def on_user_role_in_workspace_deleted(
self, role: UserRoleInWorkspace, context: TracimContext
) -> None:
"""
Remove the user from all child spaces
"""
user = role.user
parent_workspace = role.workspace
rapi = RoleApi(session=context.dbsession, config=context.app_config, current_user=None)
for workspace in parent_workspace.recursive_children:
try:
rapi.delete_one(
user_id=user.user_id, workspace_id=workspace.workspace_id, flush=False,
)
except UserRoleNotFound:
pass
def delete_workspaces_members_role(self,
context,
request: TracimRequest,
hapic_data=None) -> None:
"""
Remove the user from the space.
This feature is for workspace managers and administrators.
"""
app_config = request.registry.settings["CFG"] # type: CFG
rapi = RoleApi(current_user=request.current_user,
session=request.dbsession,
config=app_config)
rapi.delete_one(user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id)
return
def create_workspace(
self,
label: str='',
description: str='',
calendar_enabled: bool=False,
save_now: bool=False,
) -> Workspace:
if not label:
raise EmptyLabelNotAllowed('Workspace label cannot be empty')
if self._session.query(Workspace).filter(Workspace.label == label).count() > 0: # nopep8
raise WorkspaceLabelAlreadyUsed(
'A workspace with label {} already exist.'.format(label)
)
workspace = Workspace()
workspace.label = label
workspace.description = description
workspace.calendar_enabled = calendar_enabled
# By default, we force the current user to be the workspace manager
# And to receive email notifications
role_api = RoleApi(
session=self._session,
current_user=self._user,
config=self._config
)
role = role_api.create_one(
self._user,
workspace,
UserRoleInWorkspace.WORKSPACE_MANAGER,
with_notif=True,
)
self._session.add(workspace)
self._session.add(role)
if save_now:
self._session.flush()
# TODO - G.M - 28-03-2018 - [Calendar] Reenable calendar stuff
# if calendar_enabled:
# self._ensure_calendar_exist(workspace)
# else:
# self._disable_calendar(workspace)
return workspace
def test_unit__create_one__nominal_case(self):
admin = self.session.query(User).filter(
User.email == "*****@*****.**").one()
workspace = self._create_workspace_and_test("workspace_1", admin)
bob = self.session.query(User).filter(
User.email == "*****@*****.**").one()
rapi = RoleApi(current_user=admin,
session=self.session,
config=self.app_config)
created_role = rapi.create_one(
user=bob,
workspace=workspace,
role_level=WorkspaceRoles.CONTENT_MANAGER.level,
with_notif=False,
)
obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id)
assert created_role == obtain_role
def _get_members_and_administrators_ids(event: Event, session: TracimSession,
config: CFG) -> Set[int]:
"""
Return administrators + members of the event's workspace + user subject of the action if there is one
"""
user_api = UserApi(current_user=None, session=session, config=config)
administrators = user_api.get_user_ids_from_profile(Profile.ADMIN)
role_api = RoleApi(current_user=None, session=session, config=config)
workspace_members = role_api.get_workspace_member_ids(
event.workspace["workspace_id"])
receiver_ids = set(administrators + workspace_members)
try:
receiver_ids.add(event.user["user_id"])
except AttributeError:
# no user in event
pass
return receiver_ids
def workspaces_members(
self,
context,
request: TracimRequest,
hapic_data=None
) -> typing.List[UserRoleWorkspaceInContext]:
"""
Returns the list of space members with their role, avatar, etc.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
roles = rapi.get_all_for_workspace(request.current_workspace)
return [
rapi.get_user_role_workspace_with_context(user_role)
for user_role in roles
]
def workspaces_member_role(
self,
context,
request: TracimRequest,
hapic_data=None
) -> UserRoleWorkspaceInContext:
"""
Returns given space member with its role, avatar, etc.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
role = rapi.get_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
return rapi.get_user_role_workspace_with_context(role)
def delete_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None
) -> None:
"""
Remove the user from the space.
This feature is for workspace managers and administrators.
"""
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
rapi.delete_one(
user_id=hapic_data.path.user_id,
workspace_id=hapic_data.path.workspace_id,
)
return
def test_unit__create_one__nominal_case(self):
admin = self.session.query(User)\
.filter(User.email == '*****@*****.**').one()
workspace = self._create_workspace_and_test(
'workspace_1',
admin
)
bob = self.session.query(User)\
.filter(User.email == '*****@*****.**').one()
rapi = RoleApi(
current_user=admin,
session=self.session,
config=self.app_config,
)
created_role = rapi.create_one(
user=bob,
workspace=workspace,
role_level=WorkspaceRoles.CONTENT_MANAGER.level,
with_notif=False,
)
obtain_role = rapi.get_one(bob.user_id, workspace.workspace_id)
assert created_role == obtain_role
def insert(self):
admin = self._session.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
bob = self._session.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
john_the_reader = self._session.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
admin_workspace_api = WorkspaceApi(
current_user=admin,
session=self._session,
config=self._config,
)
bob_workspace_api = WorkspaceApi(
current_user=bob,
session=self._session,
config=self._config
)
content_api = ContentApi(
current_user=admin,
session=self._session,
config=self._config
)
bob_content_api = ContentApi(
current_user=bob,
session=self._session,
config=self._config
)
reader_content_api = ContentApi(
current_user=john_the_reader,
session=self._session,
config=self._config
)
role_api = RoleApi(
current_user=admin,
session=self._session,
config=self._config,
)
# Workspaces
business_workspace = admin_workspace_api.create_workspace(
'Business',
description='All importants documents',
save_now=True,
)
recipe_workspace = admin_workspace_api.create_workspace(
'Recipes',
description='Our best recipes',
save_now=True,
)
other_workspace = bob_workspace_api.create_workspace(
'Others',
description='Other Workspace',
save_now=True,
)
# Workspaces roles
role_api.create_one(
user=bob,
workspace=recipe_workspace,
role_level=UserRoleInWorkspace.CONTENT_MANAGER,
with_notif=False,
)
role_api.create_one(
user=john_the_reader,
workspace=recipe_workspace,
role_level=UserRoleInWorkspace.READER,
with_notif=False,
)
# Folders
tool_workspace = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=business_workspace,
label='Tools',
do_save=True,
do_notify=False,
)
menu_workspace = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=business_workspace,
label='Menus',
do_save=True,
do_notify=False,
)
dessert_folder = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=recipe_workspace,
label='Desserts',
do_save=True,
do_notify=False,
)
salads_folder = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=recipe_workspace,
label='Salads',
do_save=True,
do_notify=False,
)
other_folder = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=other_workspace,
label='Infos',
do_save=True,
do_notify=False,
)
# Pages, threads, ..
tiramisu_page = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=recipe_workspace,
parent=dessert_folder,
label='Tiramisu Recipes!!!',
do_save=True,
do_notify=False,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=tiramisu_page,
):
content_api.update_content(
item=tiramisu_page,
new_content='<p>To cook a greet Tiramisu, you need many ingredients.</p>', # nopep8
new_label='Tiramisu Recipes!!!',
)
content_api.save(tiramisu_page)
best_cake_thread = content_api.create(
content_type_slug=content_type_list.Thread.slug,
workspace=recipe_workspace,
parent=dessert_folder,
label='Best Cake',
do_save=False,
do_notify=False,
)
best_cake_thread.description = 'Which is the best cake?'
self._session.add(best_cake_thread)
apple_pie_recipe = content_api.create(
content_type_slug=content_type_list.File.slug,
workspace=recipe_workspace,
parent=dessert_folder,
label='Apple_Pie',
do_save=False,
do_notify=False,
)
apple_pie_recipe.file_extension = '.txt'
apple_pie_recipe.depot_file = FileIntent(
b'Apple pie Recipe',
'apple_Pie.txt',
'text/plain',
)
self._session.add(apple_pie_recipe)
Brownie_recipe = content_api.create(
content_type_slug=content_type_list.File.slug,
workspace=recipe_workspace,
parent=dessert_folder,
label='Brownie Recipe',
do_save=False,
do_notify=False,
)
Brownie_recipe.file_extension = '.html'
Brownie_recipe.depot_file = FileIntent(
b'<p>Brownie Recipe</p>',
'brownie_recipe.html',
'text/html',
)
self._session.add(Brownie_recipe)
fruits_desserts_folder = content_api.create(
content_type_slug=content_type_list.Folder.slug,
workspace=recipe_workspace,
label='Fruits Desserts',
parent=dessert_folder,
do_save=True,
)
menu_page = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=business_workspace,
parent=menu_workspace,
label='Current Menu',
do_save=True,
)
new_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=recipe_workspace,
parent=fruits_desserts_folder,
label='New Fruit Salad',
do_save=True,
)
old_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=recipe_workspace,
parent=fruits_desserts_folder,
label='Fruit Salad',
do_save=True,
do_notify=False,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=old_fruit_salad,
):
content_api.archive(old_fruit_salad)
content_api.save(old_fruit_salad)
bad_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=recipe_workspace,
parent=fruits_desserts_folder,
label='Bad Fruit Salad',
do_save=True,
do_notify=False,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=bad_fruit_salad,
):
content_api.delete(bad_fruit_salad)
content_api.save(bad_fruit_salad)
# File at the root for test
new_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=other_workspace,
label='New Fruit Salad',
do_save=True,
)
old_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=other_workspace,
label='Fruit Salad',
do_save=True,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=old_fruit_salad,
):
content_api.archive(old_fruit_salad)
content_api.save(old_fruit_salad)
bad_fruit_salad = content_api.create(
content_type_slug=content_type_list.Page.slug,
workspace=other_workspace,
label='Bad Fruit Salad',
do_save=True,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=bad_fruit_salad,
):
content_api.delete(bad_fruit_salad)
content_api.save(bad_fruit_salad)
content_api.create_comment(
parent=best_cake_thread,
content='<p>What is for you the best cake ever? </br> I personnally vote for Chocolate cupcake!</p>', # nopep8
do_save=True,
)
bob_content_api.create_comment(
parent=best_cake_thread,
content='<p>What about Apple Pie? There are Awesome!</p>',
do_save=True,
)
reader_content_api.create_comment(
parent=best_cake_thread,
content='<p>You are right, but Kouign-amann are clearly better.</p>',
do_save=True,
)
with new_revision(
session=self._session,
tm=transaction.manager,
content=best_cake_thread,
):
bob_content_api.update_content(
item=best_cake_thread,
new_content='What is the best cake?',
new_label='Best Cakes?',
)
bob_content_api.save(best_cake_thread)
with new_revision(
session=self._session,
tm=transaction.manager,
content=tiramisu_page,
):
bob_content_api.update_content(
item=tiramisu_page,
new_content='<p>To cook a great Tiramisu, you need many ingredients.</p>', # nopep8
new_label='Tiramisu Recipe',
)
bob_content_api.save(tiramisu_page)
self._session.flush()
def create_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None
) -> UserRoleWorkspaceInContext:
"""
Add a member to this workspace.
This feature is for workspace managers and administrators.
"""
newly_created = False
email_sent = False
app_config = request.registry.settings['CFG'] # type: CFG
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
uapi = UserApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
show_deactivated=True,
show_deleted=True,
)
try:
_, user = uapi.find(
user_id=hapic_data.body.user_id,
email=hapic_data.body.user_email,
public_name=hapic_data.body.user_public_name
)
if user.is_deleted:
raise UserIsDeleted('This user has been deleted. Unable to invite him.') # nopep8
if not user.is_active:
raise UserIsNotActive('This user is not activated. Unable to invite him') # nopep8
except UserDoesNotExist as exc:
if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email):
raise exc
if app_config.NEW_USER_INVITATION_DO_NOTIFY:
user = uapi.create_user(
auth_type=AuthType.UNKNOWN,
email=hapic_data.body.user_email,
password=password_generator(),
do_notify=True
)
if app_config.EMAIL_NOTIFICATION_ACTIVATED and \
app_config.NEW_USER_INVITATION_DO_NOTIFY and \
app_config.EMAIL_NOTIFICATION_PROCESSING_MODE.lower() == 'sync':
email_sent = True
else:
user = uapi.create_user(
auth_type=AuthType.UNKNOWN,
email=hapic_data.body.user_email,
password=None,
do_notify=False
)
newly_created = True
role = rapi.create_one(
user=user,
workspace=request.current_workspace,
role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level, # nopep8
with_notif=app_config.EMAIl_NOTIFICATION_ENABLED_ON_INVITATION,
flush=True,
)
return rapi.get_user_role_workspace_with_context(
role,
newly_created=newly_created,
email_sent=email_sent,
)
def test_unit__get_all_manageable(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
uapi = UserApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
# Checks a case without workspaces.
wapi = WorkspaceApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
eq_([], wapi.get_all_manageable())
# Checks an admin gets all workspaces.
w4 = wapi.create_workspace(label='w4')
w3 = wapi.create_workspace(label='w3')
w2 = wapi.create_workspace(label='w2')
w1 = wapi.create_workspace(label='w1')
eq_([w1, w2, w3, w4], wapi.get_all_manageable())
# Checks a regular user gets none workspace.
gapi = GroupApi(
session=self.session,
current_user=None,
config=self.app_config,
)
u = uapi.create_minimal_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
wapi = WorkspaceApi(
session=self.session,
current_user=u,
config=self.app_config,
)
rapi = RoleApi(
session=self.session,
current_user=None,
config=self.app_config,
)
rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)
rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False)
rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([], wapi.get_all_manageable())
# Checks a manager gets only its own workspaces.
u.groups.append(gapi.get_one(Group.TIM_MANAGER))
rapi.delete_one(u.user_id, w2.workspace_id)
rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([w1, w2], wapi.get_all_manageable())
