Example #1
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     self.endpoint = '/api/accounts/' + str(self.account.user_id)
Example #2
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     self.client.login(username=self.account.user.username, password=self.password)
Example #3
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.client.login(username=self.account.user.username, password=self.password)
     self.account_id = self.account.user_id
     self.endpoint = '/api/accounts/' + str(self.account_id)
Example #4
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     self.endpoint = '/api/accounts/' + str(self.account.user_id)
Example #5
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     ar = AccountRequest.objects.get(account=self.account, type='create-primary-account', status='pending')
     payload = json.dumps({"action": "verify_email", "code": ar.code})
     self.client.put('/api/accounts/' + str(self.account.id), payload, content_type='application/json')
     self.client.login(username=self.account.user.username, password=self.password)
Example #6
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.client.login(username=self.account.user.username,
                       password=self.password)
     self.account_id = self.account.user_id
     self.endpoint = '/api/accounts/' + str(self.account_id)
Example #7
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     self.client.login(username=self.account.user.username,
                       password=self.password)
Example #8
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     payload = json.dumps({"action": "request_password_reset", "email": self.email})
     self.client.put('/api/accounts', payload, content_type='application/json')
     self.endpoint = '/api/accounts/' + str(self.account.user_id)
Example #9
0
    def put(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, POST",
        }

        # Check content-type header
        if not self.content_type.startswith('application/json'):
            errors = {
                "header_content_type":
                "Content-Type must be 'application/json'. Your Content-Type is "
                + str(self.content_type)
            }
            return Response(content=errors,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            action = self.CONTENT['action']
        except KeyError:
            error = {"action": "Missing action."}
            return Response(content=error,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        #################
        # Validation
        #################

        # Request to reset user's password
        if action == 'request_password_reset':
            try:
                email = self.CONTENT['email']
            except KeyError:
                error = {"email": "Missing email address."}
                return Response(content=error,
                                headers=headers,
                                status=status.HTTP_400_BAD_REQUEST)

            result = Account.request_reset_password(email)

        else:
            result = {"action": "Invalid action."}

        if isinstance(result, dict):
            return Response(content=result,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        return Response(content={}, headers=headers, status=status.HTTP_200_OK)
Example #10
0
    def test_400_missing_email_list(self):
        account = Account.create_account(self.email, self.password)
        account.status = 'active'
        account.group = 'agency'
        account.save()
        self.client.login(username=account.user.username, password=self.password)

        data = json.dumps({
            "type": "secondary",
        })
        response = self.client.post('/api/accounts', data, content_type='application/json')
        self.assertEqual(response.status_code, 400)
Example #11
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     ar = AccountRequest.objects.get(account=self.account,
                                     type='create-primary-account',
                                     status='pending')
     payload = json.dumps({"action": "verify_email", "code": ar.code})
     self.client.put('/api/accounts/' + str(self.account.id),
                     payload,
                     content_type='application/json')
     self.client.login(username=self.account.user.username,
                       password=self.password)
Example #12
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.group = 'agency'
     self.account.save()
     self.client.login(username=self.account.user.username, password=self.password)
     payload = json.dumps({
         "type": "secondary",
         "email_list": ['*****@*****.**']
     })
     response = self.client.post('/api/accounts/', payload, content_type='application/json')
     self.client.logout()
Example #13
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.save()
     payload = json.dumps({
         "action": "request_password_reset",
         "email": self.email
     })
     self.client.put('/api/accounts',
                     payload,
                     content_type='application/json')
     self.endpoint = '/api/accounts/' + str(self.account.user_id)
Example #14
0
    def test_400_missing_email_list(self):
        account = Account.create_account(self.email, self.password)
        account.status = 'active'
        account.group = 'agency'
        account.save()
        self.client.login(username=account.user.username,
                          password=self.password)

        data = json.dumps({
            "type": "secondary",
        })
        response = self.client.post('/api/accounts',
                                    data,
                                    content_type='application/json')
        self.assertEqual(response.status_code, 400)
Example #15
0
    def test_200_valid_secondary_accounts(self):
        account = Account.create_account(self.email, self.password)
        account.status = 'active'
        account.group = 'agency'
        account.save()
        self.client.login(username=account.user.username, password=self.password)

        data = json.dumps({
            "type": "secondary",
            "email_list": [
                '*****@*****.**',
                '*****@*****.**'
            ],
        })
        response = self.client.post('/api/accounts', data, content_type='application/json')
        self.assertEqual(response.status_code, 200)
Example #16
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
     self.account.status = 'active'
     self.account.group = 'agency'
     self.account.save()
     self.client.login(username=self.account.user.username,
                       password=self.password)
     payload = json.dumps({
         "type": "secondary",
         "email_list": ['*****@*****.**']
     })
     response = self.client.post('/api/accounts/',
                                 payload,
                                 content_type='application/json')
     self.client.logout()
Example #17
0
    def test_200_valid_secondary_accounts(self):
        account = Account.create_account(self.email, self.password)
        account.status = 'active'
        account.group = 'agency'
        account.save()
        self.client.login(username=account.user.username,
                          password=self.password)

        data = json.dumps({
            "type":
            "secondary",
            "email_list": ['*****@*****.**', '*****@*****.**'],
        })
        response = self.client.post('/api/accounts',
                                    data,
                                    content_type='application/json')
        self.assertEqual(response.status_code, 200)
Example #18
0
    def post(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, POST",
        }

        # Check content-type header
        if not self.content_type.startswith('application/json'):
            errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
            return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        try:
            request.session["_auth_user_id"]
        except KeyError:
            pass
        else:
            error = {"session": "Unable to create new account with a valid session."}
            return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        try:
            email = self.CONTENT['email']
        except KeyError:
            error = {"email": "Missing email address field."}
            return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        try:
            password = self.CONTENT['password']
        except KeyError:
            error = {"password": "******"}
            return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        try:
            code = self.CONTENT['code']
        except KeyError:
            code = None

        account = Account.create_account(email, password, code=code)
        if not isinstance(account, Account):
            return Response(content=account, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        return Response(content=account.record_to_dictionary(), headers=headers, status=status.HTTP_200_OK)
Example #19
0
    def put(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, POST",
        }

        # Check content-type header
        if not self.content_type.startswith('application/json'):
            errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
            return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        try:
            action = self.CONTENT['action']
        except KeyError:
            error = {"action": "Missing action."}
            return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        #################
        # Validation
        #################

        # Request to reset user's password
        if action == 'request_password_reset':
            try:
                email = self.CONTENT['email']
            except KeyError:
                error = {"email": "Missing email address."}
                return Response(content=error, headers=headers, status=status.HTTP_400_BAD_REQUEST)

            result = Account.request_reset_password(email)

        else:
            result = {"action": "Invalid action."}

        if isinstance(result, dict):
            return Response(content=result, headers=headers, status=status.HTTP_400_BAD_REQUEST)

        return Response(content={}, headers=headers, status=status.HTTP_200_OK)
Example #20
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
Example #21
0
 def setUp(self):
     self.email = '*****@*****.**'
     self.password = '******'
     self.account = Account.create_account(self.email, self.password)
Example #22
0
    def post(self, request):
        #################
        # Setup
        #################

        headers = {
            "Content-Type": "application/json",
            "Allow": "GET, POST",
        }

        # Check content-type header
        if not self.content_type.startswith('application/json'):
            errors = {
                "header_content_type":
                "Content-Type must be 'application/json'. Your Content-Type is "
                + str(self.content_type)
            }
            return Response(content=errors,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            request.session["_auth_user_id"]
        except KeyError:
            pass
        else:
            error = {
                "session": "Unable to create new account with a valid session."
            }
            return Response(content=error,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            email = self.CONTENT['email']
        except KeyError:
            error = {"email": "Missing email address field."}
            return Response(content=error,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            password = self.CONTENT['password']
        except KeyError:
            error = {"password": "******"}
            return Response(content=error,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        try:
            code = self.CONTENT['code']
        except KeyError:
            code = None

        account = Account.create_account(email, password, code=code)
        if not isinstance(account, Account):
            return Response(content=account,
                            headers=headers,
                            status=status.HTTP_400_BAD_REQUEST)

        return Response(content=account.record_to_dictionary(),
                        headers=headers,
                        status=status.HTTP_200_OK)
Example #23
0
  def post(self, request):
    #################
    # Setup
    #################

    headers = {
      "Content-Type": "application/json",
      "Allow": "GET, POST",
    }

    #################
    # Validation
    #################

    try:
      account_id = int(request.session["_auth_user_id"])
    except KeyError:
      return Response(status=status.HTTP_401_UNAUTHORIZED)

    try:
      account = Account.objects.get(user_id=account_id)
    except Account.DoesNotExist:
      errors = {"account_id": "Invalid account ID."}
      return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)

    # Check content-type header
    if not self.content_type.startswith('application/json'):
      errors = {"header_content_type": "Content-Type must be 'application/json'. Your Content-Type is " + str(self.content_type)}
      return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)

    #################
    # Operation
    #################
    
    try:
      project_id = int(self.CONTENT["project_id"])
    except KeyError:
      errors = {"project_id": "Missing project ID."}
      return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)
    
    # Must be project owner to create a permission
    try:
      project = Project.objects.get(id=project_id, account=account)
    except Project.DoesNotExist:
      errors = {"project_id": "Invalid project ID."}
      return Response(content=errors, headers=headers, status=status.HTTP_404_NOT_FOUND)

    try:
      email = str(self.CONTENT['email']).lower().strip()
    except KeyError:
      errors = {"email": "Missing email address."}
      return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)
    
    try:
      p_account = Account.objects.get(email=email)
    except Account.DoesNotExist:
      p_account = Account.create_invitation_account(email)
      if isinstance(p_account, dict):
        return Response(content=p_account, headers=headers, status=status.HTTP_400_BAD_REQUEST)
    else:
      try:
        Permission.objects.get(project=project, account=p_account)
      except Permission.DoesNotExist:
        pass
      else:
        # Send a 30X response instead for PUT to correct endpoint?
        errors = {"email": "This email address already has a permission."}
        return Response(content=errors, headers=headers, status=status.HTTP_400_BAD_REQUEST)

    try:
      permission = str(self.CONTENT['permission'])
    except KeyError:
      permission = 'client'
    else:
      if permission not in ['client', 'coworker']:
        permission = 'client'
    
    perm = Permission.create_record(account, project, p_account, self.CONTENT)
    if not isinstance(perm, Permission):
      # HTTP status 422: Unprocessable Entity (WebDAV; RFC 4918)
      return Response(content=perm, headers=headers, status=422)
    
    return Response(content=perm.record_to_dictionary(), headers=headers, status=status.HTTP_200_OK)