def create(db: Session, user_in: schemas.UserCreate):
user_in.password = hash_password(user_in.password)
user = User(**user_in.dict())
db.add(user)
db.commit()
db.refresh(user)
return user
def add_user(*, db: Session = Depends(deps.get_db),
user: schemas.UserCreate) -> Any:
"""用户管理-新增"""
user = user.dict()
deptId = user.pop("deptId")
postIds = user.pop("postIds")
roleIds = user.pop("roleIds")
# User
add_user = models.User(**user)
db.add(add_user)
db.flush()
# department
user_department = {
"user_id": add_user.id,
"department_id": deptId,
}
db.add(models.User_Department(**user_department))
db.flush()
# role
user_roles = [{"user_id": add_user.id, "role_id": i} for i in roleIds]
db.bulk_insert_mappings(models.User_Role, user_roles)
db.flush()
# dict
# post
user_post = [{"user_id": add_user.id, "dict_id": i} for i in postIds]
user_dict = user_post + []
db.bulk_insert_mappings(models.User_Dict, user_dict)
db.flush()
return {
"code": 20000,
"message": "新增成功",
}
def test_can_get_all_users(db, cleanup):
email = "*****@*****.**"
password = "******"
user_in = UserCreate(email=email, password=password)
user = crud.create_user(db, user=user_in)
email2 = "*****@*****.**"
password = "******"
user_in2 = UserCreate(email=email2, password=password)
user2 = crud.create_user(db, user=user_in2)
response = client.get("/users/")
assert response.status_code == 200
resp = response.json()
assert resp[0]['email'] == '*****@*****.**'
assert resp[1]['email'] == '*****@*****.**'
assert len(resp) == 2
def test_user_image_has_default_value(db, cleanup):
email = "*****@*****.**"
password = "******"
username = "******"
user_in = UserCreate(email=email, password=password, username=username)
user = crud.create_user(db, user=user_in)
assert user.image == ''
def test_create_user_student(db: Session) -> None:
email = random_email()
password = random_password()
user_in = UserCreate(email=email, password=password, type="student")
user = crud.user.create(db, obj_in=user_in)
assert user.email == email
assert hasattr(user, "hashed_password")
def create_random_user(db: Session,
type: str,
is_admin: bool = False,
school_id: Optional[str] = None,
permissions: Optional[int] = None) -> User:
"""
:param db: SQLAlchemy Session object pointing to the project database
:param type: Type of user to create
:param is_admin: True if user is an auxilary admin, else False
:param school_id: School that the user belongs to (optional)
:param permissions: permissions to be set if user is an admin
:return: User object created from random values and given type
"""
email = random_email()
password = random_password()
user_in = UserCreate(email=email,
password=password,
type=type,
is_admin=is_admin,
school_id=school_id)
user = crud.user.create(db=db, obj_in=user_in)
if user.is_admin and permissions:
if admin := crud.admin.get(db, user.id):
admin_in = AdminUpdate(user_id=user.id, permissions=permissions)
crud.admin.update(db=db, db_obj=admin, obj_in=admin_in)
def test_create_invitation(db: Session, normal_user: User,
dataroom: Dataroom) -> None:
"""
GIVEN an existing dataroom
WHEN a invitation is created
THEN the invitation should exist in db
"""
with freeze_time("2021-01-01 12:00"):
EMAIL_STR = "*****@*****.**"
TOKEN_STR = "random_token_string"
EXPIRES_IN = calculate_expires_in_days(90)
create_user = UserCreate(email=EMAIL_STR, password=random_password())
invitee = crud.user.create_if_not_exists(db, obj_in=create_user)
obj_in = InviteCreate(
invitee=invitee,
jwt_token=TOKEN_STR,
dataroom=dataroom,
creator=normal_user,
expires_in=EXPIRES_IN,
)
metadata = crud.invite.create(db, obj_in=obj_in)
expected_expires_in = datetime(2021,
4,
2,
0,
0,
0,
tzinfo=timezone.utc)
assert metadata.expires_in == expected_expires_in
assert metadata.invitee.email == EMAIL_STR
assert metadata.jwt_token == TOKEN_STR
async def create(con: AsyncIOConnection, *, obj_in: UserCreate) -> User:
data_in = obj_in.dict(exclude_unset=True)
if data_in.get("password"):
data_in["hashed_password"] = get_password_hash(obj_in.password)
del data_in["password"]
shape_expr = utils.get_shape(data_in)
try:
result = await con.query_one_json(
f"""SELECT (
INSERT User {{
{shape_expr}
}}
) {{
id,
email,
full_name,
is_superuser,
is_active,
num_items,
items: {{
id,
title
}}
}}""",
**data_in,
)
except Exception as e:
raise HTTPException(status_code=400, detail=f"{e}")
user = User.parse_raw(result)
return user
def create_user(user: schemas.UserCreate, db: Session = Depends(get_db)):
db_user = crud.get_user_by_email(db, email=user.email)
if db_user:
raise HTTPException(status_code=400, detail="Email already registered")
user.password = get_password_hash(user.password)
return crud.create_user(db=db, user=user)
def test_create_user(db: Session) -> None:
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(username=username, password=password)
user = crud.user.create(db, user_in)
assert user.username == username
assert hasattr(user, "password_hashed")
def authentication_token_from_email(
*,
client: TestClient,
email: str,
db: Session,
user_type: str = "student",
school_id: Optional[str] = None,
type_: str = "access",
) -> dict[str, str]:
"""
Return a valid token for the user with given email.
If the user doesn't exist it is created first.
"""
password = random_password()
user = crud.user.get_by_email(db, email=email)
if not user:
user_in_create = UserCreate(email=email,
password=password,
type=user_type,
school_id=school_id)
crud.user.create(db, obj_in=user_in_create)
else:
user_in_update = UserUpdate(password=password)
crud.user.update(db, db_obj=user, obj_in=user_in_update)
return user_authentication_headers(client=client,
email=email,
password=password,
type_=type_)
def normal_user(db: Session) -> User:
email = NORMAL_USER_EMAIL
password = NORMAL_USER_PW
user_in = UserCreate(email=email,
password=password,
is_superuser=False,
is_active=True)
return crud.user.create(db, obj_in=user_in)
def test_authenticate_user_student_wrong_password(db: Session) -> None:
email = random_email()
password = random_password()
user_in = UserCreate(email=email, password=password, type="student")
crud.user.create(db, obj_in=user_in)
authenticated_user = crud.user.authenticate(db,
email=email,
password=f"WRoNg{password}")
assert authenticated_user is None
def test_can_create_a_favorite_with_no_existing_market(db, cleanup):
market_id = 123
email = "*****@*****.**"
password = "******"
user_in = UserCreate(email=email, password=password)
user = crud.create_user(db, user=user_in)
response = client.post(f"/users/{user.id}/favorites",
json={"fmid": market_id})
assert response.status_code == 200
def register(user: schemas.UserCreate, db=Depends(get_db)):
if crud.user.get(user.email, db):
raise HTTPException(409, 'A User with this email already exists')
user = schemas.User.from_orm(crud.user.create(db, user))
# create token
access_token = manager.create_access_token(data={'sub': user.email})
token = Token(access_token=access_token, token_type="Bearer")
return schemas.UserRegistered(**user.dict(), login_credentials=token)
def test_authenticate_user_invalid_password(db: Session) -> None:
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(username=username, password=password)
crud.user.create(db, user_in)
authenticated_user = crud.user.authenticate(db,
username=username,
password=password + "1")
assert authenticated_user is None
def create_user(user: schemas.UserCreate, db: Session) -> schemas.User:
user_dict = user.dict()
password = user_dict["password"]
user_dict["hashed_password"] = auth_utils.get_password_hash(password)
del user_dict["password"]
db_user = models.User(**user_dict)
db.add(db_user)
db.commit()
db.refresh(db_user)
return db_user
def test_create_existing_user(client: TestClient, db: Session) -> None:
username = random_lower_string()
password = random_lower_string()
data = {"username": username, "password": password}
user_in = UserCreate(username=username, password=password)
crud.user.create(db, user_in)
response = client.post("/users", json=data)
json = response.json()
assert response.status_code == 400
assert json["detail"] == "User already exists."
def room_user(db: Session, dataroom: Dataroom) -> User:
email = ROOM_USER_EMAIL
password = ROOM_USER_PW
user_in = UserCreate(email=email,
password=password,
is_superuser=False,
is_active=True)
user = crud.user.create(db, obj_in=user_in)
oso_roles.add_user_role(db, user, dataroom, "MEMBER", commit=True)
return user
def test_authenticate_user_student(db: Session) -> None:
email = random_email()
password = random_password()
user_in = UserCreate(email=email, password=password, type="student")
user = crud.user.create(db, obj_in=user_in)
authenticated_user = crud.user.authenticate(db,
email=email,
password=password)
assert authenticated_user
assert user.email == authenticated_user.email
def test_create_user(db_session):
assert create_user(
db_session,
UserCreate(
username="******",
email="*****@*****.**",
password="******",
is_active=True,
is_superuser=False,
),
)
def test_can_get_a_single_user(db, cleanup):
email = "*****@*****.**"
password = "******"
user_in = UserCreate(email=email, password=password)
user = crud.create_user(db, user=user_in)
response = client.get("/users/1")
assert response.status_code == 200
resp = response.json()
assert resp['email'] == '*****@*****.**'
assert resp['id'] == 1
assert resp['favorites'] == []
def create(
self, db: Session, *, obj_in: schemas.UserCreate, commit: bool = True
) -> User:
obj_dict = obj_in.dict()
obj_dict["hashed_password"] = get_password_hash(obj_in.password)
del obj_dict["password"]
db_obj = User(**obj_dict)
db.add(db_obj)
if commit:
db.commit()
db.refresh(db_obj)
return db_obj
def add_members(
organization_id: int,
*,
invites: List[UserInvite] = Body(...),
auth=Depends(authorization("organizations:add_members")),
db: Session = Depends(get_db),
current_user: User = Depends(get_current_user),
):
try:
members = crud.organization.get_members(db, id=organization_id)
users_to_add = (invite for invite in invites
if invite.email not in (u.get("email")
for u in members))
for invite in users_to_add:
user_in_db = user.get_by_email(db, email=invite.email)
role = invite.role if invite.role else "guest"
if not user_in_db:
user_in_db = user.create(
db,
obj_in=UserCreate(
full_name=invite.full_name,
email=invite.email,
password=pwd.genword(),
),
)
else:
organization_in_db = crud.organization.get(db,
id=organization_id)
if organization_in_db:
send_new_invitation_email_task.delay(
full_name=user_in_db.full_name,
email_to=user_in_db.email,
organization=organization_in_db.name,
role=role)
enforcer.add_role_for_user_in_domain(
str(user_in_db.id),
role,
str(organization_id),
)
enforcer.load_policy()
return [
user for user in get_members(
organization_id, auth=auth, db=db, current_user=current_user)
if user.get("email") in (invite.email for invite in invites)
]
except Exception as e:
logging.error(e)
def test_create_defaults(db_session):
example_user_schema = UserCreate(
email='*****@*****.**',
password='******'
)
user: User = create(db_session, example_user_schema)
assert user.email == example_user_schema.email
assert user.is_admin is False
assert user.lists == []
assert user.username == 'example'
assert user.hashed_password
def test_retrieve_users(client: TestClient, superuser_token_headers: Dict[str,
str],
db: Session) -> None:
username = random_lower_string()
email = random_email()
password = random_lower_string()
user_in = UserCreate(email=email, password=password, username=username)
crud.user.create(db, obj_in=user_in)
username2 = random_lower_string()
email2 = random_email()
password2 = random_lower_string()
user_in2 = UserCreate(email=email2, password=password2, username=username2)
crud.user.create(db, obj_in=user_in2)
r = client.get(f"{settings.API_V1_STR}/users/",
headers=superuser_token_headers)
all_users = r.json()
assert len(all_users) > 1
for fact in all_users:
assert "email" in fact
def test_create_user(db, cleanup):
email = "*****@*****.**"
password = "******"
username = "******"
image = "12674.jpg"
user_in = UserCreate(email=email,
password=password,
username=username,
image=image)
user = crud.create_user(db, user=user_in)
assert user.email == email
assert user.username == username
assert user.image == image
def test_get_user(db: Session) -> None:
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(username=username, password=password)
user = crud.user.create(db, user_in)
user2 = crud.user.get(db, user.id)
assert user2
assert jsonable_encoder(user2) == jsonable_encoder(user)
user3 = crud.user.get_by_username(db, username=user.username)
assert user3
assert jsonable_encoder(user3) == jsonable_encoder(user)
def create_organization_root_node(
*,
db: Session = Depends(get_db),
organization_in: OrganizationCreateRoot,
current_user: User = Depends(get_current_user),
) -> Optional[Organization]:
"""
Create a new **root node for organizations tree**;
If `owner_email` is present organization tree ownership will be affected to *existing or newly created user*,
else organizations tree ownership will be affected to *superuser*.
"""
if not current_user.is_superuser:
raise HTTPException(
status_code=403,
detail="You are not authorized to perform this action.")
new_organization_root_node = organization.create_root(
db, obj_in=organization_in).to_schema()
if organization_in.owner_email:
user_in_db = user.get_by_email(db, email=organization_in.owner_email)
if not user_in_db:
user_in_db = user.create(
db,
obj_in=UserCreate(
full_name=organization_in.owner_email.split("@")[0],
email=organization_in.owner_email,
password=pwd.genword(),
),
)
if new_organization_root_node:
send_new_invitation_email_task.delay(
full_name=user_in_db.full_name,
email_to=user_in_db.email,
organization=new_organization_root_node.name,
role="owner")
enforcer.add_role_for_user_in_domain(
str(user_in_db.id), "owner",
str(new_organization_root_node.id))
enforcer.load_policy()
else:
enforcer.add_role_for_user_in_domain(
str(current_user.id), "owner", str(new_organization_root_node.id))
enforcer.load_policy()
current_roles = enforcer.get_roles_for_user_in_domain(
str(current_user.id), str(new_organization_root_node.id))
if len(current_roles) > 0:
new_organization_root_node.current_user_role = current_roles[0]
if current_user.is_superuser:
new_organization_root_node.current_user_role = 'admin'
# new_organization_root_node.current_user_role = current_roles[0]
return new_organization_root_node
def test_it_can_get_all_user_favorites(db, cleanup):
market_id = 123456
market_in = MarketCreate(market_id=market_id)
market = crud.create_market(db, market=market_in)
email = "*****@*****.**"
password = "******"
user_in = UserCreate(email=email, password=password)
user = crud.create_user(db, user=user_in)
client.post(f"/users/{user.id}/favorites", json={"fmid": market_id})
response = client.get(f"/users/{user.id}/favorites")
assert response.status_code == 200
resp = response.json()
assert resp['favorites'] == [{'market_id': 123456, 'id': 1}]
