def test_default_loginRequired_canview_canedit_by_others(self):
formId = self.create_form()
self.edit_form(
formId,
{
"schema": {
"a": "B"
},
"uiSchema": {
"a": "B"
},
"formOptions": {
"loginRequired": True,
"responseCanViewByLink": True,
"responseCanEditByLink": True,
},
},
)
self.set_permissions(formId, [])
responseId, _ = self.submit_form(formId, {"a": "B"})
# change owner of response
user = User(id=str(uuid.uuid4()))
user.save()
response = Response.objects.get({"_id": ObjectId(responseId)})
response.user = user
response.save()
response = self.view(responseId)
self.assertEqual(response["statusCode"], 200, response)
response = self.edit(formId, responseId)
self.assertEqual(response["statusCode"], 200, response)
def test_default_loginRequired_admin_can_view_modify(self):
formId = self.create_form()
self.edit_form(
formId,
{
"schema": {
"a": "B"
},
"uiSchema": {
"a": "B"
},
"formOptions": {
"loginRequired": True
},
},
)
self.set_permissions(formId, ["Responses_View", "Responses_Edit"])
responseId, _ = self.submit_form(formId, {"a": "B"})
# change owner of response
user = User(id=str(uuid.uuid4()))
user.save()
response = Response.objects.get({"_id": ObjectId(responseId)})
response.user = user
response.save()
response = self.view_loginRequired(formId)
self.assertEqual(response["statusCode"], 200, response)
self.assertEqual(json.loads(response["body"])["res"], None)
response = self.view(responseId)
self.assertEqual(response["statusCode"], 200, response)
response = self.edit(formId, responseId)
self.assertEqual(response["statusCode"], 200, response)
def get_user_or_create_one(userId):
user = None
try:
user = User.objects.get({"_id": userId})
except DoesNotExist:
user = User(id=userId)
user.save()
return user
def test_form_update(self):
userId = "cm:testId:" + str(uuid.uuid4())
user = User(id=userId).save()
paymentInfo = {
"currency":
"USD",
"items": [{
"name": "name",
"description": "description",
"amount": "amountField",
"quantity": "1"
}]
}
form = Form(schema={
"type": "object",
"properties": {
"amountField": {
"type": "number"
}
}
},
uiSchema={"title": "Test"},
formOptions=FormOptions(paymentInfo=paymentInfo),
date_created=datetime.datetime.now(),
date_modified=datetime.datetime.now(),
name="Name",
cff_permissions={userId: {
"owner": True
}})
form.save()
formId = form.id
table = display_form_dict({"a": "b"})
self.assertEqual(table, "<table><tr><th>A</th><td>b</td></tr></table>")
def manage_user(self, data, username):
"""Create oauthed user."""
# I am basically creating my user based on the Bluemoon data
# typically you would have your application user and a single bluemoon api user
session = self.db.session()
query = session.query(User)
user = query.filter(User.username == username).first()
now = datetime.datetime.now()
expires = now + datetime.timedelta(seconds=data["expires_in"])
if not user:
user = User(
username=username,
access_token=data["access_token"],
refresh_token=data["refresh_token"],
expires=expires,
)
session.add(user)
else:
user.access_token = data["access_token"]
user.refresh_token = data["refresh_token"]
user.expires = expires
session.commit()
self.user = user
def add_user(request):
"""
Function to add a User
:param request: The incoming request to the API
"""
try:
first_name = request.json_body['first_name']
last_name = request.json_body['last_name']
username = request.json_body['username']
with get_session() as session:
new_user = User(first_name=first_name,
last_name=last_name,
username=username)
session.add(new_user)
session.commit()
return
except Exception as e:
raise BadRequestError(e)