def persist_token_information(self, client_id, scope, access_token,
token_type, expires_in, refresh_token, data):
assert not refresh_token
found = user.get_user(json.loads(data)["username"])
if not found:
raise RuntimeError("Username must be in the data field")
token_name = access_token[:ACCESS_TOKEN_PREFIX_LENGTH]
token_code = access_token[ACCESS_TOKEN_PREFIX_LENGTH:]
assert token_name
assert token_code
assert len(token_name) == ACCESS_TOKEN_PREFIX_LENGTH
assert len(token_code) >= ACCESS_TOKEN_MINIMUM_CODE_LENGTH
oauth_app = OAuthApplication.get(client_id=client_id)
expires_at = datetime.utcnow() + timedelta(seconds=expires_in)
OAuthAccessToken.create(
application=oauth_app,
authorized_user=found,
scope=scope,
token_name=token_name,
token_code=Credential.from_string(token_code),
access_token="",
token_type=token_type,
expires_at=expires_at,
data=data,
)
def test_invite_to_team(initialized_db):
first_user = get_user('devtable')
second_user = create_user_noverify('newuser', '*****@*****.**')
def run_invite_flow(orgname):
# Create an org owned by `devtable`.
org = create_organization(orgname, orgname + '@example.com',
first_user)
# Create another team and add `devtable` to it. Since `devtable` is already
# in the org, it should be done directly.
other_team = create_team('otherteam', org, 'admin')
invite = add_or_invite_to_team(first_user,
other_team,
user_obj=first_user)
assert invite is None
assert is_in_team(other_team, first_user)
# Try to add `newuser` to the team, which should require an invite.
invite = add_or_invite_to_team(first_user,
other_team,
user_obj=second_user)
assert invite is not None
assert not is_in_team(other_team, second_user)
# Accept the invite.
confirm_team_invite(invite.invite_token, second_user)
assert is_in_team(other_team, second_user)
# Run for a new org.
run_invite_flow('firstorg')
# Create another org and repeat, ensuring the same operations perform the same way.
run_invite_flow('secondorg')
def create_repository(cls, package_name, visibility, owner):
ns, _ = package_name.split("/")
owner = user.get_user('devtable')
visibility = "public"
create_org(ns, owner)
return super(PackageTest,
cls).create_repository(package_name, visibility, owner)
def test_remove_user_from_team(initialized_db):
first_user = get_user("devtable")
second_user = get_user("randomuser")
# Create new org: devtable should be in the admin owners team
new_org = create_organization("testorg", "testorg" + "@example.com", first_user)
admin_teams = list(__get_user_admin_teams("testorg", "devtable"))
# Add user to another admin team
new_team = create_team("testteam", new_org, "admin", description="test another admin team")
assert add_user_to_team(second_user, new_team)
# Cannot remove themselves from their only admin team
with pytest.raises(DataModelException):
remove_user_from_team("testorg", "testteam", "randomuser", "randomuser")
# Another admin should be able to
remove_user_from_team("testorg", "testteam", "randomuser", "devtable")
def setup(self, app):
self.user = get_user("devtable")
self.org = create_organization(self.orgname,
"{self.orgname}@devtable.com",
self.user)
self.org.save()
self.config = create_proxy_cache_config(
org_name=self.orgname,
upstream_registry=self.upstream_registry,
expiration_s=3600,
)
def test_registry_proxy_model_init_only_query_db_once(initialized_db):
orgname = "testorg"
user = get_user("devtable")
org = create_organization(orgname, "{self.orgname}@devtable.com", user)
org.save()
create_proxy_cache_config(
org_name=orgname,
upstream_registry="quay.io",
expiration_s=3600,
)
with assert_query_count(1):
ProxyModel(
orgname,
"app-sre/ubi8-ubi",
user,
)
def test_remove_team(initialized_db):
first_user = get_user("devtable")
# Create new org: devtable should be in the admin owners team
new_org = create_organization("testorg", "testorg" + "@example.com", first_user)
admin_teams = list(__get_user_admin_teams("testorg", "devtable"))
assert len(admin_teams) == 1 and admin_teams[0].name == "owners"
# Create new admin team without adding the devtable to the team:
# devtable should be able to delete the new admin team
new_team = create_team("testteam", new_org, "admin", description="test second admin team")
admin_teams = list(__get_user_admin_teams("testorg", "devtable"))
assert len(admin_teams) == 1 and admin_teams[0].name != "testteam"
# Removing the only team which devtable is the admin to should fail
with pytest.raises(DataModelException):
remove_team("testorg", "owners", "devtable")
# Removing the other admin team should succeed, since devtable is already admin in another team
remove_team("testorg", "testteam", "devtable")
def _save(self, force, **kwargs):
owner = user.get_user('devtable')
create_org(self.namespace, owner)
super(PackageTest, self)._save(force, user=owner, visibility="public")
def get_robot_password(username):
parent_name, robot_shortname = username.split("+", 1)
parent = get_user(parent_name)
_, token, _ = get_robot_and_metadata(robot_shortname, parent)
return token
