def clean_id_number(self): id_number = self.cleaned_data["id_number"] try: get_user_model().objects.get(id_number=id_number) except get_user_model().DoesNotExist: return id_number raise forms.ValidationError("A user with that I.DNumber already exists.")
def test_delete(self): """Delete a user in a tenant.""" # Make a tenant. tenant = Tenant.objects.create(name='tenant', owner='John', owner_contact='206.867.5309') # Create a tenant_admin, default_tenant_admin, and a normal user. token = create_and_login(tenant=tenant) default_tenant_admin = \ get_user_model().objects.create_user(username="******", password="******") default_tenant_admin.tenant = tenant default_tenant_admin.default_tenant_admin = True default_tenant_admin.save() user = get_user_model().objects.create_user(username="******", password='******', tenant=tenant) # Try to DELETE the normal user. response = self.client.delete( TENANTS_ID_USERS_ID_URL % (tenant.uuid, user.uuid), HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token) self.assertContains(response, '', status_code=HTTP_204_NO_CONTENT) # Ensure we have the right number of user accounts self.assertEqual(get_user_model().objects.count(), 2)
def test_delete_default_tnnt_admin(self): """Try deleting the system's default tenant admin.""" # Make a tenant. tenant = Tenant.objects.create(name='tenant', owner='John', owner_contact='206.867.5309') # Create a tenant_admin, default_tenant_admin, and a normal user. token = create_and_login(tenant=tenant) default_tenant_admin = \ get_user_model().objects.create_user(username="******", password="******") default_tenant_admin.tenant = tenant default_tenant_admin.default_tenant_admin = True default_tenant_admin.save() get_user_model().objects.create_user(username="******", password='******', tenant=tenant) # Try to DELETE the default_admin_user. response = self.client.delete( TENANTS_ID_USERS_ID_URL % (tenant.uuid, default_tenant_admin.uuid), HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token) self.assertContains(response, CONTENT_PERMISSION_DENIED, status_code=HTTP_403_FORBIDDEN) # Ensure we have the right number of user accounts self.assertEqual(get_user_model().objects.count(), 3)
def setUp(self): super(SearchApiTests, self).setUp() self.list_url = reverse( 'api_dispatch_list', kwargs={ 'api_name': 'api', 'resource_name': 'layers'}) all_public() self.norman = get_user_model().objects.get(username="******") self.norman.groups.add(Group.objects.get(name='anonymous')) self.test_user = get_user_model().objects.get(username='******') self.test_user.groups.add(Group.objects.get(name='anonymous')) self.bar = GroupProfile.objects.get(slug='bar') self.anonymous_user = get_anonymous_user() self.profiles_list_url = reverse( 'api_dispatch_list', kwargs={ 'api_name': 'api', 'resource_name': 'profiles'}) self.groups_list_url = reverse( 'api_dispatch_list', kwargs={ 'api_name': 'api', 'resource_name': 'groups'})
def test_delete_django_admin(self): """Try deleting a Django admin, a.k.a. Goldstone system admin.""" # Make a tenant. tenant = Tenant.objects.create(name='tenant', owner='John', owner_contact='206.867.5309') # Log in as the tenant admin. token = create_and_login(tenant=tenant) # Create a Django admin who's a member of the tenant. django_admin = \ get_user_model().objects.create_superuser("Amber", "*****@*****.**", "xxx", tenant=tenant) # Try DELETE on the Django admin. response = self.client.delete( TENANTS_ID_USERS_ID_URL % (tenant.uuid, django_admin.uuid), HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token) self.assertContains(response, CONTENT_PERMISSION_DENIED, status_code=HTTP_403_FORBIDDEN) # Ensure we have the right number of user accounts self.assertEqual(get_user_model().objects.count(), 2)
def test_menu_access_page_group_5(self): """ simulate behaviour of group b member group_d_ACCESS_PAGE to page_d """ self._setup_user_groups() all_pages = self._setup_tree_pages() self._setup_view_restrictions() granted = ['page_a', 'page_c', 'page_c_a', 'page_c_b', 'page_d', 'page_d_a', 'page_d_b', 'page_d_c', 'page_d_d', ] self.assertGrantedVisibility(all_pages, granted, username='******') urls = self.get_url_dict(all_pages) if get_user_model().USERNAME_FIELD == 'email': user = get_user_model().objects.get(email='*****@*****.**') else: user = get_user_model().objects.get(username='******') # call / self.assertViewNotAllowed(urls["/en/page_b/"], user) self.assertViewNotAllowed(urls["/en/page_b/page_b_b/"], user) self.assertViewNotAllowed(urls["/en/page_b/page_b_b/page_b_b_a/"], user) self.assertViewAllowed(urls["/en/page_d/"], user) self.assertViewAllowed(urls["/en/page_d/page_d_a/"], user)
def clean_username(self): username = self.cleaned_data["username"] try: get_user_model().objects.get(username=username) except get_user_model().DoesNotExist: return username raise forms.ValidationError(self.error_messages["duplicate_username"])
def post(self, request, format=None): serializer = self.serializer_class(data=request.DATA) if serializer.is_valid(): email = serializer.data['email'] try: user = get_user_model().objects.get(email=email) if user.is_verified and user.is_active: password_reset_code = \ PasswordResetCode.objects.create_reset_code(user) password_reset_code.send_password_reset_email() content = {'email': email} return Response(content, status=status.HTTP_201_CREATED) except get_user_model().DoesNotExist: pass # Since this is AllowAny, don't give away error. content = {'detail': 'Password reset not allowed.'} return Response(content, status=status.HTTP_400_BAD_REQUEST) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def _setup_user_groups(self): """ Setup a group for every grant on ACCESS TYPE """ userdata = [ ('user_1', True, self.GROUPNAME_1), ('user_1_nostaff', False, self.GROUPNAME_1), ('user_2', True, self.GROUPNAME_2), ('user_2_nostaff', False, self.GROUPNAME_2), ('user_3', True, self.GROUPNAME_3), ('user_3_nostaff', False, self.GROUPNAME_3), ('user_4', True, self.GROUPNAME_4), ('user_4_nostaff', False, self.GROUPNAME_4), ('user_5', True, self.GROUPNAME_5), ('user_5_nostaff', False, self.GROUPNAME_5), ('user_staff', True, None), ] default_users_count = get_user_model().objects.all().count() for username, is_staff, groupname in userdata: user = self._create_user(username, is_staff) if groupname: group, _ = Group.objects.get_or_create(name=groupname) user_set = getattr(group, 'user_set') user_set.add(user) group.save() self.assertEqual(11, get_user_model().objects.all().count()-default_users_count)
def test_cannot_create_org_and_new_org_team(self): # Create and log in a user get_user_model().objects.create_user(userid='*****@*****.**') form = self.app.get(reverse('login')).form form['userid'] = 'user0001com' form.submit().follow() o = Organisation(name='New Org') o.save() form = self.app.get(reverse('team-create')).form form['name'] = 'New Team' form['organisation'] = str(o.pk) form['new_organisation'] = 'New Org' response = form.submit() html = response.html errors = html.find( "ul", {"class": "form-error-list"} ).find("li").contents self.assertEqual(len(errors), 1) failMessage = "You can't select an existing organisation and " failMessage += "create a new one at the same time." self.assertIn(failMessage, errors[0].text)
def authenticate(self, ip=None, user_id=None): if ip in settings.IP_AUTH_IP: try: return get_user_model().residents.get(pk=user_id) except get_user_model().DoesNotExist: return None return None
def test_get_valid_user(self): # Verify it accepts an admin user adminuser = get_user_model().objects.get(is_superuser=True) valid_user = get_valid_user(adminuser) msg = ('Passed in a valid admin user "%s" but got "%s" in return' % (adminuser, valid_user)) assert valid_user.id == adminuser.id, msg # Verify it returns a valid user after receiving None valid_user = get_valid_user(None) msg = ('Expected valid user after passing None, got "%s"' % valid_user) assert isinstance(valid_user, get_user_model()), msg newuser = get_user_model().objects.create(username='******') valid_user = get_valid_user(newuser) msg = ('Passed in a valid user "%s" but got "%s" in return' % (newuser, valid_user)) assert valid_user.id == newuser.id, msg valid_user = get_valid_user('arieluser') msg = ('Passed in a valid user by username "%s" but got' ' "%s" in return' % ('arieluser', valid_user)) assert valid_user.username == 'arieluser', msg nn = get_anonymous_user() self.assertRaises(GeoNodeException, get_valid_user, nn)
def test_can_create_team_from_list_view(self): # Create and log in a user get_user_model().objects.create_user(userid='*****@*****.**') form = self.app.get(reverse('login')).form form['userid'] = 'user0001com' form.submit().follow() org_name = 'New Org' team_name = 'New Team skippity bippity bop' form = self.app.get(reverse('team-list')).form form['name'] = team_name form['new_organisation'] = org_name response = form.submit() self.assertEquals(response.status_int, 302) # Go get the list of teams so we can find the link of the team # we just added (we know the team name but not the id) response = self.app.get(reverse('team-list')) response = self.app.get(response.html.find( 'a', text=team_name ).attrs['href'] ) org_name = response.html.find( 'h1', attrs={'class': 'heading-xlarge'} ).get_text(strip=True) self.assertEquals(org_name, 'Team' + team_name)
def test_authenticate(self): get_user_model()._default_manager.create_user(**self.user_data) user = authenticate(username='******', password='******') self.assertEqual(None, user) user = authenticate(username='******', password='******') db_user = User.objects.get(username='******') self.assertEqual(user.id, db_user.id)
def authenticate(self, request): token = None #import ipdb # ipdb.set_trace() if 'g_token' in request.GET: token = request.GET['g_token'] elif 'g_token' in request.data: token = request.data['g_token'] if token is None: return None try: response = urlopen( 'https://www.googleapis.com/oauth2/v1/tokeninfo?id_token=' + token).read() r = response.decode('utf-8') user = json.loads(r) except HTTPError as e: response = e.read() r = response.decode('utf-8') result = json.loads(r) raise exceptions.AuthenticationFailed(result['error']) if 'error' in user: raise exceptions.AuthenticationFailed(user['error']) try: user = get_user_model().objects.get(username=user['email']) except get_user_model().DoesNotExist: raise exceptions.AuthenticationFailed('No such user') return (user, None)
def test_password_change_with_old_password(self): login_payload = { "username": self.USERNAME, "password": self.PASS } get_user_model().objects.create_user(self.USERNAME, '', self.PASS) self.post(self.login_url, data=login_payload, status_code=200) self.token = self.response.json['key'] new_password_payload = { "old_password": "******" % self.PASS, # wrong password "new_password1": "new_person", "new_password2": "new_person" } self.post(self.password_change_url, data=new_password_payload, status_code=400) new_password_payload = { "old_password": self.PASS, "new_password1": "new_person", "new_password2": "new_person" } self.post(self.password_change_url, data=new_password_payload, status_code=200) # user should not be able to login using old password self.post(self.login_url, data=login_payload, status_code=400) # new password should work login_payload['password'] = new_password_payload['new_password1'] self.post(self.login_url, data=login_payload, status_code=200)
def test_registration_with_email_verification(self): user_count = get_user_model().objects.all().count() mail_count = len(mail.outbox) # test empty payload self.post(self.register_url, data={}, status_code=status.HTTP_400_BAD_REQUEST) self.post(self.register_url, data=self.REGISTRATION_DATA_WITH_EMAIL, status_code=status.HTTP_201_CREATED) self.assertEqual(get_user_model().objects.all().count(), user_count + 1) self.assertEqual(len(mail.outbox), mail_count + 1) new_user = get_user_model().objects.latest('id') self.assertEqual(new_user.username, self.REGISTRATION_DATA['username']) # email is not verified yet payload = { "username": self.USERNAME, "password": self.PASS } self.post(self.login_url, data=payload, status=status.HTTP_400_BAD_REQUEST) # veirfy email email_confirmation = new_user.emailaddress_set.get(email=self.EMAIL)\ .emailconfirmation_set.order_by('-created')[0] self.post(self.veirfy_email_url, data={"key": email_confirmation.key}, status_code=status.HTTP_200_OK) # try to login again self._login() self._logout()
def test_canEditProfile(self): u1 = get_user_model().objects.create_user('*****@*****.**','user1') u2 = get_user_model().objects.create_user('*****@*****.**','user2') self.assertFalse(perms.user_can_edit(u1,u2)) self.assertFalse(perms.user_can_edit(u2,u1)) self.assertTrue(perms.user_can_edit(u1,u1)) self.assertTrue(perms.user_can_edit(u2,u2))
def test_password_change(self): login_payload = { "username": self.USERNAME, "password": self.PASS } get_user_model().objects.create_user(self.USERNAME, '', self.PASS) self.post(self.login_url, data=login_payload, status_code=200) self.token = self.response.json['key'] new_password_payload = { "new_password1": "new_person", "new_password2": "new_person" } self.post(self.password_change_url, data=new_password_payload, status_code=200) # user should not be able to login using old password self.post(self.login_url, data=login_payload, status_code=400) # new password should work login_payload['password'] = new_password_payload['new_password1'] self.post(self.login_url, data=login_payload, status_code=200) # pass1 and pass2 are not equal new_password_payload = { "new_password1": "new_person1", "new_password2": "new_person" } self.post(self.password_change_url, data=new_password_payload, status_code=400) # send empty payload self.post(self.password_change_url, data={}, status_code=400)
def points_awarded(target=None, source=None, since=None): """ Determine out how many points the given target has recieved. """ lookup_params = {} if target is not None: if isinstance(target, get_user_model()): lookup_params["target_user"] = target else: lookup_params.update({ "target_content_type": ContentType.objects.get_for_model(target), "target_object_id": target.pk, }) if source is not None: if isinstance(source, get_user_model()): lookup_params["source_user"] = source else: lookup_params.update({ "source_content_type": ContentType.objects.get_for_model(source), "source_object_id": source.pk, }) if since is None: if target is not None and source is None: try: return TargetStat.objects.get(**lookup_params).points except TargetStat.DoesNotExist: return 0 else: return AwardedPointValue.points_awarded(**lookup_params) else: lookup_params["timestamp__gte"] = since return AwardedPointValue.points_awarded(**lookup_params)
def test_RegistrationAuthority_name_change(self): ra = models.RegistrationAuthority.objects.create(name="Test RA") user = get_user_model().objects.create_user('*****@*****.**','registrar') # User isn't in RA... yet self.assertFalse(perms.user_is_registrar(user,ra)) # Add user to RA, assert user is in RA ra.giveRoleToUser('registrar',user) # Caching issue, refresh from DB with correct permissions user = get_user_model().objects.get(pk=user.pk) self.assertTrue(perms.user_is_registrar(user,ra)) # Change name of RA, assert user is still in RA ra.name = "Test RA2" ra.save() user = get_user_model().objects.get(pk=user.pk) self.assertTrue(perms.user_is_registrar(user,ra)) # Add new RA with old RA's name, assert user is not in the new RA newRA = models.RegistrationAuthority.objects.create(name="Test RA") user = get_user_model().objects.get(pk=user.pk) self.assertFalse(perms.user_is_registrar(user,newRA)) # Remove user to RA, assert user is no longer in RA ra.removeRoleFromUser('registrar',user) # Caching issue, refresh from DB with correct permissions user = get_user_model().objects.get(pk=user.pk) self.assertFalse(perms.user_is_registrar(user,ra))
def test_duplicate_name(self): """Try registering with a duplicate name.""" USERS = ["Bahb", "Barbra"] # Register a couple of users. for user in USERS: response = self.client.post( REGISTRATION_URL, json.dumps({"username": user, "password": "******"}), content_type="application/json") # pylint: disable=E1101 self.assertEqual(response.status_code, HTTP_201_CREATED) self.assertEqual(get_user_model().objects.count(), 2) # Now try to re-register one of the accounts. response = self.client.post( REGISTRATION_URL, json.dumps({"username": USERS[0], "password": "******"}), content_type="application/json") self.assertContains(response, CONTENT_UNIQUE_USERNAME, status_code=HTTP_400_BAD_REQUEST) self.assertEqual(get_user_model().objects.count(), 2)
def test_delete(self): """ Test deleting a *PAGE* plugin """ page, placeholder, superuser, staff = self.get_data() plugin = add_plugin(placeholder, 'TextPlugin', 'en', body='body') plugin_data = { 'plugin_id': plugin.pk, } plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body') # log the user out, try to remove the plugin self.client.logout() response = self.client.post(URL_CMS_PLUGIN_REMOVE, plugin_data) # since the user is not logged in, they should be prompted to log in. self.assertEqual(response.status_code, 302) self.assertRedirects(response, '/en/admin/login/?next=%s' % URL_CMS_PLUGIN_REMOVE) self.assertEqual(CMSPlugin.objects.count(), 1) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body') # now log a staff user without permissions in and do the same as above. self.client.login(username=getattr(staff, get_user_model().USERNAME_FIELD), password=getattr(staff, get_user_model().USERNAME_FIELD)) response = self.client.post(URL_CMS_PLUGIN_REMOVE + "%s/" % plugin.pk, plugin_data) # the user is logged in and the security check fails, so it should 403. self.assertEqual(response.status_code, 403) self.assertEqual(CMSPlugin.objects.count(), 1) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body')
def test_add(self): """ Test adding a plugin to a *PAGE*. """ page, placeholder, superuser, staff = self.get_data() get_data = { 'plugin_type': "TextPlugin", 'plugin_language': settings.LANGUAGES[0][0], 'placeholder_id': page.placeholders.get(slot="body").pk, } post_data = {} self.assertEqual(CMSPlugin.objects.count(), 0) # log the user out and post the plugin data to the cms add-plugin URL. self.client.logout() add_url = URL_CMS_PLUGIN_ADD + '?' + urlencode(get_data) response = self.client.post(add_url, post_data) # since the user is not logged in, they should be prompted to log in. self.assertEqual(response.status_code, 302) querystring = QueryDict('', mutable=True) querystring['next'] = add_url expected_url = '/{lang}/admin/login/?{next}'.format( lang=settings.LANGUAGES[0][0], next=querystring.urlencode(safe='/') ) self.assertRedirects(response, expected_url) self.assertEqual(CMSPlugin.objects.count(), 0) # now log a staff user without permissions in and do the same as above. self.client.login(username=getattr(staff, get_user_model().USERNAME_FIELD), password=getattr(staff, get_user_model().USERNAME_FIELD)) response = self.client.post(add_url, post_data) # the user is logged in and the security check fails, so it should 403. self.assertEqual(response.status_code, 403) self.assertEqual(CMSPlugin.objects.count(), 0)
def test_edit(self): """ Test editing a *PAGE* plugin """ page, placeholder, superuser, staff = self.get_data() # create the plugin using a superuser plugin = add_plugin(placeholder, 'TextPlugin', 'en', body='body') plugin_data = { 'plugin_id': plugin.pk, 'body': 'newbody', } self.assertEqual(plugin.body, 'body') # check the body is as expected. # log the user out, try to edit the plugin self.client.logout() url = URL_CMS_PLUGIN_EDIT + '%s/' % plugin.pk response = self.client.post(url, plugin_data) # since the user is not logged in, they should be prompted to log in. self.assertEqual(response.status_code, 302) self.assertRedirects(response, '/en/admin/login/?next=%s' % url) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body') # now log a staff user without permissions in and do the same as above. self.client.login(username=getattr(staff, get_user_model().USERNAME_FIELD), password=getattr(staff, get_user_model().USERNAME_FIELD)) response = self.client.post(url, plugin_data) # the user is logged in and the security check fails, so it should 403. self.assertEqual(response.status_code, 403) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body')
def setUpTestData(cls): try: cls.user = get_user_model().objects.get(username='******') except Exception: cls.user = get_user_model().objects.create_user('farms', 'farms') cls.user.is_staff = True cls.user.save()
def test_edit_ph(self): """ Test editing a *NON PAGE* plugin """ page, placeholder, superuser, staff = self.get_data() plugin = add_plugin(placeholder, 'TextPlugin', 'en', body='body') url = admin_reverse('placeholderapp_example1_edit_plugin', args=(plugin.pk,)) plugin_data = { 'body': 'newbody', 'language': 'en', 'plugin_id': plugin.pk, } plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body') # log the user out and try to edit a plugin using PlaceholderAdmin self.client.logout() response = self.client.post(url, plugin_data) # since the user is not logged in, they should be prompted to log in. self.assertEqual(response.status_code, 302) self.assertRedirects(response, '/en/admin/login/?next=%s' % url) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body') # now log a staff user without permissions in and do the same as above. self.client.login(username=getattr(staff, get_user_model().USERNAME_FIELD), password=getattr(staff, get_user_model().USERNAME_FIELD)) response = self.client.post(url, plugin_data) # the user is logged in and the security check fails, so it should 403. self.assertEqual(response.status_code, 403) plugin = self.reload(plugin) self.assertEqual(plugin.body, 'body')
def test_post(self, email=None): """Register a user. :keyword email: An e-mail address to use when registering the user :type email: str or None """ USERNAME = "******" # Assemble the registration payload payload = {"username": USERNAME, "password": "******"} if email: payload["email"] = email # Register this account. response = self.client.post(REGISTRATION_URL, json.dumps(payload), content_type="application/json") # Check the results. # pylint: disable=E1101 self.assertEqual(response.status_code, HTTP_201_CREATED) response_content = json.loads(response.content) self.assertEqual(response_content["username"], USERNAME) self.assertIsInstance(response_content["auth_token"], basestring) self.assertEquals(len(response_content), 3) self.assertEqual(response_content["email"], email if email else '') self.assertEqual(get_user_model().objects.count(), 1) self.assertEqual(get_user_model().objects.all()[0].username, USERNAME)
def test_allows_negative_ids(self): # see https://github.com/torchbox/wagtail/issues/565 get_user_model().objects.create_user('guardian', '*****@*****.**', 'gu@rd14n', id=-1) response = self.get() self.assertEqual(response.status_code, 200) self.assertContains(response, 'testuser') self.assertContains(response, 'guardian')
def test_get_page_for_apphook_on_preview_or_edit(self): if get_user_model().USERNAME_FIELD == 'email': superuser = get_user_model().objects.create_superuser('admin', '*****@*****.**', '*****@*****.**') else: superuser = get_user_model().objects.create_superuser('admin', '*****@*****.**', 'admin') page = create_page("home", "nav_playground.html", "en", created_by=superuser, published=True, apphook=APP_NAME) create_title('de', page.get_title(), page) page.publish('en') page.publish('de') page.save() public_page = page.get_public_object() with self.login_user_context(superuser): with force_language("en"): path = reverse('sample-settings') request = self.get_request(path + '?%s' % get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON')) request.LANGUAGE_CODE = 'en' attached_to_page = applications_page_check(request, path=path[1:]) # strip leading slash response = self.client.get(path+"?edit") self.assertContains(response, '?redirect=') with force_language("de"): path = reverse('sample-settings') request = self.get_request(path + '?%s' % get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON')) request.LANGUAGE_CODE = 'de' attached_to_page = applications_page_check(request, path=path[1:]) # strip leading slash self.assertEqual(attached_to_page.pk, public_page.pk)
class Meta: model = get_user_model() exclude = ('password',)
from django.contrib.auth import get_user_model from django.http import HttpRequest from django.utils.translation import ugettext_lazy as _ from allauth.account import app_settings as allauth_settings from allauth.account.forms import ResetPasswordForm from allauth.utils import email_address_exists, generate_unique_username from allauth.account.adapter import get_adapter from allauth.account.utils import setup_user_email from rest_framework import serializers from rest_auth.serializers import PasswordResetSerializer from home.models import CustomText, FFF, HomePage User = get_user_model() class SignupSerializer(serializers.ModelSerializer): class Meta: model = User fields = ("id", "name", "email", "password") extra_kwargs = { "password": { "write_only": True, "style": { "input_type": "password" } }, "email": { "required": True, "allow_blank": False, }, }
class Meta: model = get_user_model() fields = ('email', 'password', 'name') extra_kwargs = {'password': {'write_only': True, 'min_length': 5}}
def create(self, validated_data): """Create a new user with encrypted password and return it""" return get_user_model().objects.create_user(**validated_data)
def setUp(self): self.user = get_user_model().objects.create_user( '*****@*****.**', 'testpass123' ) self.client = APIClient() self.client.force_authenticate(self.user)
# This file is subject to the terms and conditions defined in the # file 'LICENSE', which is part of this source code package. # from django.contrib.auth import get_user_model from django.contrib.sites.models import Site from django.test import TestCase from oauth2_provider.models import get_application_model from oauth2_provider.settings import oauth2_settings from testfixtures import LogCapture from proj.common.oauth_helper import create_access_token from proj.settings.base import ADMIN_ACCOUNT_NAME, ADMIN_ACCOUNT_PASSWORD Application = get_application_model() UserModel = get_user_model() class BaseTest(TestCase): def setUp(self): self.log = LogCapture() self.test_user = get_user_model().objects.create_user( ADMIN_ACCOUNT_NAME, "*****@*****.**", ADMIN_ACCOUNT_PASSWORD) self.test_user.save() self.test_user.profile.oauth_scope = 'read write' self.test_user.profile.accepted_terms = True self.test_user.profile.account_activated = True self.test_user.profile.save() self.application = Application(
from django.contrib import admin from django.contrib.auth import get_user_model from django.contrib.auth.admin import UserAdmin from .forms import CustomUserCreationForm, CustomUserChangeForm CustomUser = get_user_model() class CustomUserAdmin(UserAdmin): add_form = CustomUserCreationForm form = CustomUserChangeForm model = CustomUser list_display = ['email', 'username'] admin.site.register(CustomUser, CustomUserAdmin)
class Meta: model = get_user_model() fields = ('id', 'name', 'position', 'email', 'password')
class Meta: model = get_user_model() fields = [ # 8.19 소이 - 변경 'email', 'name', 'birth', 'postcode', 'address', 'detail_address', 'ref_address', 'phone', ]
def create(self, validated_data): return get_user_model().objects.create_user(**validated_data)
from django.test import TestCase from django.contrib.auth import get_user_model from notification.models import Follow from blog.models import Post, Like, Comment USER_MODEL = get_user_model() class TestFollowModel(TestCase): @classmethod def setUpTestData(cls): cls.u1 = USER_MODEL.objects.create_user( first_name='Michael', last_name='R', username='******', email='*****@*****.**', password='******' ) cls.u2 = USER_MODEL.objects.create_user( first_name='Kate', last_name='S', username='******', email='*****@*****.**', password='******' ) cls.follow = Follow.objects.create( user_from=cls.u1.profile, user_to=cls.u2.profile
from django.contrib import admin from django.contrib.auth.admin import UserAdmin from django.contrib.auth import get_user_model from .models import MemberLevel @admin.register(MemberLevel) class MemberLevelAdmin(admin.ModelAdmin): list_display = ['name'] # Register your models here. admin.site.register(get_user_model(), UserAdmin)
def test_batch_edit(self): Model = Map view = 'map_batch_metadata' resources = Model.objects.all()[:3] ids = ','.join([str(element.pk) for element in resources]) # test non-admin access self.client.login(username="******", password="******") response = self.client.get(reverse(view)) self.assertTrue(response.status_code in (401, 403)) # test group change group = Group.objects.first() self.client.login(username='******', password='******') response = self.client.post( reverse(view), data={ 'group': group.pk, 'ids': ids, 'regions': 1 }, ) self.assertEqual(response.status_code, 302) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: self.assertEqual(resource.group, group) # test owner change owner = get_user_model().objects.first() response = self.client.post( reverse(view), data={ 'owner': owner.pk, 'ids': ids, 'regions': 1 }, ) self.assertEqual(response.status_code, 302) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: self.assertEqual(resource.owner, owner) # test license change license = License.objects.first() response = self.client.post( reverse(view), data={ 'license': license.pk, "ids": ids, 'regions': 1 }, ) self.assertEqual(response.status_code, 302) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: self.assertEqual(resource.license, license) # test regions change region = Region.objects.first() response = self.client.post( reverse(view), data={ 'region': region.pk, 'ids': ids, 'regions': 1 }, ) self.assertEqual(response.status_code, 302) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: if resource.regions.all(): self.assertTrue(region in resource.regions.all()) # test language change language = 'eng' response = self.client.post( reverse(view), data={ 'language': language, 'ids': ids, 'regions': 1 }, ) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: self.assertEqual(resource.language, language) # test keywords change keywords = 'some,thing,new' response = self.client.post( reverse(view), data={ 'keywords': keywords, 'ids': ids, 'regions': 1 }, ) resources = Model.objects.filter(id__in=[r.pk for r in resources]) for resource in resources: for word in resource.keywords.all(): self.assertTrue(word.name in keywords.split(','))
class Meta: model = get_user_model() fields = ['name', 'postcode', 'photo', 'address', 'detail_address', 'ref_address', 'phone' ]
def setUp(self): # Create a user for auth get_user_model().objects.create_user('testuser', '*****@*****.**', 'password') self.client.login(username='******', password='******')
class CreateUserView(CreateAPIView): model=get_user_model() permission_classes = [AllowAny] serializer_class=UserSerializer
def set_seed(n): if DEBUG: logging.basicConfig(stream=sys.stderr, level=logging.DEBUG) User = get_user_model() faker = Faker() # Seed User for _ in range(2): User.objects.create_user(username="******" + str(_+1), email=faker.email(), password="******") logging.info( f"{User.objects.count()} User(s) created!") if DEBUG else None # Seed Superuser if User.objects.count() == 2: User.objects.create_superuser( username='******', email='*****@*****.**', password='******', question_history=",".join(map(str, faker.random_elements( elements=range(1, 1501), length=random.randint(3, 10), unique=True)))) admin = User.objects.get(username='******') logging.info("Superuser created!") if DEBUG else None # Seed Article/AdminQuestion/CustomQuestionPost users = User.objects.all() for _ in range(n): user = random.choice(users) article = Article.objects.create(author=user, content=faker.catch_phrase(), share_with_friends=random.choice( [True, False]), share_anonymously=random.choice([True, False])) if not article.share_anonymously and not article.share_with_friends: article.share_with_friends = True article.save() Question.objects.create( author=admin, is_admin_question=True, content=faker.word()) Question.objects.create( author=user, is_admin_question=False, content=faker.word()) logging.info( f"{Article.objects.count()} Article(s) created!") if DEBUG else None logging.info(f"{Question.objects.count()} Question(s) created!") \ if DEBUG else None # Select Daily Questions daily_questions = Question.objects.filter( selected_date__isnull=True).order_by('?')[:30] for question in daily_questions: question.selected_date = timezone.now() question.save() # Seed Response questions = Question.objects.all() for _ in range(n): question = random.choice(questions) response = Response.objects.create(author=user, content=faker.text(max_nb_chars=50), question=question, share_with_friends=random.choice( [True, False]), share_anonymously=random.choice([True, False])) if not response.share_anonymously and not response.share_with_friends: response.share_with_friends = True response.save() logging.info( f"{Response.objects.count()} Response(s) created!") if DEBUG else None # Seed Response Request for _ in range(n): question = random.choice(questions) requester = random.choice(users) requestee = random.choice(users.exclude(id=requester.id)) ResponseRequest.objects.get_or_create(requester=requester, requestee=requestee, question=question) logging.info( f"{ResponseRequest.objects.count()} ResponseRequest(s) created!") if DEBUG else None # Seed Comment (target=Feed) articles = Article.objects.all() responses = Response.objects.all() for _ in range(n): user = random.choice(users) article = random.choice(articles) response = random.choice(responses) Comment.objects.create(author=user, target=article, content=faker.catch_phrase(), is_private=_ % 2) Comment.objects.create(author=user, target=response, content=faker.catch_phrase(), is_private=_ % 2) logging.info( f"{Comment.objects.count()} Comment(s) created!") if DEBUG else None # Seed Reply Comment (target=Comment) comment_model = get_comment_type() comments = Comment.objects.all() for _ in range(n): user = random.choice(users) comment = random.choice(comments) reply = Comment.objects.create(author=user, target=comment, content=faker.catch_phrase(), is_private=comment.is_private) if reply.target.is_private: reply.is_private = True reply.save() logging.info(f"{Comment.objects.filter(content_type=comment_model).count()} Repl(ies) created!") \ if DEBUG else None # Seed Like for i in range(n): user = random.choice(users) article = Article.objects.get(id=i + 1) question = Question.objects.get(id=i + 1) response = Response.objects.get(id=i + 1) comment = Comment.objects.comments_only()[i] reply = Comment.objects.replies_only()[i] Like.objects.create(user=user, target=article) Like.objects.create(user=user, target=question) Like.objects.create(user=user, target=response) Like.objects.create(user=user, target=comment) Like.objects.create(user=user, target=reply) logging.info( f"{Like.objects.count()} Like(s) created!") if DEBUG else None # Seed Friend Request user_1 = User.objects.get(id=1) user_2 = User.objects.get(id=2) user_3 = User.objects.get(id=3) FriendRequest.objects.create(requester=user_3, requestee=user_1) FriendRequest.objects.create(requester=user_3, requestee=user_2) # Seed Friendship user_1.friends.add(user_2)
def test_new_map_config(self): """Test that new map config can be properly assigned """ self.client.login(username='******', password='******') # Test successful new map creation m = Map() admin_user = get_user_model().objects.get(username='******') layer_name = Layer.objects.all().first().alternate m.create_from_layer_list(admin_user, [layer_name], "title", "abstract") map_id = m.id url = reverse('new_map_json') # Test GET method with COPY response = self.client.get(url, {'copy': map_id}) self.assertEqual(response.status_code, 200) map_obj = Map.objects.get(id=map_id) config_map = map_obj.viewer_json(None) content = response.content if isinstance(content, bytes): content = content.decode('UTF-8') response_config_dict = json.loads(content) self.assertEqual(config_map['map']['layers'], response_config_dict['map']['layers']) # Test GET method no COPY and no layer in params response = self.client.get(url) self.assertEqual(response.status_code, 200) config_default = default_map_config(None)[0] content = response.content if isinstance(content, bytes): content = content.decode('UTF-8') response_config_dict = json.loads(content) self.assertEqual(config_default['about']['abstract'], response_config_dict['about']['abstract']) self.assertEqual(config_default['about']['title'], response_config_dict['about']['title']) # Test GET method no COPY but with layer in params response = self.client.get(url, {'layer': layer_name}) self.assertEqual(response.status_code, 200) content = response.content if isinstance(content, bytes): content = content.decode('UTF-8') response_dict = json.loads(content) self.assertEqual(response_dict['fromLayer'], True) # Test POST method without authentication self.client.logout() response = self.client.post(url, {'layer': layer_name}) self.assertEqual(response.status_code, 401) # Test POST method with authentication and a layer in params self.client.login(username='******', password='******') try: response = self.client.post(url, {'layer': layer_name}) # Should not accept the request self.assertEqual(response.status_code, 400) # Test POST method with map data in json format response = self.client.post(url, data=self.viewer_config, content_type="text/json") self.assertEqual(response.status_code, 200) content = response.content if isinstance(content, bytes): content = content.decode('UTF-8') map_id = int(json.loads(content)['id']) # Check new map saved map_obj = Map.objects.get(id=map_id) # Check # BBox format: [xmin, xmax, ymin, ymax bbox_str = [ '-90.193207913954200', '-79.206792062465500', '9.059219904470890', '16.540780092025600', 'EPSG:4326' ] self.assertEqual(bbox_str, [str(c) for c in map_obj.bbox]) bbox_long_str = '-90.193207913954200,9.059219904470890,' \ '-79.206792062465500,16.540780092025600' self.assertEqual(bbox_long_str, map_obj.bbox_string) # Test methods other than GET or POST and no layer in params response = self.client.put(url) self.assertEqual(response.status_code, 405) except Exception: pass
def edit_group_view(request, group_id): try: group = Group.objects.get(id=group_id) except Group.DoesNotExist as e: raise http.Http404 from e if not request.user.can_manage_group(group): messages.error(request, "You must be a superuser on Ion to manage administrative groups") return redirect("eighth_admin_dashboard") if request.method == "POST": invalidate_model(Group) if group.name.lower().startswith("all students"): cache.delete("users:students") if "remove_all" in request.POST: users = group.user_set.all() num = users.count() for u in users: group.user_set.remove(u) group.save() invalidate_obj(group) messages.success(request, "Successfully deleted {} members of the group.".format(num)) return redirect("eighth_admin_edit_group", group.id) form = GroupForm(request.POST, instance=group) if form.is_valid(): if "student_visible" in form.cleaned_data: props = group.properties props.student_visible = form.cleaned_data["student_visible"] props.save() invalidate_obj(props) form.save() messages.success(request, "Successfully edited group.") return redirect("eighth_admin_dashboard") else: messages.error(request, "Error modifying group.") else: form = GroupForm(instance=group, initial={"student_visible": group.properties.student_visible}) student_query = None if request.method == "GET": student_query = request.GET.get("q", None) if not student_query: users = group.user_set.all() # Order not strictly alphabetical else: ion_ids = [sid.strip() for sid in student_query.split(",")] users = group.user_set.filter(username__in=ion_ids) users = users.order_by("username", "first_name", "last_name", "student_id") p = Paginator(users, 100) # Paginating to limit LDAP queries (slow) page_num = request.GET.get("p", 1) try: page = p.page(page_num) except PageNotAnInteger: page = p.page(1) except EmptyPage: page = p.page(p.num_pages) members = [] for user in page: grade = user.grade members.append( { "id": user.id, "first_name": user.first_name, "last_name": user.last_name, "student_id": user.student_id, "email": user.tj_email, "grade": grade.number if user.grade and not user.grade.number == 13 else "Staff", } ) members = sorted(members, key=lambda m: (m["last_name"], m["first_name"])) linked_activities = EighthActivity.objects.filter(groups_allowed=group) def parse_int(value): try: return int(value) except ValueError: return None context = { "group": group, "members": members, "member_count": users.count(), "members_page": page, "edit_form": form, "added_ids": [parse_int(x) for x in request.GET.getlist("added")], "linked_activities": linked_activities, "admin_page_title": "Edit Group", "delete_url": reverse("eighth_admin_delete_group", args=[group_id]), } if "possible_student" in request.GET: student_ids = request.GET.getlist("possible_student") possible_students = get_user_model().objects.get(id__in=student_ids) context["possible_students"] = possible_students return render(request, "eighth/admin/edit_group.html", context)
class Meta: model = get_user_model() # use this function for swapping user model fields = ('email', 'username', 'password1', 'password2', 'language')
def save(self, commit=True): self.user.set_password(self.cleaned_data['password1']) if commit: get_user_model().objects.filter(pk=self.user.pk).update( password=self.user.password, ) return self.user
def eighth_admin_distribute_action(request): if "users" in request.POST: activity_user_map = {} for item in request.POST: if item[:6] == "schact": try: sid = int(item[6:]) schact = EighthScheduledActivity.objects.get(id=sid) except EighthScheduledActivity.DoesNotExist: messages.error(request, "ScheduledActivity does not exist with id {}".format(sid)) userids = request.POST.getlist(item) activity_user_map[schact] = userids changes = 0 for schact, userids in activity_user_map.items(): for uid in userids: changes += 1 schact.add_user(get_user_model().objects.get(id=int(uid)), request=request, force=True, no_after_deadline=True) messages.success(request, "Successfully completed {} activity signups.".format(changes)) return redirect("eighth_admin_dashboard") elif "schact" in request.GET: schactids = request.GET.getlist("schact") schacts = [] for schact in schactids: try: sch = EighthScheduledActivity.objects.get(id=schact) schacts.append(sch) except EighthScheduledActivity.DoesNotExist as e: raise http.Http404 from e users = [] users_type = "" if "group" in request.GET: group = Group.objects.get(id=request.GET.get("group")) users = group.user_set.all() users_type = "group" elif "unsigned" in request.GET: unsigned = [] if "block" in request.GET: blockid = request.GET.get("block") block = EighthBlock.objects.get(id=blockid) else: raise http.Http404 unsigned = get_user_model().objects.get_students().exclude(eighthsignup__scheduled_activity__block__id=blockid) users = unsigned users_type = "unsigned" if "limit" in request.GET: users = users[0: int(request.GET.get("limit"))] # Sort by last name users = sorted(list(users), key=lambda x: x.last_name) context = { "admin_page_title": "Distribute Group Members Across Activities", "users_type": users_type, "group": group if users_type == "group" else None, "eighthblock": block if users_type == "unsigned" else None, "schacts": schacts, "users": users, "show_selection": True, } return render(request, "eighth/admin/distribute_group.html", context) else: return redirect("eighth_admin_dashboard")
def recover_passphrase(request): if request.method == "GET": return render(request, "recover_passphrase.html") email = request.POST['email'] new_password = request.POST['new_password'] confirm_password = request.POST['confirm_password'] if new_password != confirm_password: return render(request, 'recover_passphrase.html', { 'error': _('Passwords mismatch') }) try: settings = SecuritySettings.objects.get() except SecuritySettings.DoesNotExist: settings = SecuritySettings(length_password=8) if len(new_password) < settings.length_password: error = "The password must be at least {} characters long.".format( settings.length_password) return render(request, 'recover_passphrase.html', { 'error': error }) # At least one letter and one non-letter first_isalpha = new_password[0].isalpha() if all(c.isalpha() == first_isalpha for c in new_password): error = _("The password must contain at least one letter and at least \ one digit or punctuation character.") return render(request, 'recover_passphrase.html', { 'error': error }) try: recovery_file = request.FILES['recovery_file'].read() recovery_file = base64.b64decode(recovery_file).decode('utf-8') except Exception: return render(request, 'recover_passphrase.html', { 'error': _('Invalid recovery file provided') }) try: user = get_user_model().objects.get(email=email) except get_user_model().DoesNotExist: return render(request, 'recover_passphrase.html', { 'error': _('No such user') }) recovery_passphrase = user.recovery_passphrase crypto_utils = CryptoUtils() decrypted_recovery = crypto_utils.sym_decrypt(recovery_passphrase, recovery_file) workspaces = Workspace.objects.filter(owner=user) shares = Shared.objects.filter(user=user) new_passphrase = hashlib.sha512(new_password.encode('utf-8')).hexdigest() try: update_password_toolkit( user, workspaces, shares, decrypted_recovery, new_passphrase, new_password ) except Exception as e: return render(request, 'recover_passphrase.html', { 'error': str(e) }) return render(request, 'logon.html', { 'message': _("Password successfully updated") })
def upload_group_members_view(request, group_id): try: group = Group.objects.get(id=group_id) except Group.DoesNotExist as e: raise http.Http404 from e if not request.user.can_manage_group(group): messages.error(request, "You must be a superuser on Ion to manage administrative groups") return redirect("eighth_admin_dashboard") stage = "upload" data = {} filetext = False if request.method == "POST": form = UploadGroupForm(request) if "file" in request.FILES: fileobj = request.FILES["file"] if "text/" not in fileobj.content_type: messages.error(request, "The uploaded file is not of the correct type, plain text.") return redirect("eighth_admin_edit_group", group.id) filetext = get_file_string(fileobj) elif "filetext" in request.POST: filetext = request.POST.get("filetext") elif "user_id" in request.POST: userids = request.POST.getlist("user_id") num_added = 0 for uid in userids: user = get_user_model().objects.get(id=uid) if user is None: messages.error(request, "User with ID {} does not exist".format(uid)) elif user.groups.filter(id=group.id).exists(): messages.warning(request, "User {} is already in group".format(user.username)) else: user.groups.add(group) user.save() num_added += 1 invalidate_obj(group) messages.success(request, "{} added to group {}".format(num_added, group)) return redirect("eighth_admin_edit_group", group.id) elif "import_group" in request.POST: try: import_group = Group.objects.get(id=request.POST["import_group"]) except Group.DoesNotExist as e: raise http.Http404 from e num_users = 0 if "import_confirm" in request.POST: for member in import_group.user_set.all(): if member.groups.filter(id=group.id).exists(): messages.warning(request, "User {} is already in group".format(member.username)) else: member.groups.add(group) member.save() num_users += 1 invalidate_obj(group) messages.success(request, "Added {} users from {} to {}".format(num_users, import_group, group)) return redirect("eighth_admin_edit_group", group.id) return render( request, "eighth/admin/upload_group.html", { "admin_page_title": "Import Group Members: {}".format(group), "stage": "import_confirm", "group": group, "import_group": import_group, "num_users": num_users, }, ) else: form = UploadGroupForm() all_groups = Group.objects.order_by("name") context = { "admin_page_title": "Upload/Import Group Members: {}".format(group), "form": form, "stage": stage, "data": data, "group": group, "all_groups": all_groups, } if filetext: context["stage"] = "parse" data = handle_group_input(filetext) context["sure_users"], context["unsure_users"] = data return render(request, "eighth/admin/upload_group.html", context)
from django.db import models from django.utils.translation import ugettext_lazy as _ from PIL import Image,ImageOps import logging from io import BytesIO from django.core.files.base import ContentFile from django.core.files.storage import default_storage from django.contrib.auth import get_user_model from datetime import datetime THUMNAIL_SIZE = (70,70) USER = get_user_model() logger = logging.getLogger(__name__) # Create your models here. class Category(models.Model): """Model definition for Category.""" category = models.CharField(_("Category Name"),max_length= 32) class Meta: verbose_name = 'Category' verbose_name_plural = 'Categories' def __str__(self): return self.category class Item(models.Model): """Model definition for Item."""
class Meta: model = get_user_model() fields = ('name', 'password', 'mobile', 'user_type', 'is_staff', 'is_active')
def resolve_users(self, info): return get_user_model().objects.all()
def configure_account(request, user_id): model_user = get_user_model() try: user = model_user.objects.get(pk=user_id) except model_user.DoesNotExist: return HttpResponseForbidden('Not allowed') if user.configure: return HttpResponseRedirect('/') try: settings = SecuritySettings.objects.get() except SecuritySettings.DoesNotExist: settings = SecuritySettings(length_password=8) if request.method == "POST": first_name = request.POST['first_name'] last_name = request.POST['last_name'] password = request.POST['password'] password = request.POST['password'] repassword = request.POST['repassword'] if password != repassword: error = _("Password mismatch") return render(request, 'configure.html', { 'user': user, 'error': error }) if len(password) < settings.length_password: error = "The password must be at least {} characters long.".format( settings.length_password) return render(request, 'configure.html', { 'user': user, 'error': error }) # At least one letter and one non-letter first_isalpha = password[0].isalpha() if all(c.isalpha() == first_isalpha for c in password): error = _("The password must contain at least one letter and at least \ one digit or punctuation character.") return render(request, 'configure.html', { 'user': user, 'error': error }) hashed_passwd = hashlib.sha512(password.encode('utf-8')).hexdigest() user.generate_keys(hashed_passwd) user.set_password(password) user.first_name = first_name user.last_name = last_name user.last_change_passwd = datetime.datetime.now() user.configure = True user.save() workspace_utils = WorkspaceUtils(user) workspace_utils.create_workspace("Personal") logger.info("User {} configured".format(user.email)) return HttpResponseRedirect('/login') password_indication = "At least {} characters, with one letter and \ one digit or punctuation".format(settings.length_password) return render(request, 'configure.html', { 'user': user, 'password_indication': password_indication, })
class UserProfile(models.Model): """ The production model is student.models.UserProfile. """ user = models.OneToOneField(get_user_model(), unique=True, db_index=True, related_name='profile') name = models.CharField(blank=True, max_length=255, db_index=True)
class Meta: model = get_user_model()