def test_permissions(self): coll = Collection.find("test_root") User.create(username="******", password="******", email="*****@*****.**", quick=True) User.create(username="******", password="******", email="*****@*****.**", quick=True) owning_user = User.find("protected_test_owner") reading_user = User.find("protected_reader") assert owning_user assert reading_user group = Group.create(name="protected_group") Collection.create(name="protected", parent=coll.id, read_access=[group.id]) c = Collection.find("protected") res_count = SearchIndex.index(c, ['name', 'metadata']) assert res_count == 1 results = SearchIndex.find(["protected"], reading_user) assert len(results) == 0, results
def modify_user(request, username=""): """Expecting json in the body: { "username": username, "password": password, "email": email, "administrator": is_admin, "active": is_active} """ try: body = request.body request_body = json.loads(body) except: return Response("Invalid JSON body", status=HTTP_400_BAD_REQUEST) if username is None: try: username = request_body['username'] except KeyError: return Response("Missing username", status=HTTP_400_BAD_REQUEST) user = User.find(username) if not user: return Response(u"User {} doesn't exist".format(username), status=HTTP_404_NOT_FOUND) if 'email' in request_body: user.update(email=request_body['email']) if 'password' in request_body: user.update(password=request_body['password']) if 'administrator' in request_body: user.update(administrator=request_body['administrator']) if 'active' in request_body: user.update(active=request_body['active']) return Response(user.to_dict(), status=HTTP_200_OK)
def create_user(request): """Expecting json in the body: { "username": username, "password": password, "email": email, "administrator": is_admin } """ try: body = request.body request_body = json.loads(body) except: return Response("Invalid JSON body", status=HTTP_400_BAD_REQUEST) try: username = request_body['username'] except KeyError: return Response("Missing username", status=HTTP_400_BAD_REQUEST) user = User.find(username) if user: return Response("User already exists", status=HTTP_409_CONFLICT) try: email = request_body['email'] except KeyError: return Response("Missing email", status=HTTP_400_BAD_REQUEST) try: password = request_body['password'] except KeyError: return Response("Missing password", status=HTTP_400_BAD_REQUEST) administrator = request_body.get('administrator', False) user = User.create(name=username, password=password, email=email, administrator=administrator) return Response(user.to_dict(), status=HTTP_201_CREATED)
def ls_user(request, username): # TODO check if username is valid to test ? user = User.find(username) if user: return Response(user.to_dict(), status=HTTP_200_OK) else: return Response(u"User {} not found".format(username), status=HTTP_404_NOT_FOUND)
def delete_user(request, username): """Delete a user""" user = User.find(username) if not user: return Response(u"User {} doesn't exist".format(username), status=HTTP_404_NOT_FOUND) user.delete() return Response(u"User {} has been deleted".format(username), status=HTTP_200_OK)
def authenticate_credentials(self, username, password): """ Authenticate the userid and password against username and password. """ user = User.find(username) if user is None or not user.is_active(): raise exceptions.AuthenticationFailed( _('User inactive or deleted.')) if not user.authenticate(password) and not ldapAuthenticate( user.uuid, password): raise exceptions.AuthenticationFailed( _('Invalid username/password.')) return (user, None)
def test_perms_for_collection_success_collection_no_group(self): User.create(username="******", password="******", email="*****@*****.**", groups=[], quick=True) user = User.find("test_coll3") root = Collection.find("test_root") coll = Collection.create(name="perm_check3", parent=str(root.id), read_access=[]) # User can read collection coll if user is in a group also in coll's read_access assert coll.user_can(user, "read") == True
def test_group_membership(self): user = User.create(username="******", password="******", email="*****@*****.**", groups=[], quick=True) assert user group = Group.create(name="test_group_1") user.update(groups=[group.id]) # Refetch the user user = User.find("test_group") assert group.id in user.groups groups = Group.find_by_ids(user.groups) assert [g.id for g in groups] == user.groups users = group.get_users() assert users[0].id == user.id
def test_index(self): coll = Collection.create(name="test_root", parent=None, path="/") res_count = SearchIndex.index(coll, ['name']) assert res_count == 2, res_count User.create(username="******", password="******", email="*****@*****.**", quick=True) user = User.find("test_index_user") results = SearchIndex.find(["test", "root"], user) assert len(results) == 1 assert results[0]["id"] == coll.id assert results[0]["hit_count"] == 2 SearchIndex.reset(coll.id) results = SearchIndex.find(["test", "root"], user) assert len(results) == 0