Example #1
0
    def test_permissions(self):
        coll = Collection.find("test_root")

        User.create(username="******",
                    password="******",
                    email="*****@*****.**",
                    quick=True)
        User.create(username="******",
                    password="******",
                    email="*****@*****.**",
                    quick=True)
        owning_user = User.find("protected_test_owner")
        reading_user = User.find("protected_reader")
        assert owning_user
        assert reading_user

        group = Group.create(name="protected_group")
        Collection.create(name="protected",
                          parent=coll.id,
                          read_access=[group.id])

        c = Collection.find("protected")
        res_count = SearchIndex.index(c, ['name', 'metadata'])
        assert res_count == 1

        results = SearchIndex.find(["protected"], reading_user)
        assert len(results) == 0, results
Example #2
0
def modify_user(request, username=""):
    """Expecting json in the body:
    { "username": username,
      "password": password,
      "email": email,
      "administrator": is_admin,
      "active": is_active}
    """
    try:
        body = request.body
        request_body = json.loads(body)
    except:
        return Response("Invalid JSON body", status=HTTP_400_BAD_REQUEST)
    if username is None:
        try:
            username = request_body['username']
        except KeyError:
            return Response("Missing username", status=HTTP_400_BAD_REQUEST)
    user = User.find(username)
    if not user:
        return Response(u"User {} doesn't exist".format(username),
                        status=HTTP_404_NOT_FOUND)
    if 'email' in request_body:
        user.update(email=request_body['email'])
    if 'password' in request_body:
        user.update(password=request_body['password'])
    if 'administrator' in request_body:
        user.update(administrator=request_body['administrator'])
    if 'active' in request_body:
        user.update(active=request_body['active'])
    return Response(user.to_dict(), status=HTTP_200_OK)
Example #3
0
def create_user(request):
    """Expecting json in the body:
    { "username": username,
      "password": password,
      "email": email,
      "administrator": is_admin }
    """
    try:
        body = request.body
        request_body = json.loads(body)
    except:
        return Response("Invalid JSON body", status=HTTP_400_BAD_REQUEST)
    try:
        username = request_body['username']
    except KeyError:
        return Response("Missing username", status=HTTP_400_BAD_REQUEST)
    user = User.find(username)
    if user:
        return Response("User already exists", status=HTTP_409_CONFLICT)
    try:
        email = request_body['email']
    except KeyError:
        return Response("Missing email", status=HTTP_400_BAD_REQUEST)
    try:
        password = request_body['password']
    except KeyError:
        return Response("Missing password", status=HTTP_400_BAD_REQUEST)
    administrator = request_body.get('administrator', False)
    user = User.create(name=username,
                       password=password,
                       email=email,
                       administrator=administrator)
    return Response(user.to_dict(), status=HTTP_201_CREATED)
Example #4
0
def ls_user(request, username):
    # TODO check if username is valid to test ?
    user = User.find(username)
    if user:
        return Response(user.to_dict(), status=HTTP_200_OK)
    else:
        return Response(u"User {} not found".format(username),
                        status=HTTP_404_NOT_FOUND)
Example #5
0
def delete_user(request, username):
    """Delete a user"""
    user = User.find(username)
    if not user:
        return Response(u"User {} doesn't exist".format(username),
                        status=HTTP_404_NOT_FOUND)
    user.delete()
    return Response(u"User {} has been deleted".format(username),
                    status=HTTP_200_OK)
Example #6
0
 def authenticate_credentials(self, username, password):
     """
     Authenticate the userid and password against username and password.
     """
     user = User.find(username)
     if user is None or not user.is_active():
         raise exceptions.AuthenticationFailed(
             _('User inactive or deleted.'))
     if not user.authenticate(password) and not ldapAuthenticate(
             user.uuid, password):
         raise exceptions.AuthenticationFailed(
             _('Invalid username/password.'))
     return (user, None)
Example #7
0
    def test_perms_for_collection_success_collection_no_group(self):
        User.create(username="******",
                    password="******",
                    email="*****@*****.**",
                    groups=[],
                    quick=True)
        user = User.find("test_coll3")

        root = Collection.find("test_root")
        coll = Collection.create(name="perm_check3",
                                 parent=str(root.id),
                                 read_access=[])

        # User can read collection coll if user is in a group also in coll's read_access
        assert coll.user_can(user, "read") == True
Example #8
0
    def test_group_membership(self):
        user = User.create(username="******",
                           password="******",
                           email="*****@*****.**",
                           groups=[],
                           quick=True)
        assert user
        group = Group.create(name="test_group_1")
        user.update(groups=[group.id])

        # Refetch the user
        user = User.find("test_group")
        assert group.id in user.groups

        groups = Group.find_by_ids(user.groups)
        assert [g.id for g in groups] == user.groups

        users = group.get_users()
        assert users[0].id == user.id
Example #9
0
    def test_index(self):
        coll = Collection.create(name="test_root", parent=None, path="/")

        res_count = SearchIndex.index(coll, ['name'])
        assert res_count == 2, res_count

        User.create(username="******",
                    password="******",
                    email="*****@*****.**",
                    quick=True)
        user = User.find("test_index_user")

        results = SearchIndex.find(["test", "root"], user)
        assert len(results) == 1
        assert results[0]["id"] == coll.id
        assert results[0]["hit_count"] == 2

        SearchIndex.reset(coll.id)

        results = SearchIndex.find(["test", "root"], user)
        assert len(results) == 0