def setUp(self):
super(ProviderTestCase, self).setUp()
# Set environment variable DEBUG to true, to allow testing without
# SSL in oauthlib.
if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'):
self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '')
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true'
from invenio_accounts.models import User
from invenio_oauth2server.models import Client, Scope
from invenio_oauth2server.registry import scopes as scopes_registry
# Register a test scope
scopes_registry.register(Scope('test:scope'))
self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')
# Create needed objects
u = User(email='*****@*****.**', nickname='tester')
u.password = "******"
u2 = User(email='*****@*****.**', nickname='tester2')
u2.password = "******"
db.session.add(u)
db.session.add(u2)
c1 = Client(client_id='dev',
client_secret='dev',
name='dev',
description='',
is_confidential=False,
user=u,
_redirect_uris='%s/oauth2test/authorized' % self.base_url,
_default_scopes="test:scope")
c2 = Client(client_id='confidential',
client_secret='confidential',
name='confidential',
description='',
is_confidential=True,
user=u,
_redirect_uris='%s/oauth2test/authorized' % self.base_url,
_default_scopes="test:scope")
db.session.add(c1)
db.session.add(c2)
db.session.commit()
self.objects = [u, u2, c1, c2]
# Create a personal access token as well.
from invenio_oauth2server.models import Token
self.personal_token = Token.create_personal('test-personal',
1,
scopes=[],
is_internal=True)
def test_audit(app):
user_id = None
workflow_id = None
with app.app_context():
user = User(email="*****@*****.**", active=True)
user.password = "******"
db.session.add(user)
workflows_object = WorkflowObject.create_object()
workflows_object.save()
db.session.commit()
user_id = user.id
workflow_id = workflows_object.id
with app.app_context():
logging_info = {
'object_id': workflow_id,
'user_id': user_id,
'score': 0.222113,
'user_action': "Non-CORE",
'decision': "Rejected",
'source': "test",
'action': "accept"
}
audit = WorkflowsAudit(**logging_info)
audit.save()
db.session.commit()
assert WorkflowsAudit.query.count() == 1
audit_entry = WorkflowsAudit.query.filter(
WorkflowsAudit.object_id == workflow_id
).one()
assert audit_entry
assert audit_entry.action == "accept"
assert audit_entry.score == 0.222113
prediction_results = dict(
max_score=0.222113, decision="Rejected"
)
with app.app_context():
log_workflows_action(
action="accept_core",
prediction_results=prediction_results,
object_id=workflow_id,
user_id=None,
source="test",
user_action="accept"
)
db.session.commit()
assert WorkflowsAudit.query.count() == 2
audit_entry = WorkflowsAudit.query.filter(
WorkflowsAudit.action == "accept_core"
).one()
assert audit_entry
assert audit_entry.action == "accept_core"
assert audit_entry.score == 0.222113
def login_callback(user_info):
"""Login user base on SSO context (create one if necessary).
Function should not raise an exception if `user_info` is not valid
or `User` was not found in database.
"""
from invenio_accounts.models import User
from invenio.ext.login import (authenticate, login_redirect,
current_user)
from invenio.ext.sqlalchemy import db
user_info['group'] = fetch_groups(user_info['group']).values()
user_info['external'] = fetch_external(user_info.get('external'))
try:
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
user = User()
user.nickname = user_info['nickname']
user.email = user_info['email']
user.password = ''
user.settings = {'login_method': 'SSO'}
db.session.add(user)
db.session.commit()
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
return redirect('/')
current_user.info['group'] = current_user.get('group', []) + \
user_info['group']
current_user.save()
except:
flash('Problem with login (%s)' % (str(user_info)), 'error')
return redirect('/')
return login_redirect()
def login_callback(user_info):
"""Login user base on SSO context (create one if necessary).
Function should not raise an exception if `user_info` is not valid
or `User` was not found in database.
"""
from invenio_accounts.models import User
from invenio_ext.login import (authenticate, login_redirect,
current_user)
from invenio_ext.sqlalchemy import db
user_info['group'] = fetch_groups(user_info['group']).values()
user_info['external'] = fetch_external(user_info.get('external'))
try:
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
user = User()
user.nickname = user_info['nickname']
user.email = user_info['email']
user.password = ''
user.settings = {'login_method': 'SSO'}
db.session.add(user)
db.session.commit()
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
return redirect('/')
current_user.info['group'] = current_user.get('group', []) + \
user_info['group']
current_user.save()
except:
flash('Problem with login (%s)' % (str(user_info)), 'error')
return redirect('/')
return login_redirect()
def test_audit(small_app):
user_id = None
workflow_id = None
with small_app.app_context():
user = User(email="*****@*****.**", active=True)
user.password = "******"
db.session.add(user)
workflows_object = workflow_object_class.create({}, data_type="hep")
db.session.commit()
user_id = user.id
workflow_id = workflows_object.id
with small_app.app_context():
logging_info = {
'object_id': workflow_id,
'user_id': user_id,
'score': 0.222113,
'user_action': "Non-CORE",
'decision': "Rejected",
'source': "test",
'action': "accept"
}
audit = WorkflowsAudit(**logging_info)
audit.save()
db.session.commit()
assert WorkflowsAudit.query.count() == 1
audit_entry = WorkflowsAudit.query.filter(
WorkflowsAudit.object_id == workflow_id
).one()
assert audit_entry
assert audit_entry.action == "accept"
assert audit_entry.score == 0.222113
prediction_results = dict(
max_score=0.222113, decision="Rejected"
)
with small_app.app_context():
log_workflows_action(
action="accept_core",
prediction_results=prediction_results,
object_id=workflow_id,
user_id=None,
source="test",
user_action="accept"
)
db.session.commit()
assert WorkflowsAudit.query.count() == 2
audit_entry = WorkflowsAudit.query.filter(
WorkflowsAudit.action == "accept_core"
).one()
assert audit_entry
assert audit_entry.action == "accept_core"
assert audit_entry.score == 0.222113
def setUp(self):
from invenio_oauth2server.models import Scope
from invenio_accounts.models import User
from invenio_oauth2server.models import Client, Token
from invenio_oauth2server.registry import scopes as scopes_registry
# Register a test scope
scopes_registry.register(Scope('test:scope1'))
scopes_registry.register(Scope('test:scope2', internal=True))
self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')
# Create needed objects
u = User(
email='*****@*****.**', nickname='tester'
)
u.password = "******"
self.create_objects([u])
# environment
#
# resource_owner -- client1 -- token_1
# |
# -------- token_2
# |
# consumer ----------------
# create resource_owner and consumer
self.resource_owner = User(
email='*****@*****.**',
nickname='resource_owner', password='******')
self.consumer = User(
email='*****@*****.**', nickname='consumer',
password='******')
self.create_objects([self.resource_owner, self.consumer])
# create resource_owner -> client_1
self.u1c1 = Client(
client_id='client_test_u1c1',
client_secret='client_test_u1c1',
name='client_test_u1c1',
description='',
is_confidential=False,
user=self.resource_owner,
_redirect_uris='',
_default_scopes=""
)
self.create_objects([self.u1c1])
# create resource_owner -> client_1 / resource_owner -> token_1
self.u1c1u1t1 = Token(
client=self.u1c1,
user=self.resource_owner,
token_type='u',
access_token='dev_access_1',
refresh_token='dev_refresh_1',
expires=None,
is_personal=False,
is_internal=False,
_scopes='',
)
# create consumer -> client_1 / resource_owner -> token_2
self.u1c1u2t2 = Token(
client=self.u1c1,
user=self.consumer,
token_type='u',
access_token='dev_access_2',
refresh_token='dev_refresh_2',
expires=None,
is_personal=False,
is_internal=False,
_scopes='',
)
# create objects
self.create_objects([self.u1c1u1t1, self.u1c1u2t2])
self.objects = [u,
self.resource_owner, self.consumer,
self.u1c1u1t1, self.u1c1u2t2]
def setUp(self):
from invenio_oauth2server.models import Scope
from invenio_accounts.models import User
from invenio_oauth2server.models import Client, Token
from invenio_oauth2server.registry import scopes as scopes_registry
# Register a test scope
scopes_registry.register(Scope('test:scope1'))
scopes_registry.register(Scope('test:scope2', internal=True))
self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')
# Create needed objects
u = User(email='*****@*****.**', nickname='tester')
u.password = "******"
self.create_objects([u])
# environment
#
# resource_owner -- client1 -- token_1
# |
# -------- token_2
# |
# consumer ----------------
# create resource_owner and consumer
self.resource_owner = User(email='*****@*****.**',
nickname='resource_owner',
password='******')
self.consumer = User(email='*****@*****.**',
nickname='consumer',
password='******')
self.create_objects([self.resource_owner, self.consumer])
# create resource_owner -> client_1
self.u1c1 = Client(client_id='client_test_u1c1',
client_secret='client_test_u1c1',
name='client_test_u1c1',
description='',
is_confidential=False,
user=self.resource_owner,
_redirect_uris='',
_default_scopes="")
self.create_objects([self.u1c1])
# create resource_owner -> client_1 / resource_owner -> token_1
self.u1c1u1t1 = Token(
client=self.u1c1,
user=self.resource_owner,
token_type='u',
access_token='dev_access_1',
refresh_token='dev_refresh_1',
expires=None,
is_personal=False,
is_internal=False,
_scopes='',
)
# create consumer -> client_1 / resource_owner -> token_2
self.u1c1u2t2 = Token(
client=self.u1c1,
user=self.consumer,
token_type='u',
access_token='dev_access_2',
refresh_token='dev_refresh_2',
expires=None,
is_personal=False,
is_internal=False,
_scopes='',
)
# create objects
self.create_objects([self.u1c1u1t1, self.u1c1u2t2])
self.objects = [
u, self.resource_owner, self.consumer, self.u1c1u1t1, self.u1c1u2t2
]
def setUp(self):
super(ProviderTestCase, self).setUp()
# Set environment variable DEBUG to true, to allow testing without
# SSL in oauthlib.
if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'):
self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '')
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true'
from ..models import Client, Scope
from invenio_accounts.models import User
from ..registry import scopes as scopes_registry
# Register a test scope
scopes_registry.register(Scope('test:scope'))
self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')
# Create needed objects
u = User(
email='*****@*****.**', nickname='tester'
)
u.password = "******"
u2 = User(
email='*****@*****.**', nickname='tester2'
)
u2.password = "******"
db.session.add(u)
db.session.add(u2)
c1 = Client(
client_id='dev',
client_secret='dev',
name='dev',
description='',
is_confidential=False,
user=u,
_redirect_uris='%s/oauth2test/authorized' % self.base_url,
_default_scopes="test:scope"
)
c2 = Client(
client_id='confidential',
client_secret='confidential',
name='confidential',
description='',
is_confidential=True,
user=u,
_redirect_uris='%s/oauth2test/authorized' % self.base_url,
_default_scopes="test:scope"
)
db.session.add(c1)
db.session.add(c2)
db.session.commit()
self.objects = [u, u2, c1, c2]
# Create a personal access token as well.
from ..models import Token
self.personal_token = Token.create_personal(
'test-personal', 1, scopes=[], is_internal=True
)
