def create_tables(): db.create_all() LOGGER.debug('Setting roles...') Permission.insert_permissions() Role.insert_roles() LOGGER.debug('Setting users...') User.insert_users(_config)
def update_user_request_not_found(query_mock, user_admin_valid, role_admin_valid, user_valid): from lorem_ipsum_auth.models import User, Role, Permission role = Role(id=role_admin_valid['id'], name=role_admin_valid['name'], default=role_admin_valid['default'], permissions=[ Permission.from_str(perm) for perm in role_admin_valid['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role admin_user = User.from_dict(user_admin_valid) admin_user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user def _filter_by(*args, **kwargs): if kwargs.get('username') == user_admin_valid['username']: _mock = mock.MagicMock() _mock.first.return_value = admin_user return _mock else: _mock = mock.MagicMock() _mock.first.return_value = None return _mock User.query.filter_by.side_effect = _filter_by yield user_admin_valid
def role_editor_valid(): from lorem_ipsum_auth.models import Permissions, Permission yield { "name": "ROLE_EDITOR", "id": 5, "default": False, "permissions": [ Permission.from_enum(Permissions.BOOKS_READ).as_dict(), Permission.from_enum(Permissions.BOOKS_WRITE).as_dict(), Permission.from_enum(Permissions.BOOKS_ADD).as_dict(), Permission.from_enum(Permissions.USERS_PROFILE).as_dict(), ] }
def role_add_existing_request(query_mock, user_admin_valid, role_editor_valid): from lorem_ipsum_auth.models import User, Role, Permission Role.query.filter_by.return_value.first.return_value = Role( id=role_editor_valid['id'], name=role_editor_valid['name'], permissions=[ Permission.from_str(perm) for perm in role_editor_valid['permissions'] ]) User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) User.query.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) Permission.query.filter_by.return_value.first.return_value = Permission.from_str( 'books:add') yield user_admin_valid
def check_has_permissions(self, user: User, permissions: list): has_permissions = True for permission in permissions: if not user.role.has_permission(Permission.from_enum(permission)): LOGGER.debug(f'Missing permission {permission}.') has_permissions = False LOGGER.debug(f'Required permissions: {permissions}') if not has_permissions: raise AuthorizationError('Forbidden.') return self
def signup_valid_request(query_mock, user_admin_valid, role_admin_valid): from lorem_ipsum_auth.models import User, Role, Permission Role.query.filter_by.return_value.first.return_value = Role( id=role_admin_valid['id'], name=role_admin_valid['name'], permissions=[ Permission.from_str(perm) for perm in role_admin_valid['permissions'] ]) User.query.filter_by.return_value.first.return_value = None yield user_admin_valid
def issue_token(user: dict, role: dict) -> str: from lorem_ipsum_auth.models import User, Permission, Role from lorem_ipsum_auth.auth import issue_token_for_user role = Role(id=user['id'], name=role['name'], permissions=[ Permission.from_str(perm) for perm in role['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role _user = User.from_dict(user) _user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = _user User.query.filter_by.return_value.first.return_value = _user return issue_token_for_user(_user)
def login_valid_request(query_mock, user_admin_valid, role_admin_valid): from lorem_ipsum_auth.models import User, Role, Permission role = Role(id=role_admin_valid['id'], name=role_admin_valid['name'], default=role_admin_valid['default'], permissions=[ Permission.from_str(perm) for perm in role_admin_valid['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role admin_user = User.from_dict(user_admin_valid) admin_user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user User.query.filter_by.return_value.first.return_value = admin_user yield admin_user
def test_get_permissions(self, client, config_valid, permission_add_valid_request, admin_access_token, permission_edit_books_valid): from lorem_ipsum_auth.models import Permission Permission.query.filter_by.return_value.first.return_value = None Permission.query.all.return_value = [ Permission.from_str(permission_edit_books_valid['name']) ] _response = client.get( '/api/auth/permissions', headers={'Authorization': f'Bearer {admin_access_token}'}) assert _response.status_code == 200 data = json.loads(_response.data.decode('utf-8')) assert data['total'] == 1 _perm = data['items'][0] assert _perm['name'] == permission_edit_books_valid['name'] assert _perm['id'] == permission_edit_books_valid['id']
def role_get_valid_request(query_mock, user_admin_valid, role_editor_valid): from lorem_ipsum_auth.models import Permission, Role orig_query = Role.query.filter_by.return_value role = Role(id=role_editor_valid['id'], name=role_editor_valid['name'], permissions=[ Permission.from_str(perm['name']) for perm in role_editor_valid['permissions'] ]) def _filter_by(*args, **kwargs): if kwargs.get('name') == role_editor_valid['name']: _mock = mock.MagicMock() _mock.first.return_value = role return _mock return orig_query Role.query.filter_by.side_effect = _filter_by yield role
def add_permission(): """ Add permission. --- definitions: - schema: id: Permission properties: id: type: string description: permission id name: type: string description: permission name parameters: - in: body name: permission required: true description: permission schema: $ref: "#/definitions/Permission" responses: 200: description: New permission. schema: $ref: '#/definitions/Permission' 401: description: Authentication error. 403: description: Forbidden. """ _request = from_json(request.data.decode('utf-8')) api_permission = api.Permission(**_request) existing_permission = Permission.query.filter_by( name=api_permission.name).first() if existing_permission: raise ValidationError('Permission already exists.') permission = Permission(id=api_permission.name, name=api_permission.name) db.session.add(permission) db.session.commit() return jsonify(api.Permission.from_orm(permission).dict()), 200
def _filter_by(*args, **kwargs): _mock = mock.MagicMock() _mock.first.return_value = Permission.from_str( kwargs['name']) return _mock