def test_admin_admin_update(self): give_user_privilege(self.user, "ADMIN_ADMIN") user_id = self.user.id forms = create_admin_admin_form() my_form = forms[user_id] my_form["%d_admin_config" % user_id].data = True my_form["%d_admin_admin" % user_id].data = True my_form["%d_admin_playback" % user_id].data = True my_form["%d_admin_interface" % user_id].data = True forms[user_id] = my_form # Create a big dict to send back, just like in the real world! post_data = {} for form in forms.itervalues(): post_data.update(form.data) # Try to update our own privileges! response = self.app.post("/admin/admin_admin_update", data=post_data, follow_redirects=True) assert response.status_code == 200 assert user_has_privilege(user_id, "ADMIN_INTERFACE") assert user_has_privilege(user_id, "ADMIN_CONFIG") assert user_has_privilege(user_id, "ADMIN_PLAYBACK") assert user_has_privilege(user_id, "ADMIN_ADMIN")
def test_with_privileges(self): @app.route('/privileged_zone') @with_privileges(["ADMIN_INTERFACE"], "redirect") def _tested_wrapped_fn(): return jsonify(status='ok') # create a test user to use user = self.create_test_user() response = self.app.post('/login', data={ 'username': user.username, 'password': user.username }, follow_redirects=True) assert response.status_code == 200 # Make sure we can't get to the restricted endpoint response = self.app.get('/privileged_zone', follow_redirects=False) assert response.status_code != 200 # Now grab some privileges give_user_privilege(user, "ADMIN_INTERFACE") response = self.app.get('/privileged_zone', follow_redirects=False) assert response.status_code == 200 json_data = json.loads(response.data) assert json_data['status'] == "ok"
def admin_admin_update(): forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def test_configuration_update(self): give_user_privilege(self.user, "ADMIN_CONFIG") form_object = dict(((k.lower(), v) for k, v in app.config.iteritems())) configuration_form = ConfigurationForm(**form_object) configuration_form.server_port.data = 10000 response = self.app.post("/admin/config_update", data=configuration_form.data, follow_redirects=True) assert response.status_code == 200 assert int(get_config_value("SERVER_PORT")) == 10000
def test_configuration_update(self): give_user_privilege(self.user, "ADMIN_CONFIG") form_object = dict( ( (k.lower(),v) for k,v in app.config.iteritems()) ) configuration_form = ConfigurationForm(**form_object) configuration_form.server_port.data = 10000 response = self.app.post("/admin/config_update", data=configuration_form.data, follow_redirects = True) assert response.status_code == 200 assert int(get_config_value("SERVER_PORT")) == 10000
def register_post(): """Processes input from the registration form and registers a new user.""" form = RegistrationForm(request.form) if form.validate(): user = User(form.name.data, form.username.data, form.password.data) db.session.add(user) db.session.commit() session["user"] = dict((k, getattr(user, k)) for k in ("name", "id", "username")) if User.query.count() == 1: # If there's only one user in the database at this point (i.e. this is the first user in the DB), then give that user administrative rights. for priv in privs: give_user_privilege(user, priv) return redirect(url_for("main")) else: return render_template("register.html", form=form)
def register_post(): """Processes input from the registration form and registers a new user.""" form = RegistrationForm(request.form) if form.validate(): user = User(form.name.data, form.username.data, form.password.data) db.session.add(user) db.session.commit() session['user'] = dict( (k, getattr(user, k)) for k in ('name', 'id', 'username')) if User.query.count() == 1: # If there's only one user in the database at this point (i.e. this is the first user in the DB), then give that user administrative rights. for priv in privs: give_user_privilege(user, priv) return redirect(url_for('main')) else: return render_template("register.html", form=form)
def admin_admin_update(): """Updates the administrative privileges of other users given the input from the form presented by :func:`admin_console`. """ forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def admin_admin_update(): """Updates the administrative privileges of other users given the input from the form presented by :func:`admin_console`. """ forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_") + 1:].upper(), v) for k, v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def test_admin_console(self): response = self.assert_endpoint_works('/admin') assert "<h2>Administration</h2>" in response.data assert "<h4>Configuration</h4>" not in response.data assert "<h4>Player Controls</h4>" not in response.data assert "<h4>User Administration</h4>" not in response.data # Ensure that the proper segments get shown with the corresponding privileges give_user_privilege(self.user, "ADMIN_CONFIG") response = self.assert_endpoint_works('/admin') assert "<h2>Administration</h2>" in response.data assert "<h4>Configuration</h4>" in response.data assert "<h4>Player Controls</h4>" not in response.data assert "<h4>User Administration</h4>" not in response.data give_user_privilege(self.user, "ADMIN_PLAYBACK") response = self.assert_endpoint_works('/admin') assert "<h2>Administration</h2>" in response.data assert "<h4>Configuration</h4>" in response.data assert "<h4>Player Controls</h4>" in response.data assert "<h4>User Administration</h4>" not in response.data give_user_privilege(self.user, "ADMIN_ADMIN") response = self.assert_endpoint_works('/admin') assert "<h2>Administration</h2>" in response.data assert "<h4>Configuration</h4>" in response.data assert "<h4>Player Controls</h4>" in response.data assert "<h4>User Administration</h4>" in response.data
def test_give_user_privilege(self): give_user_privilege(self.user, "ADMIN_INTERFACE") assert self.user.privs & privs["ADMIN_INTERFACE"] > 0 give_user_privilege(self.user, "ADMIN_PLAYBACK") assert self.user.privs & privs["ADMIN_PLAYBACK"] > 0 give_user_privilege(self.user, "ADMIN_ADMIN") assert self.user.privs & privs["ADMIN_ADMIN"] > 0 give_user_privilege(self.user, "ADMIN_CONFIG") assert self.user.privs & privs["ADMIN_CONFIG"] > 0
def test_with_privileges(self): @app.route('/privileged_zone') @with_privileges(["ADMIN_INTERFACE"], "redirect") def _tested_wrapped_fn(): return jsonify(status='ok') # create a test user to use user = self.create_test_user() response = self.app.post('/login', data = {'username': user.username, 'password': user.username}, follow_redirects = True) assert response.status_code == 200 # Make sure we can't get to the restricted endpoint response = self.app.get('/privileged_zone', follow_redirects=False) assert response.status_code != 200 # Now grab some privileges give_user_privilege(user, "ADMIN_INTERFACE") response = self.app.get('/privileged_zone', follow_redirects=False) assert response.status_code == 200 json_data = json.loads(response.data) assert json_data['status'] == "ok"
def test_dump_user_privileges(self): assert dump_user_privileges(self.user) == [] give_user_privilege(self.user, "ADMIN_INTERFACE") assert "ADMIN_INTERFACE" in dump_user_privileges(self.user)
def test_admin_skip(self): give_user_privilege(self.user, "ADMIN_PLAYBACK") self.assert_endpoint_works("/admin/playback/skip")
def test_admin_clear(self): give_user_privilege(self.user, "ADMIN_PLAYBACK") self.assert_endpoint_works("/admin/queue/clear")
def setup(self): # Make sure the user that is testing has administrative privileges give_user_privilege(self.user, "ADMIN_INTERFACE") self.mpd = MockMPDClient()
def test_user_has_privilege(self): assert not user_has_privilege(self.user, "ADMIN_INTERFACE") give_user_privilege(self.user, "ADMIN_INTERFACE") assert user_has_privilege(self.user, "ADMIN_INTERFACE")