def test_admin_admin_update(self):
give_user_privilege(self.user, "ADMIN_ADMIN")
user_id = self.user.id
forms = create_admin_admin_form()
my_form = forms[user_id]
my_form["%d_admin_config" % user_id].data = True
my_form["%d_admin_admin" % user_id].data = True
my_form["%d_admin_playback" % user_id].data = True
my_form["%d_admin_interface" % user_id].data = True
forms[user_id] = my_form
# Create a big dict to send back, just like in the real world!
post_data = {}
for form in forms.itervalues():
post_data.update(form.data)
# Try to update our own privileges!
response = self.app.post("/admin/admin_admin_update",
data=post_data,
follow_redirects=True)
assert response.status_code == 200
assert user_has_privilege(user_id, "ADMIN_INTERFACE")
assert user_has_privilege(user_id, "ADMIN_CONFIG")
assert user_has_privilege(user_id, "ADMIN_PLAYBACK")
assert user_has_privilege(user_id, "ADMIN_ADMIN")
def test_with_privileges(self):
@app.route('/privileged_zone')
@with_privileges(["ADMIN_INTERFACE"], "redirect")
def _tested_wrapped_fn():
return jsonify(status='ok')
# create a test user to use
user = self.create_test_user()
response = self.app.post('/login',
data={
'username': user.username,
'password': user.username
},
follow_redirects=True)
assert response.status_code == 200
# Make sure we can't get to the restricted endpoint
response = self.app.get('/privileged_zone', follow_redirects=False)
assert response.status_code != 200
# Now grab some privileges
give_user_privilege(user, "ADMIN_INTERFACE")
response = self.app.get('/privileged_zone', follow_redirects=False)
assert response.status_code == 200
json_data = json.loads(response.data)
assert json_data['status'] == "ok"
def test_admin_admin_update(self):
give_user_privilege(self.user, "ADMIN_ADMIN")
user_id = self.user.id
forms = create_admin_admin_form()
my_form = forms[user_id]
my_form["%d_admin_config" % user_id].data = True
my_form["%d_admin_admin" % user_id].data = True
my_form["%d_admin_playback" % user_id].data = True
my_form["%d_admin_interface" % user_id].data = True
forms[user_id] = my_form
# Create a big dict to send back, just like in the real world!
post_data = {}
for form in forms.itervalues():
post_data.update(form.data)
# Try to update our own privileges!
response = self.app.post("/admin/admin_admin_update",
data=post_data,
follow_redirects=True)
assert response.status_code == 200
assert user_has_privilege(user_id, "ADMIN_INTERFACE")
assert user_has_privilege(user_id, "ADMIN_CONFIG")
assert user_has_privilege(user_id, "ADMIN_PLAYBACK")
assert user_has_privilege(user_id, "ADMIN_ADMIN")
def admin_admin_update():
forms = create_admin_admin_form(request.form)
for user_id, form in forms.iteritems():
user = User.query.get(user_id)
user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems())
for priv, has_priv in user_data.iteritems():
if has_priv:
give_user_privilege(user, priv)
else:
revoke_user_privilege(user, priv)
return redirect(url_for('admin_console'))
def test_configuration_update(self):
give_user_privilege(self.user, "ADMIN_CONFIG")
form_object = dict(((k.lower(), v) for k, v in app.config.iteritems()))
configuration_form = ConfigurationForm(**form_object)
configuration_form.server_port.data = 10000
response = self.app.post("/admin/config_update",
data=configuration_form.data,
follow_redirects=True)
assert response.status_code == 200
assert int(get_config_value("SERVER_PORT")) == 10000
def test_configuration_update(self):
give_user_privilege(self.user, "ADMIN_CONFIG")
form_object = dict( ( (k.lower(),v) for k,v in app.config.iteritems()) )
configuration_form = ConfigurationForm(**form_object)
configuration_form.server_port.data = 10000
response = self.app.post("/admin/config_update",
data=configuration_form.data,
follow_redirects = True)
assert response.status_code == 200
assert int(get_config_value("SERVER_PORT")) == 10000
def register_post():
"""Processes input from the registration form and registers a new user."""
form = RegistrationForm(request.form)
if form.validate():
user = User(form.name.data, form.username.data, form.password.data)
db.session.add(user)
db.session.commit()
session["user"] = dict((k, getattr(user, k)) for k in ("name", "id", "username"))
if User.query.count() == 1:
# If there's only one user in the database at this point (i.e. this is the first user in the DB), then give that user administrative rights.
for priv in privs:
give_user_privilege(user, priv)
return redirect(url_for("main"))
else:
return render_template("register.html", form=form)
def register_post():
"""Processes input from the registration form and registers a new user."""
form = RegistrationForm(request.form)
if form.validate():
user = User(form.name.data, form.username.data, form.password.data)
db.session.add(user)
db.session.commit()
session['user'] = dict(
(k, getattr(user, k)) for k in ('name', 'id', 'username'))
if User.query.count() == 1:
# If there's only one user in the database at this point (i.e. this is the first user in the DB), then give that user administrative rights.
for priv in privs:
give_user_privilege(user, priv)
return redirect(url_for('main'))
else:
return render_template("register.html", form=form)
def admin_admin_update():
"""Updates the administrative privileges of other users given the input from
the form presented by :func:`admin_console`.
"""
forms = create_admin_admin_form(request.form)
for user_id, form in forms.iteritems():
user = User.query.get(user_id)
user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems())
for priv, has_priv in user_data.iteritems():
if has_priv:
give_user_privilege(user, priv)
else:
revoke_user_privilege(user, priv)
return redirect(url_for('admin_console'))
def admin_admin_update():
"""Updates the administrative privileges of other users given the input from
the form presented by :func:`admin_console`.
"""
forms = create_admin_admin_form(request.form)
for user_id, form in forms.iteritems():
user = User.query.get(user_id)
user_data = dict(
(k[k.find("_") + 1:].upper(), v) for k, v in form.data.iteritems())
for priv, has_priv in user_data.iteritems():
if has_priv:
give_user_privilege(user, priv)
else:
revoke_user_privilege(user, priv)
return redirect(url_for('admin_console'))
def test_admin_console(self):
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" not in response.data
assert "<h4>Player Controls</h4>" not in response.data
assert "<h4>User Administration</h4>" not in response.data
# Ensure that the proper segments get shown with the corresponding privileges
give_user_privilege(self.user, "ADMIN_CONFIG")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" not in response.data
assert "<h4>User Administration</h4>" not in response.data
give_user_privilege(self.user, "ADMIN_PLAYBACK")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" in response.data
assert "<h4>User Administration</h4>" not in response.data
give_user_privilege(self.user, "ADMIN_ADMIN")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" in response.data
assert "<h4>User Administration</h4>" in response.data
def test_admin_console(self):
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" not in response.data
assert "<h4>Player Controls</h4>" not in response.data
assert "<h4>User Administration</h4>" not in response.data
# Ensure that the proper segments get shown with the corresponding privileges
give_user_privilege(self.user, "ADMIN_CONFIG")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" not in response.data
assert "<h4>User Administration</h4>" not in response.data
give_user_privilege(self.user, "ADMIN_PLAYBACK")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" in response.data
assert "<h4>User Administration</h4>" not in response.data
give_user_privilege(self.user, "ADMIN_ADMIN")
response = self.assert_endpoint_works('/admin')
assert "<h2>Administration</h2>" in response.data
assert "<h4>Configuration</h4>" in response.data
assert "<h4>Player Controls</h4>" in response.data
assert "<h4>User Administration</h4>" in response.data
def test_give_user_privilege(self):
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert self.user.privs & privs["ADMIN_INTERFACE"] > 0
give_user_privilege(self.user, "ADMIN_PLAYBACK")
assert self.user.privs & privs["ADMIN_PLAYBACK"] > 0
give_user_privilege(self.user, "ADMIN_ADMIN")
assert self.user.privs & privs["ADMIN_ADMIN"] > 0
give_user_privilege(self.user, "ADMIN_CONFIG")
assert self.user.privs & privs["ADMIN_CONFIG"] > 0
def test_give_user_privilege(self):
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert self.user.privs & privs["ADMIN_INTERFACE"] > 0
give_user_privilege(self.user, "ADMIN_PLAYBACK")
assert self.user.privs & privs["ADMIN_PLAYBACK"] > 0
give_user_privilege(self.user, "ADMIN_ADMIN")
assert self.user.privs & privs["ADMIN_ADMIN"] > 0
give_user_privilege(self.user, "ADMIN_CONFIG")
assert self.user.privs & privs["ADMIN_CONFIG"] > 0
def test_with_privileges(self):
@app.route('/privileged_zone')
@with_privileges(["ADMIN_INTERFACE"], "redirect")
def _tested_wrapped_fn():
return jsonify(status='ok')
# create a test user to use
user = self.create_test_user()
response = self.app.post('/login',
data = {'username': user.username, 'password': user.username},
follow_redirects = True)
assert response.status_code == 200
# Make sure we can't get to the restricted endpoint
response = self.app.get('/privileged_zone', follow_redirects=False)
assert response.status_code != 200
# Now grab some privileges
give_user_privilege(user, "ADMIN_INTERFACE")
response = self.app.get('/privileged_zone', follow_redirects=False)
assert response.status_code == 200
json_data = json.loads(response.data)
assert json_data['status'] == "ok"
def test_dump_user_privileges(self):
assert dump_user_privileges(self.user) == []
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert "ADMIN_INTERFACE" in dump_user_privileges(self.user)
def test_admin_skip(self):
give_user_privilege(self.user, "ADMIN_PLAYBACK")
self.assert_endpoint_works("/admin/playback/skip")
def test_admin_clear(self):
give_user_privilege(self.user, "ADMIN_PLAYBACK")
self.assert_endpoint_works("/admin/queue/clear")
def setup(self):
# Make sure the user that is testing has administrative privileges
give_user_privilege(self.user, "ADMIN_INTERFACE")
self.mpd = MockMPDClient()
def test_admin_clear(self):
give_user_privilege(self.user, "ADMIN_PLAYBACK")
self.assert_endpoint_works("/admin/queue/clear")
def test_admin_skip(self):
give_user_privilege(self.user, "ADMIN_PLAYBACK")
self.assert_endpoint_works("/admin/playback/skip")
def setup(self):
# Make sure the user that is testing has administrative privileges
give_user_privilege(self.user, "ADMIN_INTERFACE")
self.mpd = MockMPDClient()
def test_dump_user_privileges(self):
assert dump_user_privileges(self.user) == []
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert "ADMIN_INTERFACE" in dump_user_privileges(self.user)
def test_user_has_privilege(self):
assert not user_has_privilege(self.user, "ADMIN_INTERFACE")
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert user_has_privilege(self.user, "ADMIN_INTERFACE")
def test_user_has_privilege(self):
assert not user_has_privilege(self.user, "ADMIN_INTERFACE")
give_user_privilege(self.user, "ADMIN_INTERFACE")
assert user_has_privilege(self.user, "ADMIN_INTERFACE")
