def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('pass') assert u.display_name == 'bob' assert u.timezone == '+2' # check mail received response = requests.get('http://127.0.0.1:8025/api/v1/messages') response = response.json() headers = response[0]['Content']['Headers'] assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8 assert headers['To'][0] == 'bob <bob@bob>' assert headers['Subject'][0] == '[TRACIM] Created account'
def insert(self): u = models.User() u.display_name = 'Global manager' u.email = '*****@*****.**' u.password = '******' self._session.add(u) uapi = UserApi( session=self._session, config=self._config, current_user=u) uapi.execute_created_user_actions(u) g1 = models.Group() g1.group_id = 1 g1.group_name = 'users' g1.display_name = 'Users' g1.users.append(u) self._session.add(g1) g2 = models.Group() g2.group_id = 2 g2.group_name = 'managers' g2.display_name = 'Global Managers' g2.users.append(u) self._session.add(g2) g3 = models.Group() g3.group_id = 3 g3.group_name = 'administrators' g3.display_name = 'Administrators' g3.users.append(u) self._session.add(g3)
def test_func__user_update_command__ok__remove_group(self) -> None: """ Test user password update """ api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.get_one_by_email('*****@*****.**') assert user.email == '*****@*****.**' assert user.validate_password('*****@*****.**') assert not user.validate_password('new_password') assert user.profile.name == 'administrators' app = TracimCLI() result = app.run([ 'user', 'update', '-c', 'tests_configs.ini#command_test', '-l', '*****@*****.**', '-p', 'new_password', '-rmg', 'administrators', '--debug', ]) new_user = api.get_one_by_email('*****@*****.**') assert new_user.email == '*****@*****.**' assert new_user.validate_password('new_password') assert not new_user.validate_password('*****@*****.**') assert new_user.profile.name == 'managers'
def test_get_notifiable_roles(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) w = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi( session=self.session, current_user=admin, config=self.config ) u = uapi.create_minimal_user(email='[email protected]', save_now=True) eq_([], wapi.get_notifiable_roles(workspace=w)) rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True) eq_([r, ], wapi.get_notifiable_roles(workspace=w)) u.is_active = False eq_([], wapi.get_notifiable_roles(workspace=w))
def test_func__user_create_command__ok__in_admin_group(self) -> None: """ Test User creation with admin as group """ api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(UserDoesNotExist): api.get_one_by_email('command_test@user') app = TracimCLI() result = app.run([ 'user', 'create', '-c', 'tests_configs.ini#command_test', '-l', 'command_test@user', '-p', 'new_password', '-g', 'administrators', '--debug', ]) new_user = api.get_one_by_email('command_test@user') assert new_user.email == 'command_test@user' assert new_user.validate_password('new_password') assert new_user.profile.name == 'administrators'
def _get_candidate_user( self, request: 'TracimRequest', ) -> User: """ Get candidate user :param request: pyramid request :return: user found from header/body """ app_config = request.registry.settings['CFG'] uapi = UserApi(None, session=request.dbsession, config=app_config) login = '' try: login = None if 'user_id' in request.matchdict: user_id_str = request.matchdict['user_id'] if not isinstance(user_id_str, str) or not user_id_str.isdecimal(): raise InvalidUserId( 'user_id is not a correct integer') # nopep8 login = int(request.matchdict['user_id']) if not login: raise UserNotFoundInTracimRequest( 'You request a candidate user but the context not permit to found one' ) # nopep8 user = uapi.get_one(login) except UserNotFoundInTracimRequest as exc: raise UserDoesNotExist('User {} not found'.format(login)) from exc return user
def test_unit__get_current_user__err__user_not_exist(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) with pytest.raises(UserDoesNotExist): api.get_current_user()
def test_get_one_by_email_exception(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) with pytest.raises(NoResultFound): api.get_one_by_email('unknown')
def authDomainUser(self, realmname, username, password, environ): """ If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by http_authenticator to validate the password sent """ api = UserApi(None, environ['tracim_dbsession'], self.app_config) return self.isRealmUser(realmname, username, environ) and \ api.get_one_by_email(username).validate_password(password)
def test_unit__get_one_by_email__err__user_does_not_exist(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) with pytest.raises(UserDoesNotExist): api.get_one_by_email('unknown')
def test_unit__authenticate_user___err__wrong_user(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) with pytest.raises(AuthenticationFailed): api.authenticate_user('*****@*****.**', 'wrong_password')
def test_unit__authenticate_user___ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) user = api.authenticate_user('*****@*****.**', '*****@*****.**') assert isinstance(user, User) assert user.email == '*****@*****.**'
def test_func__create_new_content_with_notification__ok__nominal_case(self): uapi = UserApi( current_user=None, session=self.session, config=self.app_config, ) current_user = uapi.get_one_by_email('*****@*****.**') # Create new user with notification enabled on w1 workspace wapi = WorkspaceApi( current_user=current_user, session=self.session, config=self.app_config, ) workspace = wapi.get_one_by_label('Recipes') user = uapi.get_one_by_email('*****@*****.**') wapi.enable_notifications(user, workspace) api = ContentApi( current_user=user, session=self.session, config=self.app_config, ) item = api.create( ContentType.Folder, workspace, None, 'parent', do_save=True, do_notify=False, ) item2 = api.create( ContentType.File, workspace, item, 'file1', do_save=True, do_notify=True, ) # Send mail async from redis queue redis = get_redis_connection( self.app_config ) queue = get_rq_queue( redis, 'mail_sender', ) worker = SimpleWorker([queue], connection=queue.connection) worker.work(burst=True) # check mail received response = requests.get('http://127.0.0.1:8025/api/v1/messages') response = response.json() headers = response[0]['Content']['Headers'] assert headers['From'][0] == '"Bob i. via Tracim" <test_user_from+3@localhost>' # nopep8 assert headers['To'][0] == 'Global manager <*****@*****.**>' assert headers['Subject'][0] == '[TRACIM] [Recipes] file1 (Open)' assert headers['References'][0] == 'test_user_refs+22@localhost' assert headers['Reply-to'][0] == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>' # nopep8
def test_unit__create_minimal_user__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) u = api.create_minimal_user('bob@bob') assert u.email == 'bob@bob' assert u.display_name == 'bob'
def test_unit__get_current_user_ok__nominal_case(self): user = User(email='*****@*****.**') api = UserApi( current_user=user, session=self.session, config=self.config, ) new_user = api.get_current_user() assert isinstance(new_user, User) assert user == new_user
def user(self, context, request: TracimRequest, hapic_data=None): """ Get user infos. """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) return uapi.get_user_with_context(request.candidate_user)
def test_unit__get_all__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.config, ) u1 = api.create_minimal_user('bibi@bibi') users = api.get_all() # u1 + Admin user from BaseFixture assert 2 == len(users)
def isRealmUser(self, realmname, username, environ): """ Called to check if for a given root, the username exists (though here we don't make difference between root as we're always starting at tracim's root """ api = UserApi(None, environ['tracim_dbsession'], self.app_config) try: api.get_one_by_email(username) return True except: return False
def whoami(self, context, request: TracimRequest, hapic_data=None): """ Return current logged in user or 401 """ app_config = request.registry.settings['CFG'] uapi = UserApi( request.current_user, session=request.dbsession, config=app_config, ) user = uapi.get_current_user() # User return uapi.get_user_with_context(user)
def disable_user(self, context, request: TracimRequest, hapic_data=None): """ disable user """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) uapi.disable(user=request.candidate_user, do_save=True) return
def create_workspaces_members_role( self, context, request: TracimRequest, hapic_data=None ) -> UserRoleWorkspaceInContext: """ Add Members to this workspace """ newly_created = False email_sent = False app_config = request.registry.settings['CFG'] rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) uapi = UserApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) try: _, user = uapi.find( user_id=hapic_data.body.user_id, email=hapic_data.body.user_email_or_public_name, public_name=hapic_data.body.user_email_or_public_name ) except UserDoesNotExist: try: # TODO - G.M - 2018-07-05 - [UserCreation] Reenable email # notification for creation user = uapi.create_user( hapic_data.body.user_email_or_public_name, do_notify=False ) # nopep8 newly_created = True except EmailValidationFailed: raise UserCreationFailed('no valid mail given') role = rapi.create_one( user=user, workspace=request.current_workspace, role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level, # nopep8 with_notif=False, flush=True, ) return rapi.get_user_role_workspace_with_context( role, newly_created=newly_created, email_sent=email_sent, )
def login(self, context, request: TracimRequest, hapic_data=None): """ Logs user into the system """ login = hapic_data.body app_config = request.registry.settings['CFG'] uapi = UserApi( None, session=request.dbsession, config=app_config, ) user = uapi.authenticate_user(login.email, login.password) return uapi.get_user_with_context(user)
def set_user_email(self, context, request: TracimRequest, hapic_data=None): """ Set user Email """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) user = uapi.set_email(request.candidate_user, hapic_data.body.loggedin_user_password, hapic_data.body.email, do_save=True) return uapi.get_user_with_context(user)
def set_user_infos(self, context, request: TracimRequest, hapic_data=None): """ Set user info data """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) user = uapi.update(request.candidate_user, name=hapic_data.body.public_name, timezone=hapic_data.body.timezone, do_save=True) return uapi.get_user_with_context(user)
def _get_basic_auth_unsafe_user(request: Request, ) -> typing.Optional[User]: """ :param request: pyramid request :return: User or None """ app_config = request.registry.settings['CFG'] uapi = UserApi(None, session=request.dbsession, config=app_config) try: login = request.unauthenticated_userid if not login: return None user = uapi.get_one_by_email(login) except UserDoesNotExist: return None return user
def test_unit__get_all_manageable(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() uapi = UserApi( session=self.session, current_user=admin, config=self.config, ) # Checks a case without workspaces. wapi = WorkspaceApi( session=self.session, current_user=admin, config=self.app_config, ) eq_([], wapi.get_all_manageable()) # Checks an admin gets all workspaces. w4 = wapi.create_workspace(label='w4') w3 = wapi.create_workspace(label='w3') w2 = wapi.create_workspace(label='w2') w1 = wapi.create_workspace(label='w1') eq_([w1, w2, w3, w4], wapi.get_all_manageable()) # Checks a regular user gets none workspace. gapi = GroupApi( session=self.session, current_user=None, config=self.app_config, ) u = uapi.create_minimal_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True) wapi = WorkspaceApi( session=self.session, current_user=u, config=self.app_config, ) rapi = RoleApi( session=self.session, current_user=u, config=self.app_config, ) rapi.create_one(u, w4, UserRoleInWorkspace.READER, False) rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False) rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False) rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([], wapi.get_all_manageable()) # Checks a manager gets only its own workspaces. u.groups.append(gapi.get_one(Group.TIM_MANAGER)) rapi.delete_one(u.user_id, w2.workspace_id) rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([w1, w2], wapi.get_all_manageable())
def __call__(self, environ, start_response): environ['tracim_user'] = UserApi( None, session=environ['tracim_dbsession'], config=environ['tracim_cfg'], ).get_one_by_email(environ['http_authenticator.username']) return self._application(environ, start_response)
def test_get_all(self): # TODO - G.M - 29-03-2018 Check why this method is not enabled api = UserApi( current_user=None, session=self.session, config=self.config, )
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(models.User) \ .filter(models.User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] test_user = uapi.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) uapi.save(test_user) uapi.disable(test_user) transaction.commit() self.testapp.authorization = ('Basic', ('*****@*****.**', 'pass')) res = self.testapp.get('/api/v2/sessions/whoami', status=401)
def set_user_password(self, context, request: TracimRequest, hapic_data=None): # nopep8 """ Set user password """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) uapi.set_password(request.candidate_user, hapic_data.body.loggedin_user_password, hapic_data.body.new_password, hapic_data.body.new_password2, do_save=True) return