def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(models.User) \
            .filter(models.User.email == '*****@*****.**') \
            .one()
        uapi = UserApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        gapi = GroupApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        groups = [gapi.get_one_with_name('users')]
        test_user = uapi.create_user(
            email='*****@*****.**',
            password='******',
            name='bob',
            groups=groups,
            timezone='Europe/Paris',
            do_save=True,
            do_notify=False,
        )
        uapi.save(test_user)
        uapi.disable(test_user)
        transaction.commit()
        self.testapp.authorization = ('Basic', ('*****@*****.**', 'pass'))

        res = self.testapp.get('/api/v2/sessions/whoami', status=401)
Example #2
0
    def test_func__create_user_with_mail_notification__ok__nominal_case(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        u = api.create_user(
            email='bob@bob',
            password='******',
            name='bob',
            timezone='+2',
            do_save=True,
            do_notify=True,
        )
        assert u is not None
        assert u.email == "bob@bob"
        assert u.validate_password('pass')
        assert u.display_name == 'bob'
        assert u.timezone == '+2'

        # check mail received
        response = requests.get('http://127.0.0.1:8025/api/v1/messages')
        response = response.json()
        headers = response[0]['Content']['Headers']
        assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>'  # nopep8
        assert headers['To'][0] == 'bob <bob@bob>'
        assert headers['Subject'][0] == '[TRACIM] Created account'
Example #3
0
 def test_get_one(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     u = api.create_user()
     api.update(u, 'titi', 'titi@titi', True)
     one = api.get_one(u.user_id)
     eq_(u.user_id, one.user_id)
Example #4
0
    def test_get_one_by_email(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.config,
        )
        u = api.create_user()
        api.update(u, 'bibi', 'bibi@bibi', True)
        uid = u.user_id
        transaction.commit()

        eq_(uid, api.get_one_by_email('bibi@bibi').user_id)
Example #5
0
    def test_user_with_email_exists(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.config,
        )
        u = api.create_user()
        api.update(u, 'bibi', 'bibi@bibi', True)
        transaction.commit()

        eq_(True, api.user_with_email_exists('bibi@bibi'))
        eq_(False, api.user_with_email_exists('unknown'))
Example #6
0
    def test_create_and_update_user(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.config,
        )
        u = api.create_user()
        api.update(u, 'bob', 'bob@bob', True)

        nu = api.get_one_by_email('bob@bob')
        assert nu != None
        eq_('bob@bob', nu.email)
        eq_('bob', nu.display_name)
Example #7
0
 def create_workspaces_members_role(
         self,
         context,
         request: TracimRequest,
         hapic_data=None
 ) -> UserRoleWorkspaceInContext:
     """
     Add Members to this workspace
     """
     newly_created = False
     email_sent = False
     app_config = request.registry.settings['CFG']
     rapi = RoleApi(
         current_user=request.current_user,
         session=request.dbsession,
         config=app_config,
     )
     uapi = UserApi(
         current_user=request.current_user,
         session=request.dbsession,
         config=app_config,
     )
     try:
         _, user = uapi.find(
             user_id=hapic_data.body.user_id,
             email=hapic_data.body.user_email_or_public_name,
             public_name=hapic_data.body.user_email_or_public_name
         )
     except UserDoesNotExist:
         try:
             # TODO - G.M - 2018-07-05 - [UserCreation] Reenable email
             # notification for creation
             user = uapi.create_user(
                 hapic_data.body.user_email_or_public_name,
                 do_notify=False
             )  # nopep8
             newly_created = True
         except EmailValidationFailed:
             raise UserCreationFailed('no valid mail given')
     role = rapi.create_one(
         user=user,
         workspace=request.current_workspace,
         role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level,  # nopep8
         with_notif=False,
         flush=True,
     )
     return rapi.get_user_role_workspace_with_context(
         role,
         newly_created=newly_created,
         email_sent=email_sent,
     )
 def test__unit__create__user__ok_nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     u = api.create_user(
         email='bob@bob',
         password='******',
         name='bob',
         timezone='+2',
         do_save=True,
         do_notify=False,
     )
     assert u is not None
     assert u.email == "bob@bob"
     assert u.validate_password('pass')
     assert u.display_name == 'bob'
     assert u.timezone == '+2'
Example #9
0
 def test_unit__get_all_manageable(self):
     admin = self.session.query(User) \
         .filter(User.email == '*****@*****.**').one()
     uapi = UserApi(
         session=self.session,
         current_user=admin,
         config=self.config,
     )
     # Checks a case without workspaces.
     wapi = WorkspaceApi(
         session=self.session,
         current_user=admin,
     )
     eq_([], wapi.get_all_manageable())
     # Checks an admin gets all workspaces.
     w4 = wapi.create_workspace(label='w4')
     w3 = wapi.create_workspace(label='w3')
     w2 = wapi.create_workspace(label='w2')
     w1 = wapi.create_workspace(label='w1')
     eq_([w1, w2, w3, w4], wapi.get_all_manageable())
     # Checks a regular user gets none workspace.
     gapi = GroupApi(
         session=self.session,
         current_user=None,
     )
     u = uapi.create_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
     wapi = WorkspaceApi(session=self.session, current_user=u)
     rapi = RoleApi(session=self.session, current_user=u)
     rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
     rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)
     rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False)
     rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
     eq_([], wapi.get_all_manageable())
     # Checks a manager gets only its own workspaces.
     u.groups.append(gapi.get_one(Group.TIM_MANAGER))
     rapi.delete_one(u.user_id, w2.workspace_id)
     rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
     eq_([w1, w2], wapi.get_all_manageable())
Example #10
0
    def test_api__try_login_enpoint__err_401__user_not_activated(self):
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(models.User) \
            .filter(models.User.email == '*****@*****.**') \
            .one()
        uapi = UserApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        gapi = GroupApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        groups = [gapi.get_one_with_name('users')]
        test_user = uapi.create_user(
            email='*****@*****.**',
            password='******',
            name='bob',
            groups=groups,
            timezone='Europe/Paris',
            do_save=True,
            do_notify=False,
        )
        uapi.save(test_user)
        uapi.disable(test_user)
        transaction.commit()

        params = {
            'email': '*****@*****.**',
            'password': '******',
        }
        res = self.testapp.post_json(
            '/api/v2/sessions/login',
            params=params,
            status=403,
        )
Example #11
0
 def test_get_notifiable_roles(self):
     admin = self.session.query(User) \
         .filter(User.email == '*****@*****.**').one()
     wapi = WorkspaceApi(
         session=self.session,
         current_user=admin,
     )
     w = wapi.create_workspace(label='workspace w', save_now=True)
     uapi = UserApi(session=self.session,
                    current_user=admin,
                    config=self.config)
     u = uapi.create_user(email='[email protected]', save_now=True)
     eq_([], wapi.get_notifiable_roles(workspace=w))
     rapi = RoleApi(
         session=self.session,
         current_user=admin,
     )
     r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True)
     eq_([
         r,
     ], wapi.get_notifiable_roles(workspace=w))
     u.is_active = False
     eq_([], wapi.get_notifiable_roles(workspace=w))
 def create_user(self, context, request: TracimRequest, hapic_data=None):
     """
     Create new user
     """
     app_config = request.registry.settings['CFG']
     uapi = UserApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     gapi = GroupApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     groups = [gapi.get_one_with_name(hapic_data.body.profile)]
     user = uapi.create_user(email=hapic_data.body.email,
                             password=hapic_data.body.password,
                             timezone=hapic_data.body.timezone,
                             name=hapic_data.body.public_name,
                             do_notify=hapic_data.body.email_notification,
                             groups=groups,
                             do_save=True)
     return uapi.get_user_with_context(user)
 def test_unit__authenticate_user___err__user_not_active(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     gapi = GroupApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     groups = [gapi.get_one_with_name('users')]
     user = api.create_user(
         email='*****@*****.**',
         password='******',
         name='bob',
         groups=groups,
         timezone='Europe/Paris',
         do_save=True,
         do_notify=False,
     )
     api.disable(user)
     with pytest.raises(UserNotActive):
         api.authenticate_user('*****@*****.**', '*****@*****.**')