def bob_setup(bob_account_id, record_id, carenet_id, allowed_docs, disallowed_docs):
bob_chrome_client = IndivoClient("chrome", "chrome")
bob_chrome_client.create_session(data.account02)
# SZ: Bob should NOT be able to read the docs directly in the record
for doc_id in allowed_docs + disallowed_docs:
assert_403(bob_chrome_client.read_document(record_id=record_id, document_id=doc_id))
assert_403(bob_chrome_client.get_record_carenets(record_id=record_id))
# Bob should be able to read the allowed docs
for doc_id in allowed_docs:
assert_200(bob_chrome_client.get_carenet_document(carenet_id=carenet_id, document_id=doc_id))
# Bob should not be able to read the disallowed docs
for doc_id in disallowed_docs:
assert_404(bob_chrome_client.get_carenet_document(carenet_id=carenet_id, document_id=doc_id))
# Bob should be able to list docs in the carenet
carenet_documents_list = bob_chrome_client.get_carenet_documents(carenet_id=carenet_id).response[PRD][
"Document"
]
# with a parameter
carenet_documents_list = bob_chrome_client.get_carenet_documents(
carenet_id=carenet_id, parameters={"type": "http://indivo.org/vocab/xml/documents#Allergy"}
).response[PRD]["Document"]
# Read carenet allergies
assert_200(bob_chrome_client.read_carenet_allergies(carenet_id=carenet_id))
assert_200(bob_chrome_client.read_carenet_problems(carenet_id=carenet_id))
# Read the contact document, this should work
contact_doc = parse_xml(
bob_chrome_client.read_carenet_special_document(carenet_id=carenet_id, special_document="contact")
)
contact_name = xpath(
contact_doc,
"/ns:Contact/ns:name/ns:fullName/text()",
namespaces={"ns": "http://indivo.org/vocab/xml/documents#"},
)
assert contact_name
bob_chrome_client.get_account_permissions(account_id=bob_account_id)
bob_chrome_client.get_carenet_account_permissions(
carenet_id=carenet_id, record_id=record_id, account_id=bob_account_id
)
# Not yet implemented
# bob_chrome_client.get_carenet_app_permissions(account_id=bob_account_id)
return True
def bob_setup(bob_account_id, record_id, carenet_id, allowed_docs, disallowed_docs):
bob_chrome_client = IndivoClient('chrome', 'chrome')
bob_chrome_client.create_session(data.account02)
# SZ: Bob should NOT be able to read the docs directly in the record
for doc_id in allowed_docs+disallowed_docs:
assert_403(bob_chrome_client.read_document(record_id=record_id, document_id=doc_id))
assert_403(bob_chrome_client.get_record_carenets(record_id=record_id))
# Bob should be able to read the allowed docs
for doc_id in allowed_docs:
assert_200(bob_chrome_client.get_carenet_document(carenet_id = carenet_id, document_id = doc_id))
# Bob should not be able to read the disallowed docs
for doc_id in disallowed_docs:
assert_404(bob_chrome_client.get_carenet_document(carenet_id = carenet_id, document_id = doc_id))
# Bob should be able to list docs in the carenet
carenet_documents_list = bob_chrome_client.get_carenet_documents(carenet_id = carenet_id).response[PRD]['Document']
# with a parameter
carenet_documents_list = bob_chrome_client.get_carenet_documents(carenet_id = carenet_id, parameters={'type': 'http://indivo.org/vocab/xml/documents#Allergy'}).response[PRD]['Document']
# Read carenet allergies
# TODO: replace with generic call
# assert_200(bob_chrome_client.read_carenet_allergies(carenet_id = carenet_id))
# Read the demographics document, this should work
resp = bob_chrome_client.call('GET', '/carenets/%s/demographics'%carenet_id, options={'parameters':{'response_format':'application/xml'}} )
demographics_doc = parse_xml(resp)
family_name = xpath(demographics_doc, '/Models/Model/Field[@name="name_family"]/text()')
assert(family_name)
bob_chrome_client.get_account_permissions(account_id=bob_account_id)
bob_chrome_client.get_carenet_account_permissions(carenet_id= carenet_id,
record_id=record_id,
account_id=bob_account_id)
# Not yet implemented
#bob_chrome_client.get_carenet_app_permissions(account_id=bob_account_id)
return True
def test_userapp_document_handling(IndivoClient):
PRD = 'prd'
try:
admin_client = IndivoClient(data.machine_app_email,
data.machine_app_secret)
record_id = admin_client.create_record(
data=data.contact).response[PRD]['Record'][0]
admin_client.set_app_id(data.app_email)
admin_client.get_version()
token = admin_client.setup_app(record_id=record_id,
app_id=data.app_email).response[PRD]
user_client = IndivoClient(data.app_email, 'norepinephrine')
# Should return a 403
assert_403(user_client.read_record(record_id=record_id))
# set up the credentials and now this should work
user_client.set_app_id(data.app_email)
user_client.update_token(token)
user_client.post_app_document(data=data.access_key)
doc_id = user_client.post_app_document(
data=data.patient_access_key).response[PRD]['Document'][0]
user_client.read_app_document(document_id=doc_id)
user_client.read_app_documents(parameters={'type': 'PatientAccessKey'})
user_client.read_app_documents(parameters={'type': 'AccessKey'})
user_client.read_app_document_meta(document_id=doc_id)
user_client.read_app_document()
user_client.post_app_document_ext(external_id='extid', data=data.doc01)
user_client.read_app_document_ext_meta(external_id='extid')
user_client.read_app_documents()
#user_client.create_or_replace_app_document, document_id=doc_id, data=data.doc02)
#user_client.post_app_document_label(data.app_email, doc_id, label)
#user_client.remove_app_document(data.app_email, doc_id)
except Exception, e:
return False, e
def test_userapp_document_handling(IndivoClient):
PRD = 'prd'
try:
admin_client = IndivoClient(data.machine_app_email, data.machine_app_secret)
record_id = admin_client.create_record(data=data.contact).response[PRD]['Record'][0]
admin_client.set_app_id(data.app_email)
admin_client.get_version()
token = admin_client.setup_app(record_id=record_id, app_id=data.app_email).response[PRD]
user_client = IndivoClient(data.app_email, 'norepinephrine')
# Should return a 403
assert_403(user_client.read_record(record_id=record_id))
# set up the credentials and now this should work
user_client.set_app_id(data.app_email)
user_client.update_token(token)
user_client.post_app_document(data=data.access_key)
doc_id = user_client.post_app_document(data=data.patient_access_key).response[PRD]['Document'][0]
user_client.read_app_document(document_id=doc_id)
user_client.read_app_documents(parameters={'type':'PatientAccessKey'})
user_client.read_app_documents(parameters={'type':'AccessKey'})
user_client.read_app_document_meta(document_id=doc_id)
user_client.read_app_document()
user_client.post_app_document_ext(external_id='extid', data=data.doc01)
user_client.read_app_document_ext_meta(external_id='extid')
user_client.read_app_documents()
#user_client.create_or_replace_app_document, document_id=doc_id, data=data.doc02)
#user_client.post_app_document_label(data.app_email, doc_id, label)
#user_client.remove_app_document(data.app_email, doc_id)
except Exception, e:
return False, e
def bob_setup(bob_account_id, record_id, carenet_id, allowed_docs,
disallowed_docs):
bob_chrome_client = IndivoClient('chrome', 'chrome')
bob_chrome_client.create_session(data.account02)
# SZ: Bob should NOT be able to read the docs directly in the record
for doc_id in allowed_docs + disallowed_docs:
assert_403(
bob_chrome_client.read_document(record_id=record_id,
document_id=doc_id))
assert_403(bob_chrome_client.get_record_carenets(record_id=record_id))
# Bob should be able to read the allowed docs
for doc_id in allowed_docs:
assert_200(
bob_chrome_client.get_carenet_document(carenet_id=carenet_id,
document_id=doc_id))
# Bob should not be able to read the disallowed docs
for doc_id in disallowed_docs:
assert_404(
bob_chrome_client.get_carenet_document(carenet_id=carenet_id,
document_id=doc_id))
# Bob should be able to list docs in the carenet
carenet_documents_list = bob_chrome_client.get_carenet_documents(
carenet_id=carenet_id).response[PRD]['Document']
# with a parameter
carenet_documents_list = bob_chrome_client.get_carenet_documents(
carenet_id=carenet_id,
parameters={
'type': 'http://indivo.org/vocab/xml/documents#Allergy'
}).response[PRD]['Document']
# Read carenet allergies
# TODO: replace with generic call
# assert_200(bob_chrome_client.read_carenet_allergies(carenet_id = carenet_id))
# Read the demographics document, this should work
resp = bob_chrome_client.call(
'GET',
'/carenets/%s/demographics' % carenet_id,
options={'parameters': {
'response_format': 'application/xml'
}})
demographics_doc = parse_xml(resp)
family_name = xpath(demographics_doc,
'/Models/Model/Field[@name="name_family"]/text()')
assert (family_name)
bob_chrome_client.get_account_permissions(account_id=bob_account_id)
bob_chrome_client.get_carenet_account_permissions(
carenet_id=carenet_id,
record_id=record_id,
account_id=bob_account_id)
# Not yet implemented
#bob_chrome_client.get_carenet_app_permissions(account_id=bob_account_id)
return True
def bob_setup(bob_account_id, record_id, carenet_id, allowed_docs,
disallowed_docs):
bob_chrome_client = IndivoClient('chrome', 'chrome')
bob_chrome_client.create_session(data.account02)
# SZ: Bob should NOT be able to read the docs directly in the record
for doc_id in allowed_docs + disallowed_docs:
assert_403(
bob_chrome_client.read_document(record_id=record_id,
document_id=doc_id))
assert_403(bob_chrome_client.get_record_carenets(record_id=record_id))
# Bob should be able to read the allowed docs
for doc_id in allowed_docs:
assert_200(
bob_chrome_client.get_carenet_document(carenet_id=carenet_id,
document_id=doc_id))
# Bob should not be able to read the disallowed docs
for doc_id in disallowed_docs:
assert_404(
bob_chrome_client.get_carenet_document(carenet_id=carenet_id,
document_id=doc_id))
# Bob should be able to list docs in the carenet
carenet_documents_list = bob_chrome_client.get_carenet_documents(
carenet_id=carenet_id).response[PRD]['Document']
# with a parameter
carenet_documents_list = bob_chrome_client.get_carenet_documents(
carenet_id=carenet_id,
parameters={
'type': 'http://indivo.org/vocab/xml/documents#Allergy'
}).response[PRD]['Document']
# Read carenet allergies
assert_200(
bob_chrome_client.read_carenet_allergies(carenet_id=carenet_id))
assert_200(
bob_chrome_client.read_carenet_problems(carenet_id=carenet_id))
# Read the contact document, this should work
contact_doc = parse_xml(
bob_chrome_client.read_carenet_special_document(
carenet_id=carenet_id, special_document='contact'))
contact_name = xpath(
contact_doc,
'/ns:Contact/ns:name/ns:fullName/text()',
namespaces={'ns': 'http://indivo.org/vocab/xml/documents#'})
assert (contact_name)
bob_chrome_client.get_account_permissions(account_id=bob_account_id)
bob_chrome_client.get_carenet_account_permissions(
carenet_id=carenet_id,
record_id=record_id,
account_id=bob_account_id)
# Not yet implemented
#bob_chrome_client.get_carenet_app_permissions(account_id=bob_account_id)
return True
def test_account(IndivoClient):
try:
chrome_client = IndivoClient('chrome', 'chrome')
# simplest test case
chrome_client.create_account({'user_email' : '*****@*****.**', 'contact_email':'*****@*****.**', 'user_pass': '******'})
chrome_client.add_auth_system(account_id='*****@*****.**', data={'system':'password', 'username':'******', 'password': '******'})
# create an account
chrome_client.create_account({'user_email' : '*****@*****.**', 'primary_secret_p' : '1', 'secondary_secret_p' : '1', 'contact_email':'*****@*****.**'})
# reset it
chrome_client.account_reset(account_id='*****@*****.**')
# get the account info
account_resp = chrome_client.account_info(account_id = '*****@*****.**')
parsed_resp = ElementTree.fromstring(account_resp.response['response_data'])
secondary_secret = parsed_resp.findtext('secret')
# get the primary secret
primary_secret_resp = chrome_client.account_primary_secret(account_id = '*****@*****.**')
parsed_resp = ElementTree.fromstring(primary_secret_resp.response['response_data'])
primary_secret = parsed_resp.text
# initialize it
chrome_client.account_initialize(account_id='*****@*****.**', primary_secret=primary_secret, data={'secondary_secret':secondary_secret})
# set username and password
chrome_client.add_auth_system(account_id='*****@*****.**', data={'system':'password', 'username':'******', 'password': '******'})
# set the password to something else
chrome_client.account_set_password(account_id='*****@*****.**', data={'password':'******'})
# change the state back and forth
chrome_client.account_set_state(account_id='*****@*****.**', data={'state': 'disabled'})
chrome_client.account_set_state(account_id='*****@*****.**', data={'state': 'active'})
chrome_client.account_set_state(account_id='*****@*****.**', data={'state': 'retired'})
assert_403(chrome_client.account_set_state(account_id='*****@*****.**', data={'state': 'active'}))
# see if we can create a session for it
chrome_client.create_session({'username':'******','user_pass':'******'})
# now the token is in the client, we can change the password
chrome_client.account_change_password(account_id = '*****@*****.**', data={'old':'test2','new':'test3'})
# change the info
assert_200(chrome_client.account_info_set(account_id= '*****@*****.**', data={'contact_email':'*****@*****.**','full_name':'Ben2 Adida'}))
# change the username
assert_200(chrome_client.account_username_set(account_id='*****@*****.**', data={'username':'******'}))
chrome_client = IndivoClient('chrome', 'chrome')
chrome_client.create_session({'username':'******','user_pass':'******'})
# do account search
chrome_client = IndivoClient('chrome', 'chrome')
accounts = parse_xml(chrome_client.account_search(parameters={'contact_email': '*****@*****.**'}))
accounts2 = parse_xml(chrome_client.account_search(parameters={'fullname': 'Steve Zabak'}))
# create an account with a mychildrens auth system
chrome_client.create_account({'user_email' : '*****@*****.**', 'primary_secret_p' : '0', 'secondary_secret_p' : '0', 'contact_email':'*****@*****.**'})
chrome_client.add_auth_system(account_id='*****@*****.**', data={'system':'mychildrens', 'username':'******'})
# FIXME: this call doesn't do anything, probably because of some internal magic that fails if there is no password field
chrome_client.create_session({'username':'******','system':'mychildrens'})
except Exception, e:
return False, e
def test_account(IndivoClient):
try:
chrome_client = IndivoClient('chrome', 'chrome')
# simplest test case
chrome_client.create_account({
'user_email': '*****@*****.**',
'contact_email': '*****@*****.**',
'user_pass': '******'
})
chrome_client.add_auth_system(account_id='*****@*****.**',
data={
'system': 'password',
'username': '******',
'password': '******'
})
# create an account
chrome_client.create_account({
'user_email': '*****@*****.**',
'primary_secret_p': '1',
'secondary_secret_p': '1',
'contact_email': '*****@*****.**'
})
# reset it
chrome_client.account_reset(account_id='*****@*****.**')
# get the account info
account_resp = chrome_client.account_info(account_id='*****@*****.**')
parsed_resp = ElementTree.fromstring(
account_resp.response['response_data'])
secondary_secret = parsed_resp.findtext('secret')
# get the primary secret
primary_secret_resp = chrome_client.account_primary_secret(
account_id='*****@*****.**')
parsed_resp = ElementTree.fromstring(
primary_secret_resp.response['response_data'])
primary_secret = parsed_resp.text
# initialize it
chrome_client.account_initialize(
account_id='*****@*****.**',
primary_secret=primary_secret,
data={'secondary_secret': secondary_secret})
# set username and password
chrome_client.add_auth_system(account_id='*****@*****.**',
data={
'system': 'password',
'username': '******',
'password': '******'
})
# set the password to something else
chrome_client.account_set_password(account_id='*****@*****.**',
data={'password': '******'})
# change the state back and forth
chrome_client.account_set_state(account_id='*****@*****.**',
data={'state': 'disabled'})
chrome_client.account_set_state(account_id='*****@*****.**',
data={'state': 'active'})
chrome_client.account_set_state(account_id='*****@*****.**',
data={'state': 'retired'})
assert_403(
chrome_client.account_set_state(account_id='*****@*****.**',
data={'state': 'active'}))
# see if we can create a session for it
chrome_client.create_session({'username': '******', 'user_pass': '******'})
# now the token is in the client, we can change the password
chrome_client.account_change_password(account_id='*****@*****.**',
data={
'old': 'test2',
'new': 'test3'
})
# change the info
assert_200(
chrome_client.account_info_set(account_id='*****@*****.**',
data={
'contact_email':
'*****@*****.**',
'full_name': 'Ben2 Adida'
}))
# change the username
assert_200(
chrome_client.account_username_set(account_id='*****@*****.**',
data={'username': '******'}))
chrome_client = IndivoClient('chrome', 'chrome')
chrome_client.create_session({'username': '******', 'user_pass': '******'})
# do account search
chrome_client = IndivoClient('chrome', 'chrome')
accounts = parse_xml(
chrome_client.account_search(
parameters={'contact_email': '*****@*****.**'}))
accounts2 = parse_xml(
chrome_client.account_search(
parameters={'fullname': 'Steve Zabak'}))
# create an account with a mychildrens auth system
chrome_client.create_account({
'user_email': '*****@*****.**',
'primary_secret_p': '0',
'secondary_secret_p': '0',
'contact_email': '*****@*****.**'
})
chrome_client.add_auth_system(account_id='*****@*****.**',
data={
'system': 'mychildrens',
'username': '******'
})
# FIXME: this call doesn't do anything, probably because of some internal magic that fails if there is no password field
chrome_client.create_session({
'username': '******',
'system': 'mychildrens'
})
except Exception, e:
return False, e
