def test_operation_logs_serializers(client, rero_json_header, patron_martigny,
librarian_martigny, item_lib_martigny,
loc_public_martigny, circulation_policies,
lib_martigny_data):
"""Test serializers for operation logs."""
login_user(client, patron_martigny)
params = {
'patron_pid': patron_martigny.pid,
'transaction_location_pid': loc_public_martigny.pid,
'transaction_user_pid': librarian_martigny.pid,
'pickup_location_pid': loc_public_martigny.pid,
}
item_record_to_a_specific_loan_state(item=item_lib_martigny,
loan_state=LoanState.ITEM_AT_DESK,
params=params,
copy_item=True)
# Force update ES index
flush_index(OperationLogsSearch.Meta.index)
list_url = url_for('invenio_records_rest.oplg_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
data = get_json(response)
loan = data.get('hits', {}).get('hits', [])[0].get('metadata', {})\
.get('loan', {})
libary_name = lib_martigny_data['name']
# Check if the library data injected into the section
assert libary_name == loan.get('transaction_location', {})\
.get('library').get('name')
assert libary_name == loan.get('pickup_location', {})\
.get('library').get('name')
def test_items_permissions(
client,
item_lib_martigny, # on shelf
item_lib_fully, # on loan
librarian_martigny_no_email
):
"""Test record retrieval."""
login_user(client, librarian_martigny_no_email)
data = call_api_permissions(client, 'items', item_lib_fully.pid)
assert not data['delete']['can']
assert not data['update']['can']
data = call_api_permissions(client, 'items', item_lib_martigny.pid)
assert data['delete']['can']
assert data['update']['can']
response = client.get(
url_for(
'api_blueprint.permissions',
route_name='items',
record_pid='dummy_item_pid'
)
)
assert response.status_code == 404
def test_items_serializers(
client,
item_lib_martigny, # on shelf
item_lib_fully, # on loan
json_header,
patron_martigny_no_email,
librarian_martigny_no_email,
librarian_sion_no_email,
loan_pending_martigny):
"""Test record retrieval."""
login_user(client, librarian_martigny_no_email)
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert 'cannot_delete' in data['permissions']
assert 'cannot_update' not in data['permissions']
assert data['metadata'].get('item_type').get('$ref')
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid,
resolve=1)
response = client.get(item_url, headers=json_header)
data = get_json(response)['metadata']
assert data.get('item_type').get('pid')
def test_patrons_serializers(client, json_header, librarian_martigny_no_email,
librarian2_martigny_no_email):
"""Test serializers for patrons."""
login_user(client, librarian_martigny_no_email)
list_url = url_for('invenio_records_rest.ptrn_list')
response = client.get(list_url, headers=json_header)
assert response.status_code == 200
def test_patrons_permissions(
client,
patron_martigny_no_email,
librarian_martigny_no_email,
librarian2_martigny_no_email,
librarian_saxon_no_email,
system_librarian_martigny_no_email,
system_librarian2_martigny_no_email,
system_librarian_sion_no_email,
librarian_sion_no_email
):
"""Test permissions for patrons."""
# simple librarian -----------------------------------------------
login_user(client, librarian_martigny_no_email)
# 1) should update and delete a librarian of the same library
data = call_api_permissions(client, 'patrons',
librarian2_martigny_no_email.pid)
assert data['delete']['can']
assert data['update']['can']
# 2) should not update and delete a librarian of an other library
data = call_api_permissions(client, 'patrons',
librarian_saxon_no_email.pid)
assert not data['delete']['can']
assert not data['update']['can']
# 3) should not update and delete a system librarian
data = call_api_permissions(client, 'patrons',
system_librarian_martigny_no_email.pid)
assert not data['delete']['can']
assert not data['update']['can']
# system librarian ----------------------------------------------
login_user(client, system_librarian_martigny_no_email)
# should update and delete a librarian of the same library
data = call_api_permissions(client, 'patrons',
librarian2_martigny_no_email.pid)
assert data['delete']['can']
assert data['update']['can']
# should update and delete a librarian of an other library
data = call_api_permissions(client, 'patrons',
librarian_saxon_no_email.pid)
assert data['delete']['can']
assert data['update']['can']
# should update and delete a system librarian of the same organisation
# but not itself
data = call_api_permissions(client, 'patrons',
system_librarian2_martigny_no_email.pid)
assert data['delete']['can']
assert data['update']['can']
# should not update and delete a system librarian of an other organisation
data = call_api_permissions(client, 'patrons',
system_librarian_sion_no_email.pid)
assert not data['delete']['can']
assert not data['update']['can']
def test_items_serializers(
client,
item_lib_martigny, # on shelf
item_lib_fully, # on loan
csv_header,
json_header,
rero_json_header,
patron_martigny,
librarian_martigny,
librarian_sion,
loan_pending_martigny):
"""Test record retrieval."""
login_user(client, librarian_martigny)
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert data['metadata'].get('item_type', {}).get('$ref')
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_martigny.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert data['metadata'].get('item_type', {}).get('$ref')
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid,
resolve=1)
response = client.get(item_url, headers=json_header)
data = get_json(response)
assert data['metadata'].get('item_type', {}).get('pid')
# test if all key exist into response with a value
for key in ['created', 'updated', 'id', 'links', 'metadata']:
assert key in data
assert data[key]
list_url = url_for('invenio_records_rest.item_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
list_url = url_for('api_item.inventory_search')
response = client.get(list_url, headers=csv_header)
assert response.status_code == 200
data = get_csv(response)
assert data
assert '"pid","document_pid","document_title","document_creator",' \
'"document_main_type","document_sub_type","library_name",' \
'"location_name","barcode","call_number","second_call_number",' \
'"enumerationAndChronology","item_type","temporary_item_type",' \
'"temporary_item_type_end_date","general_note","staff_note",' \
'"checkin_note","checkout_note","loans_count","checkout_date",' \
'"due_date","last_transaction_date","status","created",' \
'"issue_status","issue_status_date","issue_claims_count",' \
'"issue_expected_date","issue_regular"' in data
def test_ill_requests_serializers(client, rero_json_header, patron_martigny,
ill_request_martigny):
"""Test serializers for ills requests."""
login_user(client, patron_martigny)
list_url = url_for('invenio_records_rest.illr_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
data = get_json(response)
record = data.get('hits', {}).get('hits', [])[0]
assert record.get('metadata', {}).get('pickup_location', {}).get('name')
def confirm(request, code=''):
if request.method == 'GET' and code:
form = ConfirmForm({'confirmation_key':code})
if form.is_valid():
unconfirmed = form.cleaned_data['unconfirmed']
new_user = User.objects.create_user(unconfirmed.username, unconfirmed.email, unconfirmed.password)
new_user.save()
unconfirmed.delete()
login_user(request, new_user)
return HttpResponseRedirect(reverse(profile, kwargs={'username': request.user.username}))
return HttpResponse('The confirmation code was not valid.')
def test_patron_transaction_events_serializers(
client, rero_json_header, librarian_saxon,
patron_transaction_overdue_event_saxon):
"""Test serializers for patron transaction events."""
login_user(client, librarian_saxon)
list_url = url_for('invenio_records_rest.ptre_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
data = get_json(response)
record = data.get('hits', {}).get('hits', [])[0]
assert record.get('metadata', {}).get('library', {}).get('name')
def test_loans_serializers(client, rero_json_header, patron_martigny,
loc_public_martigny, loc_public_fully,
librarian_martigny, item_lib_martigny,
item_lib_fully, circulation_policies):
"""Test serializers for loans."""
login_user(client, patron_martigny)
# create somes loans on same item with different state
params = {
'patron_pid': patron_martigny.pid,
'transaction_location_pid': loc_public_martigny.pid,
'transaction_user_pid': librarian_martigny.pid,
'pickup_location_pid': loc_public_martigny.pid,
}
item_record_to_a_specific_loan_state(item=item_lib_martigny,
loan_state=LoanState.PENDING,
params=params,
copy_item=True)
item_record_to_a_specific_loan_state(item=item_lib_martigny,
loan_state=LoanState.ITEM_AT_DESK,
params=params,
copy_item=True)
item_record_to_a_specific_loan_state(item=item_lib_martigny,
loan_state=LoanState.ITEM_ON_LOAN,
params=params,
copy_item=True)
params = {
'patron_pid': patron_martigny.pid,
'transaction_location_pid': loc_public_fully.pid,
'transaction_user_pid': librarian_martigny.pid,
'pickup_location_pid': loc_public_fully.pid,
'checkin_transaction_location_pid': loc_public_martigny.pid
}
item_record_to_a_specific_loan_state(
item=item_lib_fully,
loan_state=LoanState.ITEM_IN_TRANSIT_TO_HOUSE,
params=params,
copy_item=True)
list_url = url_for('invenio_records_rest.loanid_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
data = get_json(response)
records = data.get('hits', {}).get('hits', [])
for record in records:
data = record.get('metadata', {})
if data.get('state') == 'PENDING':
assert data.get('pickup_name')
elif data.get('state') == 'ITEM_AT_DESK':
assert data.get('rank') == 0
elif data.get('state') == 'ITEM_ON_LOAN':
assert data.get('overdue') is False
elif data.get('state') == 'ITEM_IN_TRANSIT_TO_HOUSE':
assert data.get('pickup_library_name')
assert data.get('transaction_library_name')
def signup():
roles={1:"stu",2:"admin",3:"teacher"}
if request.method == 'GET':
return render_template('account/signup.html')
form = SignupForm(request.form)
if form.validate():
usr=form.save()
login_user(usr)
return redirect("/stu")
for fieldName, errorMessages in form.errors.iteritems():
for err in errorMessages:
flash(err)
return render_template('account/signup.html')
def test_holdings_serializers(client, rero_json_header, librarian_martigny,
lib_martigny, holding_lib_martigny):
"""Test serializers for holdings."""
login_user(client, librarian_martigny)
holding_url = url_for('invenio_records_rest.hold_list')
response = client.get(holding_url, headers=rero_json_header)
assert response.status_code == 200
data = get_json(response)
record = data['hits']['hits'][0]['metadata']
assert record.get('location', {}).get('name')
assert record.get('library', {}).get('name')
assert record.get('circulation_category', {}).get('name')
def signup():
roles = {1: "stu", 2: "admin", 3: "teacher"}
if request.method == 'GET':
return render_template('account/signup.html')
form = SignupForm(request.form)
if form.validate():
usr = form.save()
login_user(usr)
return redirect("/stu")
for fieldName, errorMessages in form.errors.iteritems():
for err in errorMessages:
flash(err)
return render_template('account/signup.html')
def test_patrons_serializers(client, json_header, librarian_martigny,
librarian2_martigny):
"""Test serializers for patrons."""
login_user(client, librarian_martigny)
list_url = url_for('invenio_records_rest.ptrn_list')
response = client.get(list_url, headers=json_header)
assert response.status_code == 200
# Get the first result and check if it contains all desired keys.
data = get_json(response)
hit = data['hits']['hits'][0]
for key in ['created', 'updated', 'id', 'links', 'metadata']:
assert key in hit
assert hit[key]
def login():
roles = {1: "stu", 2: "admin", 3: "teacher"}
if request.method == 'GET':
usr = get_current_user()
if usr is not None:
return redirect("/" + roles[usr.role])
return render_template('account/login.html')
form = LoginForm(request.form)
if form.validate():
login_user(form.user)
return redirect("/" + roles[form.user.role])
for fieldName, errorMessages in form.errors.iteritems():
for err in errorMessages:
flash(err)
return render_template('account/login.html')
def login():
roles={1:"stu",2:"admin",3:"teacher"}
if request.method == 'GET':
usr = get_current_user()
if usr is not None:
return redirect("/"+roles[usr.role])
return render_template('account/login.html')
form = LoginForm(request.form)
if form.validate():
login_user(form.user)
return redirect("/"+roles[form.user.role])
for fieldName, errorMessages in form.errors.iteritems():
for err in errorMessages:
flash(err)
return render_template('account/login.html')
def test_items_serializers(
client,
item_lib_martigny, # on shelf
item_lib_fully, # on loan
csv_header,
json_header,
rero_json_header,
patron_martigny_no_email,
librarian_martigny_no_email,
librarian_sion_no_email,
loan_pending_martigny):
"""Test record retrieval."""
login_user(client, librarian_martigny_no_email)
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert data['metadata'].get('item_type').get('$ref')
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_martigny.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert data['metadata'].get('item_type').get('$ref')
item_url = url_for('invenio_records_rest.item_item',
pid_value=item_lib_fully.pid,
resolve=1)
response = client.get(item_url, headers=json_header)
data = get_json(response)['metadata']
assert data.get('item_type').get('pid')
list_url = url_for('invenio_records_rest.item_list')
response = client.get(list_url, headers=rero_json_header)
assert response.status_code == 200
list_url = url_for('invenio_records_rest.item_list')
response = client.get(list_url, headers=csv_header)
assert response.status_code == 200
data = get_csv(response)
assert data
assert '"pid","document_pid","document_title","document_creator",' \
'"document_type","location_name","barcode","call_number",' \
'"second_call_number","loans_count","last_transaction_date",' \
'"status","created"' in data
def login():
error = None
if request.method == 'POST':
username = request.form['name']
password = request.form['password']
user = User.query.filter_by(name=username).first()
if user is None:
error = 'username invalidate'
else:
if user.password == password:
login_user(user)
else:
error = 'password invalidate'
return redirect('/admin/')
else:
return render_template('admin/login.html')
def run(self):
st.sidebar.image('./img/logo-02.png', width=200)
username = st.sidebar.text_input("Introduzca su usuario:")
password = st.sidebar.text_input(
"Introduzca su contraseña:", type='password')
# Se hashea la contraseña introducida y se comprueba que coincide con el hash registrado para ese usuario en la base de datos
if st.sidebar.checkbox("Iniciar Sesión"):
create_usertable()
hash_passwd = make_hashes(password)
result = login_user(username, check_hashes(password, hash_passwd))
# Si el resultado es positivo, se muestra el menú principal con todos los servicios
if result:
st.success("¡Bienvenid@ de nuevo {}!".format(username))
app = st.sidebar.selectbox(
'Menú Principal',
self.apps,
format_func=lambda app: app['title'])
app['function']()
else:
st.warning("Usuario/Contraseña incorrectos")
else:
st.info(
"Por favor, inicia sesión para ver el menú de usuario. Recuerde que tiene el usuario en el email")
st.sidebar.warning(
"* Mantenga marcada la casilla para conservar la sesión.")
def login():
if request.method == "POST" and "email" in request.form:
email = request.form["email"].strip()
password = request.form["password"].strip()
remember = request.form.get("remember", "no") != "no"
if login_user(email, password, remember):
return redirect(request.args.get("next") or url_for("index"))
flash(gettext("Please input valid email and password"))
return render_template("login.html", admin_page=True)
def login():
if "username" in session:
return redirect(url_for("home.html"))
if request.method == "GET":
return render_template("login.html")
else:
username = request.form["username"]
password = request.form["password"]
if utils.login_user(username, password):
return redirect(url_for("profile"))
else:
return redirect(url_for("home"))
def login():
if request.method == "POST" and "email" in request.form:
email = request.form["email"].strip()
password = request.form["password"].strip()
remember = request.form.get("remember", "no") != "no"
if login_user(email, password, remember):
return redirect(request.args.get("next") or url_for("index"))
flash(gettext("Please input valid email and password"))
return render_template("login.html", admin_page=True)
def login():
error = None
session_username = session.get('username')
if session_username is not None:
error = "please logout first"
elif request.method == "POST":
username = request.form.get("username", "")
password = request.form.get("password", "")
next_url = request.form.get("next")
try:
utils.login_user(username, password)
session['username'] = username
if next_url:
return redirect(next_url)
return redirect(url_for('home'))
except ValueError as err:
error = err
if error:
flash(error, 'error')
return render_template('login.html', username=session_username)
def test_loan_can_extend(client, patron_martigny, item_lib_martigny,
loc_public_martigny, librarian_martigny,
circulation_policies, json_header):
"""Test is loan can extend."""
login_user(client, patron_martigny)
params = {
'patron_pid': patron_martigny.pid,
'transaction_location_pid': loc_public_martigny.pid,
'transaction_user_pid': librarian_martigny.pid,
'pickup_location_pid': loc_public_martigny.pid,
}
item, loan = item_record_to_a_specific_loan_state(
item=item_lib_martigny, loan_state=LoanState.ITEM_ON_LOAN,
params=params, copy_item=True)
list_url = url_for(
'api_loan.can_extend', loan_pid=loan.pid)
response = client.get(list_url, headers=json_header)
assert response.status_code == 200
assert get_json(response) == {
'can': False,
'reasons': ['Circulation policies disallows the operation.']
}
def login():
if request.method=="GET":
return render_template("login.html")
else:
button=request.form['submit']
print button
if button=='Login':
username = request.form['username']
password = request.form['password']
flash(utils.login_user(username, password))
return redirect("/")
else:
username = request.form['username']
password = request.form['password']
print utils.register_user(username, password)
return redirect("/")
def login(request):
provider = request.match_info.get('provider', 'fb')
response = web.Response()
result = authomatic.login(AioAdapter(request, response), provider)
if result and result.user:
response.body = b"User login successfully!"
result.user.update()
user_obj = result.user
print(user_obj)
#insert user into db
insertUser(user_obj)
provider_id = "%s:%s" % (provider, user_obj.id)
email = user_obj.email
gender = int(user_obj.gender == 'male') # 1 for male and 0 for female
firstname = user_obj.first_name
fullname = user_obj.name
print(provider_id, email, gender, fullname)
yield from login_user(request, provider_id)
response.body += bytes(" Hello " + fullname, encoding="UTF-8")
return response
def login(user: UserLoginSchema, db: Session = Depends(get_db)):
try:
return login_user(db=db, user=user)
except ValidationError as err:
raise HTTPException(status_code=400, detail=err)
def setUp(self):
self.browser = webdriver.Firefox()
register_user(self.browser)
login_user(self.browser)
def test_logout(self):
login_user(self.browser)
logout_user(self.browser)
login_user(self.browser)
delete_user(self.browser)
def test_login(self):
login_user(self.browser)
delete_user(self.browser)
def login():
username = get_form_value('username')
password = get_form_value('password')
flash(utils.login_user(username, password))
return redirect(url_for('index'))
def test_patrons_serializers(
client, json_header, patron_martigny_no_email,
librarian_martigny_no_email, librarian2_martigny_no_email,
librarian_saxon_no_email, system_librarian_martigny_no_email,
system_librarian_sion_no_email, librarian_sion_no_email):
"""Test serializers for patrons."""
# simple librarian
login_user(client, librarian_martigny_no_email)
# should update and delete a librarian of the same library
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=librarian2_martigny_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
assert 'cannot_delete' not in data['permissions']
assert 'cannot_update' not in data['permissions']
assert data['links']['update']
assert data['links']['delete']
# should not update and delete a librarian of an other library
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=librarian_saxon_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' in get_json(response)['permissions']
assert 'cannot_update' in get_json(response)['permissions']
# should not update and delete a system librarian
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=system_librarian_martigny_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' in get_json(response)['permissions']
assert 'cannot_update' in get_json(response)['permissions']
# simple librarian
login_user(client, system_librarian_martigny_no_email)
# should update and delete a librarian of the same library
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=librarian2_martigny_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' not in get_json(response)['permissions']
assert 'cannot_update' not in get_json(response)['permissions']
# should update and delete a librarian of an other library
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=librarian_saxon_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' not in get_json(response)['permissions']
assert 'cannot_update' not in get_json(response)['permissions']
# should update and delete a system librarian of the same organistion
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=system_librarian_martigny_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' not in get_json(response)['permissions']
assert 'cannot_update' not in get_json(response)['permissions']
# should not update and delete a system librarian of an other organisation
item_url = url_for('invenio_records_rest.ptrn_item',
pid_value=system_librarian_martigny_no_email.pid)
response = client.get(item_url, headers=json_header)
assert response.status_code == 200
assert 'cannot_delete' not in get_json(response)['permissions']
assert 'cannot_update' not in get_json(response)['permissions']
list_url = url_for('invenio_records_rest.ptrn_list')
response = client.get(list_url, headers=json_header)
assert response.status_code == 200
data = get_json(response)
def login(user: schemas.forLogin):
user_exists = utils.verify_user(email = user.email, password = user.password)
if not user_exists:
raise HTTPException(status_code = 400, detail = 'User does not exist')
return utils.login_user(user)
