def create_user():
from walkoff import executiondb
from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \
initialize_default_resources_guest
db.create_all()
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
apps = set(helpers.list_apps()) - set([
_app.name
for _app in executiondb.execution_db.session.query(App).all()
])
app.logger.debug('Found apps: {0}'.format(apps))
for app_name in apps:
executiondb.execution_db.session.add(App(name=app_name, devices=[]))
db.session.commit()
executiondb.execution_db.session.commit()
CaseSubscription.sync_to_subscriptions()
app.logger.handlers = logging.getLogger('server').handlers
def create_user():
from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \
initialize_default_resources_guest
db.create_all()
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([
_app.name for _app in
current_app.running_context.execution_db.session.query(App).all()
])
current_app.logger.debug('Found new apps: {0}'.format(apps))
for app_name in apps:
current_app.running_context.execution_db.session.add(
App(name=app_name, devices=[]))
db.session.commit()
current_app.running_context.execution_db.session.commit()
send_all_cases_to_workers()
current_app.logger.handlers = logging.getLogger('server').handlers
def test_logout_mismatched_tokens(self):
response = self.test_client.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******',
password='******')))
key = json.loads(response.get_data(as_text=True))
headers = {'Authorization': 'Bearer {}'.format(key['access_token'])}
add_user(username='******', password='******')
db.session.commit()
response = self.test_client.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******',
password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
response = self.test_client.post('/api/auth/logout',
headers=headers,
content_type="application/json",
data=json.dumps(
dict(refresh_token=token)))
self.assertEqual(response.status_code, BAD_REQUEST)
self.assertEqual(len(BlacklistedToken.query.all()), 0)
def setUp(self):
import walkoff.server.flaskserver
self.app = walkoff.server.flaskserver.app.test_client(self)
self.app.testing = True
self.context = walkoff.server.flaskserver.app.test_request_context()
self.context.push()
from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role
db.create_all()
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
self.admin_id = db.session.query(User).filter_by(
username='******').first().id
def test_login_updates_user(self):
user = add_user(username='******', password='******')
self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******', password='******')))
self.assertEqual(user.login_count, self.admin_id)
self.assertTrue(user.active)
def create_user():
from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \
initialize_default_resources_guest
from sqlalchemy_utils import database_exists, create_database
if not database_exists(db.engine.url):
create_database(db.engine.url)
db.create_all()
alembic_cfg = Config(walkoff.config.Config.ALEMBIC_CONFIG,
ini_section="walkoff",
attributes={'configure_logger': False})
# This is necessary for a flask database
connection = db.engine.connect()
context = MigrationContext.configure(connection)
script = ScriptDirectory.from_config(alembic_cfg)
context.stamp(script, "head")
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([
_app.name for _app in
current_app.running_context.execution_db.session.query(App).all()
])
current_app.logger.debug('Found new apps: {0}'.format(apps))
for app_name in apps:
current_app.running_context.execution_db.session.add(
App(name=app_name, devices=[]))
db.session.commit()
current_app.running_context.execution_db.session.commit()
reschedule_all_workflows()
current_app.logger.handlers = logging.getLogger('server').handlers
def test_login_inactive_user(self):
user = add_user(username='******', password='******')
user.active = False
response = self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******',
password='******')))
self.assertEqual(response.status_code, UNAUTHORIZED_ERROR)
def test_logout_mismatched_tokens(self):
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
headers = {'Authorization': 'Bearer {}'.format(key['access_token'])}
add_user(username='******', password='******')
db.session.commit()
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
response = self.test_client.post('/api/auth/logout', headers=headers, content_type="application/json",
data=json.dumps(dict(refresh_token=token)))
self.assertEqual(response.status_code, BAD_REQUEST)
self.assertEqual(len(BlacklistedToken.query.all()), 0)
def test_delete_current_user(self):
user = add_user('test', 'test')
user.set_roles({1})
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
access_token = key['access_token']
headers = {'Authorization': 'Bearer {}'.format(access_token)}
self.delete_with_status_check('/api/users/{}'.format(user.id), headers=headers, status_code=FORBIDDEN_ERROR)
def test_delete_current_user(self):
user = add_user('test', 'test')
user.set_roles({'admin'})
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
access_token = key['access_token']
headers = {'Authorization': 'Bearer {}'.format(access_token)}
self.delete_with_status_check('/api/users/{}'.format(user.id), headers=headers, status_code=FORBIDDEN_ERROR)
def create_user():
from walkoff.serverdb import add_user, User, Role, initialize_default_resources_admin, \
initialize_default_resources_guest
from sqlalchemy_utils import database_exists, create_database
if not database_exists(db.engine.url):
create_database(db.engine.url)
db.create_all()
alembic_cfg = Config(walkoff.config.Config.ALEMBIC_CONFIG, ini_section="walkoff",
attributes={'configure_logger': False})
# This is necessary for a flask database
connection = db.engine.connect()
context = MigrationContext.configure(connection)
script = ScriptDirectory.from_config(alembic_cfg)
context.stamp(script, "head")
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
apps = set(helpers.list_apps(walkoff.config.Config.APPS_PATH)) - set([_app.name
for _app in
current_app.running_context.execution_db.session.query(
App).all()])
current_app.logger.debug('Found new apps: {0}'.format(apps))
for app_name in apps:
current_app.running_context.execution_db.session.add(App(name=app_name, devices=[]))
db.session.commit()
current_app.running_context.execution_db.session.commit()
reschedule_all_workflows()
current_app.logger.handlers = logging.getLogger('server').handlers
def setUp(self):
from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role
db.create_all()
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
self.admin_role_id = db.session.query(Role).filter_by(name='admin').first().id
self.admin_user_id = db.session.query(User).filter_by(username='******').first().id
def test_logout_updates_user(self):
user = add_user('testlogout', 'test')
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
access_token = key['access_token']
refresh_token = key['refresh_token']
headers = {'Authorization': 'Bearer {}'.format(access_token)}
self.test_client.post('/api/auth/logout', headers=headers, content_type="application/json",
data=json.dumps(dict(refresh_token=refresh_token)))
self.assertEqual(user.login_count, 0)
def test_refresh_deactivated_user(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
headers = {'Authorization': 'Bearer {}'.format(token)}
user.active = False
refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
def setUp(self):
from walkoff.serverdb import initialize_default_resources_admin, initialize_default_resources_guest, Role
db.create_all()
# Setup admin and guest roles
initialize_default_resources_admin()
initialize_default_resources_guest()
# Setup admin user
admin_role = Role.query.filter_by(id=1).first()
admin_user = User.query.filter_by(username="******").first()
if not admin_user:
add_user(username='******', password='******', roles=[1])
elif admin_role not in admin_user.roles:
admin_user.roles.append(admin_role)
db.session.commit()
self.admin_role_id = db.session.query(Role).filter_by(
name='admin').first().id
self.admin_user_id = db.session.query(User).filter_by(
username='******').first().id
def test_refresh_deactivated_user(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
headers = {'Authorization': 'Bearer {}'.format(token)}
user.active = False
refresh = self.app.post('/api/auth/refresh',
content_type="application/json",
headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
def test_refresh_with_blacklisted_token(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
db.session.delete(user)
db.session.commit()
headers = {'Authorization': 'Bearer {}'.format(token)}
self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers)
refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
response = json.loads(refresh.get_data(as_text=True))
self.assertDictEqual(response, {'error': 'Token is revoked'})
def test_logout_updates_user(self):
user = add_user('testlogout', 'test')
response = self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******',
password='******')))
key = json.loads(response.get_data(as_text=True))
access_token = key['access_token']
refresh_token = key['refresh_token']
headers = {'Authorization': 'Bearer {}'.format(access_token)}
self.app.post('/api/auth/logout',
headers=headers,
content_type="application/json",
data=json.dumps(dict(refresh_token=refresh_token)))
self.assertEqual(user.login_count, 0)
def test_refresh_invalid_user_blacklists_token(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
db.session.delete(user)
db.session.commit()
headers = {'Authorization': 'Bearer {}'.format(token)}
refresh = self.test_client.post('/api/auth/refresh', content_type="application/json", headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
token = decode_token(token)
tokens = BlacklistedToken.query.filter_by(jti=token['jti']).all()
self.assertEqual(len(tokens), 1)
def __func():
data = request.get_json()
username = data['username']
if not User.query.filter_by(username=username).first():
user = add_user(username=username, password=data['password'])
if 'roles' in data or 'active' in data:
role_update_user_fields(data, user)
db.session.commit()
current_app.logger.info('User added: {0}'.format(user.as_json()))
return user.as_json(), OBJECT_CREATED
else:
current_app.logger.warning(
'Cannot create user {0}. User already exists.'.format(
username))
return Problem.from_crud_resource(
OBJECT_EXISTS_ERROR, 'user', 'create',
'User with username {} already exists'.format(username))
def test_refresh_invalid_user_blacklists_token(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
db.session.delete(user)
db.session.commit()
headers = {'Authorization': 'Bearer {}'.format(token)}
refresh = self.app.post('/api/auth/refresh',
content_type="application/json",
headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
token = decode_token(token)
tokens = BlacklistedToken.query.filter_by(jti=token['jti']).all()
self.assertEqual(len(tokens), 1)
def test_refresh_with_blacklisted_token(self):
user = add_user(username='******', password='******')
db.session.commit()
response = self.app.post('/api/auth',
content_type="application/json",
data=json.dumps(
dict(username='******', password='******')))
key = json.loads(response.get_data(as_text=True))
token = key['refresh_token']
db.session.delete(user)
db.session.commit()
headers = {'Authorization': 'Bearer {}'.format(token)}
self.app.post('/api/auth/refresh',
content_type="application/json",
headers=headers)
refresh = self.app.post('/api/auth/refresh',
content_type="application/json",
headers=headers)
self.assertEqual(refresh.status_code, UNAUTHORIZED_ERROR)
response = json.loads(refresh.get_data(as_text=True))
self.assertDictEqual(response, {'error': 'Token is revoked'})
def test_add_user_already_exists(self):
user = User('username', 'password')
db.session.add(user)
db.session.commit()
user = add_user('username', 'password')
self.assertIsNone(user)
def test_add_user(self):
user = add_user('username', 'password')
self.assertIsNotNone(user)
self.assertEqual(user.username, 'username')
self.assertIsNotNone(User.query.filter_by(username='******').first())
def test_login_inactive_user(self):
user = add_user(username='******', password='******')
user.active = False
response = self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
self.assertEqual(response.status_code, UNAUTHORIZED_ERROR)
def test_login_updates_user(self):
user = add_user(username='******', password='******')
self.test_client.post('/api/auth', content_type="application/json",
data=json.dumps(dict(username='******', password='******')))
self.assertEqual(user.login_count, 1)
self.assertTrue(user.active)
def setup_guest_user(self):
user = add_user('guest', 'guest', ['guest'])
db.session.add(user)
db.session.commit()
return user
def setup_guest_user(self):
user = add_user('guest', 'guest', ['guest'])
db.session.add(user)
db.session.commit()
return user
