def test_authenticate(): users = Mock() users.get_by_name.return_value = User(id=0, password=Password("pwd")) users.get.return_value = User(id=0, name="linus") ldap = Mock() ldap.login.return_value = None ldap.get.return_value = None roles = Mock() roles.get_all_by_user.return_value = [ Role(type=RoleType.READER, group=Group(id="group", name="group")) ] exp = JWTUser( id=0, impersonator=0, type="users", groups=[JWTGroup(id="group", name="group", role=RoleType.READER)], ) service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=Mock(), role_repo=roles, ldap=ldap, event_bus=Mock(), ) assert exp == service.authenticate("dupond", "pwd") users.get_by_name.assert_called_once_with("dupond") roles.get_all_by_user.assert_called_once_with(0)
def test_get_studies_uuid() -> None: bob = User(id=1, name="bob") alice = User(id=2, name="alice") a = Study(id="A", owner=bob) b = Study(id="B", owner=alice) c = Study(id="C", owner=bob) # Mock repository = Mock() repository.get_all.return_value = [a, b, c] study_service = Mock() service = StorageService( study_service=study_service, importer_service=Mock(), exporter_service=Mock(), user_service=Mock(), repository=repository, event_bus=Mock(), ) studies = service._get_study_metadatas( RequestParameters(user=JWTUser(id=1, impersonator=1, type="users"))) assert [a, c] == studies
def test_users(): engine = create_engine("sqlite:///:memory:", echo=True) session = scoped_session( sessionmaker(autocommit=False, autoflush=False, bind=engine)) Base.metadata.create_all(engine) repo = UserRepository( config=Config(security=SecurityConfig(admin_pwd="admin")), session=session, ) a = User( name="a", password=Password("a"), ) b = User(name="b", password=Password("b")) a = repo.save(a) b = repo.save(b) assert b.id c = repo.get(a.id) assert a == c assert a.password.check("a") assert b == repo.get_by_name("b") repo.delete(a.id) assert repo.get(a.id) is None
def test_change_owner() -> None: uuid = str(uuid4()) alice = User(id=1) bob = User(id=2) repository = Mock() user_service = Mock() service = StorageService( study_service=Mock(), importer_service=Mock(), exporter_service=Mock(), user_service=user_service, repository=repository, event_bus=Mock(), ) repository.get.return_value = Study(id=uuid, owner=alice) user_service.get_user.return_value = bob service.change_owner( uuid, 2, RequestParameters(JWTUser(id=1, impersonator=1, type="users"))) user_service.get_user.assert_called_once_with( 2, RequestParameters(JWTUser(id=1, impersonator=1, type="users"))) repository.save.assert_called_once_with(Study(id=uuid, owner=bob)) with pytest.raises(UserHasNotPermissionError): service.change_owner( uuid, 1, RequestParameters(JWTUser(id=1, impersonator=1, type="users")), )
def test_user_id() -> None: service = Mock() service.get_user.return_value = User(id=1, name="user") app = create_app(service) client = app.test_client() res = client.get("/users/1", headers=create_auth_token(app)) assert res.status_code == 200 assert res.json == User(id=1, name="user").to_dict()
def test_is_himself(): jwt = JWTUser( id=1, impersonator=0, type="users", ) assert jwt.is_himself(User(id=1)) assert not JWTUser( id=0, impersonator=0, type="users", ).is_himself(User(id=1))
def test_study_inheritance(): engine = create_engine("sqlite:///:memory:", echo=True) sess = scoped_session( sessionmaker(autocommit=False, autoflush=False, bind=engine)) user = User(id=0, name="admin") group = Group(id="my-group", name="group") Base.metadata.create_all(engine) repo = StudyMetadataRepository(session=sess) a = RawStudy( name="a", version="42", author="John Smith", created_at=datetime.now(), updated_at=datetime.now(), public_mode=PublicMode.FULL, owner=user, groups=[group], workspace=DEFAULT_WORKSPACE_NAME, path="study", content_status=StudyContentStatus.WARNING, ) repo.save(a) b = repo.get(a.id) assert isinstance(b, RawStudy) assert b.path == "study"
def test_user_save() -> None: user = User(id=0, name="a", password=Password("b")) service = Mock() service.save_user.return_value = user app = create_app(service) client = app.test_client() res = client.put( "/users/0", headers=create_auth_token(app), json=user.to_dict(), ) assert res.status_code == 200 service.save_user.assert_called_once_with(user, PARAMS) assert res.json == user.to_dict()
def _save_study( self, study: RawStudy, owner: Optional[JWTUser] = None, group_ids: List[str] = list(), content_status: StudyContentStatus = StudyContentStatus.VALID, ) -> None: if not owner: raise UserHasNotPermissionError info = self.study_service.get_study_information(study)["antares"] study.name = info["caption"] study.version = info["version"] study.author = info["author"] study.created_at = datetime.fromtimestamp(info["created"]) study.updated_at = datetime.fromtimestamp(info["lastsave"]) study.content_status = content_status if owner: study.owner = User(id=owner.impersonator) groups = [] for gid in group_ids: group = next(filter(lambda g: g.id == gid, owner.groups), None) if group is None or not group.role.is_higher_or_equals( RoleType.WRITER): raise UserHasNotPermissionError() groups.append(Group(id=group.id, name=group.name)) study.groups = groups self.repository.save(study)
def test_get_user(): user = User(id=3) users = Mock() users.get.return_value = user ldap = Mock() ldap.get.return_value = None role = Role(type=RoleType.READER, identity=user, group=Group(id="group")) roles = Mock() roles.get_all_by_user.return_value = [role] service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=Mock(), role_repo=roles, ldap=ldap, event_bus=Mock(), ) assert_permission( test=lambda x: service.get_user(3, x), values=[(SADMIN, True), (GADMIN, True), (USER3, True)], error=UserNotFoundError, )
def test_sync_studies_from_disk() -> None: ma = RawStudy(id="a", path="a") fa = StudyFolder(path=Path("a"), workspace="", groups=[]) mb = RawStudy(id="b", path="b") mc = RawStudy( id="c", path="c", name="c", content_status=StudyContentStatus.WARNING, workspace=DEFAULT_WORKSPACE_NAME, owner=User(id=0), ) fc = StudyFolder(path=Path("c"), workspace=DEFAULT_WORKSPACE_NAME, groups=[]) repository = Mock() repository.get_all.side_effect = [[ma, mb], [ma]] service = StorageService( study_service=Mock(), importer_service=Mock(), exporter_service=Mock(), user_service=Mock(), repository=repository, event_bus=Mock(), ) service.sync_studies_on_disk([fa, fc]) repository.delete.assert_called_once_with(mb.id) repository.save.assert_called_once()
def users_update(id: int) -> Any: params = RequestParameters(user=Auth.get_current_user()) u = User.from_dict(json.loads(request.data)) if id != u.id: return "Id in path must be same id in body", 400 return jsonify(service.save_user(u, params).to_dict())
def create_user(self, create: UserCreateDTO, param: RequestParameters) -> Identity: if param.user and param.user.is_site_admin(): if self.users.get_by_name(create.name): raise UserAlreadyExistError() return self.users.save( User(name=create.name, password=Password(create.password))) else: raise UserHasNotPermissionError()
def __init__(self, session: Session): self.session = session if self.get(1, "admin") is None: self.save( Role( type=RoleType.ADMIN, identity=User(id=1), group=Group(id="admin"), ))
def test_save_metadata() -> None: # Mock repository = Mock() uuid = str(uuid4()) study_service = Mock() study_service.get_study_information.return_value = { "antares": { "caption": "CAPTION", "version": "VERSION", "author": "AUTHOR", "created": 1234, "lastsave": 9876, } } # Input jwt = JWTUser( id=0, impersonator=0, type="users", groups=[JWTGroup(id="my-group", name="group", role=RoleType.ADMIN)], ) user = User(id=0, name="user") group = Group(id="my-group", name="group") # Expected study = RawStudy( id=uuid, name="CAPTION", version="VERSION", author="AUTHOR", created_at=datetime.fromtimestamp(1234), updated_at=datetime.fromtimestamp(9876), content_status=StudyContentStatus.VALID, workspace=DEFAULT_WORKSPACE_NAME, owner=user, groups=[group], ) service = StorageService( study_service=study_service, importer_service=Mock(), exporter_service=Mock(), user_service=Mock(), repository=repository, event_bus=Mock(), ) service._save_study( RawStudy(id=uuid, workspace=DEFAULT_WORKSPACE_NAME), owner=jwt, ) repository.save.assert_called_once_with(study)
def delete_user(self, id: int, params: RequestParameters) -> None: if params.user and any( (params.user.is_site_admin(), params.user.is_himself( User(id=id)))): for b in self.bots.get_all_by_owner(id): self.delete_bot(b.id, params) self.ldap.delete(id) return self.users.delete(id) # return for test purpose else: raise UserHasNotPermissionError()
def test_create_user(): create = UserCreateDTO(name="hello", password="******") ldap = Mock() ldap.save.return_value = None users = Mock() users.save.return_value = User(id=3, name="hello") users.get_by_name.return_value = None service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=Mock(), role_repo=Mock(), ldap=ldap, event_bus=Mock(), ) service.create_user(create, param=SADMIN) users.save.assert_called_once_with( User(name="hello", password=Password("world")) )
def test_expiration() -> None: service = Mock() service.get_user.return_value = User(id=0, name="admin") app = create_app(service) client = app.test_client() res = client.post( "/users", headers=create_auth_token(app, expires_delta=timedelta(days=-1)), ) assert res.status_code == 401 data = res.json assert data["msg"] == "Token has expired"
def test_role() -> None: role = Role( identity=User(id=0, name="n"), group=Group(id="g", name="n"), type=RoleType.ADMIN, ) service = Mock() service.get_all_roles_in_group.return_value = [role] app = create_app(service) client = app.test_client() res = client.get("/roles/group/g", headers=create_auth_token(app)) assert res.status_code == 200 assert res.json == [role.to_dict()]
def test_auth() -> None: service = Mock() service.authenticate.return_value = User(id=0, name="admin") app = create_app(service) client = app.test_client() res = client.post("/login", json={ "username": "******", "password": "******" }) assert res.status_code == 200 assert res.json["access_token"] service.authenticate.assert_called_once_with("admin", "admin")
def __init__(self, config: Config, session: Session) -> None: self.session = session # init seed admin user from conf admin_user = self.get_by_name("admin") if admin_user is None: self.save( User( id=1, name="admin", password=Password(config.security.admin_pwd), )) elif not admin_user.password.check( config.security.admin_pwd): # type: ignore admin_user.password = Password( config.security.admin_pwd) # type: ignore self.save(admin_user)
def test_refresh() -> None: service = Mock() service.get_jwt.return_value = User(id=0, name="admin") app = create_app(service) client = app.test_client() res = client.post( "/refresh", headers=create_auth_token(app, type=TokenType.REFRESH), ) assert res.status_code == 200 data = res.json meta, b64, sign = str(data["access_token"]).split(".") data = b64 + "===" # fix padding issue identity = json.loads(base64.b64decode(data))["sub"]
def test_save_user(): user = User(id=3) users = Mock() users.save.return_value = user service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=Mock(), role_repo=Mock(), ldap=Mock(), event_bus=Mock(), ) assert_permission( test=lambda x: service.save_user(user, x), values=[(SADMIN, True), (GADMIN, False), (USER3, True)], )
def test_roles(): engine = create_engine("sqlite:///:memory:", echo=True) session = scoped_session( sessionmaker(autocommit=False, autoflush=False, bind=engine)) Base.metadata.create_all(engine) repo = RoleRepository(session=session) a = Role(type=RoleType.ADMIN, identity=User(id=0), group=Group(id="group")) a = repo.save(a) assert a == repo.get(user=0, group="group") assert [a] == repo.get_all_by_user(user=0) assert [a] == repo.get_all_by_group(group="group") repo.delete(user=0, group="group") assert repo.get(user=0, group="group") is None
def test_get_all_users(): users = Mock() users.get_all.return_value = [User(id=0, name="alice")] ldap = Mock() ldap.get_all.return_value = [] service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=Mock(), role_repo=Mock(), ldap=ldap, event_bus=Mock(), ) assert_permission( test=lambda x: service.get_all_users(x), values=[(SADMIN, True), (GADMIN, False), (USER3, False)], )
def test_cyclelife(): engine = create_engine("sqlite:///:memory:", echo=True) sess = scoped_session( sessionmaker(autocommit=False, autoflush=False, bind=engine)) user = User(id=0, name="admin") group = Group(id="my-group", name="group") Base.metadata.create_all(engine) repo = StudyMetadataRepository(session=sess) a = Study( name="a", version="42", author="John Smith", created_at=datetime.now(), updated_at=datetime.now(), public_mode=PublicMode.FULL, owner=user, groups=[group], ) b = Study( name="b", version="43", author="Morpheus", created_at=datetime.now(), updated_at=datetime.now(), public_mode=PublicMode.FULL, owner=user, groups=[group], ) a = repo.save(a) b = repo.save(b) assert b.id c = repo.get(a.id) assert a == c repo.delete(a.id) assert repo.get(a.id) is None
def test_role_create() -> None: role = Role( identity=User(id=0, name="n"), group=Group(id="g", name="n"), type=RoleType.ADMIN, ) service = Mock() service.save_role.return_value = role app = create_app(service) client = app.test_client() res = client.post( "/roles", headers=create_auth_token(app), json={ "type": RoleType.ADMIN.value, "identity_id": 0, "group_id": "g" }, ) assert res.status_code == 200 assert res.json == role.to_dict()
def test_save_role(): role = RoleCreationDTO( type=RoleType.ADMIN, identity_id=0, group_id="group" ) users = Mock() users.get.return_value = User(id=0, name="admin") groups = Mock() groups.get.return_value = Group(id="group", name="some group") roles = Mock() roles.save.return_value = role service = LoginService( user_repo=users, bot_repo=Mock(), group_repo=groups, role_repo=roles, ldap=Mock(), event_bus=Mock(), ) assert_permission( test=lambda x: service.save_role(role, x), values=[(SADMIN, True), (GADMIN, True), (USER3, False)], )
def test_delete_user(): users = Mock() users.delete.return_value = User() bots = Mock() bots.get_all_by_owner.return_value = [Bot(id=4, owner=3)] bots.get.return_value = Bot(id=4, owner=3) service = LoginService( user_repo=users, bot_repo=bots, group_repo=Mock(), role_repo=Mock(), ldap=Mock(), event_bus=Mock(), ) assert_permission( test=lambda x: service.delete_user(3, x), values=[(SADMIN, True), (GADMIN, False), (USER3, True)], ) users.delete.assert_called_with(3) bots.delete.assert_called_with(4)
def test_create_study() -> None: # Mock repository = Mock() # Input user = User(id=0, name="user") group = Group(id="my-group", name="group") expected = RawStudy( id=str(uuid4()), name="new-study", version="VERSION", author="AUTHOR", created_at=datetime.fromtimestamp(1234), updated_at=datetime.fromtimestamp(9876), content_status=StudyContentStatus.VALID, workspace=DEFAULT_WORKSPACE_NAME, owner=user, groups=[group], ) study_service = Mock() study_service.get_default_workspace_path.return_value = Path("") study_service.get_study_information.return_value = { "antares": { "caption": "CAPTION", "version": "VERSION", "author": "AUTHOR", "created": 1234, "lastsave": 9876, } } study_service.create_study.return_value = expected service = StorageService( study_service=study_service, importer_service=Mock(), exporter_service=Mock(), user_service=Mock(), repository=repository, event_bus=Mock(), ) with pytest.raises(UserHasNotPermissionError): service.create_study( "new-study", ["my-group"], RequestParameters(JWTUser(id=0, impersonator=0, type="users")), ) service.create_study( "new-study", ["my-group"], RequestParameters( JWTUser( id=0, impersonator=0, type="users", groups=[ JWTGroup(id="my-group", name="group", role=RoleType.WRITER) ], )), ) study_service.create_study.assert_called() repository.save.assert_called_once_with(expected)