def signup():
new_user = request.json
phone = new_user['phone']
email = new_user['email']
country = new_user['country']
name = new_user['name']
region = new_user['region']
district = new_user['district']
password = new_user['password']
status = new_user['status']
if user_exist_by_contact(phone):
return jsonify(error_return(301, 'user with phone already exists'))
if user_exist_by_email(email):
return jsonify(
error_return(301, 'user with email address already exists'))
hashed_password = generate_password_hash(password)
new_user_data = User(country, region, district, phone, name, email,
hashed_password, status)
db.session.add(new_user_data)
db.session.commit()
return jsonify(success_return(201, {'name': name, 'phone': phone}))
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('username')
parser.add_argument('password')
parser.add_argument('email')
parser.add_argument('displayName')
args = parser.parse_args()
permissions = 2
rows = db.session.query(User).count()
if (rows == 0):
permissions = 0
test_user = User.query.get(args.username)
if (test_user is not None):
return "{'registrationError': true, 'userExists': true}", 409
password = bcrypt_sha256.hash(args.password)
try:
user = User(args.username, password, args.displayName, args.email,
None, None, permissions)
db.session.add(user)
setting = Setting("configured", "true")
db.session.add(setting)
db.session.commit()
except InvalidRequestError:
return "{'registrationError': true, 'databaseError': true}", 409
return "{'registrationError': false}", 201
def test_reset_password_expired_get(self):
user = User(email='*****@*****.**',
username='******',
password_hash='123')
db.session.add(user)
db.session.commit()
token = user.get_reset_password_token(0.5)
time.sleep(1)
response = self.test_client.get(
f'/authentication/reset_password/{token}')
self.assertEqual(response.status_code, 200)
self.assertTrue('<title>Expired</title>' in response.data.decode())
def get_user():
"""Get the password from env vars or a default."""
username = environ.get('SEED_USER_USERNAME', 'bchrobot')
email = environ.get('SEED_USER_EMAIL', '*****@*****.**')
password = environ.get('SEED_USER_PASSWORD', 'Foobar22')
new_user = User(
username=username,
email=email,
user_type='user',
)
new_user.password_authentication = PasswordAuthentication(
password=password)
return new_user
def seed_db():
"""Seed the database."""
default_user = get_user()
# Create Mason Lab
mason_lab = User(
username='******',
email='*****@*****.**',
user_type='organization',
)
membership = OrganizationMembership(role='admin')
membership.user = default_user
mason_lab.user_memberships.append(membership)
db.session.add_all([mason_lab, membership])
db.session.commit()
# Create ABRF sample group
abrf_uuid = UUID('00000000-0000-4000-8000-000000000000')
abrf_description = 'ABRF San Diego Mar 24th-29th 2017'
abrf_2017_group = SampleGroup(
name='ABRF 2017',
owner_uuid=mason_lab.uuid,
owner_name=mason_lab.username,
is_library=True,
analysis_result=create_abrf_result(save=True),
description=abrf_description)
abrf_2017_group.uuid = abrf_uuid
abrf_sample_01 = Sample(name='SomethingUnique_A',
library_uuid=abrf_uuid,
analysis_result=create_abrf_result(save=True),
metadata=generate_metadata()).save()
abrf_sample_02 = Sample(name='SomethingUnique_B',
library_uuid=abrf_uuid,
analysis_result=create_abrf_result(save=True),
metadata=generate_metadata()).save()
abrf_2017_group.samples = [abrf_sample_01, abrf_sample_02]
db.session.add(abrf_2017_group)
db.session.commit()
# Create fuzzed group
fuzz_uuid = UUID('00000000-0000-4000-8000-000000000001')
create_saved_group(owner=mason_lab, uuid=fuzz_uuid)
def save_user(self, role):
fake = Faker()
hashing_service = BcryptHashingService()
data = {
'email': fake.email(),
'username': fake.user_name(),
'password': hashing_service.hash('password'),
'last_name': 'John',
'first_name': 'Doe',
'roles': [role],
}
with self.app.app_context():
self.db.session.add(User(**data))
self.db.session.commit()
return {
'email': data['email'],
'password': '******',
}
def signup():
form = SignupForm()
if 'email' is session:
return redirect(url_for('profile'))
if request.method == 'POST':
if form.validate() == False:
return render_template("authentication/signup.html", form=form)
else:
new_user = User(form.username.data, form.email.data,
form.password.data)
db.session.add(new_user)
db.session.commit()
session['email'] = new_user.email
return "Not found"
elif request.method == 'GET':
return render_template("authentication/signup.html", form=form)
def post(self):
"""Simple registration route. Any user can put his credentials and receive an answer. If everything is alright,
the user will be registered by system"""
parser = reqparse.RequestParser()
parser.add_argument('email', type=str, required=True)
parser.add_argument('username', type=str, required=True)
parser.add_argument('name', type=str, required=True)
parser.add_argument('password', type=str, required=True)
args = parser.parse_args()
email = args.get('email')
username = args.get('username')
name = args.get('name')
password = args.get('password')
try:
validate_email(email)
validate_length(
username,
3,
25,
error_message='Username length must be between 3 and 25 chars')
validate_length(
name,
3,
25,
error_message='Name length must be between 3 and 25 chars')
validate_password_length(password)
except ValidationError as error:
abort(400, message=error.message)
if User.query.filter_by(email=email).first():
abort(400, message=f"User '{email}' has been registered!")
elif User.query.filter_by(username=username).first():
abort(400,
message=
f"Username '{username}' is busy! Try putting another one")
else:
user = User(email=email, username=username, name=name)
user.set_password(password)
db.session.add(user)
db.session.commit()
return {'email': email, 'message': 'Successfully registered!'}, 201
def post(self):
"""
Receives user data, verify it and add new user to database.
:return: rendered html code or :class:`Response` (redirect)
:rtype:str, Response
"""
email = request.form['email']
username = request.form['username']
name = request.form['name']
password1 = request.form['password1']
password2 = request.form['password2']
try:
validate_email(email)
validate_length(
name,
3,
25,
error_message=
'Please, input name with a length between 3 and 25 chars')
validate_equal_passwords(password1, password2)
validate_password_length(password2)
except ValidationError as error:
flash(error.message)
return render_template('authentication/register.html')
if User.query.filter_by(email=email).first():
flash('User with such an email has been registered!')
elif User.query.filter_by(username=username).first():
flash('This username is busy! Try putting another one')
else:
user = User(email=email, username=username, name=name)
user.set_password(password2)
db.session.add(user)
db.session.commit()
flash('Successfully registered!')
return redirect(url_for('authentication.login'))
return render_template('authentication/register.html')
def seed_user():
role_user = Role.query.filter(Role.name == 'ROLE_USER').first()
role_seller = Role.query.filter(Role.name == 'ROLE_SELLER').first()
user1 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_user])
user2 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_user])
user3 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_user])
user4 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_user])
seller1 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_seller])
seller2 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_seller])
seller3 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_seller])
seller4 = User(
first_name=fake.first_name(),
last_name=fake.last_name(),
username='******',
password=bcrypt.generate_password_hash('password').decode('utf-8'),
email=fake.email(),
roles=[role_seller])
db.session.add(user1)
db.session.add(user2)
db.session.add(user3)
db.session.add(user4)
db.session.add(seller1)
db.session.add(seller2)
db.session.add(seller3)
db.session.add(seller4)
db.session.commit()
def test_model_filter_by_get_params(self):
users = init_users(5)
user_with_an_existing_name = User(email='*****@*****.**',
username='******',
name='name5',
password_hash='123')
users.append(user_with_an_existing_name)
db.session.add_all(users)
db.session.commit()
users_simple_query = User.query
self.assertEqual(users_simple_query.all(), users)
# exact matches:
self.assertEqual(
mod_fil(User, users_simple_query, {
'username': '******'
}).all(), users[1:2])
self.assertEqual(
mod_fil(User, users_simple_query, {
'name': 'name4'
}).all(), users[3:4])
self.assertEqual(
mod_fil(User, users_simple_query, {
'name': 'name5'
}).all(), users[4:6])
self.assertEqual(
len(
mod_fil(User, users_simple_query, {
'name': 'name5',
'username': '******'
}).all()), 0)
self.assertEqual(
mod_fil(User, users_simple_query, {
'user_id': '1'
}).all(), users[0:1])
# '-like' stmt:
self.assertEqual(
len(
mod_fil(User, users_simple_query, {
'username-like': 'user'
}).all()), 6)
self.assertEqual(
len(
mod_fil(User, users_simple_query, {
'name-like': 'name'
}).all()), 6)
self.assertEqual(
mod_fil(User, users_simple_query, {
'name-like': '5'
}).all(), users[4:6])
self.assertEqual(
mod_fil(User, users_simple_query, {
'username-like': 'user1'
}).all(), users[0:1])
# 'ordered-by' and 'ordered-by-desc' stmts:
self.assertEqual(
mod_fil(User, users_simple_query, {
'ordered-by': 'date_joined'
}).all(), users)
self.assertEqual(
mod_fil(User, users_simple_query, {
'ordered-by-desc': 'date_joined'
}).all(), list(reversed(users)))
self.assertEqual(
mod_fil(User, users_simple_query, {
'ordered-by-desc': 'username'
}).all(), list(reversed(users)))
# 'limit' and 'offset' stmts:
self.assertEqual(
mod_fil(User, users_simple_query, {
'limit': 2
}).all(), users[:2])
self.assertEqual(
mod_fil(User, users_simple_query, {
'offset': 3
}).all(), users[3:])
self.assertEqual(
mod_fil(User, users_simple_query, {
'offset': 4,
'limit': 1
}).all(), users[4:5])
self.assertEqual(
mod_fil(User, users_simple_query, {
'offset': 1,
'limit': 2
}).all(), users[1:3])
# some queries combinations:
self.assertEqual(
mod_fil(User, users_simple_query, {
'ordered-by-desc': 'date_joined',
'offset': 1,
'limit': 2
}).all(),
list(reversed(users))[1:3])
self.assertEqual(
mod_fil(User, users_simple_query, {
'ordered-by-desc': 'username',
'offset': 4
}).all(),
list(reversed(users))[4:])
self.assertEqual(
mod_fil(User, users_simple_query, {
'name': 'name5',
'ordered-by-desc': 'username'
}).all(), list(reversed(users[4:6])))
self.assertEqual(
mod_fil(User, users_simple_query, {
'name': 'name5',
'ordered-by-desc': 'username',
'limit': 1
}).all(),
list(reversed(users[4:6]))[:1])
# invalid values:
self.assertEqual(
mod_fil(User, users_simple_query, {
'invalid': 'value'
}).all(), users)
self.assertEqual(
mod_fil(User, users_simple_query, {
'invalid': 'value',
'ordered-by-desc': 'date_joined'
}).all(), list(reversed(users)))