def test_retrieve_users(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(username=username,
email=username,
password=password)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
username2 = random_lower_string()
password2 = random_lower_string()
user_in2 = UserInCreate(username=username2,
email=username2,
password=password2)
user2 = upsert_user(bucket, user_in, persist_to=1)
r = requests.get(f"{server_api}{config.API_V1_STR}/users/",
headers=superuser_token_headers)
all_users = r.json()
assert len(all_users) > 1
for user in all_users:
assert "username" in user
assert "admin_roles" in user
def init_db():
logging.info("before config_couchbase")
config_couchbase(COUCHBASE_USER,
COUCHBASE_PASSWORD,
host=COUCHBASE_HOST,
port=COUCHBASE_PORT)
logging.info("after config_couchbase")
# COUCHBASE_USER="******"
# COUCHBASE_PASSWORD="******"
logging.info("before ensure_create_bucket")
ensure_create_bucket(
COUCHBASE_USER,
COUCHBASE_PASSWORD,
COUCHBASE_BUCKET_NAME,
host=COUCHBASE_HOST,
port=COUCHBASE_PORT,
)
logging.info("after ensure_create_bucket")
logging.info("before get_bucket")
bucket = get_bucket(
COUCHBASE_USER,
COUCHBASE_PASSWORD,
COUCHBASE_BUCKET_NAME,
host=COUCHBASE_HOST,
port=COUCHBASE_PORT,
)
logging.info("after get_bucket")
logging.info("before ensure_create_primary_index")
ensure_create_primary_index(bucket)
logging.info("after ensure_create_primary_index")
logging.info("before ensure_create_type_index")
ensure_create_type_index(bucket)
logging.info("after ensure_create_type_index")
logging.info("before ensure_create_couchbase_app_user sync")
ensure_create_couchbase_app_user(
COUCHBASE_USER,
COUCHBASE_PASSWORD,
COUCHBASE_SYNC_GATEWAY_USER,
COUCHBASE_SYNC_GATEWAY_PASSWORD,
COUCHBASE_BUCKET_NAME,
host=COUCHBASE_HOST,
port=COUCHBASE_PORT,
)
logging.info("after ensure_create_couchbase_app_user sync")
logging.info("before upsert_user first superuser")
in_user = UserInCreate(
name=FIRST_SUPERUSER,
password=FIRST_SUPERUSER_PASSWORD,
email=FIRST_SUPERUSER,
admin_roles=[RoleEnum.superuser, RoleEnum.admin],
admin_channels=[FIRST_SUPERUSER, RoleEnum.admin],
)
upsert_user(bucket, in_user)
logging.info("after upsert_user first superuser")
def test_check_if_user_is_active():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=email, email=email, password=password)
user = upsert_user(bucket, user_in)
is_active = check_if_user_is_active(user)
assert is_active is True
def test_check_if_user_is_superuser_normal_user():
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=username, email=username, password=password)
user = upsert_user(bucket, user_in)
is_superuser = check_if_user_is_superuser(user)
assert is_superuser is False
def route_users_post(
*, user_in: UserInCreate, current_user: UserInDB = Depends(get_current_user)
):
"""
Create new user
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
elif not check_if_user_is_superuser(current_user):
raise HTTPException(
status_code=400, detail="The user doesn't have enough privileges"
)
bucket = get_default_bucket()
user = get_user(bucket, user_in.username)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system.",
)
user = upsert_user(bucket, user_in, persist_to=1)
if config.EMAILS_ENABLED and user_in.email:
send_new_account_email(
email_to=user_in.email, username=user_in.username, password=user_in.password
)
return user
def route_users_post_open(
*,
username: str = Body(...),
password: str = Body(...),
email: EmailStr = Body(None),
full_name: str = Body(None),
):
"""
Create new user without the need to be logged in
"""
if not config.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user resgistration is forbidden on this server",
)
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system",
)
user_in = UserInCreate(
username=username, password=password, email=email, full_name=full_name
)
user = upsert_user(bucket, user_in, persist_to=1)
return user
def route_users_post(
*,
name,
password,
admin_channels=[],
admin_roles=[],
disabled=False,
email=None,
human_name=None,
):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
elif not check_if_user_is_admin_or_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
user = get_user(bucket, name)
if user:
return abort(
400, f"The user with this username already exists in the system.")
user_in = UserInCreate(
name=name,
password=password,
admin_channels=admin_channels,
admin_roles=admin_roles,
disabled=disabled,
email=email,
human_name=human_name,
)
user = upsert_user(bucket, user_in)
return user
def route_users_post(
*,
username,
password,
admin_channels=[],
admin_roles=[],
disabled=False,
email=None,
full_name=None,
):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
elif not check_if_user_is_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
return abort(400, f"The user with this username already exists in the system.")
user_in = UserInCreate(
username=username,
password=password,
admin_channels=admin_channels,
admin_roles=admin_roles,
disabled=disabled,
email=email,
full_name=full_name,
)
user = upsert_user(bucket, user_in)
if config.EMAILS_ENABLED:
send_new_account_email(email_to=email, username=username, password=password)
return user
def test_authenticate_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=email, email=email, password=password)
user = upsert_user(bucket, user_in)
authenticated_user = authenticate_user(bucket, email, password)
assert authenticated_user
assert user.Meta.key == authenticated_user.Meta.key
def test_check_if_user_is_active():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(username=email, email=email, password=password)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
is_active = check_if_user_is_active(user)
assert is_active is True
def test_authenticate_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(username=email, email=email, password=password)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
authenticated_user = authenticate_user(bucket, email, password)
assert authenticated_user
assert user.username == authenticated_user.username
def test_check_if_user_is_superuser_normal_user():
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(username=username,
email=username,
password=password)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
is_superuser = check_if_user_is_superuser(user)
assert is_superuser is False
def test_check_if_user_is_superuser():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=email,
email=email,
password=password,
admin_roles=[RoleEnum.superuser])
user = upsert_user(bucket, user_in)
is_superuser = check_if_user_is_superuser(user)
assert is_superuser is True
def test_create_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=email, email=email, password=password)
user = upsert_user(bucket, user_in)
assert hasattr(user, "name")
assert user.name == email
assert hasattr(user, "hashed_password")
assert hasattr(user, "type")
assert user.type == "userprofile"
def test_get_user():
password = random_lower_string()
username = random_lower_string()
user_in = UserInCreate(name=username,
email=username,
password=password,
admin_roles=[RoleEnum.superuser])
user = upsert_user(bucket, user_in)
user_2 = get_user(bucket, username)
assert user.Meta.key == user_2.Meta.key
assert user.json_dict() == user_2.json_dict()
def test_create_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(username=email, email=email, password=password)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
assert hasattr(user, "username")
assert user.username == email
assert hasattr(user, "hashed_password")
assert hasattr(user, "type")
assert user.type == "userprofile"
def test_create_user_by_normal_user():
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=username, email=username, password=password)
user = upsert_user(bucket, user_in)
user_token_headers = user_authentication_headers(server_api, username, password)
data = {"name": username, "password": password}
r = requests.post(
f"{server_api}{config.API_V1_STR}/users/", headers=user_token_headers, json=data
)
assert r.status_code == 400
def route_users_post_open(*, username, password, email=None, full_name=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
return abort(400, f"The user with this username already exists in the system")
user_in = UserInCreate(
username=username, password=password, email=email, full_name=full_name
)
user = upsert_user(bucket, user_in)
return user
def test_get_existing_user(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=username, email=username, password=password)
user = upsert_user(bucket, user_in)
r = requests.get(
f"{server_api}{config.API_V1_STR}/users/{username}",
headers=superuser_token_headers,
)
assert 200 <= r.status_code < 300
api_user = r.json()
user = get_user(bucket, username)
assert user.name == api_user["name"]
def test_get_user():
password = random_lower_string()
username = random_lower_string()
user_in = UserInCreate(
username=username,
email=username,
password=password,
admin_roles=[RoleEnum.superuser],
)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
user_2 = get_user(bucket, username)
assert user.username == user_2.username
assert jsonable_encoder(user) == jsonable_encoder(user_2)
def test_create_user_existing_username(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
# username = email
password = random_lower_string()
user_in = UserInCreate(name=username, email=username, password=password)
user = upsert_user(bucket, user_in)
data = {"name": username, "password": password}
r = requests.post(
f"{server_api}{config.API_V1_STR}/users/",
headers=superuser_token_headers,
json=data,
)
created_user = r.json()
assert r.status_code == 400
assert "_id" not in created_user
