def getter(user_type='user'):
def get_email():
if user_type == 'user':
return USER['email']
elif user_type == 'admin':
return ADMIN['email']
elif user_type == 'superuser':
return SUPERUSER['email']
else:
raise ValueError(f'invalid user type: {user_type}')
def add_user(data, group=None):
user = User(**data)
UserRepository().save(user)
if group is not None:
g: UserGroup = UserGroupRepository().get_by(name=group)
GroupUserRepository().save(GroupUser(group_id=g.id, user_id=user.id))
with app.app_context():
try:
return UserRepository().get_by(email=get_email())
except ObjectNotFoundError:
if user_type == 'user': add_user(USER, 'USER')
elif user_type == 'admin': add_user(ADMIN, 'ADMIN')
elif user_type == 'superuser': add_user(SUPERUSER, None)
return UserRepository().get_by(email=get_email())
def test_deleted_user_cannot_authenticate(app, dbsession, client: TApp):
""" deleted user -> cannot get token """
data = {
"email": "*****@*****.**",
"password": "******",
"password_repeat": "12341234",
"username": "******"
}
created_user_id = client.post_json('/api/register-user',
data).json['data']['id']
with app.app_context():
created_user: User = UserRepository().get(created_user_id)
created_user.is_deleted = True
UserRepository().save(created_user)
uid = uuid.uuid4()
response = get_token_response(client,
uid=uid,
email=data['email'],
status=401)
print('response status code:', response.status_code)
print('response json data:\n', response.json)
assert response.json['uid'] == str(uid)
assert response.json['status'] == ResponseStatus.AUTH_ERROR.value
assert response.json['data'] is None
def __auth_user(self) -> Optional[User]:
try:
user = UserRepository().get_by(
email=self.request.json['email'].strip(), is_deleted=False)
if user.password_is_valid(self.request.json['password'].strip()):
return user
return None
except:
return None
def test_delete_user(client: TApp, app, user, admin, superuser, get_headers):
""" test user delete """
new_user_data = {
"email": "*****@*****.**",
"password": "******",
"password_repeat": "12341234"
}
user_id = client.post_json('/api/register-user',
new_user_data).json['data']['id']
# regular user cannot delete
client.post_json('/api/delete-user', {'user_id': user_id},
headers=get_headers('user'),
status=403)
# admin user can delete
d = {"uid": str(uuid.uuid4()), "user_id": user_id}
response = client.post_json('/api/delete-user',
d,
headers=get_headers('admin'))
print('response status code:', response.status_code)
print('response json data:\n', response.json)
assert response.json['uid'] == d['uid']
assert response.json['status'] == 'OK'
assert response.json['data']['is_deleted']
with app.app_context():
assert UserRepository().get(user_id).is_deleted
# su can delete
client.post_json('/api/delete-user', {'user_id': user_id},
headers=get_headers('superuser'))
def get_response(self) -> JsonResponse:
user: User = UserRepository().get(get_jwt_identity()['id'])
doc = InstructionDocument(created_by=user,
name=self.request.json['name'].strip(),
description=self.request.json.get(
'description', None))
InstructionDocumentRepository().save(doc)
return ok_response(InstructionDocumentEntityModel.from_orm(doc))
def get_response(self) -> JsonResponse:
rmodel: RegisterUserEventRequestModel = self.request_model
user = User(email=rmodel.email,
plaintext_password=rmodel.password,
username=rmodel.username)
UserRepository().save(user)
self.__add_user_to_default_groups(user)
return ok_response(data=UserManager(user=user).user_model)
class UserManager:
def __init__(self, user_id: int = None, user: User = None):
self.__user_repo = UserRepository()
self.__user = self.__user_repo.get(user_id) if user_id else user
if not self.__user: raise ValueError('User not provided!')
@property
def user(self) -> User:
return self.__user
@property
def user_model(self) -> UserEntityModel:
return UserEntityModel.construct(id=self.user.id,
username=self.user.username,
email=self.user.email,
is_superuser=self.user.is_superuser,
is_deleted=self.user.is_deleted,
groups=[
UserGroupEntityModel.construct(
id=g.id, name=g.name)
for g in self.get_groups()
])
def get_groups(self) -> List[UserGroup]:
user_groups = GroupUserRepository().filter(
GroupUser.user_id == self.user.id)
group_ids = list(set([ug.group_id for ug in user_groups]))
return UserGroupRepository().filter(UserGroup.id.in_(group_ids))
def belongs_to_group(self, group: UserGroup) -> bool:
try:
GroupUserRepository().get_by(user_id=self.__user.id,
group_id=group.id)
return True
except ObjectNotFoundError:
return False
def delete(self):
self.__user.is_deleted = True
self.__user_repo.save(self.__user)
def wrapper(*args, **kwargs):
user_data: dict = get_jwt_identity()
user: User = UserRepository().get(user_data['id'])
if user.is_deleted: ForbiddenError('Account deleted')
if not user.is_superuser: raise ForbiddenError('Admin only')
return func(*args, **kwargs)
def user_must_exist(cls, v: int):
must_exist_by_pk(UserRepository(), v)
return v
def add_user(data, group=None):
user = User(**data)
UserRepository().save(user)
if group is not None:
g: UserGroup = UserGroupRepository().get_by(name=group)
GroupUserRepository().save(GroupUser(group_id=g.id, user_id=user.id))
def __init__(self, user_id: int = None, user: User = None):
self.__user_repo = UserRepository()
self.__user = self.__user_repo.get(user_id) if user_id else user
if not self.__user: raise ValueError('User not provided!')