def getter(user_type='user'): def get_email(): if user_type == 'user': return USER['email'] elif user_type == 'admin': return ADMIN['email'] elif user_type == 'superuser': return SUPERUSER['email'] else: raise ValueError(f'invalid user type: {user_type}') def add_user(data, group=None): user = User(**data) UserRepository().save(user) if group is not None: g: UserGroup = UserGroupRepository().get_by(name=group) GroupUserRepository().save(GroupUser(group_id=g.id, user_id=user.id)) with app.app_context(): try: return UserRepository().get_by(email=get_email()) except ObjectNotFoundError: if user_type == 'user': add_user(USER, 'USER') elif user_type == 'admin': add_user(ADMIN, 'ADMIN') elif user_type == 'superuser': add_user(SUPERUSER, None) return UserRepository().get_by(email=get_email())
def test_deleted_user_cannot_authenticate(app, dbsession, client: TApp): """ deleted user -> cannot get token """ data = { "email": "*****@*****.**", "password": "******", "password_repeat": "12341234", "username": "******" } created_user_id = client.post_json('/api/register-user', data).json['data']['id'] with app.app_context(): created_user: User = UserRepository().get(created_user_id) created_user.is_deleted = True UserRepository().save(created_user) uid = uuid.uuid4() response = get_token_response(client, uid=uid, email=data['email'], status=401) print('response status code:', response.status_code) print('response json data:\n', response.json) assert response.json['uid'] == str(uid) assert response.json['status'] == ResponseStatus.AUTH_ERROR.value assert response.json['data'] is None
def __auth_user(self) -> Optional[User]: try: user = UserRepository().get_by( email=self.request.json['email'].strip(), is_deleted=False) if user.password_is_valid(self.request.json['password'].strip()): return user return None except: return None
def test_delete_user(client: TApp, app, user, admin, superuser, get_headers): """ test user delete """ new_user_data = { "email": "*****@*****.**", "password": "******", "password_repeat": "12341234" } user_id = client.post_json('/api/register-user', new_user_data).json['data']['id'] # regular user cannot delete client.post_json('/api/delete-user', {'user_id': user_id}, headers=get_headers('user'), status=403) # admin user can delete d = {"uid": str(uuid.uuid4()), "user_id": user_id} response = client.post_json('/api/delete-user', d, headers=get_headers('admin')) print('response status code:', response.status_code) print('response json data:\n', response.json) assert response.json['uid'] == d['uid'] assert response.json['status'] == 'OK' assert response.json['data']['is_deleted'] with app.app_context(): assert UserRepository().get(user_id).is_deleted # su can delete client.post_json('/api/delete-user', {'user_id': user_id}, headers=get_headers('superuser'))
def get_response(self) -> JsonResponse: user: User = UserRepository().get(get_jwt_identity()['id']) doc = InstructionDocument(created_by=user, name=self.request.json['name'].strip(), description=self.request.json.get( 'description', None)) InstructionDocumentRepository().save(doc) return ok_response(InstructionDocumentEntityModel.from_orm(doc))
def get_response(self) -> JsonResponse: rmodel: RegisterUserEventRequestModel = self.request_model user = User(email=rmodel.email, plaintext_password=rmodel.password, username=rmodel.username) UserRepository().save(user) self.__add_user_to_default_groups(user) return ok_response(data=UserManager(user=user).user_model)
class UserManager: def __init__(self, user_id: int = None, user: User = None): self.__user_repo = UserRepository() self.__user = self.__user_repo.get(user_id) if user_id else user if not self.__user: raise ValueError('User not provided!') @property def user(self) -> User: return self.__user @property def user_model(self) -> UserEntityModel: return UserEntityModel.construct(id=self.user.id, username=self.user.username, email=self.user.email, is_superuser=self.user.is_superuser, is_deleted=self.user.is_deleted, groups=[ UserGroupEntityModel.construct( id=g.id, name=g.name) for g in self.get_groups() ]) def get_groups(self) -> List[UserGroup]: user_groups = GroupUserRepository().filter( GroupUser.user_id == self.user.id) group_ids = list(set([ug.group_id for ug in user_groups])) return UserGroupRepository().filter(UserGroup.id.in_(group_ids)) def belongs_to_group(self, group: UserGroup) -> bool: try: GroupUserRepository().get_by(user_id=self.__user.id, group_id=group.id) return True except ObjectNotFoundError: return False def delete(self): self.__user.is_deleted = True self.__user_repo.save(self.__user)
def wrapper(*args, **kwargs): user_data: dict = get_jwt_identity() user: User = UserRepository().get(user_data['id']) if user.is_deleted: ForbiddenError('Account deleted') if not user.is_superuser: raise ForbiddenError('Admin only') return func(*args, **kwargs)
def user_must_exist(cls, v: int): must_exist_by_pk(UserRepository(), v) return v
def add_user(data, group=None): user = User(**data) UserRepository().save(user) if group is not None: g: UserGroup = UserGroupRepository().get_by(name=group) GroupUserRepository().save(GroupUser(group_id=g.id, user_id=user.id))
def __init__(self, user_id: int = None, user: User = None): self.__user_repo = UserRepository() self.__user = self.__user_repo.get(user_id) if user_id else user if not self.__user: raise ValueError('User not provided!')