def test_mark_namespace_for_deletion(initialized_db): def create_transaction(db): return db.transaction() # Create a user and then mark it for deletion. user = create_user_noverify("foobar", "*****@*****.**", email_required=False) # Add some robots. create_robot("foo", user) create_robot("bar", user) assert lookup_robot("foobar+foo") is not None assert lookup_robot("foobar+bar") is not None assert len(list(list_namespace_robots("foobar"))) == 2 # Add some federated user links. attach_federated_login(user, "google", "someusername") attach_federated_login(user, "github", "someusername") assert FederatedLogin.select().where( FederatedLogin.user == user).count() == 2 assert FederatedLogin.select().where( FederatedLogin.service_ident == "someusername").exists() # Mark the user for deletion. queue = WorkQueue("testgcnamespace", create_transaction) mark_namespace_for_deletion(user, [], queue) # Ensure the older user is still in the DB. older_user = User.get(id=user.id) assert older_user.username != "foobar" # Ensure the robots are deleted. with pytest.raises(InvalidRobotException): assert lookup_robot("foobar+foo") with pytest.raises(InvalidRobotException): assert lookup_robot("foobar+bar") assert len(list(list_namespace_robots(older_user.username))) == 0 # Ensure the federated logins are gone. assert FederatedLogin.select().where( FederatedLogin.user == user).count() == 0 assert (not FederatedLogin.select().where( FederatedLogin.service_ident == "someusername").exists()) # Ensure we can create a user with the same namespace again. new_user = create_user_noverify("foobar", "*****@*****.**", email_required=False) assert new_user.id != user.id # Ensure the older user is still in the DB. assert User.get(id=user.id).username != "foobar"
def test_get_matching_users_with_same_prefix(initialized_db): # Create a bunch of users with the same prefix. for index in range(0, 20): create_user_noverify('foo%s' % index, '*****@*****.**' % index, email_required=False) # For each user, ensure that lookup of the exact name is found first. for index in range(0, 20): username = '******' % index assert list(get_matching_users(username))[0].username == username # Prefix matching. found = list(get_matching_users('foo', limit=50)) assert len(found) == 20
def test_invite_to_team(initialized_db): first_user = get_user('devtable') second_user = create_user_noverify('newuser', '*****@*****.**') def run_invite_flow(orgname): # Create an org owned by `devtable`. org = create_organization(orgname, orgname + '@example.com', first_user) # Create another team and add `devtable` to it. Since `devtable` is already # in the org, it should be done directly. other_team = create_team('otherteam', org, 'admin') invite = add_or_invite_to_team(first_user, other_team, user_obj=first_user) assert invite is None assert is_in_team(other_team, first_user) # Try to add `newuser` to the team, which should require an invite. invite = add_or_invite_to_team(first_user, other_team, user_obj=second_user) assert invite is not None assert not is_in_team(other_team, second_user) # Accept the invite. confirm_team_invite(invite.invite_token, second_user) assert is_in_team(other_team, second_user) # Run for a new org. run_invite_flow('firstorg') # Create another org and repeat, ensuring the same operations perform the same way. run_invite_flow('secondorg')
def test_create_user_with_expiration(initialized_db): with patch("data.model.config.app_config", {"DEFAULT_TAG_EXPIRATION": "1h"}): user = create_user_noverify("foobar", "*****@*****.**", email_required=False) assert user.removed_tag_expiration_s == 60 * 60
def test_delete_namespace_via_marker(initialized_db): def create_transaction(db): return db.transaction() # Create a user and then mark it for deletion. user = create_user_noverify("foobar", "*****@*****.**", email_required=False) # Add some repositories. create_repository("foobar", "somerepo", user) create_repository("foobar", "anotherrepo", user) # Mark the user for deletion. queue = WorkQueue("testgcnamespace", create_transaction) marker_id = mark_namespace_for_deletion(user, [], queue) # Delete the user. with check_transitive_modifications(): delete_namespace_via_marker(marker_id, []) # Ensure the user was actually deleted. with pytest.raises(User.DoesNotExist): User.get(id=user.id) with pytest.raises(DeletedNamespace.DoesNotExist): DeletedNamespace.get(id=marker_id)
def create_organization(name, email, creating_user, email_required=True, is_possible_abuser=False): with db_transaction(): try: # Create the org new_org = user.create_user_noverify( name, email, email_required=email_required, is_possible_abuser=is_possible_abuser) new_org.organization = True new_org.save() # Create a team for the owners owners_team = team.create_team("owners", new_org, "admin") # Add the user who created the org to the owners team team.add_user_to_team(creating_user, owners_team) return new_org except InvalidUsernameException as iue: raise InvalidOrganizationException(iue.message)
def test_mark_namespace_for_deletion(initialized_db): def create_transaction(db): return db.transaction() # Create a user and then mark it for deletion. user = create_user_noverify("foobar", "*****@*****.**", email_required=False) # Add some robots. create_robot("foo", user) create_robot("bar", user) assert lookup_robot("foobar+foo") is not None assert lookup_robot("foobar+bar") is not None assert len(list(list_namespace_robots("foobar"))) == 2 # Mark the user for deletion. queue = WorkQueue("testgcnamespace", create_transaction) mark_namespace_for_deletion(user, [], queue) # Ensure the older user is still in the DB. older_user = User.get(id=user.id) assert older_user.username != "foobar" # Ensure the robots are deleted. with pytest.raises(InvalidRobotException): assert lookup_robot("foobar+foo") with pytest.raises(InvalidRobotException): assert lookup_robot("foobar+bar") assert len(list(list_namespace_robots(older_user.username))) == 0 # Ensure we can create a user with the same namespace again. new_user = create_user_noverify("foobar", "*****@*****.**", email_required=False) assert new_user.id != user.id # Ensure the older user is still in the DB. assert User.get(id=user.id).username != "foobar"
def test_validation_code(token_lifetime, time_since, initialized_db): user = create_user_noverify('foobar', '*****@*****.**', email_required=False) created = datetime.now() - convert_to_timedelta(time_since) verification_code, unhashed = Credential.generate() confirmation = EmailConfirmation.create(user=user, pw_reset=True, created=created, verification_code=verification_code) encoded = encode_public_private_token(confirmation.code, unhashed) with patch('data.model.config.app_config', {'USER_RECOVERY_TOKEN_LIFETIME': token_lifetime}): result = validate_reset_code(encoded) expect_success = convert_to_timedelta(token_lifetime) >= convert_to_timedelta(time_since) assert expect_success == (result is not None)
def test_delete_robot(initialized_db): # Create a robot account. user = create_user_noverify('foobar', '*****@*****.**', email_required=False) robot, _ = create_robot('foo', user) # Add some notifications and other rows pointing to the robot. create_notification('repo_push', robot) team = create_team('someteam', get_organization('buynlarge'), 'member') add_user_to_team(robot, team) # Ensure the robot exists. assert lookup_robot(robot.username).id == robot.id # Delete the robot. delete_robot(robot.username) # Ensure it is gone. with pytest.raises(InvalidRobotException): lookup_robot(robot.username)
def test_robot(initialized_db): # Create a robot account. user = create_user_noverify('foobar', '*****@*****.**', email_required=False) robot, token = create_robot('foo', user) assert retrieve_robot_token(robot) == token # Ensure we can retrieve its information. found = lookup_robot('foobar+foo') assert found == robot creds = get_pull_credentials('foobar+foo') assert creds is not None assert creds['username'] == 'foobar+foo' assert creds['password'] == token assert verify_robot('foobar+foo', token) == robot with pytest.raises(InvalidRobotException): assert verify_robot('foobar+foo', 'someothertoken') with pytest.raises(InvalidRobotException): assert verify_robot('foobar+unknownbot', token)
def test_robot(initialized_db): # Create a robot account. user = create_user_noverify("foobar", "*****@*****.**", email_required=False) robot, token = create_robot("foo", user) assert retrieve_robot_token(robot) == token # Ensure we can retrieve its information. found = lookup_robot("foobar+foo") assert found == robot creds = get_pull_credentials("foobar+foo") assert creds is not None assert creds["username"] == "foobar+foo" assert creds["password"] == token assert verify_robot("foobar+foo", token) == robot with pytest.raises(InvalidRobotException): assert verify_robot("foobar+foo", "someothertoken") with pytest.raises(InvalidRobotException): assert verify_robot("foobar+unknownbot", token)
def test_create_user_with_expiration(initialized_db): with patch('data.model.config.app_config', {'DEFAULT_TAG_EXPIRATION': '1h'}): user = create_user_noverify('foobar', '*****@*****.**', email_required=False) assert user.removed_tag_expiration_s == 60 * 60