def persist_token_information(self, client_id, scope, access_token, token_type, expires_in, refresh_token, data): assert not refresh_token found = user.get_user(json.loads(data)["username"]) if not found: raise RuntimeError("Username must be in the data field") token_name = access_token[:ACCESS_TOKEN_PREFIX_LENGTH] token_code = access_token[ACCESS_TOKEN_PREFIX_LENGTH:] assert token_name assert token_code assert len(token_name) == ACCESS_TOKEN_PREFIX_LENGTH assert len(token_code) >= ACCESS_TOKEN_MINIMUM_CODE_LENGTH oauth_app = OAuthApplication.get(client_id=client_id) expires_at = datetime.utcnow() + timedelta(seconds=expires_in) OAuthAccessToken.create( application=oauth_app, authorized_user=found, scope=scope, token_name=token_name, token_code=Credential.from_string(token_code), access_token="", token_type=token_type, expires_at=expires_at, data=data, )
def test_invite_to_team(initialized_db): first_user = get_user('devtable') second_user = create_user_noverify('newuser', '*****@*****.**') def run_invite_flow(orgname): # Create an org owned by `devtable`. org = create_organization(orgname, orgname + '@example.com', first_user) # Create another team and add `devtable` to it. Since `devtable` is already # in the org, it should be done directly. other_team = create_team('otherteam', org, 'admin') invite = add_or_invite_to_team(first_user, other_team, user_obj=first_user) assert invite is None assert is_in_team(other_team, first_user) # Try to add `newuser` to the team, which should require an invite. invite = add_or_invite_to_team(first_user, other_team, user_obj=second_user) assert invite is not None assert not is_in_team(other_team, second_user) # Accept the invite. confirm_team_invite(invite.invite_token, second_user) assert is_in_team(other_team, second_user) # Run for a new org. run_invite_flow('firstorg') # Create another org and repeat, ensuring the same operations perform the same way. run_invite_flow('secondorg')
def create_repository(cls, package_name, visibility, owner): ns, _ = package_name.split("/") owner = user.get_user('devtable') visibility = "public" create_org(ns, owner) return super(PackageTest, cls).create_repository(package_name, visibility, owner)
def test_remove_user_from_team(initialized_db): first_user = get_user("devtable") second_user = get_user("randomuser") # Create new org: devtable should be in the admin owners team new_org = create_organization("testorg", "testorg" + "@example.com", first_user) admin_teams = list(__get_user_admin_teams("testorg", "devtable")) # Add user to another admin team new_team = create_team("testteam", new_org, "admin", description="test another admin team") assert add_user_to_team(second_user, new_team) # Cannot remove themselves from their only admin team with pytest.raises(DataModelException): remove_user_from_team("testorg", "testteam", "randomuser", "randomuser") # Another admin should be able to remove_user_from_team("testorg", "testteam", "randomuser", "devtable")
def setup(self, app): self.user = get_user("devtable") self.org = create_organization(self.orgname, "{self.orgname}@devtable.com", self.user) self.org.save() self.config = create_proxy_cache_config( org_name=self.orgname, upstream_registry=self.upstream_registry, expiration_s=3600, )
def test_registry_proxy_model_init_only_query_db_once(initialized_db): orgname = "testorg" user = get_user("devtable") org = create_organization(orgname, "{self.orgname}@devtable.com", user) org.save() create_proxy_cache_config( org_name=orgname, upstream_registry="quay.io", expiration_s=3600, ) with assert_query_count(1): ProxyModel( orgname, "app-sre/ubi8-ubi", user, )
def test_remove_team(initialized_db): first_user = get_user("devtable") # Create new org: devtable should be in the admin owners team new_org = create_organization("testorg", "testorg" + "@example.com", first_user) admin_teams = list(__get_user_admin_teams("testorg", "devtable")) assert len(admin_teams) == 1 and admin_teams[0].name == "owners" # Create new admin team without adding the devtable to the team: # devtable should be able to delete the new admin team new_team = create_team("testteam", new_org, "admin", description="test second admin team") admin_teams = list(__get_user_admin_teams("testorg", "devtable")) assert len(admin_teams) == 1 and admin_teams[0].name != "testteam" # Removing the only team which devtable is the admin to should fail with pytest.raises(DataModelException): remove_team("testorg", "owners", "devtable") # Removing the other admin team should succeed, since devtable is already admin in another team remove_team("testorg", "testteam", "devtable")
def _save(self, force, **kwargs): owner = user.get_user('devtable') create_org(self.namespace, owner) super(PackageTest, self)._save(force, user=owner, visibility="public")
def get_robot_password(username): parent_name, robot_shortname = username.split("+", 1) parent = get_user(parent_name) _, token, _ = get_robot_and_metadata(robot_shortname, parent) return token