def test_edit_user_username_blank(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
email = test_utils.random_email()
Users.create_user(username, '123456', email)
errors = Users.edit_user(username, new_username='')
assert errors == ['Username cannot be blank']
def test_delete_user(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
Users.create_user(username, '123456')
errors = Users.delete_user(username)
assert errors == []
assert not Users.user_exists(username)
def test_verify_password(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
assert Users.verify_password(username, password)
assert not Users.verify_password(username, 'invalid_password')
def login():
if current_user is not None and current_user.is_authenticated:
return redirect(url_for('webapp.index'))
if request.method == 'POST':
errors = []
username = request.form['username']
password = request.form['password']
next_url = request.form['next']
if not username:
errors.append('Username is required')
elif not password:
errors.append('Password is required')
elif not Users.user_exists(username):
errors.append('Username does not exists')
elif not Users.verify_password(username, password):
errors.append('Username and password do not match')
if errors:
return render_template('login.html',
next_url=next_url,
errors=errors)
else:
login_user(Users.get_user_by_username(username))
if not next_url or not is_safe_url(next_url):
next_url = '/'
return redirect(next_url)
else:
next_url = request.args.get('next')
if not next_url or not is_safe_url(next_url):
next_url = '/'
return render_template('login.html', next_url=next_url, errors=[])
def test_add_project_to_user(self, project_function_clean, test_utils):
testdir, project = project_function_clean.activate()
username = test_utils.random_string(5)
Users.create_user(username, '123456')
Users.add_project_to_user(username, project, Permissions.SUPER_USER)
user = Users.get_user_by_username(username)
assert project in user.projects
assert user.projects[project] == Permissions.SUPER_USER
def test_verify_auth_token_invalid_token(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
app = create_app()
with pytest.raises(BadSignature) as _:
Users.verify_auth_token(app.secret_key, 'invalid_token')
def test_edit_user_new_username_exists(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
Users.create_user(username, '123456')
new_username = test_utils.random_string(5)
Users.create_user(new_username, '123456')
errors = Users.edit_user(username, new_username=new_username)
assert errors == [f'Username {new_username} already exists']
def test_edit_user_invalid_email(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
email = test_utils.random_email()
Users.create_user(username, '123456', email)
new_email = 'test@'
errors = Users.edit_user(username, new_email=new_email)
assert errors == [f'{new_email} is not a valid email address']
def test_project_weight(self, project_class, test_utils):
testdir, project = project_class.activate()
username = test_utils.random_string(5)
Users.create_user(username, '123456')
Users.add_project_to_user(username, project, Permissions.ADMIN)
user = Users.get_user_by_username(username)
assert user.project_weight(project) == Permissions.weights[
Permissions.ADMIN]
def test_create_user_file_not_exist(self, testdir_function, test_utils):
"""Users file is created if it does not exist"""
testdir_function.activate()
username = test_utils.random_string(5)
os.remove(Users.file_path())
Users.create_user(username, '123', None)
assert os.path.isfile(Users.file_path())
assert Users.user_exists(username)
def test_users(self, testdir_function, test_utils):
testdir_function.activate()
users = Users.users()
assert len(users) == 1
username = test_utils.random_string(10)
Users.create_user(username, '123')
users = Users.users()
assert len(users) == 2
assert Users.user_exists(username)
def test_reset_user_password(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
Users.create_user(username, '123456')
hashed_password = Users.get_user_by_username(username).password
errors = Users.reset_user_password(username, '234567')
assert errors == []
new_hashed_password = Users.get_user_by_username(username).password
assert hashed_password != new_hashed_password
def test_verify_password(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
user = Users.get_user_by_username(username)
assert user.password != password
assert user.verify_password(password)
assert not user.verify_password('invalid_password')
def test_verify_auth_token(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
app = create_app()
token = Users.get_user_by_username(username).generate_auth_token(
app.secret_key)
user = Users.verify_auth_token(app.secret_key, token)
assert user.username == username
def create_test_directory(testdir):
file_manager.create_directory(path_list=[testdir], add_init=True)
file_manager.create_directory(path_list=[testdir, 'projects'],
add_init=True)
file_manager.create_directory(path_list=[testdir, 'drivers'],
add_init=False)
settings_manager.create_global_settings_file(testdir)
create_testdir_golem_file(testdir)
session.testdir = testdir
Users.create_super_user('admin', 'admin')
def test_edit_user_remove_all_superuser_permissions(
self, testdir_function):
"""Cannot edit a user and remove superuser permissions if it's
the only superuser available
"""
testdir_function.activate()
assert len(Users.users()) == 1
Users.create_user('standard', '123456')
assert len(Users.users()) == 2
errors = Users.edit_user('admin', new_is_superuser=False)
assert errors == ['Cannot remove Superuser permission for this user']
def test_verify_auth_token_expired_token(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
app = create_app()
user = Users.get_user_by_username(username)
token = user.generate_auth_token(app.secret_key, expiration=1)
time.sleep(2)
with pytest.raises(SignatureExpired):
Users.verify_auth_token(app.secret_key, token)
def test_edit_user(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
email = test_utils.random_email()
Users.create_user(username, '123456', email)
new_username = test_utils.random_string(5)
new_email = test_utils.random_email()
errors = Users.edit_user(username, new_username, new_email)
assert errors == []
user = Users.get_user_by_username(new_username)
assert user.email == new_email
def test_create_superuser_command(self, testdir_class, test_utils, capsys):
testdir_class.activate()
username = test_utils.random_string(5)
email = test_utils.random_email()
password = test_utils.random_string(5)
commands.createsuperuser_command(username,
email,
password,
no_input=True)
out, err = capsys.readouterr()
assert f'Superuser {username} was created successfully.' in out
assert Users.user_exists(username)
user = Users.get_user_by_username(username)
assert user.email == email
def user_get():
_verify_permissions(Permissions.SUPER_USER)
username = request.args['username']
user = Users.get_user_dictionary(username)
if user:
del user['password']
return jsonify(user)
def createsuperuser_command(username, email, password, no_input=False):
if no_input:
if username is None or password is None:
sys.exit(
'Error: --username and --password are required for --noinput.')
else:
try:
while True:
username = input('Username: '******'Email address (optional): ').strip()
if email and not utils.validate_email(email):
print('Error: Enter a valid email address.')
else:
break
while True:
password = input('Password: '******'Password (again): ')
if not len(password):
print('Error: Blank passwords are not allowed.')
elif password != repeat_password:
print('Error: The passwords did not match.')
else:
break
except KeyboardInterrupt:
sys.exit('Cancelled.')
errors = Users.create_super_user(username, password, email)
if errors:
for error in errors:
print('Error: {}'.format(error))
exit(1)
else:
print('Superuser {} was created successfully.'.format(username))
def user_reset_user_password():
username = request.json['username']
if username == current_user.username:
new_password = request.json['newPassword']
errors = Users.reset_user_password(username, new_password)
else:
errors = ['Cannot change current user password']
return jsonify({'errors': errors})
def auth_token():
username = request.json['username']
password = request.json['password']
user = Users.get_user_by_username(username=username)
if user is None:
abort(401, 'User does not exist')
elif not user.verify_password(password):
abort(401, 'Incorrect password')
else:
token = user.generate_auth_token(current_app.secret_key)
return jsonify(token.decode())
def test_create_superuser_command_no_email(self, testdir_class,
test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = test_utils.random_string(5)
commands.createsuperuser_command(username,
None,
password,
no_input=True)
user = Users.get_user_by_username(username)
assert user.email is None
def users_new():
username = request.json['username']
email = request.json['email']
password = request.json['password']
is_superuser = request.json['isSuperuser']
_verify_permissions(Permissions.SUPER_USER)
project_permissions_raw = request.json['projectPermissions']
project_permissions = {}
for project_permission in project_permissions_raw:
project_permissions[project_permission['project']] = project_permission['permission']
errors = Users.create_user(username, password, email, is_superuser, project_permissions)
return jsonify(errors)
def users_edit():
old_username = request.json['oldUsername']
new_username = request.json['newUsername']
email = request.json['email']
is_superuser = request.json['isSuperuser']
project_permissions_raw = request.json['projectPermissions']
_verify_permissions(Permissions.SUPER_USER)
project_permissions = {}
if project_permissions_raw is not None:
for p in project_permissions_raw:
project_permissions[p['project']] = p['permission']
errors = Users.edit_user(old_username, new_username, email, is_superuser, project_permissions)
return jsonify(errors)
def test_refresh_users(self, testdir_function):
testdir_function.activate()
user1 = Users.generate_user_dictionary('01', 'username01', '123', None,
True, [])
user2 = Users.generate_user_dictionary('02', 'username02', '123', None,
True, [])
assert len(Users.users()) == 1
with open(Users.file_path(), 'w') as f:
json.dump([user1, user2], f)
Users.refresh_users()
assert len(Users.users()) == 2
def test_create_users_file(self, testdir_function):
testdir_function.activate()
os.remove(Users.file_path())
Users.create_users_file()
assert os.path.isfile(Users.file_path())
with open(Users.file_path()) as f:
assert f.read() == '[]'
assert Users.users() == []
def decorated_view(*args, **kwargs):
if not current_user.is_authenticated:
token = request.headers.get('token', None)
if token:
try:
user = Users.verify_auth_token(current_app.secret_key, token)
request.api_user = user
except BadSignature:
abort(401, 'Token did not match')
except SignatureExpired:
abort(401, 'Signature Expired')
except Exception:
abort(401, 'Unknown error')
else:
abort(400, 'Missing token')
return func(*args, **kwargs)
def test_create_user_password_is_hashed(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
assert Users.get_user_by_username(username).password != password
