Exemple #1
0
    def setUp(self):
        super(ProviderTestCase, self).setUp()
        # Set environment variable DEBUG to true, to allow testing without
        # SSL in oauthlib.
        if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'):
            self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '')
            os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true'

        from invenio_accounts.models import User
        from invenio_oauth2server.models import Client, Scope
        from invenio_oauth2server.registry import scopes as scopes_registry

        # Register a test scope
        scopes_registry.register(Scope('test:scope'))

        self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')

        # Create needed objects
        u = User(email='*****@*****.**', nickname='tester')
        u.password = "******"

        u2 = User(email='*****@*****.**', nickname='tester2')
        u2.password = "******"

        db.session.add(u)
        db.session.add(u2)

        c1 = Client(client_id='dev',
                    client_secret='dev',
                    name='dev',
                    description='',
                    is_confidential=False,
                    user=u,
                    _redirect_uris='%s/oauth2test/authorized' % self.base_url,
                    _default_scopes="test:scope")

        c2 = Client(client_id='confidential',
                    client_secret='confidential',
                    name='confidential',
                    description='',
                    is_confidential=True,
                    user=u,
                    _redirect_uris='%s/oauth2test/authorized' % self.base_url,
                    _default_scopes="test:scope")

        db.session.add(c1)
        db.session.add(c2)

        db.session.commit()

        self.objects = [u, u2, c1, c2]

        # Create a personal access token as well.
        from invenio_oauth2server.models import Token
        self.personal_token = Token.create_personal('test-personal',
                                                    1,
                                                    scopes=[],
                                                    is_internal=True)
Exemple #2
0
def test_audit(app):
    user_id = None
    workflow_id = None
    with app.app_context():
        user = User(email="*****@*****.**", active=True)
        user.password = "******"
        db.session.add(user)

        workflows_object = WorkflowObject.create_object()
        workflows_object.save()

        db.session.commit()
        user_id = user.id
        workflow_id = workflows_object.id

    with app.app_context():
        logging_info = {
            'object_id': workflow_id,
            'user_id': user_id,
            'score': 0.222113,
            'user_action': "Non-CORE",
            'decision': "Rejected",
            'source': "test",
            'action': "accept"
        }
        audit = WorkflowsAudit(**logging_info)
        audit.save()
        db.session.commit()

        assert WorkflowsAudit.query.count() == 1

        audit_entry = WorkflowsAudit.query.filter(
            WorkflowsAudit.object_id == workflow_id
        ).one()
        assert audit_entry
        assert audit_entry.action == "accept"
        assert audit_entry.score == 0.222113

    prediction_results = dict(
        max_score=0.222113, decision="Rejected"
    )
    with app.app_context():
        log_workflows_action(
            action="accept_core",
            prediction_results=prediction_results,
            object_id=workflow_id,
            user_id=None,
            source="test",
            user_action="accept"
        )
        db.session.commit()

        assert WorkflowsAudit.query.count() == 2

        audit_entry = WorkflowsAudit.query.filter(
            WorkflowsAudit.action == "accept_core"
        ).one()
        assert audit_entry
        assert audit_entry.action == "accept_core"
        assert audit_entry.score == 0.222113
Exemple #3
0
    def login_callback(user_info):
        """Login user base on SSO context (create one if necessary).

        Function should not raise an exception if `user_info` is not valid
        or `User` was not found in database.
        """
        from invenio_accounts.models import User
        from invenio.ext.login import (authenticate, login_redirect,
                                       current_user)
        from invenio.ext.sqlalchemy import db

        user_info['group'] = fetch_groups(user_info['group']).values()
        user_info['external'] = fetch_external(user_info.get('external'))
        try:
            auth = authenticate(user_info['email'], login_method='SSO')
            if auth is None:
                user = User()
                user.nickname = user_info['nickname']
                user.email = user_info['email']
                user.password = ''
                user.settings = {'login_method': 'SSO'}
                db.session.add(user)
                db.session.commit()
                auth = authenticate(user_info['email'], login_method='SSO')
                if auth is None:
                    return redirect('/')

            current_user.info['group'] = current_user.get('group', []) + \
                user_info['group']
            current_user.save()
        except:
            flash('Problem with login (%s)' % (str(user_info)), 'error')
            return redirect('/')

        return login_redirect()
Exemple #4
0
    def login_callback(user_info):
        """Login user base on SSO context (create one if necessary).

        Function should not raise an exception if `user_info` is not valid
        or `User` was not found in database.
        """
        from invenio_accounts.models import User
        from invenio_ext.login import (authenticate, login_redirect,
                                       current_user)
        from invenio_ext.sqlalchemy import db

        user_info['group'] = fetch_groups(user_info['group']).values()
        user_info['external'] = fetch_external(user_info.get('external'))
        try:
            auth = authenticate(user_info['email'], login_method='SSO')
            if auth is None:
                user = User()
                user.nickname = user_info['nickname']
                user.email = user_info['email']
                user.password = ''
                user.settings = {'login_method': 'SSO'}
                db.session.add(user)
                db.session.commit()
                auth = authenticate(user_info['email'], login_method='SSO')
                if auth is None:
                    return redirect('/')

            current_user.info['group'] = current_user.get('group', []) + \
                user_info['group']
            current_user.save()
        except:
            flash('Problem with login (%s)' % (str(user_info)), 'error')
            return redirect('/')

        return login_redirect()
Exemple #5
0
def test_audit(small_app):
    user_id = None
    workflow_id = None
    with small_app.app_context():
        user = User(email="*****@*****.**", active=True)
        user.password = "******"
        db.session.add(user)

        workflows_object = workflow_object_class.create({}, data_type="hep")
        db.session.commit()

        user_id = user.id
        workflow_id = workflows_object.id

    with small_app.app_context():
        logging_info = {
            'object_id': workflow_id,
            'user_id': user_id,
            'score': 0.222113,
            'user_action': "Non-CORE",
            'decision': "Rejected",
            'source': "test",
            'action': "accept"
        }
        audit = WorkflowsAudit(**logging_info)
        audit.save()
        db.session.commit()

        assert WorkflowsAudit.query.count() == 1

        audit_entry = WorkflowsAudit.query.filter(
            WorkflowsAudit.object_id == workflow_id
        ).one()
        assert audit_entry
        assert audit_entry.action == "accept"
        assert audit_entry.score == 0.222113

    prediction_results = dict(
        max_score=0.222113, decision="Rejected"
    )
    with small_app.app_context():
        log_workflows_action(
            action="accept_core",
            prediction_results=prediction_results,
            object_id=workflow_id,
            user_id=None,
            source="test",
            user_action="accept"
        )
        db.session.commit()

        assert WorkflowsAudit.query.count() == 2

        audit_entry = WorkflowsAudit.query.filter(
            WorkflowsAudit.action == "accept_core"
        ).one()
        assert audit_entry
        assert audit_entry.action == "accept_core"
        assert audit_entry.score == 0.222113
    def setUp(self):
        from invenio_oauth2server.models import Scope
        from invenio_accounts.models import User
        from invenio_oauth2server.models import Client, Token

        from invenio_oauth2server.registry import scopes as scopes_registry

        # Register a test scope
        scopes_registry.register(Scope('test:scope1'))
        scopes_registry.register(Scope('test:scope2', internal=True))

        self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')

        # Create needed objects
        u = User(
            email='*****@*****.**', nickname='tester'
        )
        u.password = "******"

        self.create_objects([u])

        # environment
        #
        # resource_owner -- client1 -- token_1
        #                     |
        #                     -------- token_2
        #                               |
        #       consumer ----------------

        # create resource_owner and consumer
        self.resource_owner = User(
            email='*****@*****.**',
            nickname='resource_owner', password='******')
        self.consumer = User(
            email='*****@*****.**', nickname='consumer',
            password='******')

        self.create_objects([self.resource_owner, self.consumer])

        # create resource_owner -> client_1
        self.u1c1 = Client(
            client_id='client_test_u1c1',
            client_secret='client_test_u1c1',
            name='client_test_u1c1',
            description='',
            is_confidential=False,
            user=self.resource_owner,
            _redirect_uris='',
            _default_scopes=""
        )

        self.create_objects([self.u1c1])

        # create resource_owner -> client_1 / resource_owner -> token_1
        self.u1c1u1t1 = Token(
            client=self.u1c1,
            user=self.resource_owner,
            token_type='u',
            access_token='dev_access_1',
            refresh_token='dev_refresh_1',
            expires=None,
            is_personal=False,
            is_internal=False,
            _scopes='',
        )
        # create consumer -> client_1 / resource_owner -> token_2
        self.u1c1u2t2 = Token(
            client=self.u1c1,
            user=self.consumer,
            token_type='u',
            access_token='dev_access_2',
            refresh_token='dev_refresh_2',
            expires=None,
            is_personal=False,
            is_internal=False,
            _scopes='',
        )

        # create objects
        self.create_objects([self.u1c1u1t1, self.u1c1u2t2])

        self.objects = [u,
                        self.resource_owner, self.consumer,
                        self.u1c1u1t1, self.u1c1u2t2]
Exemple #7
0
    def setUp(self):
        from invenio_oauth2server.models import Scope
        from invenio_accounts.models import User
        from invenio_oauth2server.models import Client, Token

        from invenio_oauth2server.registry import scopes as scopes_registry

        # Register a test scope
        scopes_registry.register(Scope('test:scope1'))
        scopes_registry.register(Scope('test:scope2', internal=True))

        self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')

        # Create needed objects
        u = User(email='*****@*****.**', nickname='tester')
        u.password = "******"

        self.create_objects([u])

        # environment
        #
        # resource_owner -- client1 -- token_1
        #                     |
        #                     -------- token_2
        #                               |
        #       consumer ----------------

        # create resource_owner and consumer
        self.resource_owner = User(email='*****@*****.**',
                                   nickname='resource_owner',
                                   password='******')
        self.consumer = User(email='*****@*****.**',
                             nickname='consumer',
                             password='******')

        self.create_objects([self.resource_owner, self.consumer])

        # create resource_owner -> client_1
        self.u1c1 = Client(client_id='client_test_u1c1',
                           client_secret='client_test_u1c1',
                           name='client_test_u1c1',
                           description='',
                           is_confidential=False,
                           user=self.resource_owner,
                           _redirect_uris='',
                           _default_scopes="")

        self.create_objects([self.u1c1])

        # create resource_owner -> client_1 / resource_owner -> token_1
        self.u1c1u1t1 = Token(
            client=self.u1c1,
            user=self.resource_owner,
            token_type='u',
            access_token='dev_access_1',
            refresh_token='dev_refresh_1',
            expires=None,
            is_personal=False,
            is_internal=False,
            _scopes='',
        )
        # create consumer -> client_1 / resource_owner -> token_2
        self.u1c1u2t2 = Token(
            client=self.u1c1,
            user=self.consumer,
            token_type='u',
            access_token='dev_access_2',
            refresh_token='dev_refresh_2',
            expires=None,
            is_personal=False,
            is_internal=False,
            _scopes='',
        )

        # create objects
        self.create_objects([self.u1c1u1t1, self.u1c1u2t2])

        self.objects = [
            u, self.resource_owner, self.consumer, self.u1c1u1t1, self.u1c1u2t2
        ]
    def setUp(self):
        super(ProviderTestCase, self).setUp()
        # Set environment variable DEBUG to true, to allow testing without
        # SSL in oauthlib.
        if self.app.config.get('CFG_SITE_SECURE_URL').startswith('http://'):
            self.os_debug = os.environ.get('OAUTHLIB_INSECURE_TRANSPORT', '')
            os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = 'true'

        from ..models import Client, Scope
        from invenio_accounts.models import User
        from ..registry import scopes as scopes_registry

        # Register a test scope
        scopes_registry.register(Scope('test:scope'))

        self.base_url = self.app.config.get('CFG_SITE_SECURE_URL')

        # Create needed objects
        u = User(
            email='*****@*****.**', nickname='tester'
        )
        u.password = "******"

        u2 = User(
            email='*****@*****.**', nickname='tester2'
        )
        u2.password = "******"

        db.session.add(u)
        db.session.add(u2)

        c1 = Client(
            client_id='dev',
            client_secret='dev',
            name='dev',
            description='',
            is_confidential=False,
            user=u,
            _redirect_uris='%s/oauth2test/authorized' % self.base_url,
            _default_scopes="test:scope"
        )

        c2 = Client(
            client_id='confidential',
            client_secret='confidential',
            name='confidential',
            description='',
            is_confidential=True,
            user=u,
            _redirect_uris='%s/oauth2test/authorized' % self.base_url,
            _default_scopes="test:scope"
        )

        db.session.add(c1)
        db.session.add(c2)

        db.session.commit()

        self.objects = [u, u2, c1, c2]

        # Create a personal access token as well.
        from ..models import Token
        self.personal_token = Token.create_personal(
            'test-personal', 1, scopes=[], is_internal=True
        )