def test_tuakiri_login_by_techical_contact_organisation_not_onboarded(client): """Test logging attempt by technical contact when organisation is not onboarded.""" org = Organisation(name="Org112", tuakiri_name="Org112", confirmed=False, is_email_sent=True) u = User(email="*****@*****.**", confirmed=True, roles=Role.TECHNICAL, organisation=org) org.tech_contact = u org.save() UserOrg(user=u, org=org, is_admin=True) rv = client.get("/Tuakiri/login", headers={ "Auedupersonsharedtoken": "ABC11s1", "Sn": "LAST NAME/SURNAME/FAMILY NAME", 'Givenname': "FIRST NAME/GIVEN NAME", "Mail": "*****@*****.**", "O": "Org112", "Displayname": "TEST USER FROM THE Org112", "Unscoped-Affiliation": "student", "Eppn": "*****@*****.**" }, follow_redirects=True) assert u.organisation == org assert not org.confirmed assert u.is_tech_contact_of(org) assert rv.status_code == 200 assert b"<!DOCTYPE html>" in rv.data, "Expected HTML content"
def test_tuakiri_login_usgin_eppn(client): """Test logging attempt via Shibboleth using differt values to identify the user.""" org = Organisation(tuakiri_name="ORGANISATION 123ABC") org.save() user = User.create(email="*****@*****.**", eppn="*****@*****.**", roles=Role.RESEARCHER) user.save() rv = client.get("/Tuakiri/login", headers={ "Auedupersonsharedtoken": "ABC123", "Sn": "LAST NAME/SURNAME/FAMILY NAME", 'Givenname': "FIRST NAME/GIVEN NAME", "Mail": "*****@*****.**", "O": "ORGANISATION 123ABC", "Displayname": "TEST USER FROM 123", "Unscoped-Affiliation": "staff", "Eppn": "*****@*****.**" }) assert rv.status_code == 302 u = User.get(eppn="*****@*****.**") assert u.email == "*****@*****.**" assert u.name == "TEST USER FROM 123", "Expected to have the user in the DB" assert u.first_name == "FIRST NAME/GIVEN NAME" assert u.last_name == "LAST NAME/SURNAME/FAMILY NAME"
def test_tuakiri_login_with_org(client): """ Test logging attempt via Shibboleth. If a user logs in from an organisation that isn't onboared, the user should be informed about that and redirected to the login page. """ org = Organisation(tuakiri_name="THE ORGANISATION", confirmed=True) org.save() rv = client.get("/Tuakiri/login", headers={ "Auedupersonsharedtoken": "ABC111", "Sn": "LAST NAME/SURNAME/FAMILY NAME", 'Givenname': "FIRST NAME/GIVEN NAME", "Mail": "*****@*****.**", "O": "THE ORGANISATION", "Displayname": "TEST USER FROM THE ORGANISATION", "Unscoped-Affiliation": "staff", "Eppn": "*****@*****.**" }, follow_redirects=True) u = User.get(email="*****@*****.**") assert u.organisation == org assert org in u.organisations assert b"Your organisation (THE ORGANISATION) is not onboarded" not in rv.data uo = UserOrg.get(user=u, org=org) assert not uo.is_admin
def test_link_orcid_auth_callback(name, request_ctx): """Test ORCID callback - the user authorized the organisation access to the ORCID profile.""" with request_ctx("/auth?state=xyz") as ctx: org = Organisation(name="THE ORGANISATION", confirmed=True) org.save() test_user = User.create( name=name, email="*****@*****.**", organisation=org, orcid="ABC123", confirmed=True) orcidtoken = OrcidToken.create( user=test_user, org=org, scope="/read-limited,/activities/update", access_token="ABC1234") login_user(test_user, remember=True) session['oauth_state'] = "xyz" rv = ctx.app.full_dispatch_request() assert rv.status_code == 302, "If the user is already affiliated, the user should be redirected ..." assert "profile" in rv.location, "redirection to 'profile' showing the ORCID" u = User.get(id=test_user.id) orcidtoken = OrcidToken.get(user=u) assert u.orcid == "ABC-123-456-789" assert orcidtoken.access_token == "ABC1234" if name: assert u.name == name, "The user name should be changed" else: assert u.name == "NEW TEST", "the user name should be set from record coming from ORCID"
def test_link_already_affiliated(request_ctx): """Test a user affiliation initialization if the uerer is already affilated.""" with request_ctx("/link") as ctx: org = Organisation(name="THE ORGANISATION", confirmed=True, orcid_client_id="ABC123") org.save() test_user = User( email="*****@*****.**", name="TEST USER", organisation=org, orcid="ABC123", confirmed=True) test_user.save() orcidtoken = OrcidToken( user=test_user, org=org, scope="/read-limited", access_token="ABC1234") orcidtoken_write = OrcidToken( user=test_user, org=org, scope="/read-limited,/activities/update", access_token="ABC234") orcidtoken.save() orcidtoken_write.save() login_user(test_user, remember=True) uo = UserOrg(user=test_user, org=org) uo.save() rv = ctx.app.full_dispatch_request() assert rv.status_code == 302, "If the user is already affiliated, the user should be redirected ..." assert "profile" in rv.location, "redirection to 'profile' showing the ORCID"
def test_profile_wo_orcid(request_ctx): """Test a user profile that doesn't hava an ORCID.""" with request_ctx("/profile") as ctx: org = Organisation(name="THE ORGANISATION", confirmed=True) org.save() test_user = User( email="*****@*****.**", organisation=org, orcid=None, confirmed=True) test_user.save() login_user(test_user, remember=True) rv = ctx.app.full_dispatch_request() assert rv.status_code == 302 assert rv.location == url_for("link")
def test_link_with_unconfirmed_org(request_ctx): """Test a user affiliation initialization if the user Organisation isn't registered yet.""" with request_ctx("/link") as ctx: org = Organisation( name="THE ORGANISATION", confirmed=False, orcid_client_id="Test Client id") org.save() test_user = User( name="TEST USER", email="*****@*****.**", confirmed=True, organisation=org) test_user.save() login_user(test_user, remember=True) rv = ctx.app.full_dispatch_request() assert rv.status_code == 302
def test_profile(request_ctx): """Test an affilated user profile and ORCID data retrieval.""" with request_ctx("/profile") as ctx: org = Organisation(name="THE ORGANISATION", confirmed=True) org.save() test_user = User( email="*****@*****.**", organisation=org, orcid="ABC123", confirmed=True) test_user.save() orcidtoken = OrcidToken( user=test_user, org=org, scope="/read-limited,/activities/update", access_token="ABC1234") orcidtoken.save() login_user(test_user, remember=True) rv = ctx.app.full_dispatch_request() assert rv.status_code == 200 assert b"ABC123" in rv.data