def test_is_authorized_works_for_token_resource_too(self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
is_authorized(user, 'read', 'token')
auth_factory.assert_called_with('token')
authorizer.can.assert_called_with(user, 'read', 'token')
def test_is_authorized_works_for_token_resource_too(self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
is_authorized(user, 'read', 'token')
auth_factory.assert_called_with('token')
authorizer.can.assert_called_with(user, 'read', 'token')
def test_is_authorized_calls_can_with_object_for_instances(self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
instance = User()
is_authorized(user, 'read', instance)
auth_factory.assert_called_with(instance.__class__.__name__.lower())
authorizer.can.assert_called_with(user, 'read', instance)
def test_is_authorized_calls_can_with_None_for_classes(self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
_class = User
is_authorized(user, 'read', _class)
auth_factory.assert_called_with(_class.__name__.lower())
authorizer.can.assert_called_with(user, 'read', None)
def test_is_authorized_calls_can_with_None_for_classes(self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
_class = User
is_authorized(user, 'read', _class)
auth_factory.assert_called_with(_class.__name__.lower())
authorizer.can.assert_called_with(user, 'read', None)
def test_is_authorized_calls_can_with_object_for_instances(
self, auth_factory):
authorizer = Mock()
auth_factory.return_value = authorizer
user = self.mock_authenticated
instance = User()
is_authorized(user, 'read', instance)
auth_factory.assert_called_with(instance.__class__.__name__.lower())
authorizer.can.assert_called_with(user, 'read', instance)
def _file_upload(self, data):
"""Method that must be overriden by the class to allow file uploads for
only a few classes."""
cls_name = self.__class__.__name__.lower()
content_type = 'multipart/form-data'
if (content_type in request.headers.get('Content-Type') and
cls_name in self.allowed_classes_upload):
data = dict()
for key in request.form.keys():
if key in ['project_id', 'task_id']:
data[key] = int(request.form[key])
elif key == 'info':
data[key] = json.loads(request.form[key])
else:
data[key] = request.form[key]
# inst = self._create_instance_from_request(data)
data = self.hateoas.remove_links(data)
inst = self.__class__(**data)
self._add_user_info(inst)
is_authorized(current_user, 'create', inst)
upload_method = current_app.config.get('UPLOAD_METHOD')
if request.files.get('file') is None:
raise AttributeError
_file = request.files['file']
if current_user.is_authenticated():
container = "user_%s" % current_user.id
else:
container = "anonymous"
if _file.filename == 'blob' or _file.filename is None:
_file.filename = "%s.png" % time.time()
uploader.upload_file(_file,
container=container)
avatar_absolute = current_app.config.get('AVATAR_ABSOLUTE')
file_url = get_avatar_url(upload_method,
_file.filename,
container,
avatar_absolute)
data['media_url'] = file_url
if data.get('info') is None:
data['info'] = dict()
data['info']['container'] = container
data['info']['file_name'] = _file.filename
return data
else:
return None
def _file_upload(self, data):
"""Method that must be overriden by the class to allow file uploads for
only a few classes."""
cls_name = self.__class__.__name__.lower()
content_type = 'multipart/form-data'
request_headers = request.headers.get('Content-Type')
if request_headers is None:
request_headers = []
if (content_type in request_headers
and cls_name in self.allowed_classes_upload):
data = dict()
for key in list(request.form.keys()):
if key in ['project_id', 'task_id']:
data[key] = int(request.form[key])
elif key == 'info':
data[key] = json.loads(request.form[key])
else:
data[key] = request.form[key]
# inst = self._create_instance_from_request(data)
data = self.hateoas.remove_links(data)
inst = self.__class__(**data)
self._add_user_info(inst)
is_authorized(current_user, 'create', inst)
upload_method = current_app.config.get('UPLOAD_METHOD')
if request.files.get('file') is None:
raise AttributeError
_file = request.files['file']
if current_user.is_authenticated:
container = "user_%s" % current_user.id
else:
container = "anonymous"
if _file.filename == 'blob' or _file.filename is None:
_file.filename = "%s.png" % time.time()
uploader.upload_file(_file, container=container)
avatar_absolute = current_app.config.get('AVATAR_ABSOLUTE')
file_url = get_avatar_url(upload_method, _file.filename, container,
avatar_absolute)
data['media_url'] = file_url
if data.get('info') is None:
data['info'] = dict()
data['info']['container'] = container
data['info']['file_name'] = _file.filename
return data
else:
return None
def _file_upload(self, data):
"""Method that must be overriden by the class to allow file uploads for
only a few classes."""
cls_name = self.__class__.__name__.lower()
"""Accepting both content types - text or with file"""
content_type_file = 'multipart/form-data'
content_type_text = 'application/x-www-form-urlencoded'
request_headers = request.headers.get('Content-Type')
if request_headers is None:
request_headers = []
""" check for content type - file or text"""
if ( (content_type_file in request_headers or content_type_text in request_headers)
and cls_name in self.allowed_classes_upload):
data = dict()
for key in list(request.form.keys()):
#Adding user_id in data
if key in ['project_id']:
data[key] = int(request.form[key])
elif key == 'info':
data[key] = json.loads(request.form[key])
else:
data[key] = request.form[key]
#Check if task exists
tasks = task_repo.getTasks(data['info']['uuid'],data['project_id'])
try:
#if it exists, add as task id
task = [row[0] for row in tasks]
data['task_id'] = task[0]
except:
#if does not exist, add new task
info = data['info']
task = Task(project_id=data['project_id'], info=info,n_answers=10)
task_repo.save(task)
data['task_id'] = task.id
"""Try to get user by uuid, if not present, add a new user"""
user = user_repo.get_by(mykaarma_user_id=data['useruuid'])
if(user is None):
name = get_mykaarma_username_from_full_name(data["fullname"])
user = user_repo.get_by_name(name)
while(user is not None):
name = get_mykaarma_username_from_full_name(data["fullname"])
user = user_repo.get_by_name(name)
user = User(fullname=data['fullname'],
name=name,
email_addr=data['email'],
mykaarma_user_id=data['useruuid'])
user_repo.save(user)
""" add user id extracted from user repo"""
data['user_id'] = user.id
""" delete extra keys to suit Taskrun class format"""
del data['useruuid']
del data['fullname']
del data['email']
data = self.hateoas.remove_links(data)
inst = self.__class__(**data)
self._add_user_info(inst)
is_authorized(current_user, 'create', inst)
upload_method = current_app.config.get('UPLOAD_METHOD')
"""Add user id to container"""
container = "user_%s" % data['user_id']
if data.get('info') is None:
data['info'] = dict()
data['info']['container'] = container
if(request.files.get('file') is not None):
_file = request.files['file']
if _file.filename == 'blob' or _file.filename is None:
_file.filename = "%s.png" % time.time()
uploader.upload_file(_file,
container=container)
avatar_absolute = current_app.config.get('AVATAR_ABSOLUTE')
file_url = get_avatar_url(upload_method,
_file.filename,
container,
avatar_absolute)
data['media_url'] = file_url
data['info']['file_name'] = _file.filename
return data
else:
return None
