def create_minimal_user(
self,
email,
groups=[],
save_now=False
) -> User:
"""Previous create_user method"""
validator = TracimValidator()
validator.add_validator('email', email, user_email_validator)
validator.validate_all()
self._check_email(email)
user = User()
user.email = email
# TODO - G.M - 2018-11-29 - Check if this default_value can be
# incorrect according to user_public_name_validator
user.display_name = email.split('@')[0]
user.created = datetime.datetime.utcnow()
if not groups:
gapi = GroupApi(
current_user=self._user, # User
session=self._session,
config=self._config,
)
groups = [gapi.get_one(Group.TIM_USER)]
for group in groups:
user.groups.append(group)
self._session.add(user)
if save_now:
self._session.flush()
return user
def insert(self):
u = User()
u.display_name = 'Global manager'
u.email = '*****@*****.**'
u.password = '******'
self._session.add(u)
uapi = UserApi(
session=self._session,
config=self._config,
current_user=u)
uapi.execute_created_user_actions(u)
g1 = Group()
g1.group_id = 1
g1.group_name = 'users'
g1.display_name = 'Users'
g1.users.append(u)
self._session.add(g1)
g2 = Group()
g2.group_id = 2
g2.group_name = 'trusted-users'
g2.display_name = 'Trusted Users'
g2.users.append(u)
self._session.add(g2)
g3 = Group()
g3.group_id = 3
g3.group_name = 'administrators'
g3.display_name = 'Administrators'
g3.users.append(u)
self._session.add(g3)
def test__unit__unicode__ok__no_display_name(self):
email = '*****@*****.**'
user = User()
user.email = email
assert user.__unicode__() == email
def test_unit__repr__ok__nominal_case(self):
name = 'Damien'
email = '*****@*****.**'
user = User()
user.display_name = name
user.email = email
assert user.__repr__() == "<User: email='*****@*****.**', display='Damien'>" # nopep8
def test_unit__unicode__ok__nominal_case(self):
name = 'Damien'
email = '*****@*****.**'
user = User()
user.display_name = name
user.email = email
assert user.__unicode__() == name
def test_unit__validate_password__false__null_password(self):
# Check bug #70 fixed
# http://tracim.org/workspaces/4/folders/5/threads/70
name = 'Damien'
email = '*****@*****.**'
user = User()
user.display_name = name
user.email = email
assert user.validate_password('') is False
def test_unit__create_minimal_user_and_set_password__ok__nominal_case(self):
u = User()
u.email = 'bob@bob'
u.password = '******'
u.auth_type = AuthType.INTERNAL
u.display_name = 'bob'
api = UserApi(
current_user=u,
session=self.session,
config=self.app_config,
)
assert u.email == 'bob@bob'
api.set_email(u,'pass','newbobemail@bob')
assert u is not None
assert u.email == 'newbobemail@bob'
def test_unit__validate_password__false__bad_password(self):
"""
Check if validate_password can correctly check if password is
an uncorrect correct one
"""
name = 'Damien'
email = '*****@*****.**'
password = '******'
user = User()
user.display_name = name
user.email = email
user.password = password
assert user.validate_password('uncorrect_password') is False
def validate_reset_password_token(self, user: User, token: str) -> bool:
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
return user.validate_reset_password_token(
token=token,
validity_seconds=self._config.USER_RESET_PASSWORD_TOKEN_VALIDITY,
)
def delete(self, user: User, do_save=False):
if self._user and self._user == user:
raise UserCantDeleteHimself("User {} can't delete himself".format(
user.user_id))
user.is_deleted = True
if do_save:
self.save(user)
def reset_password_notification(self,
user: User,
do_save: bool = False) -> str:
"""
Reset password notification
:param user: User who want is password resetted
:param do_save: save update ?
:return: reset_password_token
"""
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
if not self._config.EMAIL__NOTIFICATION__ACTIVATED:
raise NotificationDisabledCantResetPassword(
"cant reset password with notification disabled")
token = user.generate_reset_password_token()
try:
email_manager = get_email_manager(self._config, self._session)
email_manager.notify_reset_password(user, token)
except SMTPException as exc:
raise NotificationSendingFailed(
"SMTP error, can't send notification") from exc
except EmailTemplateError as exc:
raise exc
if do_save:
self.save(user)
return token
def validate_reset_password_token(self, user: User, token: str) -> bool:
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
return user.validate_reset_password_token(
token=token,
validity_seconds=self._config.USER_RESET_PASSWORD_TOKEN_VALIDITY,
)
def test_unit__crud_caller__ok__workspace(self, session):
hook = WorkspaceHookImpl()
session.context.plugin_manager.register(hook)
owner = User(email="john")
session.add(owner)
session.flush()
workspace = Workspace(label="Hello", owner_id=owner.user_id)
session.add(workspace)
session.flush()
hook.mock_hooks.assert_called_with("created",
workspace=workspace,
context=session.context)
workspace.label = "World"
session.flush()
hook.mock_hooks.assert_called_with("modified",
workspace=workspace,
context=session.context)
session.delete(workspace)
session.flush()
hook.mock_hooks.assert_called_with("deleted",
workspace=workspace,
context=session.context)
def test__unit__validate_password__ok__nominal_case(self):
"""
Check if validate_password can correctly check if password i the correct
one
"""
name = 'Damien'
email = '*****@*****.**'
password = '******'
user = User()
user.display_name = name
user.email = email
user.password = password
assert user.validate_password(password) is True
def insert(self):
u = User()
u.display_name = "Global manager"
u.username = "******"
u.email = "*****@*****.**"
u.password = "******"
u.profile = Profile.ADMIN
u.config = UserConfig()
self._session.add(u)
def disable(self, user: User, do_save=False):
if self._user and self._user == user:
raise UserCantDisableHimself(
"User {} can't disable himself".format(user.user_id))
user.is_active = False
if do_save:
self.save(user)
def anonymize_user(
self,
user: User,
anonymized_user_display_name: typing.Optional[str] = None) -> User:
"""
:param user: user to anonymize_if_required
:return: user_id
"""
hash = str(uuid.uuid4().hex)
user.display_name = (
anonymized_user_display_name
or self.app_config.DEFAULT_ANONYMIZED_USER_DISPLAY_NAME)
user.email = ANONYMIZED_USER_EMAIL_PATTERN.format(hash=hash)
user.is_active = False
user.is_deleted = True
self.safe_update(user)
return user
def delete(self, user: User, do_save=False):
if self._user and self._user == user:
raise UserCantDeleteHimself(
"User {} can't delete himself".format(user.user_id)
)
user.is_deleted = True
if do_save:
self.save(user)
def test_unit__create_minimal_user_and_set_password__ok__nominal_case(self):
u = User()
u.email = "bob@bob"
u.password = "******"
u.auth_type = AuthType.INTERNAL
u.display_name = "bob"
api = UserApi(current_user=u, session=self.session, config=self.app_config)
assert u.validate_password("pass")
api.set_password(u, "pass", "newpass", "newpass")
assert u is not None
assert u.email == "bob@bob"
assert u.display_name == "bob"
assert u.validate_password("newpass")
assert not u.validate_password("pass")
def test_unit__password__ok__nominal_case(self):
"""
Check if password can be set and hashed password
can be retrieve. Verify if hashed password is not
same as password.
"""
name = 'Damien'
email = '*****@*****.**'
password = '******'
user = User()
user.display_name = name
user.email = email
assert user._password is None
user.password = password
assert user._password is not None
assert user._password != password
assert user.password == user._password
def disable(self, user: User, do_save=False):
if self._user and self._user == user:
raise UserCantDisableHimself(
"User {} can't disable himself".format(user.user_id)
)
user.is_active = False
if do_save:
self.save(user)
def test_unit__password__ok__nominal_case(self, session):
"""
Check if password can be set and hashed password
can be retrieve. Verify if hashed password is not
same as password.
"""
name = "Damien"
email = "*****@*****.**"
password = "******"
user = User()
user.display_name = name
user.email = email
assert user._password is None
user.password = password
assert user._password is not None
assert user._password != password
assert user.password == user._password
def test_notifier_factory_method(self):
u = User()
self.app_config.EMAIL__NOTIFICATION__ACTIVATED = True
notifier = NotifierFactory.create(self.app_config, u)
eq_(EmailNotifier, notifier.__class__)
self.app_config.EMAIL__NOTIFICATION__ACTIVATED = False
notifier = NotifierFactory.create(self.app_config, u)
eq_(DummyNotifier, notifier.__class__)
def test_notifier_factory_method(self, app_config):
u = User()
app_config.EMAIL__NOTIFICATION__ACTIVATED = True
notifier = NotifierFactory.create(app_config, u)
assert EmailNotifier == notifier.__class__
app_config.EMAIL__NOTIFICATION__ACTIVATED = False
notifier = NotifierFactory.create(app_config, u)
assert DummyNotifier == notifier.__class__
def update(
self,
user: User,
name: str = None,
email: str = None,
password: str = None,
timezone: str = None,
lang: str = None,
groups: typing.Optional[typing.List[Group]] = None,
do_save=True,
) -> User:
if name is not None:
user.display_name = name
if email is not None and email != user.email:
self._check_email(email)
user.email = email
if password is not None:
user.password = password
if timezone is not None:
user.timezone = timezone
if lang is not None:
user.lang = lang
if groups is not None:
if self._user and self._user == user:
raise UserCantChangeIsOwnProfile(
"User {} can't change is own profile".format(user.user_id))
# INFO - G.M - 2018-07-18 - Delete old groups
for group in user.groups:
if group not in groups:
user.groups.remove(group)
# INFO - G.M - 2018-07-18 - add new groups
for group in groups:
if group not in user.groups:
user.groups.append(group)
if do_save:
self.save(user)
return user
def test_unit__create__ok__nominal_case(self):
self.session.flush()
transaction.commit()
name = 'Damien'
email = '*****@*****.**'
user = User()
user.display_name = name
user.email = email
self.session.add(user)
self.session.flush()
transaction.commit()
new_user = self.session.query(User).filter(User.display_name == name).one() # nopep8
assert new_user.display_name == name
assert new_user.email == email
assert new_user.email_address == email
def execute_created_user_actions(self, created_user: User) -> None:
"""
Execute actions when user just been created
:return:
"""
# NOTE: Cyclic import
# TODO - G.M - 28-03-2018 - [Calendar] Reenable Calendar stuff
#from tracim.lib.calendar import CalendarManager
#from tracim.model.organisational import UserCalendar
# TODO - G.M - 04-04-2018 - [auth]
# Check if this is already needed with
# new auth system
created_user.ensure_auth_token(
validity_seconds=self._config.USER_AUTH_TOKEN_VALIDITY)
# Ensure database is up-to-date
self._session.flush()
transaction.commit()
def test_unit__create__ok__nominal_case(self, session):
session.flush()
transaction.commit()
name = "Damien"
email = "*****@*****.**"
user = User()
user.display_name = name
user.email = email
session.add(user)
session.flush()
transaction.commit()
new_user = session.query(User).filter(User.display_name == name).one()
assert new_user.display_name == name
assert new_user.email == email
assert new_user.email_address == email
def test__unit__ContentTypeCreationChecker__err__implicit_insufficent_role_in_workspace(
self, session):
current_user = User(user_id=2, email="*****@*****.**")
current_user.profile = Profile.TRUSTED_USER
current_workspace = Workspace(workspace_id=3, owner=current_user)
candidate_content_type = TracimContentType(
slug="test",
fa_icon="",
label="Test",
creation_label="Test",
available_statuses=[],
minimal_role_content_creation=WorkspaceRoles.CONTENT_MANAGER,
)
role = UserRoleInWorkspace(user_id=2,
workspace_id=3,
role=WorkspaceRoles.CONTRIBUTOR.level)
session.add(current_user)
session.add(current_workspace)
session.add(role)
session.flush()
transaction.commit()
class FakeContentTypeList(object):
def get_one_by_slug(self, slug=str) -> TracimContentType:
return candidate_content_type
class FakeBaseFakeTracimContext(BaseFakeTracimContext):
@property
def current_user(self):
return current_user
@property
def current_workspace(self):
return current_workspace
@property
def candidate_content_type(self):
return candidate_content_type
with pytest.raises(InsufficientUserRoleInWorkspace):
assert ContentTypeCreationChecker(FakeContentTypeList()).check(
FakeBaseFakeTracimContext())
def test_unit__get_current_user_ok__nominal_case(self):
user = User(email='*****@*****.**')
api = UserApi(
current_user=user,
session=self.session,
config=self.app_config,
)
new_user = api.get_current_user()
assert isinstance(new_user, User)
assert user == new_user
def test_unit__create__ok__username_and_email(self, session):
session.flush()
transaction.commit()
username = "******"
email = "*****@*****.**"
user = User()
user.email = email
user.username = username
session.add(user)
session.flush()
transaction.commit()
new_user = session.query(User).filter(User.email == email).one()
assert new_user.email == email
assert new_user.email_address == email
assert new_user.username == username
def set_password_reset_token(
self,
user: User,
new_password: str,
new_password2: str,
reset_token: str,
do_save: bool = False,
):
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
self.validate_reset_password_token(user, reset_token)
if new_password != new_password2:
raise PasswordDoNotMatch("Passwords given are different")
self.update(user=user, password=new_password, do_save=do_save)
user.reset_tokens()
if do_save:
self.save(user)
return user
def execute_created_user_actions(self, created_user: User) -> None:
"""
Execute actions when user just been created
:return:
"""
# NOTE: Cyclic import
# TODO - G.M - 28-03-2018 - [Calendar] Reenable Calendar stuff
#from tracim.lib.calendar import CalendarManager
#from tracim.model.organisational import UserCalendar
# TODO - G.M - 04-04-2018 - [auth]
# Check if this is already needed with
# new auth system
created_user.ensure_auth_token(
validity_seconds=self._config.USER_AUTH_TOKEN_VALIDITY
)
# Ensure database is up-to-date
self._session.flush()
transaction.commit()
def set_password_reset_token(
self,
user: User,
new_password: str,
new_password2: str,
reset_token: str,
do_save: bool = False,
):
self.validate_reset_password_token(user, reset_token)
if new_password != new_password2:
raise PasswordDoNotMatch('Passwords given are different')
self.update(
user=user,
password=new_password,
do_save=do_save,
)
user.reset_tokens()
if do_save:
self.save(user)
return user
def test_unit__crud_caller__ok__user(self, session):
hook = UserHookImpl()
session.context.plugin_manager.register(hook)
user = User(email="foo@bar")
session.add(user)
session.flush()
hook.mock_hooks.assert_called_with("created",
user=user,
context=session.context)
user.display_name = "John doe"
session.flush()
hook.mock_hooks.assert_called_with("modified",
user=user,
context=session.context)
session.delete(user)
session.flush()
hook.mock_hooks.assert_called_with("deleted",
user=user,
context=session.context)
def create_minimal_user(self,
email,
profile: typing.Optional[Profile] = None,
save_now=False) -> User:
"""Previous create_user method"""
lowercase_email = email.lower() if email is not None else None
validator = TracimValidator()
validator.add_validator("email", lowercase_email, user_email_validator)
validator.validate_all()
self._check_email(lowercase_email)
user = User()
user.email = lowercase_email
# TODO - G.M - 2018-11-29 - Check if this default_value can be
# incorrect according to user_public_name_validator
user.display_name = email.split("@")[0]
user.created = datetime.datetime.utcnow()
if not profile:
profile = Profile.get_profile_from_slug(
self._config.USER__DEFAULT_PROFILE)
user.profile = profile
self._session.add(user)
if save_now:
self._session.flush()
return user
def execute_created_user_actions(self, user: User) -> None:
"""
WARNING ! This method Will be Deprecated soon, see
https://github.com/tracim/tracim/issues/1589 and
https://github.com/tracim/tracim/issues/1487
This method do post-create user actions
"""
# TODO - G.M - 04-04-2018 - [auth]
# Check if this is already needed with
# new auth system
user.ensure_auth_token(
validity_seconds=self._config.USER__AUTH_TOKEN__VALIDITY)
# FIXME - G.M - 2019-03-18 - move this code to another place when
# event mechanism is ready, see https://github.com/tracim/tracim/issues/1487
# event on_created_user should start hook use by agenda app code.
app_lib = ApplicationApi(app_list=app_list)
if app_lib.exist(AGENDA__APP_SLUG):
agenda_api = AgendaApi(current_user=self._user,
session=self._session,
config=self._config)
try:
agenda_already_exist = agenda_api.ensure_user_agenda_exists(
user)
if agenda_already_exist:
logger.warning(
self,
"user {} is just created but his own agenda already exist !!"
.format(user.user_id),
)
except AgendaServerConnectionError as exc:
logger.error(self, "Cannot connect to agenda server")
logger.exception(self, exc)
except Exception as exc:
logger.error(
self, "Something goes wrong during agenda create/update")
logger.exception(self, exc)
def insert(self):
u = User()
u.display_name = "Global manager"
u.email = "*****@*****.**"
u.password = "******"
u.profile = Profile.ADMIN
self._session.add(u)
def test_unit__create__error__no_username_and_no_email(self, session):
session.flush()
transaction.commit()
user = User()
session.add(user)
with pytest.raises(Exception) as caught:
session.flush()
# NOTE BS 20200427: caught exception depend as database engine, but we expect
# constraint name in exception message
assert User.USERNAME_OR_EMAIL_REQUIRED_CONSTRAINT_NAME in str(
caught.value)
def test_unit__repr__ok__with_username(self):
user = User()
user.display_name = "Damien"
user.email = "*****@*****.**"
user.username = "******"
assert user.__repr__(
) == "<User: email='*****@*****.**', username='******' display='Damien'>"
def test_unit__create_minimal_user_and_set_password__ok__nominal_case(
self):
u = User()
u.email = 'bob@bob'
u.password = '******'
u.auth_type = AuthType.INTERNAL
u.display_name = 'bob'
api = UserApi(
current_user=u,
session=self.session,
config=self.app_config,
)
assert u.validate_password('pass')
api.set_password(u, 'pass', 'newpass', 'newpass')
assert u is not None
assert u.email == 'bob@bob'
assert u.display_name == 'bob'
assert u.validate_password('newpass')
assert not u.validate_password('pass')
def test_unit__get_user_with_context__nominal_case(self):
user = User(email="*****@*****.**", display_name="Admin", is_active=True)
api = UserApi(current_user=None, session=self.session, config=self.app_config)
new_user = api.get_user_with_context(user)
assert isinstance(new_user, UserInContext)
assert new_user.user == user
assert new_user.profile == "nobody"
assert new_user.user_id == user.user_id
assert new_user.email == "*****@*****.**"
assert new_user.display_name == "Admin"
assert new_user.is_active is True
# TODO - G.M - 03-05-2018 - [avatar][agenda] Should test this
# with true value when those param will be available.
assert new_user.avatar_url is None
def create_minimal_user(self, email, groups=[], save_now=False) -> User:
"""Previous create_user method"""
self._check_email(email)
user = User()
user.email = email
user.display_name = email.split('@')[0]
if not groups:
gapi = GroupApi(
current_user=self._user, # User
session=self._session,
config=self._config,
)
groups = [gapi.get_one(Group.TIM_USER)]
for group in groups:
user.groups.append(group)
self._session.add(user)
if save_now:
self._session.flush()
return user
def test__unit__RoleChecker__ok__nominal_case(self, session):
current_user = User(user_id=2, email="*****@*****.**")
current_user.profile = Profile.TRUSTED_USER
current_workspace = Workspace(workspace_id=3, owner=current_user)
role = UserRoleInWorkspace(user_id=2, workspace_id=3, role=2)
session.add(current_user)
session.add(current_workspace)
session.add(role)
session.flush()
transaction.commit()
class FakeBaseFakeTracimContext(BaseFakeTracimContext):
@property
def current_user(self):
return current_user
@property
def current_workspace(self):
return current_workspace
assert RoleChecker(1).check(FakeBaseFakeTracimContext())
assert RoleChecker(2).check(FakeBaseFakeTracimContext())
def set_password_reset_token(
self,
user: User,
new_password: str,
new_password2: str,
reset_token: str,
do_save: bool = False,
):
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
self.validate_reset_password_token(user, reset_token)
if new_password != new_password2:
raise PasswordDoNotMatch('Passwords given are different')
self.update(
user=user,
password=new_password,
do_save=do_save,
)
user.reset_tokens()
if do_save:
self.save(user)
return user
def _remote_user_authenticate(
self,
user: User,
email: str,
) -> User:
"""
Authenticate with remote_auth, return authenticated user
or raise Exception like WrongAuthTypeForUser,
UserDoesNotExist or UserAuthenticatedIsNotActive
:param user: user to check, can be none if user not found, will try
to create new user if none
:param email: email of the user
"""
auth_type = AuthType.REMOTE
# INFO - G.M - 2018-12-12 - Do not authenticate user with auth_type
# different from REMOTE
if user and user.auth_type not in [auth_type, AuthType.UNKNOWN]:
raise WrongAuthTypeForUser(
'User "{}" auth_type is {} not {}'.format(
email,
user.auth_type.value,
auth_type.value
)
)
# INFO - G.M - 2018-12-12 - Create new user
if not user:
groups = None
self.create_user(
email=email,
groups=groups,
auth_type=AuthType.REMOTE,
do_save=True,
do_notify=False
)
transaction.commit()
# INFO - G.M - 2018-12-02 - get new created user
user = self.get_one_by_email(email)
if user.is_deleted:
raise UserDoesNotExist('This user has been deleted') # nopep8
if not user.is_active:
raise UserAuthenticatedIsNotActive('This user is not activated') # nopep8
if user.auth_type == AuthType.UNKNOWN :
user.auth_type = auth_type
return user
def notify_reset_password(self, user: User,
reset_password_token: str) -> None:
"""
Reset password link for user
:param user: user to notify
:param reset_password_token: token for resetting password
"""
logger.debug(self, "user: {}".format(user.user_id))
logger.info(self,
"Generating reset password email to {}".format(user.email))
translator = Translator(self.config, default_lang=user.lang)
email_sender = EmailSender(self.config, self._smtp_config,
self.config.EMAIL__NOTIFICATION__ACTIVATED)
translated_subject = translator.get_translation(
self.config.EMAIL__NOTIFICATION__RESET_PASSWORD_REQUEST__SUBJECT)
subject = translated_subject.replace(EST.WEBSITE_TITLE,
str(self.config.WEBSITE__TITLE))
from_header = self._get_sender()
to_header = EmailAddress(user.get_display_name(), user.email)
html_template_file_path = (
self.config.
EMAIL__NOTIFICATION__RESET_PASSWORD_REQUEST__TEMPLATE__HTML)
# TODO - G.M - 2018-08-17 - Generate token
context = {
"user":
user,
"logo_url":
get_email_logo_frontend_url(self.config),
"reset_password_url":
get_reset_password_frontend_url(self.config,
token=reset_password_token,
email=user.email),
}
body_html = self._render_template(
mako_template_filepath=html_template_file_path,
context=context,
translator=translator)
message = EmailNotificationMessage(
subject=subject,
from_header=from_header,
to_header=to_header,
body_html=body_html,
lang=translator.default_lang,
)
send_email_through(config=self.config,
sendmail_callable=email_sender.send_mail,
message=message)
def test_unit__validate_password__false__empty_password(self):
"""
Check if validate_password failed if not password
"""
name = 'Damien'
email = '*****@*****.**'
password = None
user = User()
user.display_name = name
user.email = email
user.password = password
assert user.validate_password(password) is False
assert user.validate_password('') is False
def reset_password_notification(self, user: User, do_save: bool=False) -> str: # nopep8
"""
Reset password notification
:param user: User who want is password resetted
:param do_save: save update ?
:return: reset_password_token
"""
self._check_user_auth_validity(user)
self._check_password_modification_allowed(user)
if not self._config.EMAIL_NOTIFICATION_ACTIVATED:
raise NotificationDisabledCantResetPassword("cant reset password with notification disabled") # nopep8
token = user.generate_reset_password_token()
try:
email_manager = get_email_manager(self._config, self._session)
email_manager.notify_reset_password(user, token)
except SMTPException as exc:
raise NotificationSendingFailed("SMTP error, can't send notification") from exc
except EmailTemplateError as exc:
raise exc
if do_save:
self.save(user)
return token
def test_unit__reset_token__ok__nominal_case(self):
email = '*****@*****.**'
user = User()
user.email = email
assert user.auth_token is None
with freeze_time("1999-12-31 23:59:59"):
user.ensure_auth_token(validity_seconds=5)
assert user.auth_token
assert user.auth_token_created == datetime.now()
token = user.auth_token
token_time = user.auth_token_created
with freeze_time("2003-12-31 23:59:59"):
user.reset_tokens()
assert user.auth_token != token
assert user.auth_token_created != token_time
assert user.auth_token_created == datetime.now()
def user_can_read(self, user: User) -> bool:
role = user.get_role(self._related_object)
return CALENDAR_PERMISSION_READ in self._workspace_rights[role]
def undelete(self, user: User, do_save=False):
user.is_deleted = False
if do_save:
self.save(user)
def update(
self,
user: User,
name: str=None,
email: str=None,
password: str=None,
timezone: str=None,
lang: str=None,
auth_type: AuthType = None,
groups: typing.Optional[typing.List[Group]]=None,
do_save=True,
) -> User:
validator = TracimValidator()
validator.add_validator('name', name, user_public_name_validator)
validator.add_validator('password', password, user_password_validator)
validator.add_validator('email', email, user_email_validator)
validator.add_validator('timezone', timezone, user_timezone_validator)
validator.add_validator('lang', lang, user_lang_validator)
validator.validate_all()
if name is not None:
user.display_name = name
if auth_type is not None:
if auth_type not in [AuthType.UNKNOWN, AuthType.REMOTE] and not auth_type in self._config.AUTH_TYPES:
raise UserAuthTypeDisabled(
'Can\'t update user "{}" auth_type with unavailable value "{}".'.format(
user.email,
auth_type
)
)
user.auth_type = auth_type
if email is not None and email != user.email:
self._check_email_modification_allowed(user)
self._check_email(email)
user.email = email
if password is not None:
self._check_password_modification_allowed(user)
user.password = password
if timezone is not None:
user.timezone = timezone
if lang is not None:
user.lang = lang
if groups is not None:
if self._user and self._user == user:
raise UserCantChangeIsOwnProfile(
"User {} can't change is own profile".format(user.user_id)
)
# INFO - G.M - 2018-07-18 - Delete old groups
for group in user.groups:
if group not in groups:
user.groups.remove(group)
# INFO - G.M - 2018-07-18 - add new groups
for group in groups:
if group not in user.groups:
user.groups.append(group)
if do_save:
self.save(user)
return user
def enable(self, user: User, do_save=False):
user.is_active = True
if do_save:
self.save(user)
def insert(self):
g2 = self._session.query(Group).\
filter(Group.group_name == 'trusted-users').one()
lawrence = User()
lawrence.display_name = 'Lawrence L.'
lawrence.email = '*****@*****.**'
lawrence.password = '******'
self._session.add(lawrence)
g2.users.append(lawrence)
bob = User()
bob.display_name = 'Bob i.'
bob.email = '*****@*****.**'
bob.password = '******'
self._session.add(bob)
g2.users.append(bob)
g1 = self._session.query(Group).\
filter(Group.group_name == 'users').one()
reader = User()
reader.display_name = 'John Reader'
reader.email = '*****@*****.**'
reader.password = '******'
self._session.add(reader)
g1.users.append(reader)
