def test_create_person(self):
person = persons_service.create_person(
"*****@*****.**",
auth.encrypt_password("passwordhash"),
"John",
"Doe",
)
person = persons_service.get_person_by_email(person["email"])
self.assertEqual(person["first_name"], "John")
person = persons_service.create_person(
" [email protected] \n",
auth.encrypt_password("passwordhash"),
"John",
"Doe",
)
person = persons_service.get_person_by_email("*****@*****.**")
self.assertEqual(person["first_name"], "John")
person = persons_service.create_person(
" [email protected] \n",
auth.encrypt_password("passwordhash"),
"John",
"Doe",
departments=[None],
)
person = persons_service.get_person_by_email("*****@*****.**")
self.assertEqual(person["first_name"], "John")
def import_entry(self, data):
# remove departments. It needs to be created using the DepartmentLink
# table.
imported_department = data.pop("department")
if data["email"] != "*****@*****.**":
person = Person.get_by(shotgun_id=data["shotgun_id"])
if person is None:
person = Person.get_by(email=data["email"])
if person is None:
data["password"] = auth.encrypt_password("default")
person = Person(**data)
person.save()
current_app.logger.info("Person created: %s" % person)
else:
if person.password is None or len(person.password) == 0:
data["password"] = auth.encrypt_password("default")
# create or update a department/person link if needed
if imported_department:
department_person_link = (
db.session.query(DepartmentLink)
.filter_by(person_id=person.id)
.first()
)
department = Department.get_by(id=imported_department["id"])
if department_person_link is None:
person.departments.append(department)
current_app.logger.info(
"Department Person Link created: %s-%s"
% (department.name, person.full_name())
)
elif person.departments != [
department,
]:
person.departments = [
department,
]
current_app.logger.info(
"Department Person Link updated: %s-%s"
% (department.name, person.full_name())
)
person.save()
return person
else:
raise ShotgunEntryImportFailed("This entry is not a real person.")
def post(self):
(
email,
password,
password_2,
first_name,
last_name,
) = self.get_arguments()
try:
email = auth.validate_email(email)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.create_person(email, password, first_name,
last_name)
return {"registration_success": True}, 201
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except auth.EmailNotValidException as exception:
return {"error": True, "message": str(exception)}, 400
def post(self):
(
old_password,
password,
password_2,
) = self.get_arguments()
try:
auth_service.check_auth(app, get_jwt_identity(), old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.update_password(get_jwt_identity(), password)
return {"change_password_success": True}
except auth.PasswordsNoMatchException:
return {
"error": True,
"message": "Confirmation password doesn't match."
}, 400
except auth.PasswordTooShortException:
return {
"error": True,
"message": "Password is too short."
}, 400
except UnactiveUserException:
return {
"error": True,
"message": "Old password is wrong."
}, 400
except WrongPasswordException:
return {
"error": True,
"message": "User is unactive."
}, 400
def put(self):
args = self.get_put_arguments()
try:
email = auth_tokens_store.get("reset-%s" % args["token"])
if email:
auth.validate_password(args["password"], args["password2"])
password = auth.encrypt_password(args["password"])
persons_service.update_password(email, password)
auth_tokens_store.delete("reset-%s" % args["token"])
return {"success": True}
else:
return (
{
"error": True,
"message": "Wrong or expired token."
},
400,
)
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except UnactiveUserException:
return {"error": True, "message": "User is unactive."}, 400
def create_admin(email, password):
"Create an admin user to allow usage of the API when database is empty."
"Set password is 'default'."
try:
# Allow "*****@*****.**" to be invalid.
if email != "*****@*****.**":
auth.validate_email(email)
password = auth.encrypt_password(password)
persons_service.create_person(
email, password, "Super", "Admin", role="admin"
)
print("Admin successfully created.")
except IntegrityError:
print("User already exists for this email.")
sys.exit(1)
except auth.PasswordsNoMatchException:
print("Passwords don't match.")
sys.exit(1)
except auth.PasswordTooShortException:
print("Password is too short.")
sys.exit(1)
except auth.EmailNotValidException:
print("Email is not valid.")
sys.exit(1)
def set_default_password(email):
"Set the password of given user as default"
from zou.app.services import persons_service
from zou.app.utils import auth
password = auth.encrypt_password("default")
persons_service.update_password(email, password)
def import_row(self, row):
first_name = row["First Name"]
last_name = row["Last Name"]
email = row["Email"]
phone = row.get("Phone", None)
role = row.get("Role", None)
role_map = {
"Studio Manager": "admin",
"Production Manager": "manager",
"Supervisor": "supervisor",
"Artist": "user",
"Client": "client",
"Vendor": "vendor",
}
data = {"first_name": first_name, "last_name": last_name}
if role is not None and role != "":
if role in role_map.keys():
role = role_map[role]
data["role"] = role
if phone is not None and phone != "":
data["phone"] = phone
person = Person.get_by(email=email)
if person is None:
data["email"] = email
data["password"] = auth.encrypt_password("default")
person = Person.create(**data)
elif self.is_update:
person.update(data)
index_service.index_person(person)
return person.serialize_safe()
def generate_fixture_user(self):
self.user = Person.create(first_name="John",
last_name="Did",
role="admin",
email=u"*****@*****.**",
password=auth.encrypt_password("mypassword"))
return self.user
def generate_fixture_person(self):
self.person = Person(first_name="John",
last_name="Doe",
desktop_login="******",
email=u"*****@*****.**",
password=auth.encrypt_password("mypassword"))
self.person.save()
def test_check_credentials(self):
self.person.update({"password": auth.encrypt_password("mypassword")})
self.assertRaises(auth.WrongPasswordException, auth.check_credentials,
"*****@*****.**", "mypassword2")
self.assertRaises(auth.PersonNotFoundException, auth.check_credentials,
"*****@*****.**", "mypassword2")
self.assertTrue(
auth.check_credentials("*****@*****.**", "mypassword"))
def generate_fixture_user_vendor(self):
self.user_vendor = Person.create(
first_name="John",
last_name="Did5",
role="vendor",
email=u"*****@*****.**",
password=auth.encrypt_password("mypassword")).serialize()
return self.user_vendor
def generate_fixture_user_client(self):
self.user_client = Person.create(
first_name="John",
last_name="Did4",
role="client",
email=u"*****@*****.**",
password=auth.encrypt_password("mypassword")).serialize()
return self.user_client
def generate_fixture_user_cg_artist(self):
self.user_cg_artist = Person.create(
first_name="John",
last_name="Did3",
email=u"*****@*****.**",
role="user",
password=auth.encrypt_password("mypassword"))
return self.user_cg_artist
def post(self):
"""
Create a new user in the database.
---
tags:
- Persons
description: Set "default" as password.
User role can be set but only admins can create admin users.
parameters:
- in: body
name: User
description: Email, first and last name, phone, role, desktop login and department of user
schema:
type: object
required:
- email
- first_name
properties:
email:
type: string
first_name:
type: string
last_name:
type: string
phone:
type: integer
example: 06 12 34 56 78
role:
type: string
desktop_login:
type: string
departments:
type: string
responses:
201:
description: User created
"""
permissions.check_admin_permissions()
data = self.get_arguments()
if persons_service.is_user_limit_reached():
return {
"error": True,
"message": "User limit reached.",
"limit": config.USER_LIMIT,
}, 400
else:
person = persons_service.create_person(
data["email"],
auth.encrypt_password("default"),
data["first_name"],
data["last_name"],
data["phone"],
role=data["role"],
desktop_login=data["desktop_login"],
departments=data["departments"],
)
return person, 201
def test_create_person(self):
person = persons_service.create_person(
"*****@*****.**",
auth.encrypt_password("passwordhash"),
"John",
"Doe"
)
person = persons_service.get_person_by_email(person["email"])
self.assertEquals(person["first_name"], "John")
def post(self):
"""
Allow the user to change his password.
---
description: Prior to modifying the password, it requires to give the current password
(to make sure the user changing the password is not someone who stealed the session).
The new password requires a confirmation to ensure that the user didn't
make a mistake by typing his new password.
tags:
- Authentification
parameters:
- in: body
name: Credentials
description: The old password, new password and confirmation password of the user
schema:
type: object
required:
- old_password
- password
- password_2
properties:
old_password:
type: string
password:
type: string
password_2:
type: string
responses:
200:
description: Password changed
400:
description: Invalid password or inactive user
"""
(old_password, password, password_2) = self.get_arguments()
try:
auth_service.check_auth(app, get_jwt_identity(), old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
persons_service.update_password(get_jwt_identity(), password)
return {"success": True}
except auth.PasswordsNoMatchException:
return (
{
"error": True,
"message": "Confirmation password doesn't match.",
},
400,
)
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except UnactiveUserException:
return {"error": True, "message": "User is unactive."}, 400
except WrongPasswordException:
return {"error": True, "message": "Old password is wrong."}, 400
def generate_fixture_user_manager(self):
self.user_manager = Person.create(
first_name="John",
last_name="Did2",
role="manager",
email="*****@*****.**",
password=auth.encrypt_password("mypassword"),
).serialize()
return self.user_manager
def import_entry(self, data):
if data["email"] != "*****@*****.**":
person = Person.get_by(shotgun_id=data["shotgun_id"])
if person is None:
data["password"] = auth.encrypt_password("default")
person = Person(**data)
person.save()
current_app.logger.info("Person created: %s" % person)
else:
if person.password is None or len(person.password) == 0:
data["password"] = auth.encrypt_password("default")
person.update(data)
current_app.logger.info("Person updated: %s" % person)
return person
else:
raise ShotgunEntryImportFailed("This entry is not a real person.")
def post(self):
permissions.check_admin_permissions()
data = self.get_arguments()
person = persons_service.create_person(
data["email"],
auth.encrypt_password("default"),
data["first_name"],
data["last_name"],
data["phone"],
role=data["role"])
return person, 201
def test_local_auth_strategy(self):
self.person.update({"password": auth.encrypt_password("mypassword")})
self.assertRaises(WrongPasswordException,
auth_service.local_auth_strategy,
"*****@*****.**", "mypassword2")
self.assertRaises(WrongPasswordException,
auth_service.local_auth_strategy,
"*****@*****.**", "mypassword2")
person = auth_service.local_auth_strategy("*****@*****.**",
"mypassword")
self.assertEqual(person["first_name"], "John")
def setUp(self):
super(AuthTestCase, self).setUp()
self.generate_fixture_person()
self.person.update(
{"password": auth.encrypt_password("secretpassword")})
self.person_dict = self.person.serialize()
self.credentials = {
"email": self.person_dict["email"],
"password": "******"
}
def generate_fixture_person(self,
first_name="John",
last_name="Doe",
desktop_login="******",
email="*****@*****.**"):
self.person = Person.create(
first_name=first_name,
last_name=last_name,
desktop_login=desktop_login,
email=email,
password=auth.encrypt_password("mypassword"))
return self.person
def test_default_password(self):
self.person.update({
"password": auth.encrypt_password("default"),
})
self.credentials["password"] = "******"
response = self.post("auth/login", self.credentials, 400)
self.assertTrue(response["default_password"])
data = {
"token": response["token"],
"password": "******",
"password2": "complex22pass"
}
response = self.put("auth/reset-password", data, 200)
def import_row(self, row):
first_name = row["First Name"]
last_name = row["Last Name"]
email = row["Email"]
phone = row["Phone"]
role = row.get("Role", None)
if role == "Studio Manager":
role = "admin"
elif role == "Supervisor":
role = "manager"
elif role == "Client":
role = "client"
if (
role is not None
and len(role) > 0
and role not in ["admin", "manager"]
):
role = "user"
try:
password = auth.encrypt_password("default")
person = Person.get_by(email=email)
if person is None:
person = Person.create(
email=email,
password=password,
first_name=first_name,
last_name=last_name,
phone=phone,
role=role,
)
else:
data = {
"first_name": first_name,
"last_name": last_name,
"phone": phone,
}
if role is not None and len(role) > 0:
data["role"] = role
person.update(data)
except IntegrityError:
person = Person.get_by(email=email)
return person.serialize_safe()
def import_row(self, row):
first_name = row["First Name"]
last_name = row["Last Name"]
email = row["Email"]
phone = row["Phone"]
try:
password = auth.encrypt_password("default")
person = Person.create(email=email,
password=password,
first_name=first_name,
last_name=last_name,
phone=phone)
except IntegrityError:
person = Person.get_by(email=email)
return person
def setUp(self):
super(AuthTestCase, self).setUp()
self.generate_fixture_person()
self.person.update({
"password": auth.encrypt_password("secretpassword"),
"role": "admin"
})
self.person_dict = self.person.serialize()
self.credentials = {
"email": self.person_dict["email"],
"password": "******"
}
try:
self.get("auth/logout")
except AssertionError:
pass
def post(self):
permissions.check_admin_permissions()
data = self.get_arguments()
if persons_service.is_user_limit_reached():
return {
"error": True,
"message": "User limit reached.",
"limit": config.USER_LIMIT,
}, 400
else:
person = persons_service.create_person(
data["email"],
auth.encrypt_password("default"),
data["first_name"],
data["last_name"],
data["phone"],
role=data["role"],
desktop_login=data["desktop_login"],
)
return person, 201
def create_admin(email):
"Create an admin user to allow usage of the API when database is empty."
"Set password is 'default'."
try:
auth.validate_email(email)
password = auth.encrypt_password("default")
persons_service.create_person(email,
password,
"Super",
"Admin",
role="admin")
print("Admin successfully created.")
except auth.PasswordsNoMatchException:
print("Passwords don't match.")
sys.exit(1)
except auth.PasswordTooShortException:
print("Password is too short.")
sys.exit(1)
except auth.EmailNotValidException:
print("Email is not valid.")
sys.exit(1)
def post(self):
(
old_password,
password,
password_2,
) = self.get_arguments()
try:
auth.check_credentials(current_user.email, old_password)
auth.validate_password(password, password_2)
password = auth.encrypt_password(password)
person_info.update_password(current_user, password)
return {"change_password_success": True}
except auth.PasswordsNoMatchException:
return {
"error": True,
"message": "Confirmation password doesn't match."
}, 400
except auth.PasswordTooShortException:
return {"error": True, "message": "Password is too short."}, 400
except auth.WrongPasswordException:
return {"error": True, "message": "Old password is wrong."}, 400
