Esempio n. 1
0
    def test_method_sms_get_perm(self):  # Fix
        auth = {
            'tlf': '+34666666666',
            'code': 'AAAAAAAA',
            'email': '*****@*****.**',
            'dni': '11111111H'
        }
        data1 = {
            "object_type": "Vote",
            "permission": "create",
            "object_id": self.aeid
        }
        data2 = {
            "object_type": "Vote",
            "permission": "remove",
            "object_id": self.aeid
        }

        response = self.c.post('/api/get-perms', data1)
        self.assertEqual(response.status_code, 301)
        response = self.c.post('/api/get-perms', data2)
        self.assertEqual(response.status_code, 301)

        acl = ACL(user=self.u,
                  object_type='Vote',
                  perm='create',
                  object_id=self.aeid)
        acl.save()
        response = self.c.authenticate(self.aeid, auth)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data1)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data2)
        self.assertEqual(response.status_code, 400)
Esempio n. 2
0
    def setUp(self):
        ae = AuthEvent(
            auth_method="email",
            auth_method_config=test_data.authmethod_config_email_default,
            extra_fields=test_data.ae_email_fields_captcha['extra_fields'],
            status='started',
            census="open")
        ae.save()
        self.ae = ae
        self.aeid = ae.pk

        u = User(username='******', email=test_data.auth_email_default['email'])
        u.save()
        u.userdata.event = ae
        u.userdata.save()

        acl = ACL(user=u.userdata,
                  object_type='AuthEvent',
                  perm='edit',
                  object_id=self.aeid)
        acl.save()

        c = Code(user=u.userdata,
                 code=test_data.auth_email_default['code'],
                 auth_event_id=self.aeid)
        c.save()
        self.code = c
Esempio n. 3
0
    def setUp(self):
        auth_method_config = {
                "config": Email.CONFIG,
                "pipeline": Email.PIPELINES
        }
        ae = AuthEvent(auth_method=test_data.auth_event9['auth_method'],
                auth_method_config=auth_method_config,
                extra_fields=test_data.auth_event9['extra_fields'],
                status='started', census=test_data.auth_event9['census'])
        ae.save()
        self.aeid = ae.pk

        # Create user for authevent9
        u = User(username='******', email='', is_active=False)
        u.save()
        u.userdata.event = ae
        u.userdata.metadata = {
                'email': '',
                'email_verified': True,
                'match_field': 'match_code_555'
        }
        u.userdata.save()
        self.userid = u.pk
        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='edit', object_id=ae.pk)
        acl.save()
        code = Code(user=u.userdata, code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', auth_event_id=ae.pk)
        code.save()
Esempio n. 4
0
    def test_method_sms_get_perm(self): # Fix
        auth = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
                'email': '*****@*****.**', 'dni': '11111111H'}
        data1 = { "object_type": "Vote", "permission": "create", "object_id":
                self.aeid}
        data2 = { "object_type": "Vote", "permission": "remove", "object_id":
                self.aeid}

        response = self.c.post('/api/get-perms', data1)
        self.assertEqual(response.status_code, 301)
        response = self.c.post('/api/get-perms', data2)
        self.assertEqual(response.status_code, 301)

        acl = ACL(user=self.u, object_type='Vote', perm='create',
                object_id=self.aeid)
        acl.save()
        response = self.c.authenticate(self.aeid, auth)
        r = json.loads(response.content.decode('utf-8'))
        self.assertEqual(response.status_code, 200)
        self.assertTrue(isinstance(r['username'], str))
        self.assertTrue(len(r['username']) > 0)
        response = self.c.post('/api/get-perms/', data1)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data2)
        self.assertEqual(response.status_code, 400)
Esempio n. 5
0
    def test_authenticate_user(self):
        u = User.objects.create_user('test', '*****@*****.**', 'test')
        u.userdata.event = self.ae
        u.userdata.tlf = '+34666666667'
        u.userdata.save()

        acl = ACL(user=u.userdata,
                  object_type='UserData',
                  perm='edit',
                  object_id=u.pk)
        acl.save()
        acl = ACL(user=u.userdata,
                  object_type='AuthEvent',
                  perm='create',
                  object_id=0)
        acl.save()

        code = Code(user=u.userdata, code='abcdef', auth_event_id=self.ae.pk)
        code.save()

        auth = {
            'Email': '*****@*****.**',
            'tlf': '+34666666667',
            'code': code.code,
        }

        c = JClient()
        response = c.authenticate(1, auth)
        self.assertEqual(response.status_code, 200)
Esempio n. 6
0
    def setUp(self):
        ae = AuthEvent(
            auth_method="email",
            auth_method_config=test_data.authmethod_config_email_default,
            extra_fields=test_data.ae_email_fields_captcha['extra_fields'],
            status='started',
            census="open")
        ae.save()
        self.ae = ae
        self.aeid = ae.pk

        u_admin = User(username=test_data.admin['username'])
        u_admin.set_password(test_data.admin['password'])
        u_admin.save()
        u_admin.userdata.event = ae
        u_admin.userdata.save()

        acl = ACL(user=u_admin.userdata,
                  object_type='AuthEvent',
                  perm='edit',
                  object_id=self.aeid)
        acl.save()

        acl = ACL(user=u_admin.userdata,
                  object_type='AuthEvent',
                  perm='create',
                  object_id=0)
        acl.save()
Esempio n. 7
0
    def setUp(self):
        auth_method_config = test_data.authmethod_config_email_default
        ae = AuthEvent(auth_method=test_data.auth_event3['auth_method'],
                       auth_method_config=auth_method_config,
                       status='started',
                       census=test_data.auth_event3['census'])
        ae.save()
        self.aeid = ae.pk

        u = User(pk=1, username='******', email='*****@*****.**')
        u.save()
        u.userdata.event = ae
        u.userdata.metadata = json.dumps({
            'email': '*****@*****.**',
            'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
            'email_verified': True
        })
        u.userdata.save()
        self.userid = u.pk

        acl = ACL(user=u.userdata,
                  object_type='AuthEvent',
                  perm='edit',
                  object_id=ae.pk)
        acl.save()

        u2 = User(pk=2, username='******')
        u2.is_active = False
        u2.save()
        u2.userdata.event = ae
        u2.userdata.metadata = json.dumps({
            'email': '*****@*****.**',
            'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
            'email_verified': False
        })
        u2.userdata.save()

        code = Code(user=u.userdata,
                    code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
                    auth_event_id=ae.pk)
        code.save()
        code = Code(user=u2.userdata,
                    code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
                    auth_event_id=ae.pk)
        code.save()
Esempio n. 8
0
    def setUp(self):
        auth_method_config = {
                "config": Email.CONFIG,
                "pipeline": Email.PIPELINES
        }
        ae = AuthEvent(auth_method=test_data.auth_event6['auth_method'],
                auth_method_config=auth_method_config,
                extra_fields=test_data.auth_event6['extra_fields'],
                status='started', census=test_data.auth_event6['census'])
        ae.save()
        self.aeid = ae.pk

        # Create admin user for authevent6
        u = User(email='*****@*****.**')
        u.save()
        u.userdata.event = ae
        u.userdata.save()
        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='edit', object_id=ae.pk)
        acl.save()
Esempio n. 9
0
def give_perms(u, ae):
    if u.is_active:  # Active users don't give perms. Avoid will send code
        return ''
    pipe = ae.auth_method_config.get('pipeline')
    if not pipe:
        return 'Bad config'
    give_perms = pipe.get('give_perms', [])
    for perms in give_perms:
        obj = perms.get('object_type')
        obj_id = perms.get('object_id', 0)
        if obj_id == 'UserDataId':
            obj_id = u.pk
        elif obj_id == 'AuthEventId':
            obj_id = ae.pk
        for perm in perms.get('perms'):
            acl = ACL(user=u.userdata,
                      object_type=obj,
                      perm=perm,
                      object_id=obj_id)
            acl.save()
    return ''
Esempio n. 10
0
    def test_method_sms_get_perm(self): # Fix
        auth = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
                'email': '*****@*****.**', 'dni': '11111111H'}
        data1 = { "object_type": "Vote", "permission": "create", "object_id":
                self.aeid}
        data2 = { "object_type": "Vote", "permission": "remove", "object_id":
                self.aeid}

        response = self.c.post('/api/get-perms', data1)
        self.assertEqual(response.status_code, 301)
        response = self.c.post('/api/get-perms', data2)
        self.assertEqual(response.status_code, 301)

        acl = ACL(user=self.u, object_type='Vote', perm='create',
                object_id=self.aeid)
        acl.save()
        response = self.c.authenticate(self.aeid, auth)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data1)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data2)
        self.assertEqual(response.status_code, 400)
Esempio n. 11
0
    def setUp(self):
        ae = AuthEvent(auth_method="email",
                auth_method_config=test_data.authmethod_config_email_default,
                extra_fields=test_data.ae_email_fields_captcha['extra_fields'],
                status='started',
                census="open")
        ae.save()
        self.ae = ae
        self.aeid = ae.pk

        u = User(username='******', email=test_data.auth_email_default['email'])
        u.save()
        u.userdata.event = ae
        u.userdata.save()

        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='edit',
            object_id=self.aeid)
        acl.save()

        c = Code(user=u.userdata, code=test_data.auth_email_default['code'], auth_event_id=self.aeid)
        c.save()
        self.code = c
Esempio n. 12
0
    def setUp(self):
        auth_method_config = {
            "config": Email.CONFIG,
            "pipeline": Email.PIPELINES
        }
        ae = AuthEvent(auth_method=test_data.auth_event6['auth_method'],
                       auth_method_config=auth_method_config,
                       extra_fields=test_data.auth_event6['extra_fields'],
                       status='started',
                       census=test_data.auth_event6['census'])
        ae.save()
        self.aeid = ae.pk

        # Create admin user for authevent6
        u = User(username='******', email='*****@*****.**')
        u.save()
        u.userdata.event = ae
        u.userdata.save()
        acl = ACL(user=u.userdata,
                  object_type='AuthEvent',
                  perm='edit',
                  object_id=ae.pk)
        acl.save()
Esempio n. 13
0
    def setUp(self):
        auth_method_config = test_data.authmethod_config_sms_default
        ae = AuthEvent(auth_method=test_data.auth_event11['auth_method'],
                auth_method_config=auth_method_config,
                extra_fields=test_data.auth_event11['extra_fields'],
                status='started', census=test_data.auth_event11['census'])
        ae.save()
        self.aeid = ae.pk

        # Create user for authevent11
        u = User(username='******', email='*****@*****.**', is_active=False)
        u.save()
        u.userdata.event = ae
        u.userdata.tlf = ''
        u.userdata.metadata = {
                'match_field': 'match_code_555'
        }
        u.userdata.save()
        self.userid = u.pk
        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='edit', object_id=ae.pk)
        acl.save()
        code = Code(user=u.userdata, code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', auth_event_id=ae.pk)
        code.save()
Esempio n. 14
0
    def setUp(self):
        auth_method_config = test_data.authmethod_config_email_default
        ae = AuthEvent(auth_method=test_data.auth_event3['auth_method'],
                auth_method_config=auth_method_config,
                status='started', census=test_data.auth_event3['census'])
        ae.save()
        self.aeid = ae.pk

        u = User(username='******', email='*****@*****.**')
        u.save()
        u.userdata.event = ae
        u.userdata.metadata = {
                'email': '*****@*****.**',
                'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
                'email_verified': True
        }
        u.userdata.save()
        self.userid = u.pk

        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='edit', object_id=ae.pk)
        acl.save()

        u2 = User(email='*****@*****.**')
        u2.is_active = False
        u2.save()
        u2.userdata.event = ae
        u2.userdata.metadata = {
                'email': '*****@*****.**',
                'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',
                'email_verified': False
        }
        u2.userdata.save()

        code = Code(user=u.userdata, code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', auth_event_id=ae.pk)
        code.save()
        code = Code(user=u2.userdata, code='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', auth_event_id=ae.pk)
        code.save()
Esempio n. 15
0
    def test_method_sms_get_perm(self):  # Fix
        auth = {
            'tlf': '+34666666666',
            'code': 'AAAAAAAA',
            'email': '*****@*****.**',
            'dni': '11111111H'
        }
        data1 = {
            "object_type": "Vote",
            "permission": "create",
            "object_id": self.aeid
        }
        data2 = {
            "object_type": "Vote",
            "permission": "remove",
            "object_id": self.aeid
        }

        response = self.c.post('/api/get-perms', data1)
        self.assertEqual(response.status_code, 301)
        response = self.c.post('/api/get-perms', data2)
        self.assertEqual(response.status_code, 301)

        acl = ACL(user=self.u,
                  object_type='Vote',
                  perm='create',
                  object_id=self.aeid)
        acl.save()
        response = self.c.authenticate(self.aeid, auth)
        r = json.loads(response.content.decode('utf-8'))
        self.assertEqual(response.status_code, 200)
        self.assertTrue(isinstance(r['username'], str))
        self.assertTrue(len(r['username']) > 0)
        response = self.c.post('/api/get-perms/', data1)
        self.assertEqual(response.status_code, 200)
        response = self.c.post('/api/get-perms/', data2)
        self.assertEqual(response.status_code, 400)
Esempio n. 16
0
    def setUp(self):
        ae = AuthEvent(auth_method="email",
                auth_method_config=test_data.authmethod_config_email_default,
                extra_fields=test_data.ae_email_fields_captcha['extra_fields'],
                status='started',
                census="open")
        ae.save()
        self.ae = ae
        self.aeid = ae.pk

        u_admin = User(username=test_data.admin['username'])
        u_admin.set_password(test_data.admin['password'])
        u_admin.save()
        u_admin.userdata.event = ae
        u_admin.userdata.save()

        acl = ACL(user=u_admin.userdata, object_type='AuthEvent', perm='edit',
            object_id=self.aeid)
        acl.save()

        acl = ACL(user=u_admin.userdata, object_type='AuthEvent', perm='create',
                object_id=0)
        acl.save()
Esempio n. 17
0
    def test_authenticate_user(self):
        u = User.objects.create_user('test', '*****@*****.**', 'test')
        u.userdata.event = self.ae
        u.userdata.tlf = '+34666666667'
        u.userdata.save()

        acl = ACL(user=u.userdata, object_type='UserData', perm='edit', object_id=u.pk)
        acl.save()
        acl = ACL(user=u.userdata, object_type='AuthEvent', perm='create', object_id=0)
        acl.save()

        code = Code(user=u.userdata, code='ABCDEF', auth_event_id=self.ae.pk)
        code.save()

        auth = {
                'Email': '*****@*****.**',
                'tlf': '+34666666667',
                'code': code.code,
        }

        c = JClient()
        response = c.authenticate(1, auth)
        self.assertEqual(response.status_code, 200)
Esempio n. 18
0
def insert_or_update(cls, kwargs):
    l = cls.objects.filter(**kwargs)
    if len(l) == 0:
        obj = ACL(**kwargs)
        obj.save()