Esempio n. 1
0
    def setUp(self):
        self.app = create_app()
        self.client = self.app.test_client()
        with self.app.app_context():
            self.bucket_name = self.app.config['S3_BUCKET_NAME']
            db.drop_all()
            db.create_all()
            self.user = User()
            self.user.id = self.user_id
            self.user.email, self.user.name, self.user.secret = \
                '*****@*****.**', self.publisher_name, 'super_secret'

            self.publisher = Publisher(name=self.publisher_name)

            association = PublisherUser(role=UserRoleEnum.owner)
            association.publisher = self.publisher

            metadata = MetaDataDB(name=self.package)
            self.publisher.packages.append(metadata)
            self.user.publishers.append(association)

            self.user_not_allowed = User()
            self.user_not_allowed.id = self.user_not_allowed_id
            self.user_not_allowed.email, self.user_not_allowed.name, \
                self.user_not_allowed.secret = \
                '*****@*****.**', self.user_not_allowed_name, 'super_secret'

            self.publisher_not_allowed = Publisher(
                name=self.user_not_allowed_name)

            association_not_allowed = PublisherUser(role=UserRoleEnum.owner)
            association_not_allowed.publisher = self.publisher_not_allowed

            metadata = MetaDataDB(name=self.package)
            self.publisher_not_allowed.packages.append(metadata)
            self.user_not_allowed.publishers.append(association_not_allowed)

            self.user_member = User()
            self.user_member.id = self.user_member_id
            self.user_member.email, self.user_member.name, self.user_member.secret = \
                '*****@*****.**', self.user_member_name, 'super_secret'

            association_member = PublisherUser(role=UserRoleEnum.member)
            association_member.publisher = self.publisher
            self.user_member.publishers.append(association_member)

            db.session.add(self.user)
            db.session.add(self.user_not_allowed)
            db.session.commit()
        response = self.client.post(self.jwt_url,
                                    data=json.dumps({
                                        'username': self.publisher_name,
                                        'secret': 'super_secret'
                                    }),
                                    content_type='application/json')
        data = json.loads(response.data)
        self.jwt = data['token']
        self.auth = "bearer %s" % self.jwt
Esempio n. 2
0
    def setUp(self):
        self.app = create_app()
        self.client = self.app.test_client()
        with self.app.app_context():
            db.drop_all()
            db.create_all()
            self.user = User()
            self.user.id = self.user_id
            self.user.email, self.user.name, self.user.secret = \
                '*****@*****.**', self.publisher_name, 'super_secret'

            self.user_member = User()
            self.user_member.id = self.user_id_member
            self.user_member.email, self.user_member.name, self.user_member.secret = \
                '*****@*****.**', self.user_member_name, 'super_secret'

            self.publisher = Publisher(name=self.publisher_name)

            association = PublisherUser(role=UserRoleEnum.owner)
            association.publisher = self.publisher

            association1 = PublisherUser(role=UserRoleEnum.member)
            association1.publisher = self.publisher

            metadata = MetaDataDB(name=self.package)
            self.publisher.packages.append(metadata)
            self.user.publishers.append(association)
            self.user_member.publishers.append(association1)

            db.session.add(self.user)
            db.session.add(self.user_member)
            db.session.commit()
        response = self.client.post(self.jwt_url,
                                    data=json.dumps({
                                        'username': self.publisher_name,
                                        'secret': 'super_secret'
                                    }),
                                    content_type='application/json')
        data = json.loads(response.data)
        self.jwt = data['token']

        response = self.client.post(self.jwt_url,
                                    data=json.dumps({
                                        'username': self.user_member_name,
                                        'secret': 'super_secret'
                                    }),
                                    content_type='application/json')
        data = json.loads(response.data)
        self.jwt_member = data['token']
Esempio n. 3
0
 def setUp(self):
     self.app = create_app()
     # self.app.app_context().push()
     self.client = self.app.test_client()
     with self.app.app_context():
         db.drop_all()
         db.create_all()
         self.user = User()
         self.user.id = self.user_id
         self.user.email, self.user.name, self.user.secret = \
             '*****@*****.**', self.publisher, 'super_secret'
         publisher = Publisher(name=self.publisher)
         association = PublisherUser(role="OWNER")
         association.publisher = publisher
         self.user.publishers.append(association)
         db.session.add(self.user)
         db.session.commit()
     response = self.client.post(self.jwt_url,
                                 data=json.dumps({
                                     'username': self.publisher,
                                     'secret': 'super_secret'
                                 }),
                                 content_type='application/json')
     data = json.loads(response.data)
     self.jwt = data['token']
Esempio n. 4
0
def home():
    """
    Loads home page
    ---
    tags:
      - site
    responses:
      404:
        description: Publiser does not exist
      200:
        description: Succesfuly loaded home page
    """
    if request.method == "POST":
        encoded_token = request.form.get('encoded_token', '')
        if encoded_token:
            try:
                payload = jwt.decode(encoded_token, app.config['API_KEY'])
            except Exception as e:
                app.logger.error(e)
                return redirect(get_zappa_prefix() + '/api/auth/login',
                                code=302)
            user = User().get_userinfo_by_id(payload['user'])
            if user:
                return render_template("dashboard.html",
                                       user=user,
                                       title='Dashboard',
                                       zappa_env=get_zappa_prefix(),
                                       s3_cdn=get_s3_cdn_prefix()), 200
        return redirect(get_zappa_prefix() + '/api/auth/login', code=302)
    return render_template("index.html",
                           title='Home',
                           zappa_env=get_zappa_prefix(),
                           s3_cdn=get_s3_cdn_prefix()), 200
Esempio n. 5
0
def index():
    """
    Loads home page
    ---
    tags:
      - site
    responses:
      404:
        description: Publiser does not exist
      200:
        description: Succesfuly loaded home page
    """
    try:
        if request.method == "POST":
            encoded_token = request.form.get('encoded_token', '')
            if encoded_token:
                try:
                    payload = jwt.decode(encoded_token, app.config['API_KEY'])
                except Exception as e:
                    app.logger.error(e)
                    return redirect(url_for('.logout'))
                user = User().get_userinfo_by_id(payload['user'])
                if user:
                    return render_template("dashboard.html", user=user,
                                           title='Dashboard',
                                           zappa_env=get_zappa_prefix(),
                                           s3_cdn=get_s3_cdn_prefix()), 200
            return redirect(url_for('.logout'))
        return render_template("index.html", title='Home',
                               zappa_env=get_zappa_prefix(),
                               s3_cdn=get_s3_cdn_prefix(),
                               auth0_client_id=app.config['AUTH0_CLIENT_ID'],
                               auth0_domain=app.config['AUTH0_DOMAIN']), 200
    except Exception:
        return redirect(url_for('.logout'))
Esempio n. 6
0
 def test_return_200_if_all_right(self, create_user, jwt_helper,
                                  get_user_with_code):
     get_user_with_code('123').return_value = {}
     create_user.return_value = User(id=1, email="*****@*****.**")
     response = self.client.get('/api/auth/callback?code=123')
     self.assertEqual(create_user.call_count, 1)
     self.assertEqual(jwt_helper.call_count, 1)
     self.assertEqual(response.status_code, 200)
Esempio n. 7
0
    def setUp(self):
        self.app = create_app()
        self.app.app_context().push()
        with self.app.test_request_context():
            db.drop_all()
            db.create_all()

            self.user = User(id=11,
                             name=self.user_name,
                             secret='supersecret',
                             auth0_id="123|auth0")

            self.publisher = Publisher(name=self.user_name)
            self.publisher.packages.append(MetaDataDB(name='test_package'))

            association = PublisherUser(role=UserRoleEnum.owner)
            association.publisher = self.publisher

            self.user.publishers.append(association)

            self.publisher1 = Publisher(name="test_publisher")
            self.publisher1.packages.append(MetaDataDB(name='test_package'))

            association1 = PublisherUser(role=UserRoleEnum.member)
            association1.publisher = self.publisher1

            self.user.publishers.append(association1)

            db.session.add(self.user)

            self.sysadmin = User(id=12, name='admin', sysadmin=True)
            db.session.add(self.sysadmin)

            self.random_user = User(id=13, name='random')
            db.session.add(self.random_user)

            self.publisher2 = Publisher(name="test_publisher1", private=True)
            self.publisher2.packages.append(
                MetaDataDB(name='test_package', private=True))
            db.session.add(self.publisher2)

            self.publisher3 = Publisher(name="test_publisher2", private=False)
            self.publisher3.packages.append(MetaDataDB(name='test_package'))
            db.session.add(self.publisher3)

            db.session.commit()
Esempio n. 8
0
    def setUp(self):
        self.publisher_one = 'test_publisher1'
        self.publisher_two = 'test_publisher2'
        self.package_one = 'test_package1'
        self.package_two = 'test_package2'
        self.app = create_app()
        self.app.app_context().push()

        with self.app.test_request_context():
            db.drop_all()
            db.create_all()

            user1 = User(name=self.publisher_one)
            publisher1 = Publisher(name=self.publisher_one)
            association1 = PublisherUser(role="OWNER")
            association1.publisher = publisher1
            user1.publishers.append(association1)

            user2 = User(name=self.publisher_two)
            publisher2 = Publisher(name=self.publisher_two)
            association2 = PublisherUser(role="OWNER")
            association2.publisher = publisher2
            user2.publishers.append(association2)

            metadata1 = MetaDataDB(name=self.package_one)
            metadata1.descriptor = json.dumps(dict(name='test_one'))
            publisher1.packages.append(metadata1)

            metadata2 = MetaDataDB(name=self.package_two)
            metadata2.descriptor = json.dumps(dict(name='test_two'))
            publisher1.packages.append(metadata2)

            metadata3 = MetaDataDB(name=self.package_one)
            metadata3.descriptor = json.dumps(dict(name='test_three'))
            publisher2.packages.append(metadata3)

            metadata4 = MetaDataDB(name=self.package_two)
            metadata4.descriptor = json.dumps(dict(name='test_four'))
            publisher2.packages.append(metadata4)

            db.session.add(user1)
            db.session.add(user2)

            db.session.commit()
Esempio n. 9
0
 def setUp(self):
     self.app = create_app()
     self.client = self.app.test_client()
     with self.app.app_context():
         db.drop_all()
         db.create_all()
         self.user = User()
         self.user.id = 1
         self.user.email, self.user.name, self.user.secret = \
             '*****@*****.**', 'test_publisher', 'super_secret'
         db.session.add(self.user)
         db.session.commit()
Esempio n. 10
0
def populate_db(auth0_id, email, user_name, full_name):
    user = User.query.filter_by(name=user_name).first()

    publisher = Publisher.query.filter_by(name=user_name).first()
    if publisher:
        db.session.delete(publisher)
        db.session.commit()
    if user:
        db.session.delete(user)
        db.session.commit()

    user = User()
    user.auth0_id, user.email, user.name, user.full_name, user.secret \
        = auth0_id, email, user_name, full_name, \
          "c053521f4f3331908d89df39bba922190a69f0ea99f7ca00"

    publisher = Publisher(name=user_name)
    association = PublisherUser(role="OWNER")
    association.publisher = publisher
    user.publishers.append(association)

    db.session.add(user)
    db.session.commit()
Esempio n. 11
0
    def setUp(self):
        self.app = create_app()
        self.app.app_context().push()
        with self.app.test_request_context():
            db.drop_all()
            db.create_all()

            user = User(id=11,
                        name='test_user_id',
                        secret='supersecret',
                        auth0_id="123|auth0")
            publisher = Publisher(name='test_pub_id')
            association = PublisherUser(role="OWNER")
            association.publisher = publisher
            user.publishers.append(association)

            db.session.add(user)
            db.session.commit()
Esempio n. 12
0
def callback_handling():
    """
    This ia callback api when we redirect the api to Auth0 or any external
    Auth provider.
    ---
    tags:
        - auth
    response:
        500:
            description: Internal Server Error
        200:
            description: Updated Db with user
            schema:
                id: auth_callback
                properties:
                    status:
                        type: string
                        description: Status of the operation
                    token:
                        type: string
                        description: The jwt
                    user:
                        type: map
                        description: Returns back email, nickname,
                                     picture, name
    """
    try:
        code = request.args.get('code')
        user_info = get_user_info_with_code(code, request.base_url)
        user_id = user_info['user_id']

        jwt_helper = JWTHelper(app.config['API_KEY'], user_id)

        user = User().create_or_update_user_from_callback(user_info)

        return render_template("dashboard.html",
                               user=user,
                               title='Dashboard',
                               encoded_token=jwt_helper.encode(),
                               zappa_env=get_zappa_prefix(),
                               s3_cdn=get_s3_cdn_prefix()), 200
    except Exception as e:
        app.logger.error(e)
        return handle_error('GENERIC_ERROR', e.message, 500)
Esempio n. 13
0
    def setUp(self):
        self.app = create_app()
        self.client = self.app.test_client()
        with self.app.app_context():
            db.drop_all()
            db.create_all()
            self.user = User()
            self.user.id = 1
            self.user.email, self.user.name, self.user.secret = \
                '*****@*****.**', self.publisher, 'super_secret'

            self.publisherObj = Publisher(name=self.publisher)

            association = PublisherUser(role=UserRoleEnum.owner)
            association.publisher = self.publisherObj
            self.user.publishers.append(association)

            db.session.add(self.user)
            db.session.commit()
Esempio n. 14
0
def callback_handling():
    """
    This ia callback api when we redirect the api to Auth0 or any external
    Auth provider.
    ---
    tags:
        - auth
        - auth0
    response:
        200:
            description: Updated Db with user
            schema:
                id: auth_callback
                properties:
                    status:
                        type: string
                        description: Status of the operation
                    token:
                        type: string
                        description: The jwt
                    user:
                        type: map
                        description: Returns back email, nickname, picture, name
    """
    code = request.args.get('code')
    user_info = get_user_info_with_code(code)
    user_id = user_info['user_id']
    if 'user_metadata' in user_info and 'secret' not in user_info[
            'user_metadata']:
        update_user_secret(user_id)
    else:
        update_user_secret(user_id)

    user_info = get_user(user_id)
    jwt_helper = JWTHelper(app.config['API_KEY'], user_id)

    user = User.query.filter_by(user_id=user_id).first()
    if user is None:
        user = User()
        user.email = user_info['email']
        user.secret = user_info['user_metadata']['secret']
        user.user_id = user_info['user_id']
        user.user_name = user_info['username']
        db.session.add(user)
        db.session.commit()
    user = User.query.filter_by(user_id=user_id).first()
    ## For now dashboard is rendered directly from callbacl, this needs to be changed
    return render_template("dashboard.html", user=user.serialize['name'])
Esempio n. 15
0
 def test_user_creation_from_outh0_response(self):
     user_info = dict(email="*****@*****.**",
                      username="******",
                      user_id="124|auth0")
     user = User.create_or_update_user_from_callback(user_info)
     self.assertEqual(user.name, 'test')
Esempio n. 16
0
 def test_update_secret_if_it_is_supersecret(self):
     user_info = dict(email="*****@*****.**",
                      username="******",
                      user_id="123|auth0")
     user = User.create_or_update_user_from_callback(user_info)
     self.assertNotEqual('supersecret', user.secret)
Esempio n. 17
0
 def test_get_userinfo_by_id(self):
     self.assertEqual(User.get_userinfo_by_id(11).name, 'test_user_id')
     self.assertIsNone(User.get_userinfo_by_id(2))