def setup_class(self):
self.publisher_one = 'test_publisher1'
self.publisher_two = 'test_publisher2'
self.package_one = 'test_package1'
self.package_two = 'test_package2'
self.package_three = 'test_package3'
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
user1 = User(name=self.publisher_one)
publisher1 = Publisher(name=self.publisher_one)
association1 = PublisherUser(role=UserRoleEnum.owner)
association1.publisher = publisher1
user1.publishers.append(association1)
user2 = User(name=self.publisher_two)
publisher2 = Publisher(name=self.publisher_two)
association2 = PublisherUser(role=UserRoleEnum.owner)
association2.publisher = publisher2
user2.publishers.append(association2)
metadata1 = Package(name=self.package_one)
tag1 = PackageTag(descriptor=dict(name='test_one'))
metadata1.tags.append(tag1)
publisher1.packages.append(metadata1)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
def setUp(self):
self.publisher = 'demo'
self.package = 'demo-package'
self.publisher_one = 'test_publisher1'
self.publisher_two = 'test_publisher2'
self.package_one = 'test_package1'
self.package_two = 'test_package2'
self.package_three = 'test_package3'
self.descriptor = json.loads(open('fixtures/datapackage.json').read())
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
create_test_package(self.publisher, self.package, self.descriptor)
user1 = User(name=self.publisher_one)
publisher1 = Publisher(name=self.publisher_one)
association1 = PublisherUser(role=UserRoleEnum.owner)
association1.publisher = publisher1
user1.publishers.append(association1)
user2 = User(name=self.publisher_two)
publisher2 = Publisher(name=self.publisher_two)
association2 = PublisherUser(role=UserRoleEnum.owner)
association2.publisher = publisher2
user2.publishers.append(association2)
metadata1 = Package(name=self.package_one)
tag1 = PackageTag(descriptor=dict(name='test_one'))
metadata1.tags.append(tag1)
publisher1.packages.append(metadata1)
metadata2 = Package(name=self.package_two)
tag2 = PackageTag(descriptor=dict(name='test_two'))
metadata2.tags.append(tag2)
publisher1.packages.append(metadata2)
metadata3 = Package(name=self.package_one)
tag3 = PackageTag(descriptor=dict(name='test_three'))
metadata3.tags.append(tag3)
publisher2.packages.append(metadata3)
metadata4 = Package(name=self.package_two)
tag4 = PackageTag(descriptor=dict(name='test_four'))
metadata4.tags.append(tag4)
publisher2.packages.append(metadata4)
metadata5 = Package(name=self.package_three)
tag5 = PackageTag(descriptor=dict(name='test_four'))
metadata5.tags.append(tag5)
publisher2.packages.append(metadata5)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
self.bucket_name = self.app.config['S3_BUCKET_NAME']
db.drop_all()
db.create_all()
self.user = User()
self.user.id = self.user_id
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', self.publisher_name, 'super_secret'
self.publisher = Publisher(name=self.publisher_name)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.publisher
metadata = Package(name=self.package)
self.publisher.packages.append(metadata)
self.user.publishers.append(association)
self.user_not_allowed = User()
self.user_not_allowed.id = self.user_not_allowed_id
self.user_not_allowed.email, self.user_not_allowed.name, \
self.user_not_allowed.secret = \
'*****@*****.**', self.user_not_allowed_name, 'super_secret'
self.publisher_not_allowed = Publisher(
name=self.user_not_allowed_name)
association_not_allowed = PublisherUser(role=UserRoleEnum.owner)
association_not_allowed.publisher = self.publisher_not_allowed
metadata = Package(name=self.package)
self.publisher_not_allowed.packages.append(metadata)
self.user_not_allowed.publishers.append(association_not_allowed)
self.user_member = User()
self.user_member.id = self.user_member_id
self.user_member.email, self.user_member.name, self.user_member.secret = \
'*****@*****.**', self.user_member_name, 'super_secret'
association_member = PublisherUser(role=UserRoleEnum.member)
association_member.publisher = self.publisher
self.user_member.publishers.append(association_member)
db.session.add(self.user)
db.session.add(self.user_not_allowed)
db.session.commit()
response = self.client.post(self.jwt_url,
data=json.dumps({
'username': self.publisher_name,
'secret': 'super_secret'
}),
content_type='application/json')
data = json.loads(response.data)
self.jwt = data['token']
self.auth = "bearer %s" % self.jwt
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
db.drop_all()
db.create_all()
self.user = User()
self.user.id = self.user_id
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', self.publisher_name, 'super_secret'
self.user_member = User()
self.user_member.id = self.user_id_member
self.user_member.email, self.user_member.name, self.user_member.secret = \
'*****@*****.**', self.user_member_name, 'super_secret'
self.publisher = Publisher(name=self.publisher_name)
self.publisher_1 = Publisher(name=self.user_member_name)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.publisher
association1 = PublisherUser(role=UserRoleEnum.member)
association1.publisher = self.publisher_1
metadata = Package(name=self.package)
self.publisher.packages.append(metadata)
self.user.publishers.append(association)
self.user_member.publishers.append(association1)
db.session.add(self.user)
db.session.add(self.user_member)
db.session.commit()
response = self.client.post(self.jwt_url,
data=json.dumps({
'username': self.publisher_name,
'secret': 'super_secret'
}),
content_type='application/json')
data = json.loads(response.data)
self.auth = data['token']
response = self.client.post(self.jwt_url,
data=json.dumps({
'username': self.user_member_name,
'secret': 'super_secret'
}),
content_type='application/json')
data = json.loads(response.data)
self.jwt_member = data['token']
def register_by_email():
if request.method == 'POST':
if len(User.query.filter_by(email=request.form['email']).all()) > 0:
flash('E-mail {} already registered, please log in.'.format(
request.form['email']))
return redirect(url_for('security.login'))
user = User(email=request.form['email'],
first_name=request.form['first_name'],
last_name=request.form['last_name'])
user._set_password = request.form['password']
db.session.add(user)
db.session.commit()
return redirect(url_for('security.login'))
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if not user:
password = bcrypt.generate_password_hash(
form.password.data).decode("utf-8")
user = User(form.email.data, password, "RESEARCHER")
db.session.add(user)
db.session.commit()
user = User.query.filter_by(email=form.email.data).first()
researcher = Researcher(user_id=user.id,
first_name=form.first_name.data,
last_name=form.last_name.data,
job_title=form.job_title.data,
prefix=form.prefix.data,
suffix=form.suffix.data,
phone=form.phone.data,
phone_ext=form.phone_ext.data,
orcid=form.orcid.data)
db.session.add(researcher)
# education = Education(user_id=user.id, degree=None, field_of_study=None, institution=None,
# location=None,degree_award_year=None)
# db.session.add(education)
db.session.commit()
flash("Your account has been created. You can now login")
return redirect(url_for("auth.login"))
else:
flash(
"An account already exists with this email address. Please login."
)
return render_template("auth/register.html", form=form)
def test_gets_private_email_and_return_200_if_all_right(
self, create_user, jwt_helper, get_user, authorized_response):
authorized_response.return_value = {'access_token': 'token'}
get_user.side_effect = lambda k: {
'user':
OAuthResponse(resp=None,
content=json.dumps(dict()),
content_type='application/json'),
'user/emails':
OAuthResponse(resp=None,
content=json.dumps([{
"email": "*****@*****.**",
"verified": True,
"primary": True
}]),
content_type='application/json')
}.get(k, 'unhandled request %s' % k)
jwt_helper.return_value = "132432"
create_user.return_value = User(id=1,
email="*****@*****.**",
name='abc',
secret='12345')
response = self.client.get('/api/auth/callback?code=123')
self.assertEqual(create_user.call_count, 1)
self.assertEqual(jwt_helper.call_count, 1)
self.assertEqual(response.status_code, 200)
def setUp(self):
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
self.user = User(id=11,
name=self.user_name,
secret='supersecret',
auth0_id="123|auth0")
self.publisher = Publisher(name=self.user_name)
self.publisher.packages.append(Package(name='test_package'))
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.publisher
self.user.publishers.append(association)
self.publisher1 = Publisher(name="test_publisher")
self.publisher1.packages.append(Package(name='test_package'))
association1 = PublisherUser(role=UserRoleEnum.member)
association1.publisher = self.publisher1
self.user.publishers.append(association1)
db.session.add(self.user)
self.sysadmin = User(id=12, name='admin', sysadmin=True)
db.session.add(self.sysadmin)
self.random_user = User(id=13, name='random')
db.session.add(self.random_user)
self.publisher2 = Publisher(name="test_publisher1", private=True)
self.publisher2.packages.append(
Package(name='test_package', private=True))
db.session.add(self.publisher2)
self.publisher3 = Publisher(name="test_publisher2", private=False)
self.publisher3.packages.append(Package(name='test_package'))
db.session.add(self.publisher3)
db.session.commit()
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
db.drop_all()
db.create_all()
self.user = User()
self.user.id = self.user_id
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', self.publisher, 'super_secret'
self.pub = Publisher(name=self.publisher)
self.pub.packages.append(Package(name=self.package))
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.pub
self.user.publishers.append(association)
user1 = User(id=2,
name='test1',
secret='super_secret1',
email="*****@*****.**")
pub1 = Publisher(name='test1')
association1 = PublisherUser(role=UserRoleEnum.owner)
association1.publisher = pub1
user1.publishers.append(association1)
db.session.add(self.user)
db.session.add(user1)
db.session.commit()
response = self.client.post(self.jwt_url,
data=json.dumps({
'username': self.publisher,
'secret': 'super_secret'
}),
content_type='application/json')
data = json.loads(response.data)
self.jwt = data['token']
response = self.client.post(self.jwt_url,
data=json.dumps({
'username': '******',
'secret': 'super_secret1'
}),
content_type='application/json')
data = json.loads(response.data)
self.jwt1 = data['token']
def from_profile(cls, user, profile):
if not user or user.is_anonymous:
email = profile.data.get("email")
if not email:
msg = "Cannot create new user, authentication provider did not not provide email"
logging.warning(msg)
raise Exception(_(msg))
conflict = User.query.filter(User.email == email).first()
if conflict:
msg = "Cannot create new user, email {} is already used. Login and then connect external profile."
msg = _(msg).format(email)
logging.warning(msg)
raise Exception(msg)
now = datetime.now()
user = User()
user.email = email
user.first_name = profile.data.get('first_name')
user.last_name = profile.data.get('last_name')
user.confirmed_at = now
user.active = True
db.session.add(user)
db.session.flush()
assert user.id, "User does not have an id"
connection = cls(user_id=user.id, **profile.data)
db.session.add(connection)
db.session.commit()
return connection
def setUp(self):
self.publisher_one = 'test_publisher1'
self.publisher_two = 'test_publisher2'
self.package_one = 'test_package1'
self.package_two = 'test_package2'
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
user1 = User(name=self.publisher_one)
publisher1 = Publisher(name=self.publisher_one)
association1 = PublisherUser(role=UserRoleEnum.owner)
association1.publisher = publisher1
user1.publishers.append(association1)
user2 = User(name=self.publisher_two)
publisher2 = Publisher(name=self.publisher_two)
association2 = PublisherUser(role=UserRoleEnum.owner)
association2.publisher = publisher2
user2.publishers.append(association2)
metadata1 = Package(name=self.package_one)
metadata1.descriptor = json.dumps(dict(name='test_one'))
publisher1.packages.append(metadata1)
metadata2 = Package(name=self.package_two)
metadata2.descriptor = json.dumps(dict(name='test_two'))
publisher1.packages.append(metadata2)
metadata3 = Package(name=self.package_one)
metadata3.descriptor = json.dumps(dict(name='test_three'))
publisher2.packages.append(metadata3)
metadata4 = Package(name=self.package_two)
metadata4.descriptor = json.dumps(dict(name='test_four'))
publisher2.packages.append(metadata4)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
def register_dealer():
"""
Registration for a dealer.
"""
if request.method == 'POST':
name = request.form['name']
email = request.form['email']
password = request.form['password']
_zip = request.form['zip']
makes_serviced = json.dumps(
{make: 1
for make in request.form.getlist('makes')})
website = request.form['website']
phone = request.form['phone']
dealer = Dealer(name=name,
email=email,
zip=_zip,
makes_serviced=makes_serviced,
website=website,
phone=phone)
db.session.add(dealer)
db.session.commit()
user = User(email=email,
dealer=dealer,
is_dealer=True,
first_name=name)
user._set_password = password
db.session.add(user)
db.session.commit()
timekit = on_new_dealer(dealer)
# register the dealer's timekit
return render_template("public/dealer_registered.html",
timekit=timekit,
email=dealer.email)
else:
makes = get_makes()
return render_template('public/register_dealer/register_dealer.html',
makes=makes)
def create_admin():
username = "******"
email = "*****@*****.**"
password = "******"
admin = True
user = User(username=username, email=email, password=password, admin=admin)
#print("superadmin created", u)
db.session.add(user)
db.session.commit()
click.echo("admin created!!!")
def create(self, db: Session, *, obj_in: UserCreate) -> User:
db_obj = User(username=obj_in.username,
password=get_password_hash(obj_in.password),
full_name=obj_in.full_name,
is_superuser=obj_in.is_superuser,
email=obj_in.email)
db.add(db_obj)
db.commit()
db.refresh(db_obj)
return db_obj
def create_admin():
click.echo('Hello! Run command ok before')
u = User(username="******",
email="*****@*****.**",
password="******",
admin=True)
# print("superadmin created", u)
db.session.add(u)
db.session.commit()
click.echo("superadmin created!!!")
def create_test_package(publisher='demo', package='demo-package', descriptor={}, readme=''):
user = User(name=publisher, secret='supersecret', email='*****@*****.**')
publisher = Publisher(name=publisher)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = publisher
user.publishers.append(association)
package = Package(name=package, descriptor=descriptor, readme=readme)
publisher.packages.append(package)
db.session.add(user)
db.session.commit()
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
db.drop_all()
db.create_all()
self.user = User()
self.user.user_id = 'trial_id'
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', 'test_user', 'super_secret'
db.session.add(self.user)
db.session.commit()
def populate_db(auth0_id, email, user_name, full_name, secret):
user = User.query.filter_by(name=user_name).first()
publisher = Publisher.query.filter_by(name=user_name).first()
if user is None:
user = User()
user.auth0_id, user.email, user.name, user.full_name, user.secret \
= auth0_id, email, user_name, full_name, secret
db.session.add(user)
db.session.commit()
if publisher is None:
publisher = Publisher(name=user_name)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = publisher
user.publishers.append(association)
db.session.add(user)
db.session.commit()
def test_return_200_if_all_right(self, create_user, jwt_helper,
get_user_with_code, get_auth0_token):
get_auth0_token.return_value = None
get_user_with_code('123').return_value = {}
jwt_helper.return_value = "132432"
create_user.return_value = User(id=1,
email="*****@*****.**",
name='abc',
secret='12345')
response = self.client.get('/api/auth/callback?code=123')
self.assertEqual(create_user.call_count, 1)
self.assertEqual(jwt_helper.call_count, 1)
self.assertEqual(response.status_code, 200)
def make_fixtures(app, package, publisher, user_id):
with app.app_context():
user = User(
id=user_id,
email='*****@*****.**',
name=publisher,
secret='super_secret'
)
pub = Publisher(name=publisher)
pub.packages.append(Package(name=package))
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = pub
user.publishers.append(association)
user1 = User(id=2, name='test1',
secret='super_secret1', email="*****@*****.**")
pub1 = Publisher(name='test1')
association1 = PublisherUser(role=UserRoleEnum.owner)
association1.publisher = pub1
user1.publishers.append(association1)
db.session.add(user)
db.session.add(user1)
db.session.commit()
def test_return_200_if_all_right(self, create_user, jwt_helper, get_user,
authorized_response):
authorized_response.return_value = {'access_token': 'token'}
get_user.return_value = OAuthResponse(
resp=None,
content=json.dumps(dict({'email': '*****@*****.**'})),
content_type='application/json')
jwt_helper.return_value = "132432"
create_user.return_value = User(id=1,
email="*****@*****.**",
name='abc',
secret='12345')
response = self.client.get('/api/auth/callback?code=123')
self.assertEqual(create_user.call_count, 1)
self.assertEqual(jwt_helper.call_count, 1)
self.assertEqual(response.status_code, 200)
def setUp(self):
self.publisher = 'demo'
self.package = 'demo-package'
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
user = User(id=11, name=self.publisher, secret='supersecret')
publisher = Publisher(name=self.publisher)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = publisher
user.publishers.append(association)
db.session.add(user)
db.session.commit()
def create_test_package(publisher='demo',
package='demo-package',
descriptor={}):
user = User(name=publisher)
publisher = Publisher(name=publisher)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = publisher
user.publishers.append(association)
metadata = Package(name=package)
tag = PackageTag(descriptor=descriptor)
metadata.tags.append(tag)
publisher.packages.append(metadata)
db.session.add(user)
db.session.commit()
def setUp(self):
self.app = create_app()
self.app.app_context().push()
with self.app.test_request_context():
db.drop_all()
db.create_all()
user = User(id=11,
name='test_user_id',
secret='supersecret',
auth0_id="123|auth0")
publisher = Publisher(name='test_pub_id')
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = publisher
user.publishers.append(association)
db.session.add(user)
db.session.commit()
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
db.drop_all()
db.create_all()
self.user = User()
self.user.id = 1
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', self.publisher, 'super_secret'
self.publisherObj = Publisher(name=self.publisher)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.publisherObj
self.user.publishers.append(association)
db.session.add(self.user)
db.session.commit()
def callback_handling():
"""
This ia callback api when we redirect the api to Auth0 or any external
Auth provider.
---
tags:
- auth
response:
500:
description: Internal Server Error
200:
description: Updated Db with user
schema:
id: auth_callback
properties:
status:
type: string
description: Status of the operation
token:
type: string
description: The jwt
user:
type: map
description: Returns back email, nickname,
picture, name
"""
try:
code = request.args.get('code')
auth0 = Auth0()
user_info = auth0.get_user_info_with_code(code, request.base_url)
user = User().create_or_update_user_from_callback(user_info)
jwt_helper = JWT(app.config['API_KEY'], user.id)
return jsonify(
dict(token=jwt_helper.encode(),
email=user.email,
username=user.name,
secret=user.secret))
except Exception as e:
app.logger.error(e)
return handle_error('GENERIC_ERROR', e.message, 500)
def setUp(self):
self.app = create_app()
self.client = self.app.test_client()
with self.app.app_context():
self.bucket_name = self.app.config['S3_BUCKET_NAME']
db.drop_all()
db.create_all()
self.user = User()
self.user.id = 1
self.user.email, self.user.name, self.user.secret = \
'*****@*****.**', self.publisher_name, 'super_secret'
self.publisher = Publisher(name=self.publisher_name)
association = PublisherUser(role=UserRoleEnum.owner)
association.publisher = self.publisher
metadata = Package(name=self.package)
self.publisher.packages.append(metadata)
self.user.publishers.append(association)
db.session.add(self.user)
db.session.commit()
def test2_user(self):
with self.client:
user = User(username='******',
email='*****@*****.**',
password='******',
admin=True)
db.session.add(user)
db.session.commit()
self.assertIn(
User.query.filter_by(username='******').first().email,
'*****@*****.**')
user1 = User.query.filter(
User.email == '*****@*****.**').first()
self.assertEqual(user, user1)
login_user(user1)
self.assertTrue(current_user.is_authenticated)
self.assertTrue(current_user.username == 'unittester1')
logout_user()
self.assertFalse(current_user.is_authenticated)
db.session.delete(user)
db.session.commit()
print('-test2_user finished')
def test_update_secret_if_it_is_supersecret(self):
user_info = dict(email="*****@*****.**",
username="******",
user_id="123|auth0")
user = User.create_or_update_user_from_callback(user_info)
self.assertNotEqual('supersecret', user.secret)
def test_get_userinfo_by_id(self):
self.assertEqual(User.get_userinfo_by_id(11).name, 'test_user_id')
self.assertIsNone(User.get_userinfo_by_id(2))
