def test_check_user_is_vendor_admin(self, mock_user, mock_db):
mock_user.return_value = 'some-user'
mock_db.return_value = ['some-user', 'another-user']
result = api_utils.check_user_is_vendor_admin('some-vendor')
self.assertTrue(result)
mock_db.return_value = ['another-user']
result = api_utils.check_user_is_vendor_admin('some-vendor')
self.assertFalse(result)
def test_check_user_is_vendor_admin(self, mock_user, mock_db):
mock_user.return_value = 'some-user'
mock_db.return_value = ['some-user', 'another-user']
result = api_utils.check_user_is_vendor_admin('some-vendor')
self.assertTrue(result)
mock_db.return_value = ['another-user']
result = api_utils.check_user_is_vendor_admin('some-vendor')
self.assertFalse(result)
def put(self, id, **kw):
"""Handler for update item. Should return full info with updates."""
product = db.get_product(id)
vendor_id = product['organization_id']
vendor = db.get_organization(vendor_id)
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
product_info = {'id': id}
if 'name' in kw:
product_info['name'] = kw['name']
if 'description' in kw:
product_info['description'] = kw['description']
if 'product_ref_id' in kw:
product_info['product_ref_id'] = kw['product_ref_id']
if 'public' in kw:
# user can mark product as public only if
# his/her vendor is public(official)
public = api_utils.str_to_bool(kw['public'])
if (vendor['type'] not in (const.OFFICIAL_VENDOR, const.FOUNDATION)
and public):
pecan.abort(403, 'Forbidden.')
product_info['public'] = public
if 'properties' in kw:
product_info['properties'] = json.dumps(kw['properties'])
db.update_product(product_info)
pecan.response.status = 200
product = db.get_product(id)
product['can_manage'] = True
return product
def get(self, vendor_id):
"""Return list of users in the vendor's group."""
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
return None
org_users = db.get_organization_users(vendor_id)
return [x for x in six.itervalues(org_users)]
def get_one(self, id, version_id):
"""Get specific version information."""
product = db.get_product(id)
vendor_id = product['organization_id']
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not product['public'] and not is_admin:
pecan.abort(403, 'Forbidden.')
allowed_keys = ['id', 'product_id', 'version', 'cpid']
return db.get_product_version(version_id, allowed_keys=allowed_keys)
def delete(self, vendor_id, openid):
"""Remove user from vendor group."""
openid = base64.b64decode(openid)
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
pecan.abort(403, 'Forbidden.')
vendor = db.get_organization(vendor_id)
db.remove_user_from_group(openid, vendor['group_id'])
pecan.response.status = 204
def put(self, vendor_id, openid):
"""Add user to vendor group."""
openid = base64.b64decode(openid)
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
pecan.abort(403, 'Forbidden.')
vendor = db.get_organization(vendor_id)
creator = api_utils.get_user_id()
db.add_user_to_group(openid, vendor['group_id'], creator)
pecan.response.status = 204
def register(self, vendor):
"""Handler for applying for registration with Foundation."""
if not api_utils.check_user_is_vendor_admin(vendor['id']):
pecan.abort(403, 'Forbidden.')
_check_is_not_foundation(vendor['id'])
if vendor['type'] != const.PRIVATE_VENDOR:
raise api_exc.ValidationError(
'Invalid organization state for this action.')
# change vendor type to pending
org_info = {'id': vendor['id'], 'type': const.PENDING_VENDOR}
db.update_organization(org_info)
def delete(self, vendor_id):
"""Delete vendor."""
if not (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id)):
pecan.abort(403, 'Forbidden.')
_check_is_not_foundation(vendor_id)
try:
db.delete_organization(vendor_id)
except DBReferenceError:
pecan.abort(
400, 'Unable to delete. There are still tests '
'associated to products for this vendor.')
pecan.response.status = 204
def get_one(self, vendor_id):
"""Get information about vendor."""
allowed_keys = None
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
allowed_keys = ['id', 'type', 'name', 'description']
vendor = db.get_organization(vendor_id, allowed_keys=allowed_keys)
allowed_types = [const.FOUNDATION, const.OFFICIAL_VENDOR]
if not is_admin and vendor['type'] not in allowed_types:
pecan.abort(403, 'Forbidden.')
vendor['can_manage'] = is_admin
return vendor
def cancel(self, vendor):
"""Handler for canceling registration.
This action available to user. It allows him to cancel
registrationand move state of his vendor from pending
to private.
"""
if not api_utils.check_user_is_vendor_admin(vendor['id']):
pecan.abort(403, 'Forbidden.')
_check_is_not_foundation(vendor['id'])
if vendor['type'] != const.PENDING_VENDOR:
raise api_exc.ValidationError(
'Invalid organization state for this action.')
# change vendor type back to private
org_info = {'id': vendor['id'], 'type': const.PRIVATE_VENDOR}
db.update_organization(org_info)
def put(self, vendor_id, **kw):
"""Handler for update item. Should return full info with updates."""
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
vendor_info = {'id': vendor_id}
if 'name' in kw:
vendor_info['name'] = kw['name']
if 'description' in kw:
vendor_info['description'] = kw['description']
if 'properties' in kw:
vendor_info['properties'] = json.dumps(kw['properties'])
db.update_organization(vendor_info)
pecan.response.status = 200
vendor = db.get_organization(vendor_id)
vendor['can_manage'] = True
return vendor
def get_one(self, id):
"""Get information about product."""
allowed_keys = ['id', 'name', 'description',
'product_ref_id', 'product_type',
'public', 'properties', 'created_at', 'updated_at',
'organization_id', 'created_by_user', 'type']
product = db.get_product(id, allowed_keys=allowed_keys)
vendor_id = product['organization_id']
is_admin = (api_utils.check_user_is_foundation_admin() or
api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin and not product['public']:
pecan.abort(403, 'Forbidden.')
if not is_admin:
admin_only_keys = ['created_by_user', 'created_at', 'updated_at',
'properties']
for key in product.keys():
if key in admin_only_keys:
product.pop(key)
product['can_manage'] = is_admin
return product
def put(self, vendor_id, **kw):
"""Handler for update item. Should return full info with updates."""
is_foundation_admin = api_utils.check_user_is_foundation_admin()
is_admin = (is_foundation_admin
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
vendor_info = {'id': vendor_id}
vendor = db.get_organization(vendor_id)
if 'name' in kw:
if (vendor['type'] == const.OFFICIAL_VENDOR
and not is_foundation_admin):
pecan.abort(
403, 'Name change for an official vendor is not allowed.')
vendor_info['name'] = kw['name']
if 'description' in kw:
vendor_info['description'] = kw['description']
if 'properties' in kw:
vendor_info['properties'] = json.dumps(kw['properties'])
vendor = db.update_organization(vendor_info)
pecan.response.status = 200
vendor['can_manage'] = True
return vendor
def get(self):
"""Get information of all uploaded test results.
Get information of all uploaded test results in descending
chronological order. Make it possible to specify some
input parameters for filtering.
For example:
/v1/results?page=<page number>&cpid=1234.
By default, page is set to page number 1,
if the page parameter is not specified.
"""
expected_input_params = [
const.START_DATE, const.END_DATE, const.CPID, const.SIGNED,
const.VERIFICATION_STATUS, const.PRODUCT_ID
]
filters = api_utils.parse_input_params(expected_input_params)
if const.PRODUCT_ID in filters:
product = db.get_product(filters[const.PRODUCT_ID])
vendor_id = product['organization_id']
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if is_admin:
filters[const.ALL_PRODUCT_TESTS] = True
elif not product['public']:
pecan.abort(403, 'Forbidden.')
records_count = db.get_test_records_count(filters)
page_number, total_pages_number = \
api_utils.get_page_number(records_count)
try:
per_page = CONF.api.results_per_page
results = db.get_test_records(page_number, per_page, filters)
is_foundation = api_utils.check_user_is_foundation_admin()
for result in results:
if not (api_utils.check_owner(result['id']) or is_foundation):
# Don't expose product info if the product is not public.
if (result.get('product_version')
and not result['product_version']['product_info']
['public']):
result['product_version'] = None
# Only show all metadata if the user is the owner or a
# member of the Foundation group.
result['meta'] = {
k: v
for k, v in result['meta'].items()
if k in MetadataController.rw_access_keys
}
result.update({
'url':
parse.urljoin(CONF.ui_url, CONF.api.test_results_url) %
result['id']
})
page = {
'results': results,
'pagination': {
'current_page': page_number,
'total_pages': total_pages_number
}
}
except Exception as ex:
LOG.debug('An error occurred during '
'operation with database: %s' % str(ex))
pecan.abort(500)
return page
