def profile_output() -> Schema:
attributes: MarshmallowSchema = {}
attributes["uuid"] = fields.UUID(required=True)
# This is because Email is not typed on marshmallow
attributes["email"] = fields.Email(required=True) # type: ignore
attributes["name"] = fields.Str(required=True)
attributes["surname"] = fields.Str(required=True)
attributes["isAdmin"] = fields.Boolean(required=True)
attributes["isStaff"] = fields.Boolean(required=True)
attributes["isCoordinator"] = fields.Boolean(required=True)
attributes["privacy_accepted"] = fields.Boolean(required=True)
attributes["is_active"] = fields.Boolean(required=True)
attributes["expiration"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["roles"] = fields.Dict(required=True)
attributes["last_password_change"] = fields.DateTime(required=True,
format=ISO8601UTC)
attributes["first_login"] = fields.DateTime(required=True,
format=ISO8601UTC)
attributes["last_login"] = fields.DateTime(required=True,
format=ISO8601UTC)
if Connector.authentication_service == "neo4j":
attributes["belongs_to"] = fields.Neo4jRelationshipToSingle(
Group, data_key="group")
else:
attributes["belongs_to"] = fields.Nested(Group, data_key="group")
attributes["two_factor_enabled"] = fields.Boolean(required=True)
if custom_fields := mem.customizer.get_custom_output_fields(None):
attributes.update(custom_fields)
def admin_user_output(many: bool = True) -> Schema:
attributes: MarshmallowSchema = {}
attributes["uuid"] = fields.UUID()
# This is because Email is not typed on marshmallow
attributes["email"] = fields.Email() # type: ignore
attributes["name"] = fields.Str()
attributes["surname"] = fields.Str()
attributes["first_login"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["last_login"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["last_password_change"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["is_active"] = fields.Boolean()
attributes["privacy_accepted"] = fields.Boolean()
attributes["roles"] = fields.List(fields.Nested(Role))
attributes["expiration"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
if Connector.authentication_service == "neo4j":
attributes["belongs_to"] = fields.Neo4jRelationshipToSingle(
Group, data_key="group")
else:
attributes["belongs_to"] = fields.Nested(Group, data_key="group")
if custom_fields := mem.customizer.get_custom_output_fields(None):
attributes.update(custom_fields)
class Output(Schema):
val = fields.Integer()
created = fields.DateTime()
modified1 = fields.DateTime()
modified2 = fields.DateTime()
user = Neo4jSchema(
User,
fields=(
"uuid",
"email",
"name",
"surname",
"is_active",
"last_password_change",
),
)
group1 = Neo4jSchema(Group, fields="*")
group2 = Neo4jSchema(Group, fields=("*", ))
group3 = Neo4jSchema(Group, fields=["*"])
group4 = Neo4jSchema(Group, fields=[])
group5 = Neo4jSchema(Group, fields=["fullname", "shortname"])
group6 = Neo4jSchema(Group, fields="")
group7 = Neo4jSchema(Group, fields=None)
choices1 = Neo4jChoice(CHOICES_tuple)
choices2 = Neo4jChoice(CHOICES_dict)
def getProfileData():
# as defined in Marshmallow.schema.from_dict
attributes: Dict[str, Union[fields.Field, type]] = {}
attributes["uuid"] = fields.UUID(required=True)
attributes["email"] = fields.Email(required=True)
attributes["name"] = fields.Str(required=True)
attributes["surname"] = fields.Str(required=True)
attributes["isAdmin"] = fields.Boolean(required=True)
attributes["isStaff"] = fields.Boolean(required=True)
attributes["isCoordinator"] = fields.Boolean(required=True)
attributes["privacy_accepted"] = fields.Boolean(required=True)
attributes["is_active"] = fields.Boolean(required=True)
attributes["expiration"] = fields.DateTime(allow_none=True, format=ISO8601UTC)
attributes["roles"] = fields.Dict(required=True)
attributes["last_password_change"] = fields.DateTime(
required=True, format=ISO8601UTC
)
attributes["first_login"] = fields.DateTime(required=True, format=ISO8601UTC)
attributes["last_login"] = fields.DateTime(required=True, format=ISO8601UTC)
attributes["group"] = fields.Nested(Group)
attributes["two_factor_enabled"] = fields.Boolean(required=True)
if custom_fields := mem.customizer.get_custom_output_fields(None):
attributes.update(custom_fields)
class TokenSchema(Schema):
id = fields.Str()
IP = fields.Str()
location = fields.Str()
token = fields.Str()
emitted = fields.DateTime(format=ISO8601UTC)
expiration = fields.DateTime(format=ISO8601UTC)
last_access = fields.DateTime(format=ISO8601UTC)
class LoginsSchema(Schema):
# This is because Email is not typed on marshmallow
username = fields.Email() # type: ignore
date = fields.DateTime(format=ISO8601UTC)
IP = fields.Str()
location = fields.Str()
failed = fields.Boolean()
flushed = fields.Boolean()
def get_output_schema():
# as defined in Marshmallow.schema.from_dict
attributes: Dict[str, Union[fields.Field, type]] = {}
attributes["uuid"] = fields.UUID()
attributes["email"] = fields.Email()
attributes["name"] = fields.Str()
attributes["surname"] = fields.Str()
attributes["first_login"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["last_login"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["last_password_change"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["is_active"] = fields.Boolean()
attributes["privacy_accepted"] = fields.Boolean()
attributes["roles"] = fields.List(fields.Nested(Roles))
attributes["expiration"] = fields.DateTime(allow_none=True,
format=ISO8601UTC)
attributes["belongs_to"] = fields.Nested(Group, data_key="group")
if custom_fields := mem.customizer.get_custom_output_fields(None):
attributes.update(custom_fields)
class InputSchema(Schema):
mystr = fields.Str(required=True, validate=validate.Length(min=1))
mydate = fields.DateTime(
required=True,
format=ISO8601UTC,
# validate=validate.Range(
# max=datetime.now(pytz.utc).replace(hour=23, minute=59, second=59),
# min=datetime(1900, 1, 1, tzinfo=pytz.utc),
# max_inclusive=True,
# error="Invalid date",
# ),
)
myint_exclusive = fields.Int(
required=True,
validate=validate.Range(
min=1, max=10, min_inclusive=False, max_inclusive=False
),
)
myint_inclusive = fields.Int(
required=True,
validate=validate.Range(min=1, max=10),
)
class SystemSchema(Schema):
boot_time = fields.DateTime(format=ISO8601UTC)
def admin_user_input(request: FlaskRequest, is_post: bool) -> Type[Schema]:
is_admin = HTTPTokenAuth.is_session_user_admin(request, auth)
attributes: MarshmallowSchema = {}
if is_post:
# This is because Email is not typed on marshmallow
attributes["email"] = fields.Email( # type: ignore
required=is_post,
validate=validate.Length(max=100))
attributes["name"] = fields.Str(
required=is_post,
validate=validate.Length(min=1),
metadata={"label": "First Name"},
)
attributes["surname"] = fields.Str(
required=is_post,
validate=validate.Length(min=1),
metadata={"label": "Last Name"},
)
attributes["password"] = fields.Str(
required=is_post,
validate=validate.Length(min=auth.MIN_PASSWORD_LENGTH),
metadata={"password": True},
)
if Connector.check_availability("smtp"):
attributes["email_notification"] = fields.Bool(
metadata={"label": "Notify password by email"})
attributes["is_active"] = fields.Bool(
dump_default=True,
required=False,
metadata={"label": "Activate user"},
)
roles = {r.name: r.description for r in auth.get_roles()}
if not is_admin and RoleEnum.ADMIN.value in roles:
roles.pop(RoleEnum.ADMIN.value)
attributes["roles"] = fields.List(
fields.Str(validate=validate.OneOf(
choices=[r for r in roles.keys()],
labels=[r for r in roles.values()],
)),
dump_default=[auth.default_role],
required=False,
unique=True,
metadata={
"label": "Roles",
"description": "",
"extra_descriptions": auth.role_descriptions,
},
)
group_keys = []
group_labels = []
for g in auth.get_groups():
group_keys.append(g.uuid)
group_labels.append(f"{g.shortname} - {g.fullname}")
if len(group_keys) == 1:
default_group = group_keys[0]
else:
default_group = None
attributes["group"] = fields.Str(
required=is_post,
dump_default=default_group,
validate=validate.OneOf(choices=group_keys, labels=group_labels),
metadata={
"label": "Group",
"description": "The group to which the user belongs",
},
)
attributes["expiration"] = fields.DateTime(
required=False,
allow_none=True,
metadata={
"label": "Account expiration",
"description": "This user will be blocked after this date",
},
)
if custom_fields := mem.customizer.get_custom_input_fields(
request=request, scope=mem.customizer.ADMIN):
attributes.update(custom_fields)
def test_responses(self, faker: Faker) -> None:
class MySchema(Schema):
name = fields.Str()
f = "myfield"
assert (
ResponseMaker.get_schema_type(f, fields.Str(metadata={"password": True}))
== "password"
)
assert ResponseMaker.get_schema_type(f, fields.Bool()) == "boolean"
assert ResponseMaker.get_schema_type(f, fields.Boolean()) == "boolean"
assert ResponseMaker.get_schema_type(f, fields.Date()) == "date"
assert ResponseMaker.get_schema_type(f, fields.DateTime()) == "datetime"
assert ResponseMaker.get_schema_type(f, fields.AwareDateTime()) == "datetime"
assert ResponseMaker.get_schema_type(f, fields.NaiveDateTime()) == "datetime"
assert ResponseMaker.get_schema_type(f, fields.Decimal()) == "number"
# This is because Email is not typed on marshmallow
assert ResponseMaker.get_schema_type(f, fields.Email()) == "email" # type: ignore
assert ResponseMaker.get_schema_type(f, fields.Float()) == "number"
assert ResponseMaker.get_schema_type(f, fields.Int()) == "int"
assert ResponseMaker.get_schema_type(f, fields.Integer()) == "int"
assert ResponseMaker.get_schema_type(f, fields.Number()) == "number"
assert ResponseMaker.get_schema_type(f, fields.Str()) == "string"
assert ResponseMaker.get_schema_type(f, fields.String()) == "string"
assert ResponseMaker.get_schema_type(f, fields.Dict()) == "dictionary"
assert ResponseMaker.get_schema_type(f, fields.List(fields.Str())) == "string[]"
assert ResponseMaker.get_schema_type(f, fields.Nested(MySchema())) == "nested"
# Unsupported types, fallback to string
assert ResponseMaker.get_schema_type(f, fields.URL()) == "string"
assert ResponseMaker.get_schema_type(f, fields.Url()) == "string"
assert ResponseMaker.get_schema_type(f, fields.UUID()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.Constant("x")) == "string"
assert ResponseMaker.get_schema_type(f, fields.Field()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.Function()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.Mapping()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.Method()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.Raw()) == "string"
# assert ResponseMaker.get_schema_type(f, fields.TimeDelta()) == "string"
assert not ResponseMaker.is_binary(None)
assert not ResponseMaker.is_binary("")
assert not ResponseMaker.is_binary("application/json")
assert ResponseMaker.is_binary("application/octet-stream")
assert ResponseMaker.is_binary("application/x-bzip")
assert ResponseMaker.is_binary("application/x-bzip2")
assert ResponseMaker.is_binary("application/pdf")
assert ResponseMaker.is_binary("application/msword")
assert ResponseMaker.is_binary("application/rtf")
assert ResponseMaker.is_binary("application/x-tar")
assert ResponseMaker.is_binary("application/gzip")
assert ResponseMaker.is_binary("application/zip")
assert ResponseMaker.is_binary("application/x-7z-compressed")
assert not ResponseMaker.is_binary("text/plain")
assert not ResponseMaker.is_binary("text/css")
assert not ResponseMaker.is_binary("text/csv")
assert not ResponseMaker.is_binary("text/html")
assert not ResponseMaker.is_binary("text/javascript")
assert not ResponseMaker.is_binary("text/xml")
assert ResponseMaker.is_binary("image/gif")
assert ResponseMaker.is_binary("image/jpeg")
assert ResponseMaker.is_binary("image/png")
assert ResponseMaker.is_binary("image/svg+xml")
assert ResponseMaker.is_binary("image/tiff")
assert ResponseMaker.is_binary("image/webp")
assert ResponseMaker.is_binary("image/bmp")
assert ResponseMaker.is_binary("image/aac")
assert ResponseMaker.is_binary("audio/midi")
assert ResponseMaker.is_binary("audio/mpeg")
assert ResponseMaker.is_binary("audio/wav")
assert ResponseMaker.is_binary("audio/anyother")
assert ResponseMaker.is_binary("video/mpeg")
assert ResponseMaker.is_binary("video/ogg")
assert ResponseMaker.is_binary("video/webm")
assert ResponseMaker.is_binary("video/anyother")
assert ResponseMaker.is_binary("video/anyother")
assert not ResponseMaker.is_binary(faker.pystr())
response = EndpointResource.response("", code=200)
assert response[1] == 200 # type: ignore
response = EndpointResource.response(None, code=200)
assert response[1] == 204 # type: ignore
response = EndpointResource.response(None, code=200, head_method=True)
assert response[1] == 200 # type: ignore
def getInputSchema(request, is_post):
# as defined in Marshmallow.schema.from_dict
attributes: Dict[str, Union[fields.Field, type]] = {}
if is_post:
attributes["email"] = fields.Email(required=is_post)
attributes["name"] = fields.Str(required=is_post,
validate=validate.Length(min=1))
attributes["surname"] = fields.Str(required=is_post,
validate=validate.Length(min=1))
attributes["password"] = fields.Str(
required=is_post,
password=True,
validate=validate.Length(min=auth.MIN_PASSWORD_LENGTH),
)
if Connector.check_availability("smtp"):
attributes["email_notification"] = fields.Bool(
label="Notify password by email")
attributes["is_active"] = fields.Bool(label="Activate user",
default=True,
required=False)
roles = {r.name: r.description for r in auth.get_roles()}
attributes["roles"] = AdvancedList(
fields.Str(validate=validate.OneOf(
choices=[r for r in roles.keys()],
labels=[r for r in roles.values()],
)),
required=False,
label="Roles",
description="",
unique=True,
multiple=True,
)
group_keys = []
group_labels = []
for g in auth.get_groups():
group_keys.append(g.uuid)
group_labels.append(f"{g.shortname} - {g.fullname}")
if len(group_keys) == 1:
default_group = group_keys[0]
else:
default_group = None
attributes["group"] = fields.Str(
label="Group",
description="The group to which the user belongs",
required=is_post,
default=default_group,
validate=validate.OneOf(choices=group_keys, labels=group_labels),
)
attributes["expiration"] = fields.DateTime(
required=False,
allow_none=True,
label="Account expiration",
description="This user will be blocked after this date",
)
if custom_fields := mem.customizer.get_custom_input_fields(
request=request, scope=mem.customizer.ADMIN):
attributes.update(custom_fields)
