def engine_fixture(request): backend_db = 'sqlite' if 'sqlite://' in get_config_settings('sqlalchemy.url') else 'postgres' logger.debug('backend_db: %s' % backend_db) if backend_db == 'sqlite': db_path = tempfile.NamedTemporaryFile(suffix='.sqlite', delete=False).name #use tempfile directly DB_URL = 'sqlite:///' + db_path engine = create_engine(DB_URL, poolclass=NullPool) connection = engine.connect() DBSession.configure(bind=engine) Base.metadata.bind = engine logger.debug('(sqlite_engine_fixture) created, sqlite file: %s' % db_path) else: DB_URL = get_config_settings('sqlalchemy.url') engine = create_engine(DB_URL) connection = engine.connect() DBSession.configure(bind=engine) Base.metadata.bind = engine logger.debug('(postgres_engine_fixture) created, postgres url: %s' % DB_URL) def fin(): DBSession.close() DBSession.remove() connection.close() if backend_db == 'sqlite': os.unlink(db_path) logger.debug('(sqlite_engine_fixture) delete, remove sqlitedb file: %s' % db_path) else: logger.debug('(postgres_engine_fixture) fin with postgresdb url: %s' % DB_URL) request.addfinalizer(fin) #return engine return backend_db
def change_password(self, new_password): global DBSession hashed_pwd = hashlib.sha512(self.salt + new_password).hexdigest() self.password = hashed_pwd DBSession.add(self) DBSession.flush() logger.info('user %s password changed' % self.user_name) return (True, None)
def fin(): DBSession.close() DBSession.remove() connection.close() if backend_db == 'sqlite': os.unlink(db_path) logger.debug('(sqlite_engine_fixture) delete, remove sqlitedb file: %s' % db_path) else: logger.debug('(postgres_engine_fixture) fin with postgresdb url: %s' % DB_URL)
def fin(): model = DBSession.query(group_table).filter(group_table.group_id == group.group_id).scalar() if model: DBSession.delete(model) DBSession.flush() transaction.commit() print '(A_group fixture) delete' if DBSession.dirty: transaction.commit()
def fin(): model = DBSession.query(user_table).filter(user_table.user_id == user.user_id).scalar() if model: DBSession.delete(model) DBSession.flush() transaction.commit() print '(A_user fixture)=> delete' if DBSession.dirty: transaction.commit()
def create(cls, user_name, password, activated, group_id, description=None): global DBSession salt = os.urandom(26).encode('hex') logger.debug('create salt: %s' % salt) hashed_pwd = hashlib.sha512(salt + password).hexdigest() model = cls(user_name=user_name, description=description, password=hashed_pwd, salt=salt, activated=activated, group_id=group_id) DBSession.add(model) DBSession.flush() logger.info('user %s created' % user_name) return (True, model)
def test_modify_user(engine_fixture, A_user): user_table = models.account.User_TB original_user_id = A_user.user_id new_user_name = id_generator(size=5).decode('utf-8') with transaction.manager as tm: A_user.user_name = new_user_name DBSession.flush() find_user = DBSession.query(user_table).filter(user_table.user_name == new_user_name).scalar() assert A_user.user_id == find_user.user_id
def test_modify_group(engine_fixture, A_group): group_table = models.account.Group_TB model = DBSession.query(group_table).filter(group_table.group_name == A_group.group_name).scalar() assert model.group_id == A_group.group_id original_group_id = model.group_id new_group_name = id_generator(size=5).decode('utf-8') with transaction.manager as tm: A_group.group_name = new_group_name DBSession.flush() find_group = DBSession.query(group_table).filter(group_table.group_name == new_group_name).scalar() assert find_group.group_id == original_group_id
def _manual_all_to_json_array(cls, ignore=['password', 'salt']): logger.debug('Database not implement array_to_json()') users_list = [] users = DBSession.query(cls).all() if users != None: for user in users: users_list.append(user._manual_to_json(ignore=ignore)) return users_list
def A_group(request, engine_fixture): group_table = models.account.Group_TB with transaction.manager as tm: group = group_table(group_name=id_generator(size=25).decode('utf-8')) DBSession.add(group) DBSession.flush() print "(A_group fixture) created" def fin(): model = DBSession.query(group_table).filter(group_table.group_id == group.group_id).scalar() if model: DBSession.delete(model) DBSession.flush() transaction.commit() print '(A_group fixture) delete' if DBSession.dirty: transaction.commit() request.addfinalizer(fin) return group
def get_user(request): #user_name = unauthenticated_userid(request) user_name = request.unauthenticated_userid logger.debug('unauthenticated_userid(as username): %s' % user_name) if user_name is not None: with transaction.manager as tm: user_obj = DBSession.query(User_TB).filter(User_TB.user_name == user_name).scalar() return user_obj logger.debug('get no user') return None
def test_delete_group(engine_fixture): group_table = models.account.Group_TB new_group_name = id_generator(size=25).decode('utf-8') with transaction.manager as tm: #create new_model = group_table(group_name=new_group_name) DBSession.add(new_model) DBSession.flush() model = DBSession.query(group_table).filter(group_table.group_name == new_group_name).scalar() assert model #delete DBSession.delete(model) DBSession.flush() model = DBSession.query(group_table).filter(group_table.group_name == new_group_name).first() assert model == None
def test_delete_user(engine_fixture, A_group): user_table = models.account.User_TB user_name=id_generator(size=25).decode('utf-8') salt = os.urandom(26).encode('hex') password = os.urandom(10).encode('hex') with transaction.manager as tm: success, user = user_table.create( user_name = user_name, password=password, activated=True, group_id=A_group.group_id ) assert success == True #delete DBSession.delete(user) DBSession.flush() model = DBSession.query(user_table).filter(user_table.user_id == user.user_id).first() assert model == None
def test_user_to_json(engine_fixture, A_user, MockedRequest): user_table = models.account.User_TB original_user_name = A_user.user_name original_user_id = A_user.user_id user = DBSession.query(user_table).filter(user_table.user_id == A_user.user_id).scalar() user_json = user.to_json(MockedRequest) assert True == isinstance(user_json, dict) assert user_json['user_id'] == original_user_id assert user_json['user_name'] == original_user_name
def test_change_password(engine_fixture, A_user): user_table = models.account.User_TB original_user_name = A_user.user_name with transaction.manager as tm: new_user_password = id_generator(size=8) A_user.change_password(new_user_password) found_user = DBSession.query(user_table).filter(user_table.user_name == original_user_name).scalar() success, msg = found_user.pwd_validate(original_user_name, new_user_password) print msg assert success == True
def get_user_info(request, user_id): try: u = DBSession.query(User_TB).filter(User_TB.user_id == user_id).scalar() if u == None: logger.warning('user(user_id: %s) not exist.' % user_id) return (False, None) rtn = (True, u.to_json(request)) except Exception, e: err_info = ('user_id(%s)' % user_id, inspect.stack()[0][3], traceback.format_exc()) logger.error('%s:%s, traceback: %s' % err_info, exc_info=True) rtn = (False, None)
def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ global DBSession, Base engine = engine_from_config(settings, 'sqlalchemy.') backend_db = 'sqlite' if 'sqlite://' in settings['sqlalchemy.url'] else 'postgres' scarab_settings = {} scarab_settings['backend_db'] = backend_db logger.debug('scarab_settings: %s' % scarab_settings) def get_scarab_settings(request): return scarab_settings #enable sqlite foreignkey if sqlite if 'sqlite' == backend_db: event.listen(engine, 'connect', _fk_pragma_on_connect) #db foreignkey on DBSession.configure(bind=engine) Base.metadata.bind = engine config = Configurator(root_factory='scarab.models.RootFactory', settings=settings) #api routes config.include(api_routes) #embeded userojb to request config.add_request_method(get_user, 'user', reify=True) config.add_request_method(get_scarab_settings, 'scarab_settings', reify=True) #security; add policies here policies =[AuthTktAuthenticationPolicy(settings['scarab.auth_secret'], callback=groupfinder, hashalg='sha512')] authn_policy = MultiAuthenticationPolicy(policies) authz_policy = ACLAuthorizationPolicy() config.set_authentication_policy(authn_policy) config.set_authorization_policy(authz_policy) #all setting is done, scan config config.scan() return config.make_wsgi_app()
def _pg_row_to_json(self, ignore=['password', 'salt']): logger.debug('execute row_to_json()') sql_expression = \ """ select row_to_json(u) from ( select * from %s where user_id = %s) u; """ % (self.__tablename__, self.user_id) user = DBSession.execute(sql_expression).scalar() logger.debug('json user: %s' % user) for ig in ignore: user.pop(ig) return user
def _pg_all_to_json_array(cls, ignore=['password', 'salt']): logger.debug('execute array_to_json()') sql_expression = \ """ select array_to_json(array_agg(t)) from ( select * from %s) t; """ % (cls.__tablename__) users = DBSession.execute(sql_expression).scalar() logger.debug('json users: %s' % users) if users != None: for user in users: for ig in ignore: user.pop(ig) return users
def test_query_group(engine_fixture, A_group): group_table = models.account.Group_TB group = DBSession.query(group_table).filter(group_table.group_name == A_group.group_name).scalar() assert group.group_name == A_group.group_name
def test_query_user(engine_fixture, A_user): user_table = models.account.User_TB model = DBSession.query(user_table).filter(user_table.user_name == A_user.user_name).scalar() assert model.user_name == A_user.user_name