Esempio n. 1
0
    def test_func__create_new_content_with_notification__ok__nominal_case(self):
        uapi = UserApi(current_user=None, session=self.session, config=self.app_config)
        current_user = uapi.get_one_by_email("*****@*****.**")
        # Create new user with notification enabled on w1 workspace
        wapi = WorkspaceApi(current_user=current_user, session=self.session, config=self.app_config)
        workspace = wapi.get_one_by_label("Recipes")
        user = uapi.get_one_by_email("*****@*****.**")
        wapi.enable_notifications(user, workspace)

        api = ContentApi(current_user=user, session=self.session, config=self.app_config)
        item = api.create(
            content_type_list.Folder.slug, workspace, None, "parent", do_save=True, do_notify=False
        )
        api.create(
            content_type_list.File.slug, workspace, item, "file1", do_save=True, do_notify=True
        )
        # Send mail async from redis queue with daemon
        daemon = MailSenderDaemon(self.app_config, burst=True)
        daemon.run()
        # check mail received
        response = self.get_mailhog_mails()
        headers = response[0]["Content"]["Headers"]
        assert headers["From"][0] == '"Bob i. via Tracim" <test_user_from+3@localhost>'
        assert headers["To"][0] == "Global manager <*****@*****.**>"
        assert headers["Subject"][0] == "[TRACIM] [Recipes] file1 (Open)"
        assert headers["References"][0] == "test_user_refs+22@localhost"
        assert (
            headers["Reply-to"][0]
            == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>'
        )
Esempio n. 2
0
    def test_func__create_user_with_mail_notification__ok__nominal_case(self):
        api = UserApi(current_user=None, session=self.session, config=self.app_config)
        u = api.create_user(
            email="bob@bob",
            password="******",
            name="bob",
            timezone="+2",
            do_save=True,
            do_notify=True,
        )
        assert u is not None
        assert u.email == "bob@bob"
        assert u.validate_password("password")
        assert u.display_name == "bob"
        assert u.timezone == "+2"

        # Send mail async from redis queue with daemon
        daemon = MailSenderDaemon(self.app_config, burst=True)
        daemon.run()
        # check mail received
        response = self.get_mailhog_mails()
        headers = response[0]["Content"]["Headers"]
        assert headers["From"][0] == "Tracim Notifications <test_user_from+0@localhost>"
        assert headers["To"][0] == "bob <bob@bob>"
        assert headers["Subject"][0] == "[TRACIM] Created account"
Esempio n. 3
0
    def create_user(self, context, request: TracimRequest, hapic_data=None):
        """
        Create new user
        """
        app_config = request.registry.settings['CFG']
        uapi = UserApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        gapi = GroupApi(
            current_user=request.current_user,  # User
            session=request.dbsession,
            config=app_config,
        )
        groups = [gapi.get_one_with_name(hapic_data.body.profile)]
        password = hapic_data.body.password
        if not password and hapic_data.body.email_notification:
            password = password_generator()

        user = uapi.create_user(
            auth_type=AuthType.UNKNOWN,
            email=hapic_data.body.email,
            password=password,
            timezone=hapic_data.body.timezone,
            lang=hapic_data.body.lang,
            name=hapic_data.body.public_name,
            do_notify=hapic_data.body.email_notification,
            groups=groups,
            do_save=True
        )
        return uapi.get_user_with_context(user)
Esempio n. 4
0
    def insert(self):
        u = User()
        u.display_name = 'Global manager'
        u.email = '*****@*****.**'
        u.password = '******'
        self._session.add(u)
        uapi = UserApi(
            session=self._session,
            config=self._config,
            current_user=u)
        uapi.execute_created_user_actions(u)

        g1 = Group()
        g1.group_id = 1
        g1.group_name = 'users'
        g1.display_name = 'Users'
        g1.users.append(u)
        self._session.add(g1)

        g2 = Group()
        g2.group_id = 2
        g2.group_name = 'trusted-users'
        g2.display_name = 'Trusted Users'
        g2.users.append(u)
        self._session.add(g2)

        g3 = Group()
        g3.group_id = 3
        g3.group_name = 'administrators'
        g3.display_name = 'Administrators'
        g3.users.append(u)
        self._session.add(g3)
Esempio n. 5
0
 def test_api__reset_password_reset__err_400__password_does_not_match(self):
     dbsession = get_tm_session(self.session_factory, transaction.manager)
     admin = dbsession.query(User) \
         .filter(User.email == '*****@*****.**') \
         .one()
     uapi = UserApi(
         current_user=admin,
         session=dbsession,
         config=self.app_config,
     )
     reset_password_token = uapi.reset_password_notification(admin, do_save=True)  # nopep8
     transaction.commit()
     params = {
         'email': '*****@*****.**',
         'reset_password_token': reset_password_token,
         'new_password': '******',
         'new_password2': 'anotherpassword',
     }
     res = self.testapp.post_json(
         '/api/v2/auth/password/reset/modify',
         status=400,
         params=params,
     )
     assert isinstance(res.json, dict)
     assert 'code' in res.json.keys()
     assert res.json_body['code'] == error.PASSWORD_DO_NOT_MATCH
Esempio n. 6
0
 def _authenticate_user(
     self,
     request: Request,
     email: typing.Optional[str],
     password: typing.Optional[str],
 ) -> typing.Optional[User]:
     """
     Helper to authenticate user in pyramid request
     from user email and password
     :param request: pyramid request
     :return: User or None
     """
     app_config = request.registry.settings['CFG']
     uapi = UserApi(None, session=request.dbsession, config=app_config)
     ldap_connector = None
     if AuthType.LDAP in app_config.AUTH_TYPES:
         ldap_connector = get_ldap_connector(request)
     try:
         user = uapi.authenticate(
             email=email,
             password=password,
             ldap_connector=ldap_connector
         )
         return user
     except AuthenticationFailed:
         return None
Esempio n. 7
0
 def test_func__reset_password__ok__nominal_case(self):
     uapi = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     current_user = uapi.get_one_by_email('*****@*****.**')
     uapi.reset_password_notification(current_user, do_save=True)
     transaction.commit()
     # Send mail async from redis queue
     redis = get_redis_connection(
         self.app_config
     )
     queue = get_rq_queue(
         redis,
         'mail_sender',
     )
     worker = SimpleWorker([queue], connection=queue.connection)
     worker.work(burst=True)
     # check mail received
     response = self.get_mailhog_mails()
     headers = response[0]['Content']['Headers']
     assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>'  # nopep8
     assert headers['To'][0] == 'Global manager <*****@*****.**>'
     assert headers['Subject'][0] == '[TRACIM] A password reset has been requested'
Esempio n. 8
0
    def test_func__create_user_with_mail_notification__ok__nominal_case(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        u = api.create_user(
            email='bob@bob',
            password='******',
            name='bob',
            timezone='+2',
            do_save=True,
            do_notify=True,
        )
        assert u is not None
        assert u.email == "bob@bob"
        assert u.validate_password('password')
        assert u.display_name == 'bob'
        assert u.timezone == '+2'

        # Send mail async from redis queue with daemon
        daemon = MailSenderDaemon(self.app_config, burst=True)
        daemon.run()
        # check mail received
        response = self.get_mailhog_mails()
        headers = response[0]['Content']['Headers']
        assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>'  # nopep8
        assert headers['To'][0] == 'bob <bob@bob>'
        assert headers['Subject'][0] == '[TRACIM] Created account'
Esempio n. 9
0
    def test_unit__authenticate_user___ok__new_user_ldap_auth_custom_profile(self):
        # TODO - G.M - 2018-12-05 - [ldap_profile]
        # support for profile attribute disabled
        # Should be reenabled later probably with a better code
        class fake_ldap_connector(object):

            def authenticate(self, email: str, password: str):
                if not email == '*****@*****.**' \
                        and password == 'professor':
                    return None
                return [None, {'mail': ['*****@*****.**'],
                               'givenName': ['Hubert'],
                               'profile': ['trusted-users'],
                               }]
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        user = api.authenticate('*****@*****.**', 'professor', fake_ldap_connector())  # nopep8
        assert isinstance(user, User)
        assert user.email == '*****@*****.**'
        assert user.auth_type == AuthType.LDAP
        assert user.display_name == 'Hubert'
        assert user.profile.name == 'trusted-users'
Esempio n. 10
0
 def test_unit_update__err__external_auth_ldap_set_email(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_user(
         email='bob@bob',
         password=None,
         name='bob',
         auth_type=AuthType.LDAP,
         timezone='+2',
         lang='en',
         do_save=True,
         do_notify=False,
     )
     with pytest.raises(ExternalAuthUserEmailModificationDisallowed):
         api.update(
             email='bob@bob1',
             user = u,
             name='bobi',
             password=None,
             auth_type=AuthType.LDAP,
             timezone='-1',
             lang='fr',
             do_save=True,
         )
Esempio n. 11
0
 def test_unit_update__ok_external_auth_ldap(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_user(
         email='bob@bob',
         password=None,
         name='bob',
         auth_type=AuthType.LDAP,
         timezone='+2',
         lang='en',
         do_save=True,
         do_notify=False,
     )
     api.update(
         email='bob@bob',
         user = u,
         name='bobi',
         password=None,
         auth_type=AuthType.LDAP,
         timezone='-1',
         lang='fr',
         do_save=True,
     )
     assert u.display_name == 'bobi'
Esempio n. 12
0
 def test_func__user_update_command__err_password_modification_failed__external_auth(
     self
 ) -> None:
     """
     Test user password update
     """
     api = UserApi(current_user=None, session=self.session, config=self.app_config)
     user = api.get_one_by_email("*****@*****.**")
     assert user.email == "*****@*****.**"
     assert user.validate_password("*****@*****.**")
     assert not user.validate_password("new_password")
     user.auth_type = AuthType.LDAP
     assert user.auth_type == AuthType.LDAP
     self.session.add(user)
     self.session.flush()
     transaction.commit()
     self.disconnect_database()
     app = TracimCLI()
     with pytest.raises(ExternalAuthUserPasswordModificationDisallowed):
         app.run(
             [
                 "user",
                 "update",
                 "-c",
                 "tests_configs.ini#command_test",
                 "-l",
                 "*****@*****.**",
                 "-p",
                 "new_ldap_password",
                 "--debug",
             ]
         )
Esempio n. 13
0
 def test_api__reset_password_reset__ok_204__nominal_case(self):
     dbsession = get_tm_session(self.session_factory, transaction.manager)
     admin = dbsession.query(User) \
         .filter(User.email == '*****@*****.**') \
         .one()
     uapi = UserApi(
         current_user=admin,
         session=dbsession,
         config=self.app_config,
     )
     reset_password_token = uapi.reset_password_notification(admin, do_save=True)  # nopep8
     transaction.commit()
     params = {
         'email': '*****@*****.**',
         'reset_password_token': reset_password_token,
         'new_password': '******',
         'new_password2': 'mynewpassword',
     }
     self.testapp.post_json(
         '/api/v2/auth/password/reset/modify',
         status=204,
         params=params,
     )
     # check if password is correctly setted
     self.testapp.authorization = (
         'Basic',
         (
             '*****@*****.**',
             'mynewpassword'
         )
     )
     self.testapp.get(
         '/api/v2/auth/whoami',
         status=200,
     )
Esempio n. 14
0
    def test_unit__disable_user___err__user_cant_disable_itself(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        gapi = GroupApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        groups = [gapi.get_one_with_name('users')]
        user = api.create_user(
            email='*****@*****.**',
            password='******',
            name='bob',
            groups=groups,
            timezone='Europe/Paris',
            do_save=True,
            do_notify=False,
        )

        api2 = UserApi(current_user=user,session=self.session, config=self.app_config)
        from tracim_backend.exceptions import UserCantDisableHimself
        with pytest.raises(UserCantDisableHimself):
            api2.disable(user)
Esempio n. 15
0
 def test_proxy_user_agenda__err__other_user_agenda(self) -> None:
     dbsession = get_tm_session(self.session_factory, transaction.manager)
     admin = dbsession.query(User).filter(
         User.email == "*****@*****.**").one()
     uapi = UserApi(current_user=admin,
                    session=dbsession,
                    config=self.app_config)
     gapi = GroupApi(current_user=admin,
                     session=dbsession,
                     config=self.app_config)
     groups = [gapi.get_one_with_name("users")]
     uapi.create_user(
         "*****@*****.**",
         password="******",
         do_save=True,
         do_notify=False,
         groups=groups,
     )
     user2 = uapi.create_user(
         "[email protected]",
         password="******",
         do_save=True,
         do_notify=False,
         groups=groups,
     )
     transaction.commit()
     self.testapp.authorization = ("Basic", ("*****@*****.**",
                                             "*****@*****.**"))
     result = self.testapp.get("/agenda/user/{}/".format(user2.user_id),
                               status=403)
     assert result.json_body["code"] == 5001
Esempio n. 16
0
 def test_api__reset_password_reset__err_400__expired_token(self):
     dbsession = get_tm_session(self.session_factory, transaction.manager)
     admin = dbsession.query(User) \
         .filter(User.email == '*****@*****.**') \
         .one()
     uapi = UserApi(
         current_user=admin,
         session=dbsession,
         config=self.app_config,
     )
     with freeze_time("1999-12-31 23:59:59"):
         reset_password_token = uapi.reset_password_notification(
             admin,
             do_save=True
         )
         params = {
             'email': '*****@*****.**',
             'reset_password_token': reset_password_token,
             'new_password': '******',
             'new_password2': 'mynewpassword',
         }
         transaction.commit()
     with freeze_time("2000-01-01 00:00:05"):
         res = self.testapp.post_json(
             '/api/v2/auth/password/reset/modify',
             status=400,
             params=params,
         )
         assert isinstance(res.json, dict)
         assert 'code' in res.json.keys()
         assert res.json_body['code'] == error.EXPIRED_RESET_PASSWORD_TOKEN  # nopep8
Esempio n. 17
0
 def test_proxy_user_agenda__ok__workspace_filter(self) -> None:
     dbsession = get_tm_session(self.session_factory, transaction.manager)
     admin = dbsession.query(User).filter(
         User.email == "*****@*****.**").one()
     uapi = UserApi(current_user=admin,
                    session=dbsession,
                    config=self.app_config)
     gapi = GroupApi(current_user=admin,
                     session=dbsession,
                     config=self.app_config)
     groups = [gapi.get_one_with_name("users")]
     user = uapi.create_user(
         "*****@*****.**",
         password="******",
         do_save=True,
         do_notify=False,
         groups=groups,
     )
     workspace_api = WorkspaceApi(current_user=admin,
                                  session=dbsession,
                                  config=self.app_config,
                                  show_deleted=True)
     workspace = workspace_api.create_workspace("wp1", save_now=True)
     workspace.agenda_enabled = True
     workspace2 = workspace_api.create_workspace("wp2", save_now=True)
     workspace2.agenda_enabled = True
     workspace3 = workspace_api.create_workspace("wp3", save_now=True)
     workspace3.agenda_enabled = True
     rapi = RoleApi(current_user=admin,
                    session=dbsession,
                    config=self.app_config)
     rapi.create_one(user, workspace, UserRoleInWorkspace.CONTRIBUTOR,
                     False)
     rapi.create_one(user, workspace2, UserRoleInWorkspace.READER, False)
     rapi.create_one(user, workspace3, UserRoleInWorkspace.READER, False)
     transaction.commit()
     self.testapp.authorization = ("Basic", ("*****@*****.**",
                                             "*****@*****.**"))
     params = {
         "workspace_ids":
         "{},{}".format(workspace.workspace_id, workspace3.workspace_id),
         "agenda_types":
         "workspace",
     }
     result = self.testapp.get("/api/v2/users/{}/agenda".format(
         user.user_id),
                               params=params,
                               status=200)
     assert len(result.json_body) == 2
     agenda = result.json_body[0]
     assert agenda[
         "agenda_url"] == "http://localhost:6543/agenda/workspace/{}/".format(
             workspace.workspace_id)
     assert agenda["with_credentials"] is True
     agenda = result.json_body[1]
     assert agenda[
         "agenda_url"] == "http://localhost:6543/agenda/workspace/{}/".format(
             workspace3.workspace_id)
     assert agenda["with_credentials"] is True
Esempio n. 18
0
    def test_api___simple_search_ok__by_comment_content(
        self,
        created_content_name,
        search_string,
        nb_content_result,
        first_search_result_content_name,
        first_created_comment_content,
        second_created_comment_content,
    ) -> None:
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
        uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
        gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
        groups = [gapi.get_one_with_name("trusted-users")]
        user = uapi.create_user(
            "*****@*****.**",
            password="******",
            do_save=True,
            do_notify=False,
            groups=groups,
        )
        workspace_api = WorkspaceApi(
            current_user=admin, session=dbsession, config=self.app_config, show_deleted=True
        )
        workspace = workspace_api.create_workspace("test", save_now=True)
        rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config)
        rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
        api = ContentApi(session=dbsession, current_user=user, config=self.app_config)
        content = api.create(
            content_type_slug="html-document",
            workspace=workspace,
            label=created_content_name,
            do_save=True,
        )
        api.create_comment(
            workspace=workspace, parent=content, content=first_created_comment_content, do_save=True
        )
        api.create_comment(
            workspace=workspace,
            parent=content,
            content=second_created_comment_content,
            do_save=True,
        )
        api.create(
            content_type_slug="html-document", workspace=workspace, label="report", do_save=True
        )
        api.create(
            content_type_slug="thread", workspace=workspace, label="discussion", do_save=True
        )
        transaction.commit()

        self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**"))
        params = {"search_string": search_string}
        res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params)
        search_result = res.json_body
        assert search_result
        assert search_result["total_hits"] == nb_content_result
        assert search_result["is_total_hits_accurate"] is False
        assert search_result["contents"][0]["label"] == first_search_result_content_name
Esempio n. 19
0
    def add_permission_to_workspace(
        self,
        workspace: Workspace,
        emails: typing.List[str],
        password: typing.Optional[str] = None,
        do_notify=False,
    ) -> typing.List[UploadPermission]:
        upload_permissions = []
        created = datetime.utcnow()
        upload_permission_group_uuid = str(uuid.uuid4().hex)
        for email in emails:
            upload_permission = UploadPermission(
                author=self._user,
                workspace_id=workspace.workspace_id,
                email=email.lower(),
                token=str(uuid.uuid4()),
                password=password,
                type=UploadPermissionType.EMAIL,
                created=created,
                upload_permission_group_uuid=upload_permission_group_uuid,
                enabled=True,
            )
            self.save(upload_permission)
            upload_permissions.append(upload_permission)
            self._session.flush()

        if do_notify:
            userlib = UserApi(config=self._config,
                              current_user=self._user,
                              session=self._session)
            workspace_lib = WorkspaceApi(config=self._config,
                                         current_user=self._user,
                                         session=self._session)
            try:
                email_manager = self._get_email_manager(
                    self._config, self._session)
                email_manager.notify_upload_permission(
                    emitter=userlib.get_user_with_context(self._user),
                    workspace_in_context=workspace_lib.
                    get_workspace_with_context(workspace),
                    upload_permission_receivers=self.
                    get_upload_permissions_in_context(upload_permissions),
                    upload_permission_password=password,
                )
            # FIXME - G.M - 2018-11-02 - hack: accept bad recipient user creation
            # this should be fixed to find a solution to allow "fake" email but
            # also have clear error case for valid mail.
            except SMTPRecipientsRefused:
                logger.warning(
                    self,
                    "Upload Permission initied by user {} but SMTP "
                    "server refuse to send notification".format(
                        self._user.login),
                )
            except SMTPException as exc:
                raise NotificationSendingFailed(
                    "Notification for Upload Permission can't be send "
                    "(SMTP error).") from exc
        return upload_permissions
Esempio n. 20
0
 def test_unit__authenticate_user___err__wrong_user(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(AuthenticationFailed):
         api.authenticate('*****@*****.**', 'wrong_password')
Esempio n. 21
0
 def test_unit__get_one_by_email__err__user_does_not_exist(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(UserDoesNotExist):
         api.get_one_by_email('unknown')
Esempio n. 22
0
 def test_unit__create_minimal_user__err__too_short_email(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(TracimValidationFailed):
         u = api.create_minimal_user('b@')
Esempio n. 23
0
 def test_unit__authenticate_user___err__wrong_user(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(AuthenticationFailed):
         api.authenticate('*****@*****.**', 'wrong_password')
Esempio n. 24
0
 def test_unit__get_current_user__err__user_not_exist(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(UserDoesNotExist):
         api.get_current_user()
Esempio n. 25
0
 def test_unit__create_minimal_user__err__too_short_email(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(TracimValidationFailed):
         u = api.create_minimal_user('b@')
Esempio n. 26
0
 def test_unit__authenticate_user___err__no_ldap_connector(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(MissingLDAPConnector):
         user = api.authenticate('*****@*****.**', 'professor')
Esempio n. 27
0
 def test_unit__authenticate_user___err__no_ldap_connector(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(MissingLDAPConnector):
         user = api.authenticate('*****@*****.**', 'professor')
Esempio n. 28
0
 def authDomainUser(self, realmname, username, password, environ):
     """
     If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by
     http_authenticator to validate the password sent
     """
     api = UserApi(None, environ['tracim_dbsession'], self.app_config)
     return self.isRealmUser(realmname, username, environ) and \
          api.get_one_by_email(username).validate_password(password)
Esempio n. 29
0
 def test_unit__get_one_by_email__err__user_does_not_exist(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(UserDoesNotExist):
         api.get_one_by_email('unknown')
Esempio n. 30
0
 def test_unit__get_current_user__err__user_not_exist(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(UserDoesNotExist):
         api.get_current_user()
Esempio n. 31
0
    def test_api__elasticsearch_search__ok__in_file_ingest_search(self):
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(User).filter(
            User.email == "*****@*****.**").one()
        uapi = UserApi(current_user=admin,
                       session=dbsession,
                       config=self.app_config)
        gapi = GroupApi(current_user=admin,
                        session=dbsession,
                        config=self.app_config)
        groups = [gapi.get_one_with_name("trusted-users")]
        user = uapi.create_user(
            "*****@*****.**",
            password="******",
            do_save=True,
            do_notify=False,
            groups=groups,
        )
        workspace_api = WorkspaceApi(current_user=admin,
                                     session=dbsession,
                                     config=self.app_config,
                                     show_deleted=True)
        workspace = workspace_api.create_workspace("test", save_now=True)
        rapi = RoleApi(current_user=admin,
                       session=dbsession,
                       config=self.app_config)
        rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER,
                        False)
        api = ContentApi(session=dbsession,
                         current_user=user,
                         config=self.app_config)
        with self.session.no_autoflush:
            text_file = api.create(
                content_type_slug=content_type_list.File.slug,
                workspace=workspace,
                label="important",
                do_save=False,
            )
            api.update_file_data(text_file, "test_file", "text/plain",
                                 b"we need to find stringtosearch here !")
            api.save(text_file)
            api.execute_created_content_actions(text_file)
        content_id = text_file.content_id
        transaction.commit()
        self.refresh_elasticsearch()

        params = {"search_string": "stringtosearch"}
        self.testapp.authorization = ("Basic", ("*****@*****.**",
                                                "*****@*****.**"))
        res = self.testapp.get("/api/v2/search/content".format(),
                               status=200,
                               params=params)
        search_result = res.json_body
        assert search_result
        assert search_result["total_hits"] == 1
        assert search_result["is_total_hits_accurate"] is True
        assert len(search_result["contents"]) == 1
        assert search_result["contents"][0]["content_id"] == content_id
Esempio n. 32
0
    def test_func__create_new_content_with_notification__ok__nominal_case(
            self):
        uapi = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        current_user = uapi.get_one_by_email('*****@*****.**')
        # Create new user with notification enabled on w1 workspace
        wapi = WorkspaceApi(
            current_user=current_user,
            session=self.session,
            config=self.app_config,
        )
        workspace = wapi.get_one_by_label('Recipes')
        user = uapi.get_one_by_email('*****@*****.**')
        wapi.enable_notifications(user, workspace)

        api = ContentApi(
            current_user=user,
            session=self.session,
            config=self.app_config,
        )
        item = api.create(
            content_type_list.Folder.slug,
            workspace,
            None,
            'parent',
            do_save=True,
            do_notify=False,
        )
        item2 = api.create(
            content_type_list.File.slug,
            workspace,
            item,
            'file1',
            do_save=True,
            do_notify=True,
        )
        # Send mail async from redis queue
        redis = get_redis_connection(self.app_config)
        queue = get_rq_queue(
            redis,
            'mail_sender',
        )
        worker = SimpleWorker([queue], connection=queue.connection)
        worker.work(burst=True)
        # check mail received
        response = requests.get('http://127.0.0.1:8025/api/v1/messages')
        response = response.json()
        headers = response[0]['Content']['Headers']
        assert headers['From'][
            0] == '"Bob i. via Tracim" <test_user_from+3@localhost>'  # nopep8
        assert headers['To'][0] == 'Global manager <*****@*****.**>'
        assert headers['Subject'][0] == '[TRACIM] [Recipes] file1 (Open)'
        assert headers['References'][0] == 'test_user_refs+22@localhost'
        assert headers['Reply-to'][
            0] == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>'  # nopep8
Esempio n. 33
0
 def test_unit__create_minimal_user__err__too_long_email(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(TracimValidationFailed):
         email = 'b{}b@bob'.format('o'*255)
         u = api.create_minimal_user(email)
Esempio n. 34
0
 def test_unit__authenticate_user___ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     user = api.authenticate_user('*****@*****.**', '*****@*****.**')
     assert isinstance(user, User)
     assert user.email == '*****@*****.**'
Esempio n. 35
0
    def test_func__create_comment_with_notification__ok__nominal_case(self):
        uapi = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        current_user = uapi.get_one_by_email('*****@*****.**')
        # set admin as french, useful to verify if i18n work properly
        current_user.lang = 'fr'
        # Create new user with notification enabled on w1 workspace
        wapi = WorkspaceApi(
            current_user=current_user,
            session=self.session,
            config=self.app_config,
        )
        workspace = wapi.get_one_by_label('Recipes')
        user = uapi.get_one_by_email('*****@*****.**')
        wapi.enable_notifications(user, workspace)

        api = ContentApi(
            current_user=user,
            session=self.session,
            config=self.app_config,
        )
        item = api.create(
            content_type_list.Folder.slug,
            workspace,
            None,
            'parent',
            do_save=True,
            do_notify=False,
        )
        item2 = api.create(
            content_type_list.File.slug,
            workspace,
            item,
            'file1',
            do_save=True,
            do_notify=False,
        )
        api.create_comment(parent=item2,
                           content='My super comment',
                           do_save=True,
                           do_notify=True)
        transaction.commit()

        # check mail received
        response = requests.get('http://127.0.0.1:8025/api/v1/messages')
        response = response.json()
        headers = response[0]['Content']['Headers']
        assert headers['From'][
            0] == '"Bob i. via Tracim" <test_user_from+3@localhost>'  # nopep8
        assert headers['To'][0] == 'Global manager <*****@*****.**>'
        assert headers['Subject'][0] == '[TRACIM] [Recipes] file1 (Open)'
        assert headers['References'][0] == 'test_user_refs+22@localhost'
        assert headers['Reply-to'][
            0] == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>'  # nopep8
Esempio n. 36
0
 def _get_user(self, user_email: typing.Callable):
     user_email = user_email()
     uapi = UserApi(
         None,
         show_deleted=True,
         session=self.dbsession,
         config=self.app_config
     )
     return uapi.get_one_by_email(user_email)
Esempio n. 37
0
 def user_disk_space(self, context, request: TracimRequest, hapic_data=None):
     """
     Get user space infos.
     """
     app_config = request.registry.settings["CFG"]  # type: CFG
     uapi = UserApi(
         current_user=request.current_user, session=request.dbsession, config=app_config  # User
     )
     return uapi.get_user_with_context(request.candidate_user)
Esempio n. 38
0
 def _get_user(self, user_id_fetcher: typing.Callable):
     user_id = user_id_fetcher()
     uapi = UserApi(
         None,
         show_deleted=True,
         session=self.dbsession,
         config=self.app_config
     )
     return uapi.get_one(user_id)
Esempio n. 39
0
 def delete_user(self, context, request: TracimRequest, hapic_data=None):
     """
     delete user
     """
     app_config = request.registry.settings["CFG"]  # type: CFG
     uapi = UserApi(
         current_user=request.current_user, session=request.dbsession, config=app_config  # User
     )
     uapi.delete(user=request.candidate_user, do_save=True)
Esempio n. 40
0
 def test_unit__create_minimal_user__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.email == 'bob@bob'
     assert u.display_name == 'bob'
Esempio n. 41
0
 def _remote_authenticated_user(self, request: Request, email: str):
     app_config = request.registry.settings['CFG']  # type: 'CFG'
     uapi = UserApi(None, session=request.dbsession, config=app_config)
     if not app_config.REMOTE_USER_HEADER:
         return None
     try:
         return uapi.remote_authenticate(email)
     except AuthenticationFailed:
         return None
Esempio n. 42
0
 def test_unit__update_user_lang__err__too_short_lang(self):
     api = UserApi(current_user=None, session=self.session, config=self.app_config)
     u = api.create_minimal_user("bob@bob")
     # 1 char
     with pytest.raises(TracimValidationFailed):
         u = api.update(user=u, lang="f")
     # 2 char
     u = api.update(user=u, lang="fr")
     assert u.lang == "fr"
Esempio n. 43
0
 def test_unit__update_user_public_name__err__too_short_public_name(self):
     api = UserApi(current_user=None, session=self.session, config=self.app_config)
     u = api.create_minimal_user("bob@bob")
     # 2 char
     with pytest.raises(TracimValidationFailed):
         u = api.update(user=u, name="nn")
     # 3 char
     u = api.update(user=u, name="nnn")
     assert u.display_name == "nnn"
Esempio n. 44
0
 def test_unit__create_minimal_user_and_update__err__set_unaivalable_auth_type(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     with pytest.raises(UserAuthTypeDisabled):
         api.update(u, name='bob', email='bob@bob', auth_type=AuthType.LDAP, do_save=True)
Esempio n. 45
0
 def test_unit__create_minimal_user__err__too_long_email(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(TracimValidationFailed):
         email = 'b{}b@bob'.format('o' * 255)
         u = api.create_minimal_user(email)
Esempio n. 46
0
 def test_unit__create_minimal_user__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.email == 'bob@bob'
     assert u.display_name == 'bob'
Esempio n. 47
0
    def test_func__create_new_content_with_notification__ok__nominal_case(self):
        uapi = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        current_user = uapi.get_one_by_email('*****@*****.**')
        # Create new user with notification enabled on w1 workspace
        wapi = WorkspaceApi(
            current_user=current_user,
            session=self.session,
            config=self.app_config,
        )
        workspace = wapi.get_one_by_label('Recipes')
        user = uapi.get_one_by_email('*****@*****.**')
        wapi.enable_notifications(user, workspace)

        api = ContentApi(
            current_user=user,
            session=self.session,
            config=self.app_config,
        )
        item = api.create(
            content_type_list.Folder.slug,
            workspace,
            None,
            'parent',
            do_save=True,
            do_notify=False,
        )
        item2 = api.create(
            content_type_list.File.slug,
            workspace,
            item,
            'file1',
            do_save=True,
            do_notify=True,
        )
        # Send mail async from redis queue
        redis = get_redis_connection(
            self.app_config
        )
        queue = get_rq_queue(
            redis,
            'mail_sender',
        )
        worker = SimpleWorker([queue], connection=queue.connection)
        worker.work(burst=True)
        # check mail received
        response = self.get_mailhog_mails()
        headers = response[0]['Content']['Headers']
        assert headers['From'][0] == '"Bob i. via Tracim" <test_user_from+3@localhost>'  # nopep8
        assert headers['To'][0] == 'Global manager <*****@*****.**>'
        assert headers['Subject'][0] == '[TRACIM] [Recipes] file1 (Open)'
        assert headers['References'][0] == 'test_user_refs+22@localhost'
        assert headers['Reply-to'][0] == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>'  # nopep8
Esempio n. 48
0
 def test_unit__update_user_lang_name__ok__nominal_case(self):
     api = UserApi(current_user=None, session=self.session, config=self.app_config)
     u = api.create_minimal_user("bob@bob")
     assert u.lang is None
     # 2 char
     u = api.update(user=u, lang="fr")
     assert u.lang == "fr"
     # 3 char
     u = api.update(user=u, lang="fre")
     assert u.lang == "fre"
Esempio n. 49
0
 def test_unit__anonymize_user__ok__explicit_name(self, session,
                                                  app_config) -> None:
     api = UserApi(current_user=None, session=session, config=app_config)
     u = api.create_minimal_user("bob@bob")
     assert u.display_name == "bob"
     assert u.email == "bob@bob"
     cleanup_lib = CleanupLib(app_config=app_config, session=session)
     cleanup_lib.anonymize_user(u, anonymized_user_display_name="anonymous")
     assert u.display_name == "anonymous"
     assert u.email.endswith("@anonymous.local")
Esempio n. 50
0
 def test_unit__update_timezone__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.timezone is None
     u = api.update(user=u, timezone='Europe/Paris')
     assert u.timezone == 'Europe/Paris'
Esempio n. 51
0
 def test_unit__update_user_email__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.email == 'bob@bob'
     u = api.update(user=u, email='bib@bib')
     assert u.email == 'bib@bib'
Esempio n. 52
0
 def test_unit__get_one__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('titi@titi')
     api.update(u, 'titi', 'titi@titi', 'password', do_save=True)
     one = api.get_one(u.user_id)
     eq_(u.user_id, one.user_id)
Esempio n. 53
0
 def test_unit__get_current_user_ok__nominal_case(self):
     user = User(email='*****@*****.**')
     api = UserApi(
         current_user=user,
         session=self.session,
         config=self.app_config,
     )
     new_user = api.get_current_user()
     assert isinstance(new_user, User)
     assert user == new_user
Esempio n. 54
0
 def test_unit__update_user_email__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.email == 'bob@bob'
     u = api.update(user=u, email='bib@bib')
     assert u.email == 'bib@bib'
Esempio n. 55
0
 def test_unit__get_current_user_ok__nominal_case(self):
     user = User(email='*****@*****.**')
     api = UserApi(
         current_user=user,
         session=self.session,
         config=self.app_config,
     )
     new_user = api.get_current_user()
     assert isinstance(new_user, User)
     assert user == new_user
Esempio n. 56
0
 def test_unit__update_timezone__ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     u = api.create_minimal_user('bob@bob')
     assert u.timezone is None
     u = api.update(user=u, timezone='Europe/Paris')
     assert u.timezone == 'Europe/Paris'
Esempio n. 57
0
 def test_unit__authenticate_user___ok__nominal_case(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     user = api.authenticate('*****@*****.**', '*****@*****.**')
     assert isinstance(user, User)
     assert user.email == '*****@*****.**'
     assert user.auth_type == AuthType.INTERNAL
Esempio n. 58
0
 def account(self, context, request: TracimRequest, hapic_data=None):
     """
     Get user infos.
     """
     app_config = request.registry.settings['CFG']
     uapi = UserApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     return uapi.get_user_with_context(request.current_user)
Esempio n. 59
0
    def test_unit__update_user_email__err__wrong_format(self):
        api = UserApi(
            current_user=None,
            session=self.session,
            config=self.app_config,
        )
        u = api.create_minimal_user('bob@bob')

        # 2 char
        with pytest.raises(EmailValidationFailed):
            u = api.update(user=u, email='b+b')