def app(user, plan_record): app = create_app(test_config) with app.app_context(): db.create_all() admin_role = Role(name="admin") user_role = Role(name="user") db.session.add(admin_role) db.session.add(user_role) # Admin user user.roles = [admin_role, user_role] db.session.add(user) # Non-admin user non_admin = User(first="Example", last="Person", email="*****@*****.**") non_admin.roles = [user_role] db.session.add(non_admin) place = Place(name="Lowell, MA", description="A town") db.session.add(place) plan = PlanSchema().load(plan_record) plan.user = user db.session.add(plan) db.session.commit() return app
def test_update_role(self): self.role1.save() role1 = Role.get(id=1) role1.update({'title': 'new_role_title'}) self.assertEqual('new_role_title', Role.get(id=1).title) self.assertTrue(isinstance(role1.update({'random': 'bad field'}), dict))
async def test_role_update(app: AsyncClient, db, user, token, manage_roles_role, request_data, new_data, status): try: query = """ INSERT INTO roles (id, name, color, permissions, position) VALUES (create_snowflake(), 'test update', 0, 0, (SELECT COUNT(*) FROM roles) + 1) RETURNING *; """ role = Role(**await Role.pool.fetchrow(query)) await UserRole.create(user.id, manage_roles_role.id) res = await app.patch( f"/api/v1/roles/{role.id}", json=request_data, headers={"Authorization": token}, ) assert res.status_code == status role = await Role.fetch(role.id) data = role.as_dict() data.pop("id") data.pop("position") assert data == new_data finally: await db.execute( "DELETE FROM userroles WHERE role_id = $1 AND user_id = $2;", manage_roles_role.id, user.id, ) await db.execute("DELETE FROM roles WHERE id = $1", role.id)
def app(user, plan_record): app = create_app( { "TESTING": True, "SQLALCHEMY_DATABASE_URI": "sqlite:///:memory:", "SQLALCHEMY_TRACK_MODIFICATIONS": False, "SECRET_KEY": b"my_secret_key", } ) with app.app_context(): db.create_all() admin_role = Role(name="admin") user_role = Role(name="user") db.session.add(admin_role) db.session.add(user_role) user.roles = [admin_role, user_role] db.session.add(user) place = Place(name="Lowell, MA", description="A town") db.session.add(place) plan = PlanSchema().load(plan_record) plan.user = user db.session.add(plan) db.session.commit() return app
def new_roles(app): roles = [ Role(title='Operations Intern'), Role(title='Operations Coordinator'), Role(title='Operations Assistant'), Role(title='Operations Manager'), ] return roles
def test_get_many_roles(self): self.assertEqual(True, isinstance(Role.get_all(), dict)) self.role1.save() self.role2.save() self.role3.save() self.assertEqual(True, isinstance(Role.get_all()[0], Role)) self.assertEqual(True, isinstance(Role.get_all()[1], Role)) self.assertEqual(3, len(Role.get_all()))
def setUp(self): """ Set up test application. """ self.app = create_app('testing') self.client = self.app.test_client() self.client.headers = {'Authorization': getenv('TEST_TOKEN')} self.app_context = self.app.app_context() self.app_context.push() db.drop_all() db.create_all() self.board1 = Board() self.board2 = Board() self.conversation1 = Conversation() self.conversation2 = Conversation() self.deposit1 = Deposit() self.deposit2 = Deposit() self.estate1 = Estate(address="Random Address 1") self.estate2 = Estate(address="Random Address 2") self.estate3 = Estate() self.headers = {'Authorization': getenv('TEST_TOKEN')} self.message1 = Message(sender=1, content='Random Content') self.message2 = Message(sender=2, content='Random Content') self.message3 = Message() self.payment1 = Payment() self.payment2 = Payment() self.role1 = Role(title='basic') self.role2 = Role(title='admin') self.role3 = Role(title='super_admin') self.role4 = Role() self.unit1 = Unit(name="Random Unit 1") self.unit2 = Unit(name="Random Unit 2") self.unit3 = Unit() self.user1 = User(name="First1 Middle1 Last1", phone_number="000 12 3456781", email="*****@*****.**", password=digest('ABC123!@#')) self.user2 = User(name="First2 Middle2 Last2", phone_number="000 12 3456782", email="*****@*****.**", password=digest('ABC123!@#')) self.user3 = User() self.user_new_data1 = {'phone_number': "000 12 3456783"} self.user_new_data2 = {'bad_field': "random"} self.wallet1 = Wallet() self.wallet2 = Wallet() self.user1_dict = { "name": "First1 Middle1 Last1", "phone_number": "000 12 3456781", "email": "*****@*****.**", "password": "******" } self.conversation3_dict = {"participants": [1, 2]} self.message4_dict = {"content": "New Message."} self.board3_dict = {'members': [1, 2]}
def app(user, plan_record): app = create_app(test_config) with app.app_context(): db.create_all() admin_role = Role(name="admin") user_role = Role(name="user") db.session.add(admin_role) db.session.add(user_role) # Admin user user.roles = [admin_role, user_role] db.session.add(user) # Non-admin user non_admin = User(first="Example", last="Person", email="*****@*****.**") non_admin.roles = [user_role] db.session.add(non_admin) place = Place( slug="lowell", name="Lowell, MA", state="Massachusetts", description="A town", districting_problems=[ DistrictingProblem( number_of_parts=9, name="Town Council", plural_noun="Town Council Districts", ) ], units=[ UnitSet( name="Blocks", unit_type="block", slug="blocks", bounds="[[0, 100], [0, 100]]", ) ], ) db.session.add(place) plan = Plan(**PlanSchema().load(plan_record)) plan.user = user db.session.add(plan) db.session.commit() return app
def create_admin(): if User.get_or_none(email='admin'): db.close_db(None) return anonymous_role, _ = Role.get_or_create(name='anonymous') super_role, _ = Role.get_or_create(name='superuser') user_role, _ = Role.get_or_create(name='user') user_datastore.create_user(first_name='Admin', email='admin', password=hash_password(ADMIN_PASS), confirmed_at=datetime.utcnow(), roles=[user_role, super_role]) db.close_db(None)
def setUpClass(cls): DBModel.metadata.drop_all(sqla_engine) DBModel.metadata.create_all(sqla_engine) r1, r2 = Role(name='admin'), Role(name='pikus') DBSession.add(r1) DBSession.add(r2) a = Account(username='******', fullName='Greg Burek', email='*****@*****.**') a.set_password('dupa') a.roles.extend((r1, r2)) DBSession.add(a) DBSession.commit() cls.DBSession = DBSession
def centre_societies_roles_data_dev(production=False): """Generate center societies and role data.""" # test centers nairobi = Center(name='nairobi') kampala = Center(name='kampala') lagos = Center(name='lagos') # societies phoenix = Society(name="phoenix") istelle = Society(name="istelle") sparks = Society(name="sparks") invictus = Society(name="invictus") # roles available roles = (Role(uuid="-KXGy1EB1oimjQgFim6F", name="success"), Role(uuid="-KXGy1EB1oimjQgFim6L", name="finance"), Role(uuid="-KXGy1EB1oimjQgFim6C", name="fellow"), Role(uuid="-KkLwgbeJUO0dQKsEk1i", name="success ops"), Role(uuid="-KiihfZoseQeqC6bWTau", name="andelan"), Role(name="society president"), Role(name="society vice president"), Role(name="society secretary")) return (roles, nairobi, kampala, lagos, phoenix, istelle, sparks, invictus) if not production else (roles, phoenix, istelle, sparks, invictus)
def handle(self, *args, **options): try: role_names = [settings.ROLE_PROJECT_ADMIN, settings.ROLE_ANNOTATOR, settings.ROLE_ANNOTATION_APPROVER] except KeyError as key_error: self.stderr.write(self.style.ERROR(f'Missing Key: "{key_error}"')) for role_name in role_names: if Role.objects.filter(name=role_name).exists(): continue role = Role() role.name = role_name try: role.save() except DatabaseError as db_error: self.stderr.write(self.style.ERROR(f'Database Error: "{db_error}"')) else: self.stdout.write(self.style.SUCCESS(f'Role created successfully "{role_name}"'))
def post(self): username = request.values.get("username") or request.values.get( "email") password = request.values.get("password") user, authenticated = User.query.authenticate(username, password) log_type = request.values.get('type') x_real_ip = request.headers.get('x-real-ip', '') if user and not user.is_active: return abort(403, "账户已被系统禁用") if not user: return abort(403, "User <{0}> does not exist".format(username)) if not authenticated: value = UserCache.get_count_error(username) if value >= 3: if user and user.is_active: user.is_active = False user.save() return abort(403, "账户已被禁用") return abort(403, "invalid username or password") role = Role.get_by(id=user.id, first=True, to_dict=True) if log_type == 'ldap': pass # ldap未完成 else: if user and user.deleted_by is None: return self.handle_user_info(user, x_real_ip, role)
def get(cls, id): permission = cache.get(cls.PREFIX_ID.format(key)) if not permission: permission = Role.get_by(id=id).page_perms if permission: cls.set(id, permission) return permission
async def manage_roles_role(db): query = """ INSERT INTO roles (id, name, color, permissions, position) VALUES (create_snowflake(), $1, $2, $3, (SELECT COUNT(*) FROM roles) + 1) RETURNING *; """ record = await Role.pool.fetchrow(query, "Roles Manager", 0x0, ManageRoles().value) yield Role(**record) await db.execute("DELETE FROM roles WHERE id = $1;", record["id"])
def test_add_and_remove_role_from_user(self): self.user1.save() self.role1.save() self.role2.save() user1 = User.get(id=1) self.assertEqual(0, len(user1.roles)) user1.insert('roles', Role.get_all()) self.assertEqual(2, len(user1.roles)) user1.remove('roles', id=1) self.assertEqual(1, len(user1.roles)) user1.remove('roles') self.assertEqual(0, len(user1.roles))
def create_test_token(): """ Create token for use in testing. Seed roles before running this. """ user = User.get(email="*****@*****.**") roles = Role.get_all() user.insert('roles', roles) user.save() token = create_token("*****@*****.**") environ['TEST_TOKEN'] = token print('\nToken created:\n', token, '\nThe token is saved in the environment.\n')
def test_add_and_remove_users_from_role(self): self.user1.save() self.user2.save() self.role1.save() role1 = Role.get(id=1) self.assertEqual(0, len(role1.users)) users = User.get_all() role1.insert('users', users) self.assertEqual(True, isinstance(role1.users[0], User)) role1.remove('users', id=1) self.assertEqual(1, len(role1.users)) role1.remove('users') self.assertEqual(0, len(role1.users))
def seed_roles(): """ Seeds sample roles """ titles = [ 'Operations Intern', 'Operations Coordinator', 'Operations Assistant', 'Operations Manager', ] for title in titles: db.session.add(Role(title=title)) db.session.commit()
def seed_roles(): """ Add initial roles to the database. """ Role.drop() roles = ['basic', 'admin', 'super_admin'] for role in roles: new_role = Role(title=role) new_role.save() print('\nRoles Seeded.\n')
async def test_update_role_positions_down(app: AsyncClient, db, user, token, manage_roles_role): try: roles = [] # manage roles -> 1 -> 3 -> 2 -> 4 role_names = ["1", "3", "2", "4"] for role_name in role_names: query = """ INSERT INTO roles (id, name, color, permissions, position) VALUES (create_snowflake(), $1, 0, 0, (SELECT COUNT(*) FROM roles) + 1) RETURNING *; """ role = Role(**await Role.pool.fetchrow(query, role_name)) roles.append(role) await UserRole.create(user.id, manage_roles_role.id) res = await app.patch( f"/api/v1/roles/{roles[1].id}", json={"position": 4}, headers={"Authorization": token}, ) assert res.status_code == 204 res = await app.get("/api/v1/roles") new_roles = sorted(res.json(), key=lambda x: x["position"]) for i, role in enumerate(new_roles, 1): assert (role["position"] == i ) # make sure roles are ordered with no missing positions for i in range(1, 5): assert new_roles[i]["name"] == str(i) finally: await db.execute( "DELETE FROM userroles WHERE role_id = $1 AND user_id = $2;", manage_roles_role.id, user.id, ) for role in roles: await db.execute("DELETE FROM roles WHERE id = $1", role.id)
async def inner(user=authorization()): query = """ SELECT * FROM roles r WHERE r.id IN ( SELECT ur.role_id FROM userroles ur WHERE ur.user_id = $1 ) """ records = await Role.pool.fetch(query, user.id) if not records: raise HTTPException(403, "Missing Permissions") user_permissions = 0 for record in records: user_permissions |= record["permissions"] if not utils.has_permissions(user_permissions, permissions): raise HTTPException(403, "Missing Permissions") return [Role(**record) for record in records]
def post(self): """ Create a new user. """ payload = request.get_json() required = ['email', 'name', 'password', 'phone_number'] result = validate_json(required, payload) if isinstance(result, bool) is True: new_user = User(name=payload['name'], phone_number=payload['phone_number'], email=payload['email'], password=digest(payload['password'])) basic_role = Role.get(title='basic') new_wallet = Wallet() new_user.insert('roles', [basic_role]) new_user.insert('wallet', new_wallet) new_user_id = new_user.save() return { 'status': 'success', 'message': 'User with id {} was created.'.format(new_user_id) }, 201 return {'status': 'fail', 'data': {'missing': result}}, 400
async def test_role_add(app: AsyncClient, db, user, token, manage_roles_role): try: query = """ INSERT INTO roles (id, name, color, permissions, position) VALUES (create_snowflake(), 'test add', 0, 0, (SELECT COUNT(*) FROM roles) + 1) RETURNING *; """ role = Role(**await Role.pool.fetchrow(query)) await UserRole.create(user.id, manage_roles_role.id) res = await app.put( f"/api/v1/roles/{role.id}/members/{user.id}", headers={"Authorization": token}, ) assert res.status_code == 204 finally: await db.execute( "DELETE FROM userroles WHERE role_id = $1 AND user_id = $2;", manage_roles_role.id, user.id, ) await db.execute("DELETE FROM roles WHERE id = $1", role.id)
def test_count(self): assert Role.count() == 1
def seed_test_data(): """ Seed data to be used for testing. """ db.drop_all() db.create_all() payment_1 = Payment() payment_2 = Payment() payment_3 = Payment() payment_4 = Payment() payment_1.insert('deposits', [Deposit( amount=1000.0), Deposit(amount=500.0)]) payment_2.insert('deposits', [Deposit( amount=1000.0), Deposit(amount=500.0)]) payment_3.insert('deposits', [Deposit(amount=1000.0)]) payment_4.insert('deposits', [Deposit(amount=1000.0)]) wallet_1 = Wallet() wallet_2 = Wallet() wallet_3 = Wallet() wallet_4 = Wallet() wallet_1.insert('payments', [payment_1, payment_2]) wallet_2.insert('payments', [payment_3]) wallet_3.insert('payments', [payment_4]) estate1 = Estate(address='Casterly Rock') estate2 = Estate(address='Dorne') estate3 = Estate(address='Dragonstone') estate2.insert('payment', wallet_2.payments[0]) estate3.insert('payment', wallet_3.payments[0]) unit1 = Unit(name='No. 1') unit2 = Unit(name='No. 2') unit3 = Unit(name='No. 1') unit4 = Unit(name='No. 2') unit5 = Unit(name='No. 3') unit1.insert('payment', wallet_1.payments[0]) unit2.insert('payment', wallet_1.payments[1]) estate1.insert('estate_units', [unit1, unit2]) estate2.insert('estate_units', [unit3]) estate3.insert('estate_units', [unit4, unit5]) board1 = Board() board2 = Board() board1.insert('estates_owned', [estate1, estate2]) board2.insert('estates_owned', [estate3]) board1.insert('units_owned', [unit5]) user0 = User( name="Test User", phone_number="000 00 0000000", email="*****@*****.**", password=digest('ABC123!@#1')) user1 = User( name="Jaime Lannister", phone_number="000 12 3456781", email="*****@*****.**", password=digest('ABC123!@#1')) user2 = User( name="Oberyn Martell", phone_number="000 12 3456782", email="*****@*****.**", password=digest('ABC123!@#2')) user3 = User( name="Daenerys Targaryen", phone_number="000 12 3456783", email="*****@*****.**", password=digest('ABC123!@#3')) conversation1 = Conversation() conversation2 = Conversation() message1 = Message(sender=user1.name, content='Content 1') message2 = Message(sender=user2.name, content='Content 2') message3 = Message(sender=user3.name, content='Content 3') conversation1.insert('messages', [message1, message2]) conversation2.insert('messages', [message3]) user0.insert('boards', [board1]) user1.insert('boards', [board1]) user2.insert('boards', [board1]) user3.insert('boards', [board2]) user1.insert('units', [unit1, unit2]) user2.insert('units', [unit3]) user3.insert('units', [unit4]) user0.insert('wallet', wallet_4) user1.insert('wallet', wallet_1) user2.insert('wallet', wallet_2) user3.insert('wallet', wallet_3) user1.insert('conversations', [conversation1, conversation2]) user2.insert('conversations', [conversation1, conversation2]) user3.insert('conversations', [conversation1]) role1 = Role(title='admin') role2 = Role(title='basic') role3 = Role(title='super_admin') role3.insert('users', [user0, user1]) role2.insert('users', [user0, user1, user2, user3]) role1.insert('users', [user0, user3]) role1.save() role2.save() role3.save() print('\nTest Data Seeded.\n')
def new_role(app): role = Role(title='Operations Intern') return role
def test_delete(self, new_user, new_role, request_ctx, mock_request_obj_decoded_token): new_role.delete() assert Role.get(new_role.id) is None
def test_role_exists(self): self.assertFalse(Role.check_exists(id=1)) self.role1.save() self.assertTrue(Role.check_exists(id=1))
def test_query(self): role_query = Role._query() assert role_query.count() == 1 assert isinstance(role_query.all(), list)