def testSessionAcquisition(self): """Users belonging to a group should be able to see all the sessions belonging to the group and the group children """ session = Session() group1 = model.Group(group_id="1") session.add(group1) group2 = model.Group(group_id="2") session.add(group2) account1 = model.Account(loginname="account1") session.add(account1) account1.group = group1 group2.parent = group1 account2 = model.Account(loginname="account2") session.add(account2) account2.group = group2 survey1 = model.SurveySession( account=account1, group=group1, zodb_path="1", ) session.add(survey1) survey2 = model.SurveySession( account=account2, group=group2, zodb_path="2", ) session.add(survey2) session.flush() self.assertListEqual(account1.sessions, [survey1]) self.assertListEqual(account2.sessions, [survey2]) self.assertListEqual(account1.acquired_sessions, [survey1, survey2]) self.assertListEqual(account2.acquired_sessions, [survey2])
def testAccountGroupsRelationship(self): session = Session() group1 = model.Group(group_id="1") session.add(group1) session.flush() account1 = model.Account(loginname="account1") session.add(account1) account2 = model.Account(loginname="account2") session.add(account2) session.flush() self.assertEqual(account1.group, None) account1.group = group1 account2.group = group1 self.assertListEqual(group1.accounts, [account1, account2])
def test_resume_enforce_same_account(self): from AccessControl.SecurityManagement import getSecurityManager from AccessControl.SecurityManagement import setSecurityManager from AccessControl.SecurityManagement import newSecurityManager from euphorie.client import model sm = getSecurityManager() mgr = self.SessionManagerFactory() victim = model.Account(loginname="test", password=u"test") attacker = model.Account(loginname="evil", password=u"layer") session = model.SurveySession(account=victim) try: newSecurityManager(None, attacker) self.assertRaises(ValueError, mgr.resume, session) finally: setSecurityManager(sm)
def create_session(self): with api.env.adopt_user(SITE_OWNER_NAME): api.content.create(container=self.portal.sectors, type="euphorie.country", id="eu") client_country = api.content.create(container=self.portal.client, type="euphorie.clientcountry", id="eu") client_sector = api.content.create(container=client_country, type="euphorie.clientsector", id="sector") api.content.create(container=client_sector, type="euphorie.survey", id="survey") sqlsession = Session() account = model.Account(loginname="jane", password="******") sqlsession.add(account) session = model.SurveySession(title="Session", zodb_path="eu/sector/survey", account=account) sqlsession.add(session) sqlsession.flush() return session
def test_authenticate_login_not_case_sensitive(self): session = Session() account = model.Account(loginname="john", password="******") session.add(account) plugin = EuphorieAccountPlugin("plugin") credentials = {"login": "******", "password": "******"} self.assertTrue(plugin._authenticate_login(credentials) is not None)
def createGuestAccount(self): account = model.Account( loginname="guest-%s" % datetime.datetime.now().isoformat(), account_type=config.GUEST_ACCOUNT, ) Session().add(account) return account
def testEnumerateUsers_NoInexactMatch(self): session = Session() account = model.Account(loginname='john', password=u'jane') session.add(account) plugin = EuphorieAccountPlugin('plugin') self.assertEqual( plugin.enumerateUsers(login='******', exact_match=False), [])
def testUnpublishWithActiveSession(self): """When a survey gets unpublished, while it's still in an active session, then WebHelpers.survey_url must return None, not fail. """ survey = self.createSurvey() client_survey = getSite().client.nl.ict['software-development'] request = testRequest() request.client = client_survey utils.setRequest(request) account = model.Account(loginname="jane", password=u"john") mgr = session.SessionManagerFactory() mgr.start(u"Test session", client_survey, account) mgr.session.zodb_path = '/'.join(client_survey.getPhysicalPath()) helpers = utils.WebHelpers(survey, request) self.assertEqual( helpers.survey_url(), client_survey.absolute_url()) self.handleSurveyUnpublish(survey, None) helpers = utils.WebHelpers(survey, request) self.assertEqual( helpers.survey_url(), None)
def test_authenticate_login_not_case_sensitive(self): session = Session() account = model.Account(loginname='john', password=u'jane') session.add(account) plugin = EuphorieAccountPlugin('plugin') credentials = {'login': '******', 'password': u'jane'} self.assertTrue(plugin._authenticate_login(credentials) is not None)
def createSurvey(): session = Session() account = model.Account(loginname="jane", password="******") session.add(account) survey = model.SurveySession(title="Session", zodb_path="survey", account=account) session.add(survey) session.flush() return (session, survey)
def testCreateUser_ValidAccount(self): session = Session() account = model.Account(loginname="john", password="******") session.add(account) request = MockRequest(ACTUAL_URL="http://www.example.com/client") directlyProvides(request, IClientSkinLayer) plugin = EuphorieAccountPlugin("plugin") plugin.REQUEST = request self.assertTrue(plugin.createUser("1", "john") is account)
def addAccount(login="******", password=u"Øle"): from euphorie.client import CONDITIONS_VERSION account = model.Account(loginname=login, password=password, tc_approved=CONDITIONS_VERSION) session = Session() session.add(account) session.flush() return account
def test_EnumerateUsers_search_by_id(self): session = Session() account = model.Account(loginname='john', password=u'jane') session.add(account) plugin = EuphorieAccountPlugin('plugin') info = plugin.enumerateUsers(id='1', exact_match=True) self.assertEqual(info, [{'id': '1', 'login': '******'}]) self.assertTrue(isinstance(info[0]['id'], str)) self.assertTrue(isinstance(info[0]['login'], str))
def test_archive_session_view(self): country = self.portal.client.nl traversed_session = country.ict["software-development"].restrictedTraverse( "++session++1" ) session = traversed_session.session # Check that an unauthorized user cannot archive it john = model.Account(loginname="*****@*****.**") model.Session.add(john) with api.env.adopt_user(user=john): with self._get_view("archive-session", traversed_session) as view: with self.assertRaises(Unauthorized): view() # By default, webhelpers.use_archive_feature is False, so the archive # feature is disabled. Nobody can archive. with api.env.adopt_user(user=self.account): with self._get_view("archive-session", traversed_session) as view: with self.assertRaises(Unauthorized): view() # Now, activate the archive feature. # Check that an authorized user can archive it with mock.patch( "euphorie.client.browser.webhelpers.WebHelpers.use_archive_feature", return_value=True, ): with api.env.adopt_user(user=self.account): with self._get_view("archive-session", traversed_session) as view: traversed_session self.assertIsNone(session.archived) view() # Now the archival date is set self.assertIsNotNone(session.archived) # Traversing to the view again, # archiving the same session is now prevented with self._get_view( "archive-session", traversed_session ) as view_again: with self.assertRaises(Unauthorized): view_again() # and we are redirected to the session view... self.assertDictEqual( view.request.response.headers, { "location": "http://nohost/plone/client/nl/ict/software-development/++session++1" # noqa: E501 }, ) # ... or the referer (if specified) view.request.set("HTTP_REFERER", "http://example.com") view.redirect() self.assertDictEqual( view.request.response.headers, {"location": "http://example.com"}, )
def setUp(self): super(BuildSurveyTreeTests, self).setUp() self.session = Session() account = model.Account(id=1, loginname="jane", password="******") self.session.add(account) self.survey = model.SurveySession( title="Survey", zodb_path="survey", account=account ) self.session.add(self.survey) self.session.flush()
def addAccount(login="******", password="******"): account = model.Account( loginname=login, password=password, tc_approved=CONDITIONS_VERSION, ) session = Session() session.add(account) session.flush() return account
def test_EnumerateUsers_search_by_login(self): session = Session() account = model.Account(loginname='john', password=u'jane') session.add(account) plugin = EuphorieAccountPlugin('plugin') self.assertEqual(plugin.enumerateUsers(login='******', exact_match=True), [{ 'id': '1', 'login': '******' }])
def createSurveySession(): sqlsession = Session() account = model.Account(loginname="jane", password="******") sqlsession.add(account) session = model.SurveySession(title="Session", zodb_path="ict/software-development", account=account) sqlsession.add(session) sqlsession.flush() return session
def setUp(self): super(completion_percentage_tests, self).setUp() self.session = Session() account = model.Account(loginname="jane", password="******") self.session.add(account) self.survey = model.SurveySession(title="Survey", zodb_path="survey", account=account) self.session.add(self.survey) self.session.flush()
def createSurveySession(self): self.sqlsession = Session() account = model.Account(loginname="jane", password="******") self.sqlsession.add(account) self.session = model.SurveySession(title="Session", zodb_path="nl/dining/survey", account=account) self.sqlsession.add(self.session) self.sqlsession.flush() return self.session
def test_get_group_filter(self): session = model.SurveySession() group = model.Group(group_id="foo") account = model.Account(id=1) # Note assertFalse will not do what you want on Binary expression self.assertEqual(str(session.get_group_filter()), "False") self.assertEqual(str(session.get_group_filter(False)), "False") self.assertEqual(str(session.get_group_filter(None)), "False") self.assertEqual(str(session.get_group_filter("")), "False") self.assertEqual(str(session.get_group_filter([])), "False") self.assertEqual(str(session.get_group_filter([""])), "False") self.assertEqual( str(session.get_group_filter("1")), "session.group_id = :group_id_1" ) self.assertEqual( str(session.get_group_filter(1)), "session.group_id = :group_id_1" ) self.assertEqual( str(session.get_group_filter(group)), "session.group_id = :group_id_1", ) self.assertEqual( str(session.get_group_filter(["1"])), "session.group_id = :group_id_1" ) self.assertEqual( str(session.get_group_filter([1])), "session.group_id = :group_id_1" ) self.assertEqual( str(session.get_group_filter([group])), "session.group_id = :group_id_1", ) self.assertEqual( str(session.get_group_filter([group, "2"])), "session.group_id IN (:group_id_1, :group_id_2)", ) with mock.patch("euphorie.client.model.get_current_account", return_value=None): self.assertEqual(str(session.get_group_filter(True)), "False") # The account still does not have a group, so we should have False here with mock.patch( "euphorie.client.model.get_current_account", return_value=account ): self.assertEqual(str(session.get_group_filter(True)), "False") account.group_id = "foo" with mock.patch( "euphorie.client.model.get_current_account", return_value=account ): self.assertEqual( str(session.get_group_filter(True)), "session.group_id = :group_id_1", ) with self.assertRaises(TypeError): session.get_group_filter(session)
def setUp(self): from z3c.saconfig import Session super(BuildSurveyTreeTests, self).setUp() self.session = Session() account = model.Account(loginname=u"jane", password=u"secret") self.session.add(account) self.survey = model.SurveySession(title=u"Survey", zodb_path="survey", account=account) self.session.add(self.survey) self.session.flush()
def test_keep_sessions_apart(self): self.createSqlData() account = model.Account(loginname="john", password="******") self.session.add(account) survey2 = model.SurveySession(title="Survey", zodb_path="survey", account=account) self.session.add(survey2) self.session.flush() zodb_path = ["1"] result = self.find_sql_context(survey2.id, zodb_path) self.assertTrue(result is None)
def test_keep_sessions_apart(self): self.createSqlData() account = model.Account(loginname=u'john', password=u'jane') self.session.add(account) survey2 = model.SurveySession(title=u'Survey', zodb_path='survey', account=account) self.session.add(survey2) self.session.flush() zodb_path = ['1'] result = self.find_sql_context(survey2.id, zodb_path) self.failUnless(result is None)
def test_EnumerateUsers_search_by_login_and_id(self): session = Session() account = model.Account(loginname="john", password="******") session.add(account) request = MockRequest(ACTUAL_URL="http://www.example.com/client") directlyProvides(request, IClientSkinLayer) plugin = EuphorieAccountPlugin("plugin") plugin.REQUEST = request self.assertEqual( plugin.enumerateUsers(id="1", login="******", exact_match=True), [{"id": "1", "login": "******"}], )
def setUp(self): super(AddToTreeTests, self).setUp() self.session = Session() account = model.Account(id=1, loginname="jane", password="******") self.session.add(account) self.survey = model.SurveySession( title="Survey", zodb_path="survey", account=account ) self.session.add(self.survey) self.session.flush() self.root = self.survey.addChild( model.Module(title="test session", module_id="1", zodb_path="1") )
def _tryRegistration(self): reply = self.request.form loginname = reply.get("email") if not loginname: self.errors["email"] = _( "error_missing_email", default=u"Please enter your email address") elif not EMAIL_RE.match(loginname): self.errors["email"] = _( "error_invalid_email", default=u"Please enter a valid email address") if not reply.get("password1"): self.errors["password"] = _("error_missing_password", default=u"Please enter a password") elif reply.get("password1") != reply.get("password2"): self.errors["password"] = _("error_password_mismatch", default=u"Passwords do not match") if self.errors: return False session = Session() loginname = loginname.lower() account = session.query(model.Account)\ .filter(model.Account.loginname == loginname).count() if account: self.errors["email"] = _( "error_email_in_use", default=u"An account with this email address already exists.") return False pm = getToolByName(self.context, "portal_membership") if pm.getMemberById(loginname) is not None: self.errors["email"] = _( "error_email_in_use", default=u"An account with this email address already exists.") return False guest_session_id = self.request.form.get('guest_session_id') if guest_session_id: account = getSecurityManager().getUser() account.loginname = loginname account.password = reply.get("password1") account.account_type = config.CONVERTED_ACCOUNT else: account = model.Account(loginname=loginname, password=reply.get("password1")) Session().add(account) log.info("Registered new account %s", loginname) v_url = urlparse.urlsplit(self.url() + '/success').path trigger_extra_pageview(self.request, v_url) return account
def createSqlData(self): self.session = Session() account = model.Account(loginname="jane", password="******") self.session.add(account) self.survey = model.SurveySession(title="Survey", zodb_path="survey", account=account) self.session.add(self.survey) self.session.flush() self.mod1 = self.survey.addChild( model.Module(title="module 1", module_id="1", zodb_path="a")) self.q1 = self.mod1.addChild( model.Risk(title="question 1", risk_id="1", zodb_path="a/b")) self.session.flush()
def testAccountGroupsHierarchy(self): session = Session() group1 = model.Group(group_id="1") session.add(group1) group2 = model.Group(group_id="2") group2.parent = group1 session.add(group2) group3 = model.Group(group_id="3") session.add(group3) group3.parent = group1 group4 = model.Group(group_id="4") session.add(group4) group4.parent = group2 session.flush() account1 = model.Account(loginname="account1") session.add(account1) account1.group = group1 account2 = model.Account(loginname="account2") session.add(account2) account2.group = group2 account3 = model.Account(loginname="account3") session.add(account3) account3.group = group3 account4 = model.Account(loginname="account4") session.add(account4) session.flush() self.assertListEqual(group1.descendants, [group2, group3, group4]) self.assertListEqual(group2.descendants, [group4]) self.assertListEqual(group3.descendants, []) self.assertListEqual(account1.groups, [group1, group2, group3, group4]) self.assertListEqual(account2.groups, [group2, group4]) self.assertListEqual(account3.groups, [group3]) self.assertListEqual(account4.groups, []) self.assertListEqual(group1.parents, []) self.assertListEqual(group2.parents, [group1]) self.assertListEqual(group3.parents, [group1]) self.assertListEqual(group4.parents, [group2, group1])
def createSqlData(self): from z3c.saconfig import Session self.session = Session() account = model.Account(loginname=u'jane', password=u'secret') self.session.add(account) self.survey = model.SurveySession(title=u'Survey', zodb_path='survey', account=account) self.session.add(self.survey) self.session.flush() self.mod1 = self.survey.addChild( model.Module(title=u'module 1', module_id='1', zodb_path='a')) self.q1 = self.mod1.addChild( model.Risk(title=u'question 1', risk_id='1', zodb_path='a/b')) self.session.flush()