def _check_existing_user(session, data):
existing_user = models.User.get_by_email(session, data['email'],
data['authority'])
if existing_user:
msg = "user with email address %s already exists" % data['email']
raise ValidationError(msg)
existing_user = models.User.get_by_username(session, data['username'],
data['authority'])
if existing_user:
msg = "user with username %s already exists" % data['username']
raise ValidationError(msg)
def test_it_raises_if_validate_raises(self, pyramid_request, create_schema):
create_schema.return_value.validate.side_effect = ValidationError('asplode')
with pytest.raises(ValidationError) as exc:
views.create(pyramid_request)
assert str(exc.value) == 'asplode'
def test_raises_when_schema_validation_fails(self, pyramid_request,
CreateUserAPISchema):
CreateUserAPISchema.return_value.validate.side_effect = ValidationError(
"validation failed")
with pytest.raises(ValidationError):
create(pyramid_request)
def validate_auth_client_authority(client, authority):
"""
Validate that the auth client authority matches the request authority.
"""
if client.authority != authority:
raise ValidationError(
"'authority' does not match authenticated client")
def test_it_raises_if_create_annotation_raises(self, pyramid_request, storage):
storage.create_annotation.side_effect = ValidationError("asplode")
with pytest.raises(ValidationError) as exc:
views.create(pyramid_request)
assert str(exc.value) == "asplode"
def test_it_raises_if_validate_raises(self, annotation_context,
pyramid_request, update_schema):
update_schema.return_value.validate.side_effect = ValidationError(
"asplode")
with pytest.raises(ValidationError):
views.update(annotation_context, pyramid_request)
def test_it_raises_if_validate_raises(self, pyramid_request,
update_schema):
update_schema.return_value.validate.side_effect = ValidationError(
'asplode')
with pytest.raises(ValidationError):
views.update(mock.Mock(), pyramid_request)
def test_it_raises_ValidationError_with_mismatched_authorities(
self, group, pyramid_request, validate_auth_client_authority):
msg = "'authority' does not match authenticated client"
validate_auth_client_authority.side_effect = ValidationError()
with pytest.raises(ValidationError, message=msg):
views.add_member(group, pyramid_request)
def test_raises_when_schema_validation_fails(self, pyramid_request, valid_payload, schemas):
create_schema = schemas.CreateUserAPISchema.return_value
create_schema.validate.side_effect = ValidationError('validation failed')
pyramid_request.json_body = valid_payload
with pytest.raises(ValidationError):
create(pyramid_request)
def test_api_validation_error(pyramid_request):
context = ValidationError('missing required userid')
result = views.api_validation_error(context, pyramid_request)
assert pyramid_request.response.status_code == 400
assert result['status'] == 'failure'
assert result['reason'] == 'missing required userid'
def test_raises_when_schema_validation_fails(self, user, pyramid_request,
valid_payload,
UpdateUserAPISchema):
UpdateUserAPISchema.return_value.validate.side_effect = ValidationError(
"validation failed")
with pytest.raises(ValidationError):
update(user, pyramid_request)
def test_api_validation_error(pyramid_request):
context = ValidationError("missing required userid")
result = views.api_validation_error(context, pyramid_request)
assert pyramid_request.response.status_code == 400
assert result["status"] == "failure"
assert result["reason"] == "missing required userid"
def test_raises_when_schema_validation_fails(self, user, pyramid_request,
valid_payload,
UpdateUserAPISchema):
update_schema = UpdateUserAPISchema.return_value
update_schema.validate.side_effect = ValidationError(
'validation failed')
pyramid_request.json_body = valid_payload
with pytest.raises(ValidationError):
update(user, pyramid_request)
def _check_existing_user(session, data):
errors = []
existing_user = models.User.get_by_email(session,
data['email'],
data['authority'])
if existing_user:
errors.append("user with email address %s already exists" % data['email'])
existing_user = models.User.get_by_username(session,
data['username'],
data['authority'])
if existing_user:
errors.append("user with username %s already exists" % data['username'])
if errors:
raise ValidationError(', '.join(errors))
def _fetch_annotation(context, request):
try:
annotation_id = request.json_body.get('annotation')
if not annotation_id:
raise ValueError()
except ValueError:
raise ValidationError('annotation id is required')
not_found_msg = 'cannot find annotation with id %s' % annotation_id
try:
resource = context[annotation_id]
if not request.has_permission('read', resource):
raise HTTPNotFound(not_found_msg)
return resource.annotation
except KeyError:
raise HTTPNotFound(not_found_msg)
def create(request):
"""
Create a user.
This API endpoint allows authorised clients (those able to provide a valid
Client ID and Client Secret) to create users in their authority. These
users are created pre-activated, and are unable to log in to the web
service directly.
Note: the authority-enforcement logic herein is, by necessity, strange.
The API accepts an ``authority`` parameter but the only valid value for
the param is the client's verified authority. If the param does not
match the client's authority, ``ValidationError`` is raised.
:raises ValidationError: if ``authority`` param does not match client
authority
:raises HTTPConflict: if user already exists
"""
client_authority_ = client_authority(request)
schema = CreateUserAPISchema()
appstruct = schema.validate(_json_payload(request))
# Enforce authority match
if appstruct["authority"] != client_authority_:
raise ValidationError(
"authority '{auth_param}' does not match client authority".format(
auth_param=appstruct["authority"]
)
)
user_unique_service = request.find_service(name="user_unique")
try:
user_unique_service.ensure_unique(appstruct, authority=client_authority_)
except DuplicateUserError as err:
raise HTTPConflict(str(err))
user_signup_service = request.find_service(name="user_signup")
user = user_signup_service.signup(require_activation=False, **appstruct)
presenter = UserJSONPresenter(user)
return presenter.asdict()
def create(request):
"""Create a group from the POST payload."""
if request.user is None:
raise ValidationError('Request must have an authenticated user')
schema = CreateGroupAPISchema()
appstruct = schema.validate(_json_payload(request))
group_properties = {
'name': appstruct['name'],
'description': appstruct.get('description', None),
}
group_service = request.find_service(name='group')
group = group_service.create_private_group(
group_properties['name'],
request.user.userid,
description=group_properties['description'],
)
group_context = GroupContext(group, request)
return GroupJSONPresenter(group_context).asdict(expand=['organization'])
def test_it_raises_if_storage_raises(self, pyramid_request, storage):
storage.update_annotation.side_effect = ValidationError('asplode')
with pytest.raises(ValidationError):
views.update(mock.Mock(), pyramid_request)
def _check_authority(client, data):
authority = data.get('authority')
if client.authority != authority:
msg = "'authority' does not match authenticated client"
raise ValidationError(msg)
def test_it_raises_if_storage_raises(self, annotation_context,
pyramid_request, storage):
storage.update_annotation.side_effect = ValidationError("asplode")
with pytest.raises(ValidationError):
views.update(annotation_context, pyramid_request)