def test_check_user_is_vendor_admin(self, mock_user, mock_db): mock_user.return_value = 'some-user' mock_db.return_value = ['some-user', 'another-user'] result = api_utils.check_user_is_vendor_admin('some-vendor') self.assertTrue(result) mock_db.return_value = ['another-user'] result = api_utils.check_user_is_vendor_admin('some-vendor') self.assertFalse(result)
def put(self, id, **kw): """Handler for update item. Should return full info with updates.""" product = db.get_product(id) vendor_id = product['organization_id'] vendor = db.get_organization(vendor_id) is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if not is_admin: pecan.abort(403, 'Forbidden.') product_info = {'id': id} if 'name' in kw: product_info['name'] = kw['name'] if 'description' in kw: product_info['description'] = kw['description'] if 'product_ref_id' in kw: product_info['product_ref_id'] = kw['product_ref_id'] if 'public' in kw: # user can mark product as public only if # his/her vendor is public(official) public = api_utils.str_to_bool(kw['public']) if (vendor['type'] not in (const.OFFICIAL_VENDOR, const.FOUNDATION) and public): pecan.abort(403, 'Forbidden.') product_info['public'] = public if 'properties' in kw: product_info['properties'] = json.dumps(kw['properties']) db.update_product(product_info) pecan.response.status = 200 product = db.get_product(id) product['can_manage'] = True return product
def get(self, vendor_id): """Return list of users in the vendor's group.""" if not (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)): return None org_users = db.get_organization_users(vendor_id) return [x for x in six.itervalues(org_users)]
def get_one(self, id, version_id): """Get specific version information.""" product = db.get_product(id) vendor_id = product['organization_id'] is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if not product['public'] and not is_admin: pecan.abort(403, 'Forbidden.') allowed_keys = ['id', 'product_id', 'version', 'cpid'] return db.get_product_version(version_id, allowed_keys=allowed_keys)
def delete(self, vendor_id, openid): """Remove user from vendor group.""" openid = base64.b64decode(openid) if not (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)): pecan.abort(403, 'Forbidden.') vendor = db.get_organization(vendor_id) db.remove_user_from_group(openid, vendor['group_id']) pecan.response.status = 204
def put(self, vendor_id, openid): """Add user to vendor group.""" openid = base64.b64decode(openid) if not (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)): pecan.abort(403, 'Forbidden.') vendor = db.get_organization(vendor_id) creator = api_utils.get_user_id() db.add_user_to_group(openid, vendor['group_id'], creator) pecan.response.status = 204
def register(self, vendor): """Handler for applying for registration with Foundation.""" if not api_utils.check_user_is_vendor_admin(vendor['id']): pecan.abort(403, 'Forbidden.') _check_is_not_foundation(vendor['id']) if vendor['type'] != const.PRIVATE_VENDOR: raise api_exc.ValidationError( 'Invalid organization state for this action.') # change vendor type to pending org_info = {'id': vendor['id'], 'type': const.PENDING_VENDOR} db.update_organization(org_info)
def delete(self, vendor_id): """Delete vendor.""" if not (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)): pecan.abort(403, 'Forbidden.') _check_is_not_foundation(vendor_id) try: db.delete_organization(vendor_id) except DBReferenceError: pecan.abort( 400, 'Unable to delete. There are still tests ' 'associated to products for this vendor.') pecan.response.status = 204
def get_one(self, vendor_id): """Get information about vendor.""" allowed_keys = None is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if not is_admin: allowed_keys = ['id', 'type', 'name', 'description'] vendor = db.get_organization(vendor_id, allowed_keys=allowed_keys) allowed_types = [const.FOUNDATION, const.OFFICIAL_VENDOR] if not is_admin and vendor['type'] not in allowed_types: pecan.abort(403, 'Forbidden.') vendor['can_manage'] = is_admin return vendor
def cancel(self, vendor): """Handler for canceling registration. This action available to user. It allows him to cancel registrationand move state of his vendor from pending to private. """ if not api_utils.check_user_is_vendor_admin(vendor['id']): pecan.abort(403, 'Forbidden.') _check_is_not_foundation(vendor['id']) if vendor['type'] != const.PENDING_VENDOR: raise api_exc.ValidationError( 'Invalid organization state for this action.') # change vendor type back to private org_info = {'id': vendor['id'], 'type': const.PRIVATE_VENDOR} db.update_organization(org_info)
def put(self, vendor_id, **kw): """Handler for update item. Should return full info with updates.""" is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if not is_admin: pecan.abort(403, 'Forbidden.') vendor_info = {'id': vendor_id} if 'name' in kw: vendor_info['name'] = kw['name'] if 'description' in kw: vendor_info['description'] = kw['description'] if 'properties' in kw: vendor_info['properties'] = json.dumps(kw['properties']) db.update_organization(vendor_info) pecan.response.status = 200 vendor = db.get_organization(vendor_id) vendor['can_manage'] = True return vendor
def get_one(self, id): """Get information about product.""" allowed_keys = ['id', 'name', 'description', 'product_ref_id', 'product_type', 'public', 'properties', 'created_at', 'updated_at', 'organization_id', 'created_by_user', 'type'] product = db.get_product(id, allowed_keys=allowed_keys) vendor_id = product['organization_id'] is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if not is_admin and not product['public']: pecan.abort(403, 'Forbidden.') if not is_admin: admin_only_keys = ['created_by_user', 'created_at', 'updated_at', 'properties'] for key in product.keys(): if key in admin_only_keys: product.pop(key) product['can_manage'] = is_admin return product
def put(self, vendor_id, **kw): """Handler for update item. Should return full info with updates.""" is_foundation_admin = api_utils.check_user_is_foundation_admin() is_admin = (is_foundation_admin or api_utils.check_user_is_vendor_admin(vendor_id)) if not is_admin: pecan.abort(403, 'Forbidden.') vendor_info = {'id': vendor_id} vendor = db.get_organization(vendor_id) if 'name' in kw: if (vendor['type'] == const.OFFICIAL_VENDOR and not is_foundation_admin): pecan.abort( 403, 'Name change for an official vendor is not allowed.') vendor_info['name'] = kw['name'] if 'description' in kw: vendor_info['description'] = kw['description'] if 'properties' in kw: vendor_info['properties'] = json.dumps(kw['properties']) vendor = db.update_organization(vendor_info) pecan.response.status = 200 vendor['can_manage'] = True return vendor
def get(self): """Get information of all uploaded test results. Get information of all uploaded test results in descending chronological order. Make it possible to specify some input parameters for filtering. For example: /v1/results?page=<page number>&cpid=1234. By default, page is set to page number 1, if the page parameter is not specified. """ expected_input_params = [ const.START_DATE, const.END_DATE, const.CPID, const.SIGNED, const.VERIFICATION_STATUS, const.PRODUCT_ID ] filters = api_utils.parse_input_params(expected_input_params) if const.PRODUCT_ID in filters: product = db.get_product(filters[const.PRODUCT_ID]) vendor_id = product['organization_id'] is_admin = (api_utils.check_user_is_foundation_admin() or api_utils.check_user_is_vendor_admin(vendor_id)) if is_admin: filters[const.ALL_PRODUCT_TESTS] = True elif not product['public']: pecan.abort(403, 'Forbidden.') records_count = db.get_test_records_count(filters) page_number, total_pages_number = \ api_utils.get_page_number(records_count) try: per_page = CONF.api.results_per_page results = db.get_test_records(page_number, per_page, filters) is_foundation = api_utils.check_user_is_foundation_admin() for result in results: if not (api_utils.check_owner(result['id']) or is_foundation): # Don't expose product info if the product is not public. if (result.get('product_version') and not result['product_version']['product_info'] ['public']): result['product_version'] = None # Only show all metadata if the user is the owner or a # member of the Foundation group. result['meta'] = { k: v for k, v in result['meta'].items() if k in MetadataController.rw_access_keys } result.update({ 'url': parse.urljoin(CONF.ui_url, CONF.api.test_results_url) % result['id'] }) page = { 'results': results, 'pagination': { 'current_page': page_number, 'total_pages': total_pages_number } } except Exception as ex: LOG.debug('An error occurred during ' 'operation with database: %s' % str(ex)) pecan.abort(500) return page