def setup_users():
group_criteria = Group.name == groups.SUPER_USER
group_params = {'name': groups.SUPER_USER}
su_group = Group.get_or_create(
group_criteria,
**group_params)
su = User()
user_profile_criteria = UserProfile.username == 'admin'
user_profile_params = {
'user': su,
'username': '******',
'password': '******'}
profile = UserProfile.get_or_create(
user_profile_criteria,
**user_profile_params)
ona_user_params = {
'user': su,
'username': '******',
'refresh_token': '123456'}
ona_user = OnaUser.get_or_create(
OnaUser.username == "admin",
**ona_user_params)
su.group = su_group
profile.save()
ona_user.save()
def main(argv=sys.argv):
if len(argv) != 5:
usage(argv)
config_uri = argv[1]
setup_logging(config_uri)
pwd_context.load_path(config_uri)
settings = get_appsettings(config_uri)
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
Base.metadata.create_all(engine)
username = argv[2]
password = argv[3]
group = argv[4]
with transaction.manager:
group_criteria = Group.name == group
group_params = {'name': group}
group = Group.get_or_create(
group_criteria,
**group_params)
user = User()
user.group = group
profile = UserProfile(
user=user, username=username, password=password)
ona_user_params = {
'user': user,
'username': username,
'refresh_token': 'test'}
ona_user = OnaUser.get_or_create(
OnaUser.username == username,
**ona_user_params)
DBSession.add_all([user, profile, ona_user])
def test_password_login_with_bad_password(self):
profile = UserProfile(user=User(), username="******", password="******")
DBSession.add(profile)
payload = MultiDict([('username', 'admin'), ('password', 'adminn0t')])
request = testing.DummyRequest(post=payload)
response = password_login(None, request)
self.assertIsInstance(response, dict)
self.assertTrue(len(request.session.peek_flash('error')) > 0)
def test_password_login(self):
# create the user profile
profile = UserProfile(user=User(), username="******", password="******")
DBSession.add(profile)
payload = MultiDict([('username', 'admin'), ('password', 'admin')])
request = testing.DummyRequest(post=payload)
response = password_login(None, request)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.location, request.route_url('default'))
def test_dashboard_user_logout(self):
dashboard_user = UserProfile(user=User(),
username="******",
password="******")
request = testing.DummyRequest()
request.context = dashboard_user.user
request.user = dashboard_user.user
response = logout(request)
self.assertIsInstance(response, HTTPFound)
self.assertEqual(response.location,
request.route_url('auth', action='sign-in'))
def test_can_delete_dashboard_user(self):
self._create_dash_user('dash_user', '1234', '*****@*****.**')
dashboard_user = UserProfile.get(UserProfile.username == 'dash_user')
ona_user = OnaUser.get(OnaUser.username == 'manager_a')
self.request.method = 'GET'
self.request.user = ona_user.user
self.request.context = dashboard_user
response = self.view.delete()
self.assertEqual(response.status_code, 302)
self.assertRaises(
NoResultFound,
UserProfile.get,
OnaUser.user_id == dashboard_user.user_id)
def password_login(context, request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
try:
user_profile = UserProfile.get(UserProfile.username == username)
except NoResultFound:
pass
else:
if user_profile.check_password(password):
headers = remember(request, user_profile.user_id)
return HTTPFound(request.route_url('default'), headers=headers)
# we're still here set the error message
request.session.flash(u"Invalid username or password", 'error')
return {}
def test_password_property_returns_raw_password(self):
profile = UserProfile(user=User(), username="******", password="******")
self.assertEqual(profile.password, profile.pwd)
def test_check_password_returns_false_if_len_greater_than_255(self):
profile = UserProfile(user=User(), username="******", password="******")
self.assertFalse(profile.check_password('a' * 256))
def test_check_password(self):
profile = UserProfile(user=User(), username="******", password="******")
self.assertTrue(profile.check_password('admin'))
def test_set_password(self):
profile = UserProfile(user=User(), username="******", password="******")
self.assertTrue(pwd_context.verify('admin', profile.pwd))