def route_users_post_open(email=None, password=None, first_name=None, last_name=None): if not config.USERS_OPEN_REGISTRATION: abort(403, "Open user resgistration is forbidden on this server") user = get_user_by_username(email, db_session) if user: return abort( 400, f"The user with this email already exists in the system: {email}" ) user = create_user(db_session, email, password, first_name, last_name) return user
def test_create_user_existing_username(superuser_token_headers): server_api = get_server_api() username = random_lower_string() password = random_lower_string() user = create_user(db_session, username, password) data = {"email": username, "password": password} r = requests.post( f"{server_api}{config.API_V1_STR}/users/", headers=superuser_token_headers, json=data, ) created_user = r.json() assert r.status_code == 400 assert "id" not in created_user
def test_create_user_by_normal_user(superuser_token_headers): server_api = get_server_api() username = random_lower_string() password = random_lower_string() user = create_user(db_session, username, password) auth = user_authentication_headers(server_api, username, password) username2 = random_lower_string() password2 = random_lower_string() data = {"email": username2, "password": password2} r = requests.post(f"{server_api}{config.API_V1_STR}/users/", headers=auth, data=data) assert r.status_code == 400
def init_db(db_session): # Tables should be created with Alembic migrations # But if you don't want to use migrations, create # the tables uncommenting the next line # Base.metadata.create_all(bind=engine) role = get_role_by_name("default", db_session) if not role: role = create_role("default", db_session) user = get_user_by_username(config.FIRST_SUPERUSER, db_session) if not user: user = create_user(db_session, config.FIRST_SUPERUSER, config.FIRST_SUPERUSER_PASSWORD, is_superuser=True) assign_role_to_user(role, user, db_session)
def route_users_post(email=None, password=None, first_name=None, last_name=None): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not check_if_user_is_active(current_user): abort(400, "Inactive user") elif not check_if_user_is_superuser(current_user): abort(400, "Only a superuser can execute this action") user = get_user_by_username(email, db_session) if user: return abort( 400, f"The user with this email already exists in the system: {email}" ) user = create_user(db_session, email, password, first_name, last_name) return user