def app(): db_dir = tempfile.mkdtemp() media_dir = tempfile.mkdtemp() app = create_app({ "TESTTING": True, "SERVER_NAME": "localhost.localdomain", "SQLALCHEMY_DATABASE_URI": "sqlite:////{}/db.sqlite".format(db_dir), "UPLOAD_FOLDER": media_dir, }) with app.app_context(): db.create_all() user = User("admin", "*****@*****.**", stuff=True, superuser=True) user.set_password("admin") db.session.add(user) db.session.commit() yield app shutil.rmtree(db_dir) shutil.rmtree(media_dir)
def test_user_roles(): user = User("test", "*****@*****.**") assert user.get_roles() == "ordinary" user.stuff = True assert user.get_roles() == "stuff" user.superuser = True assert user.get_roles() == "admin"
def test_transfer_money_zero_balance(self, db_session: Session, client: TestClient): """Перевод денежных средств, недостаточно стредст у пользователя""" self._setup(db_session) db_balance = db_session.query(Balance).first() data_detail = self.add_money(db_session, client, db_balance.id) db_balance = db_session.query(Balance).first() assert db_balance.amount == 22 db_recipient_user = User(username='******', is_active=True) db_session.add(db_recipient_user) db_recipient_balance = Balance(user=db_recipient_user) db_session.add(db_recipient_balance) db_session.commit() db_session.refresh(db_recipient_user) db_session.refresh(db_recipient_balance) url = f"/v1/balances/transfer/{db_balance.id}" post_date = {'amount': 100, 'to_balance': db_recipient_balance.id} response = client.put(url, json=post_date) assert response.status_code == 400 assert response.json( )['detail'] == f"Insufficient funds on the balance: {db_balance.id}" self._teardown(db_session)
def setup(): # create admin user if not User.query.count(): app.logger.info('No users found. Creating new admin user.') admin = User(username='******', password='******', name='Administrative User', has_access=True) admin.hash_password() db.session.add(admin) db.session.add( RadCheck(username='******', attribute='Cleartext-Password', op=':=', value='freeradius@admin')) db.session.commit() # create default users groups if not Group.query.count(): app.logger.info('No groups found. Creating default user group.') db.session.add(Group(name='user', description='Default user group')) # create default parameters for groups db.session.add( RadUserGroup(username='******', groupname='user', priority=1)) db.session.commit()
def signup_post(): email = request.form.get('email') name = request.form.get('name') password = request.form.get('password') confirmation_password = request.form.get('confirmation_password') if password != confirmation_password: flash('Confirmation password mismatch. Please re-enter signup data.') return redirect(url_for('auth.signup')) user = User.query.filter_by(email=email).first() if user: # if a user is found, we want to redirect back to signup page so user can try again flash('Email address already exists') return redirect(url_for('auth.signup')) # create new user with the form data. Hash the password so plaintext version isn't saved. new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256')) # add the new user to the database db.session.add(new_user) db.session.commit() app.logger.info('user %s created successfully', user.name) return redirect(url_for('auth.login'))
def create_superuser(app: Flask) -> None: print("create superuser...") with app.app_context(): admin = User("admin", "*****@*****.**", stuff=True, superuser=True) admin.set_password("admin") db.session.add(admin) db.session.commit()
def create_users(app: Flask) -> None: print("create some fake users...") with app.app_context(): for _ in range(10): username = name() user = User(username, "{}@{}.org".format(username, word())) user.set_password("password") db.session.add(user) db.session.commit()
def create_superuser(username, email, password) -> None: if not username or not email or not password: click.echo("Failed.") return user = User(username, email, stuff=True, superuser=True) user.set_password(password) db.session.add(user) db.session.commit() click.echo("Created.")
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): user = User() user.email = form.email.data user.password = form.password.data db.session.add(user) db.session.commit() flash("注册成功") return render_template('auth/register.html', form=form)
def get(self): current_user = users.get_current_user() profile = User.query(User.email == str(current_user.email())).get() if not profile: profile = User() profile.email = current_user.email() profile.put() params = {"profile": profile} self.render_template("admin/profile.html", params)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): user = User() user.set_attrs(form.data) db.session.add(user) db.session.commit() # redirect 需要endpoint return redirect(url_for('web.login')) return render_template('signup.html', form=form)
def new_user(): groups = Group.query.all() form = UserForm() form.group.choices = [(group.name, group.name) for group in groups] if form.validate_on_submit(): user = User(username=form.username.data, email=form.email.data, password=form.password.data, active=form.active.data, name=form.name.data, phone=form.phone.data, address=form.address.data, has_access=form.has_access.data) user.hash_password() db.session.add(user) app.logger.debug('Creating new user %s', user.username) db.session.add( RadUserGroup(username=form.username.data, groupname=form.group.data, priority=0)) app.logger.debug( 'Creating relation user-group for user %s and group %s', user.username, form.group.data) db.session.add( RadCheck(username=form.username.data, attribute='Cleartext-Password', op=':=', value=form.password.data)) app.logger.debug('Creating Cleartext-Password user check') if not form.active.data: db.session.add( RadCheck(username=form.username.data, attribute='Auth-Type', op=':=', value='Reject')) app.logger.debug( 'Creating Auth-Type Reject check for disabled user') db.session.commit() flash(_('New user added'), 'success') return redirect(url_for('list_users')) elif form.errors: app.logger.debug('Create User form errors: %s', form.errors) flash(_('Form has errors'), 'error') return render_template('radius/user_form.html', form=form, form_errors=form.errors, action='add')
def _setup(self, db_session): user = db_session.query(User).filter(User.id == 1).first() if not user: db_user = User(username='******', is_active=True) db_session.add(db_user) db_balance = Balance(user=db_user) db_session.add(db_balance) db_session.commit() db_session.refresh(db_user) db_session.refresh(db_balance)
def register(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = RegistrationForm() if form.validate_on_submit(): user = User(username=form.username.data, email=form.email.data) user.set_password(form.password.data) db.session.add(user) db.session.commit() flash('Congratulations, you are now a registered user!') return redirect(url_for('main.login')) return render_template('register.html', title='Register', form=form)
def get(self, **kwargs): parser = reqparse.RequestParser() parser.add_argument('username', required=True) parser.add_argument('password', required=True) args = parser.parse_args() args = hash_pass(args) user = User.from_sql('select * from User where username=?', (args['username'], )) if len(user) != 0: return Response('Username already exist.', status=400) user = User(**args) user.save() return {'status': 'OK'}
def post(self): data = request.get_json() or {} username = data.get("username") password = data.get("password") email = data.get("email") if not username or not password or not email: return invalid_api_usage("No username, password, email provided", 400) if not check_password(password): return invalid_api_usage("Invalid password", 400) user = User(username, email) user.set_password(password) db.session.add(user) db.session.commit() return {"message": "success"}, 201
def stuff_client(app: Flask): client = app.test_client() user = User("stuff", "*****@*****.**", stuff=True) user.set_password("stuffpsw") with app.app_context(): db.session.add(user) db.session.commit() res = client.post("/auth/token/login", json={ "username": "******", "password": "******", }) assert res.is_json token = res.get_json().get("token") client.environ_base["HTTP_AUTHORIZATION"] = "Bearer {}".format(token) return client
def test_transfer_money(self, db_session: Session, client: TestClient): """Перевод денежных средств с одного кошелька на другой""" self._setup(db_session) db_balance = db_session.query(Balance).first() data_detail = self.add_money(db_session, client, db_balance.id) db_balance = db_session.query(Balance).first() assert db_balance.amount == 22 db_recipient_user = User(username='******', is_active=True) db_session.add(db_recipient_user) db_recipient_balance = Balance(user=db_recipient_user) db_session.add(db_recipient_balance) db_session.commit() db_session.refresh(db_recipient_user) db_session.refresh(db_recipient_balance) url = f"/v1/balances/transfer/{db_balance.id}" post_date = {'amount': 10, 'to_balance': db_recipient_balance.id} response = client.put(url, json=post_date) assert response.status_code == 200 data_detail = response.json() assert data_detail['id'] == db_balance.id assert data_detail['recipient_balance'] == db_recipient_balance.id assert data_detail['amount'] == 10 assert data_detail['currency'] == "USD" db_recipient_balance = db_session.query(Balance).filter( Balance.id == db_recipient_balance.id).first() assert db_recipient_balance.amount == 10 db_balance = db_session.query(Balance).filter( Balance.id == db_balance.id).first() assert db_balance.amount == 12 self._teardown(db_session)
def test_operations_list(self, db_session: Session, client: TestClient): """список операций по балансу""" self._setup(db_session) balance1 = db_session.query(Balance).first() data_detail = self.add_money(db_session, client, balance1.id) db_system_balance = db_session.query(Balance).join(User).filter( User.username == 'system_user').first() balance1 = db_session.query(Balance).first() assert balance1.amount == 22 user2 = User(username='******', is_active=True) db_session.add(user2) balance2 = Balance(user=user2) db_session.add(balance2) db_session.commit() db_session.refresh(user2) db_session.refresh(balance2) url = f"/v1/balances/transfer/{balance1.id}" post_date = {'amount': 10, 'to_balance': balance2.id} response = client.put(url, json=post_date) assert response.status_code == 200 url = f"/v1/balances/operations/{balance1.id}" response = client.get(url) print(response.json()) assert response.status_code == 200 data_list = response.json() assert data_list['totalCount'] == 2 assert db_system_balance.id in [ o['more_balance_id'] for o in data_list['items'] ] assert balance2.id in [ o['more_balance_id'] for o in data_list['items'] ] response = client.get(f'{url}?limit=1') assert response.status_code == 200 data_list = response.json() assert len(data_list['items']) == 1 assert data_list['totalCount'] == 2 response = client.get(f'{url}?limit=10&offset=1') assert response.status_code == 200 data_list = response.json() assert len(data_list['items']) == 1 assert data_list['totalCount'] == 2 response = client.get( f'{url}?field=more_balance_id&value={db_system_balance.id}&op=!%3D' ) assert response.status_code == 200 data_list = response.json() assert len(data_list['items']) == 1 assert data_list['totalCount'] == 1 assert balance2.id in [ o['more_balance_id'] for o in data_list['items'] ] response = client.get(f'{url}?sort_by=id&sort_order=asc') assert response.status_code == 200 data_list = response.json() assert [2, 3] == [o['id'] for o in data_list['items']] response = client.get(f'{url}?sort_by=id&sort_order=desc') assert response.status_code == 200 data_list = response.json() assert [3, 2] == [o['id'] for o in data_list['items']] self._teardown(db_session)
def store_user(username: str, password: str): _user = User(username=username, password=password) db.session.add(_user) db.session.commit() return _user
def test_user_representation(): user = User("test", "*****@*****.**") assert isinstance(user.__repr__(), str)