class BaseTestCase(APITestCase): def setUp(self): """ Sets up a number of test entites in the database for testing. Included: user: A webapp user organization: An organization that user belongs to domain: A domain that belongs to organization """ # Creating Users self.user = MBUser( email='*****@*****.**', first_name='test', last_name='tester', is_admin=False, is_platform=False, is_webapp=True, ) self.user.set_password('test') self.user.save() self.client.login(username='******', password='******') # Organization self.organization = Organization( name='Test Organization', address_1='123 Any Street', address_2='Suite 001', city='New York', state='NY', phone='555-555-1234' ) self.organization.save() self.user_meta = UserMeta( user=self.user, organization=self.organization ) self.user_meta.save() # Domain self.domain = Domain( domain_name='test.com', organization=self.organization, whitelisted=False ) self.domain.save()
def get_queryset(self): user = self.request.user # TODO: This needs to handle multiple UserMetas in the future user_meta = UserMeta.get_by_user(user) if user_meta: return Domain.objects.filter(organization=user_meta.organization) return []
def org_safe_get(self, user, pk): """ Gets the entity for the given primary key while making sure that the user has access to the entity. This first checks if the requested entity has an organization attribute. If it does, it checks against that. If there is no organization, the entity is checked for a domain to find the organization. :param user: MBUser entity :param pk: Primary Key to look up. :return: An entity """ if not pk: raise PermissionDenied() if not user: raise PermissionDenied() # TODO: We need to handle multiple UserMetas in the future. user_meta = UserMeta.get_by_user(user) if not user_meta: raise PermissionDenied() try: entity = self.safe_get_model.get_by_id(pk) except AttributeError: raise PermissionDenied("safe_get_model must have a get_by_id method") if not entity: raise PermissionDenied("No entity found for id: %s") # First check for an organization on the entity itself if hasattr(entity, 'organization'): if entity.organization == user_meta.organization: return entity raise PermissionDenied() # Second, check for the organization based on the domain if hasattr(entity, 'domain'): if entity.domain.organization == user_meta.organization: return entity raise PermissionDenied() # Third, check if the object is an organization if isinstance(entity, Organization): if entity == user_meta.organization: return entity raise PermissionDenied()
def org_safe_get(self, user, pk): """ Gets the entity for the given primary key while making sure that the user has access to the entity. This first checks if the requested entity has an organization attribute. If it does, it checks against that. If there is no organization, the entity is checked for a domain to find the organization. :param user: MBUser entity :param pk: Primary Key to look up. :return: An entity """ if not pk: raise PermissionDenied() if not user: raise PermissionDenied() # TODO: We need to handle multiple UserMetas in the future. user_meta = UserMeta.get_by_user(user) if not user_meta: raise PermissionDenied() try: entity = self.safe_get_model.get_by_id(pk) except AttributeError: raise PermissionDenied("safe_get_model must have a get_by_id method") if not entity: raise PermissionDenied("No entity found for id: %s") # First check for an organization on the entity itself if hasattr(entity, "organization"): if entity.organization == user_meta.organization: return entity raise PermissionDenied() # Second, check for the organization based on the domain if hasattr(entity, "domain"): if entity.domain.organization == user_meta.organization: return entity raise PermissionDenied() # Third, check if the object is an organization if isinstance(entity, Organization): if entity == user_meta.organization: return entity raise PermissionDenied()
def get(self, request): user = self.request.user user_meta = UserMeta.get_by_user(user) organization = user_meta.organization if user_meta else None data = { 'current_user': reverse('client-user-detail', kwargs={'pk': user.id}, request=request), 'domains': reverse('client-domain-list', request=request), 'emails': reverse('client-email-list', request=request), } if organization: data['organization'] = reverse('client-organization-detail', kwargs={'pk': organization.id}, request=request) return Response(data)
def get_queryset(self): user = self.request.user user_meta = UserMeta.get_by_user(user) domains = [] if user_meta: domains = Domain.objects.filter(organization=user_meta.organization) if not domains: return [] emails = set() for domain in domains: domain_emails = EmailMeta.objects.filter(domain=domain) for domain_email in domain_emails: emails.add(domain_email) return list(emails)
def get_queryset(self): user = self.request.user user_meta = UserMeta.get_by_user(user) domains = [] if user_meta: domains = Domain.objects.filter(organization=user_meta.organization) if not domains: return [] rules = set() for domain in domains: domain_rules = Rule.objects.filter(domain=domain) for domain_rule in domain_rules: rules.add(domain_rule) return list(rules)
def get_queryset(self): user = self.request.user user_meta = UserMeta.get_by_user(user) domains = [] if user_meta: domains = Domain.objects.filter( organization=user_meta.organization) if not domains: return [] emails = set() for domain in domains: domain_emails = EmailMeta.objects.filter(domain=domain) for domain_email in domain_emails: emails.add(domain_email) return list(emails)
def get_queryset(self): user = self.request.user user_meta = UserMeta.get_by_user(user) domains = [] if user_meta: domains = Domain.objects.filter( organization=user_meta.organization) if not domains: return [] rules = set() for domain in domains: domain_rules = Rule.objects.filter(domain=domain) for domain_rule in domain_rules: rules.add(domain_rule) return list(rules)
def handle(self, *args, **options): # Create the organization org = Organization(**organization).save() if not org: self.stdout.write("Org failed") return self.stdout.write("Successfully created the MailBeaker organization") # Create the domain in the organization dom = Domain(organization=org, **domain) self.stdout.write("Successfully created the MailBeaker domain") # Create all of the users in the domain for user in users: mb_user = MBUser(**user).save() user_meta = UserMeta(user=mb_user, organization=org) self.stdout.write("Successfully created the %s user and associated meta" % mb_user.email) # Create all of the rules for rule in rules: rule_entity = Rule(domain=dom, **rule) self.stdout.write("Successfully created the rule: %s" % rule['description'])
def meta(self, request, pk=None): user = MBUser.objects.get(id=pk) user_meta = UserMeta.get_by_user(user) meta = UserMetaSerializer(user_meta, context={'request': request}).data return Response(meta)
def post_save(self, obj, created=False): user_meta = UserMeta.get_by_user(obj) if not user_meta: UserMeta.create_user_meta(obj)
def get_queryset(self): user = self.request.user user_meta = UserMeta.get_by_user(user) return Organization.objects.filter(id=user_meta.organization.id)
def create_user_meta(backend, user, response, *args, **kwargs): UserMeta.get_or_create_user_meta(user)