def give_register_permission(username, base_uri):
"""Give a user register permission on a base URI."""
if not base_uri_exists(base_uri):
click.secho("Base URI '{}' not registered".format(base_uri),
fg="red",
err=True)
sys.exit(1)
if not user_exists(username):
click.secho("User '{}' not registered".format(username),
fg="red",
err=True)
sys.exit(1)
permissions = get_permission_info(base_uri)
if username in permissions["users_with_register_permissions"]:
click.secho(
"User '{}' already has register permissions".format(username),
fg="red",
err=True)
sys.exit(1)
permissions["users_with_register_permissions"].append(username)
update_permissions(permissions)
def test_cli_register_user(tmp_cli_runner): # NOQA
from dtool_lookup_server.utils import user_exists, get_user_obj
assert not user_exists("admin")
from dtool_lookup_server.cli import register_user
result = tmp_cli_runner.invoke(register_user, ["--is_admin", "admin"])
assert result.exit_code == 0
new_user = get_user_obj("admin")
expected_content = {
"username": "******",
"is_admin": True,
"search_permissions_on_base_uris": [],
"register_permissions_on_base_uris": []
}
assert new_user.as_dict() == expected_content
tmp_cli_runner.invoke(register_user, ["dopey"])
new_user = get_user_obj("dopey")
expected_content = {
"username": "******",
"is_admin": False,
"search_permissions_on_base_uris": [],
"register_permissions_on_base_uris": []
}
assert new_user.as_dict() == expected_content
result = tmp_cli_runner.invoke(register_user, ["dopey"])
assert result.exit_code != 0
assert "User 'dopey' already registered" in result.output
def update_user(username, is_admin):
"""Update a user in the dtool lookup server."""
if not user_exists(username):
click.secho("User '{}' is not registered yet".format(username),
fg="red",
err=True)
sys.exit(1)
users = [{"username": username, "is_admin": is_admin}]
update_users(users)
def register_user(username, is_admin):
"""Register a user in the dtool lookup server."""
if user_exists(username):
click.secho("User '{}' already registered".format(username),
fg="red",
err=True)
sys.exit(1)
users = [{"username": username, "is_admin": is_admin}]
register_users(users)
def generate_token(username, last_forever):
"""Generate a token for a user in the dtool lookup server."""
if not user_exists(username):
click.secho("User '{}' not registered".format(username),
fg="red",
err=True)
sys.exit(1)
if last_forever:
token = create_access_token(identity=username, expires_delta=False)
else:
token = create_access_token(identity=username)
try:
# Python 2.
click.secho(token.decode("utf-8"))
except AttributeError:
# Python 3
click.secho(token)
def test_register_user_route(tmp_app_with_users): # NOQA
from dtool_lookup_server.utils import user_exists
assert not user_exists("evil-witch")
assert not user_exists("dopey")
users = [{
"username": "******",
"is_admin": True
}, {
"username": "******"
}]
headers = dict(Authorization="Bearer " + snowwhite_token)
r = tmp_app_with_users.post("/admin/user/register",
headers=headers,
data=json.dumps(users),
content_type="application/json")
assert r.status_code == 201
assert user_exists("evil-witch")
assert user_exists("dopey")
# Ensure idempotent.
r = tmp_app_with_users.post("/admin/user/register",
headers=headers,
data=json.dumps(users),
content_type="application/json")
assert r.status_code == 201
assert user_exists("evil-witch")
assert user_exists("dopey")
# Only admins allowed. However, don't give away that URL exists to
# non-admins.
headers = dict(Authorization="Bearer " + grumpy_token)
r = tmp_app_with_users.post("/admin/user/register",
headers=headers,
data=json.dumps(users),
content_type="application/json")
assert r.status_code == 404
headers = dict(Authorization="Bearer " + noone_token)
r = tmp_app_with_users.post("/admin/user/register",
headers=headers,
data=json.dumps(users),
content_type="application/json")
assert r.status_code == 404