def create_tables():
db.create_all()
LOGGER.debug('Setting roles...')
Permission.insert_permissions()
Role.insert_roles()
LOGGER.debug('Setting users...')
User.insert_users(_config)
def update_user_request_not_found(query_mock, user_admin_valid,
role_admin_valid, user_valid):
from lorem_ipsum_auth.models import User, Role, Permission
role = Role(id=role_admin_valid['id'],
name=role_admin_valid['name'],
default=role_admin_valid['default'],
permissions=[
Permission.from_str(perm)
for perm in role_admin_valid['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
admin_user = User.from_dict(user_admin_valid)
admin_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user
def _filter_by(*args, **kwargs):
if kwargs.get('username') == user_admin_valid['username']:
_mock = mock.MagicMock()
_mock.first.return_value = admin_user
return _mock
else:
_mock = mock.MagicMock()
_mock.first.return_value = None
return _mock
User.query.filter_by.side_effect = _filter_by
yield user_admin_valid
def role_editor_valid():
from lorem_ipsum_auth.models import Permissions, Permission
yield {
"name":
"ROLE_EDITOR",
"id":
5,
"default":
False,
"permissions": [
Permission.from_enum(Permissions.BOOKS_READ).as_dict(),
Permission.from_enum(Permissions.BOOKS_WRITE).as_dict(),
Permission.from_enum(Permissions.BOOKS_ADD).as_dict(),
Permission.from_enum(Permissions.USERS_PROFILE).as_dict(),
]
}
def role_add_existing_request(query_mock, user_admin_valid, role_editor_valid):
from lorem_ipsum_auth.models import User, Role, Permission
Role.query.filter_by.return_value.first.return_value = Role(
id=role_editor_valid['id'],
name=role_editor_valid['name'],
permissions=[
Permission.from_str(perm)
for perm in role_editor_valid['permissions']
])
User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
User.query.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
Permission.query.filter_by.return_value.first.return_value = Permission.from_str(
'books:add')
yield user_admin_valid
def check_has_permissions(self, user: User, permissions: list):
has_permissions = True
for permission in permissions:
if not user.role.has_permission(Permission.from_enum(permission)):
LOGGER.debug(f'Missing permission {permission}.')
has_permissions = False
LOGGER.debug(f'Required permissions: {permissions}')
if not has_permissions:
raise AuthorizationError('Forbidden.')
return self
def signup_valid_request(query_mock, user_admin_valid, role_admin_valid):
from lorem_ipsum_auth.models import User, Role, Permission
Role.query.filter_by.return_value.first.return_value = Role(
id=role_admin_valid['id'],
name=role_admin_valid['name'],
permissions=[
Permission.from_str(perm)
for perm in role_admin_valid['permissions']
])
User.query.filter_by.return_value.first.return_value = None
yield user_admin_valid
def issue_token(user: dict, role: dict) -> str:
from lorem_ipsum_auth.models import User, Permission, Role
from lorem_ipsum_auth.auth import issue_token_for_user
role = Role(id=user['id'],
name=role['name'],
permissions=[
Permission.from_str(perm) for perm in role['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
_user = User.from_dict(user)
_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = _user
User.query.filter_by.return_value.first.return_value = _user
return issue_token_for_user(_user)
def login_valid_request(query_mock, user_admin_valid, role_admin_valid):
from lorem_ipsum_auth.models import User, Role, Permission
role = Role(id=role_admin_valid['id'],
name=role_admin_valid['name'],
default=role_admin_valid['default'],
permissions=[
Permission.from_str(perm)
for perm in role_admin_valid['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
admin_user = User.from_dict(user_admin_valid)
admin_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user
User.query.filter_by.return_value.first.return_value = admin_user
yield admin_user
def test_get_permissions(self, client, config_valid,
permission_add_valid_request, admin_access_token,
permission_edit_books_valid):
from lorem_ipsum_auth.models import Permission
Permission.query.filter_by.return_value.first.return_value = None
Permission.query.all.return_value = [
Permission.from_str(permission_edit_books_valid['name'])
]
_response = client.get(
'/api/auth/permissions',
headers={'Authorization': f'Bearer {admin_access_token}'})
assert _response.status_code == 200
data = json.loads(_response.data.decode('utf-8'))
assert data['total'] == 1
_perm = data['items'][0]
assert _perm['name'] == permission_edit_books_valid['name']
assert _perm['id'] == permission_edit_books_valid['id']
def role_get_valid_request(query_mock, user_admin_valid, role_editor_valid):
from lorem_ipsum_auth.models import Permission, Role
orig_query = Role.query.filter_by.return_value
role = Role(id=role_editor_valid['id'],
name=role_editor_valid['name'],
permissions=[
Permission.from_str(perm['name'])
for perm in role_editor_valid['permissions']
])
def _filter_by(*args, **kwargs):
if kwargs.get('name') == role_editor_valid['name']:
_mock = mock.MagicMock()
_mock.first.return_value = role
return _mock
return orig_query
Role.query.filter_by.side_effect = _filter_by
yield role
def add_permission():
"""
Add permission.
---
definitions:
- schema:
id: Permission
properties:
id:
type: string
description: permission id
name:
type: string
description: permission name
parameters:
- in: body
name: permission
required: true
description: permission
schema:
$ref: "#/definitions/Permission"
responses:
200:
description: New permission.
schema:
$ref: '#/definitions/Permission'
401:
description: Authentication error.
403:
description: Forbidden.
"""
_request = from_json(request.data.decode('utf-8'))
api_permission = api.Permission(**_request)
existing_permission = Permission.query.filter_by(
name=api_permission.name).first()
if existing_permission:
raise ValidationError('Permission already exists.')
permission = Permission(id=api_permission.name, name=api_permission.name)
db.session.add(permission)
db.session.commit()
return jsonify(api.Permission.from_orm(permission).dict()), 200
def _filter_by(*args, **kwargs):
_mock = mock.MagicMock()
_mock.first.return_value = Permission.from_str(
kwargs['name'])
return _mock