def ensure_admin_exists(): """ Ensure at least 1 administrator account exists. """ logger.debug("Checking to make sure the administrator exists.") admin_group = Group.objects(name='admin').first() if not admin_group: logger.debug("creating admin group...") admin_group = Group(name='admin') admin_group.save() admin_user = User.objects(groups__in=[ admin_group, ]).first() logger.debug(admin_user) if not admin_user: logger.info("The administrator account is being created.") logger.info(" - the email will be `[email protected]`") logger.info("Please enter a password to use for adminstrator") admin_pw = _create_password() admin_user = User(email='*****@*****.**', password=admin_pw, groups=[ admin_group, ], is_active=True) admin_user.save() logger.info('Administrator created: {}'.format(admin_user)) logger.debug('Done!')
def register(): """ Register a user. """ form = RegisterForm() title = 'Register' template = 'register.html' if request.method == 'POST': logger.debug('method is post') form = RegisterForm(request.form) existing = User.objects(email=form.data['email']).first() if not form.validate(): logger.debug('form did not validate') return render_template(template, title=title, form=form) if existing: logger.debug('user already exists') errors = [ 'User with email {} already exists'.format(existing.email), ] return render_template(template, errors=errors, title=title, form=form) user = User(email=form.data['email'], password=hashpass(form.data['password'])) user.save() u = '/validate?key={}'.format(user.verification) # TODO: send email to user logger.info('Verification URL: http://localhost:5000{}'.format(u)) return render_template(template, email=form.email, title=title) return render_template(template, title=title, form=form)
def _get_test_user(group=admin_group): """ Get a test user. """ u = User(email=fake.safe_email(), password=fake.password(), groups=[ group, ]) u.save() return u
def setUp(self): e = fake.safe_email() group = Group.objects(name='admin').first() if group is None: group = Group(name='admin') group.save() self.admin = User.objects(email=e).first() if self.admin is None: self.admin = User(email=e, groups=[group, ], password=fake.password(length=16)) self.admin.save()
def validate(): """ Validate a user based on the key sent. """ key = request.args.get('key') user = User.objects(verification=key).first() template = 'validate.html' title = 'User Account Verification' if user is None: errors = [ 'Verification key invalid.', ] return render_template(template, errors=errors, title=title) user.is_active = True user.save() return render_template(template, title=title, email=user.email)
def login(): """ Perform user login. Snippet taken from flask-login. """ # Here we use a class of some kind to represent and validate our # client-side form data. For example, WTForms is a library that will # handle this for us, and we use a custom LoginForm to validate. title = 'Log In' template = 'login.html' form = LoginForm() if request.method == 'POST': form = LoginForm(formdata=request.form) pw = hashpass(form.data['password']) user = User.objects(email=form.data['email'], password=pw).first() # Login and validate the user. # user should be an instance of your `User` class if not login_user(user): errors = [ 'Invalid Username or Password', ] return render_template(template, form=form, errors=errors, title=title) next = request.args.get('next') # is_safe_url should check if the url is safe for redirects. # See http://flask.pocoo.org/snippets/62/ for an example. if not is_safe_url(next): return abort(400) return redirect(next or url_for('index')) return render_template(template, form=form, title=title)
def test_add_user(self): """ User can be added to a group; can be listed from Group.users. """ user = User(email=fake.safe_email(), password=fake.password()) user.save() group_a = Group(name='group_a', permissions=[ 'create_post', ]) group_a.save() group_b = Group(name='group_b', permissions=[ 'delete_post', ]) group_b.save() user.groups.append(group_a) user.save() self.assertTrue(group_a in user.groups) group_a_users = group_a.users self.assertIn(user, group_a_users) self.assertNotIn(user, group_b.users) logger.info('User: {}'.format(user)) logger.info('Group: {}'.format(group_a))
def test_permissions(self): """ Permission configured correctly. """ group_admin = Group(name='admin') group_desktop = Group(name='desktop', permissions=[ 'p1', ]) group_other = Group(name='another', permissions=[ 'p2', ]) # group_under = Group(name='underprivileged') admin = User(email=fake.safe_email(), password=fake.password(), groups=[ group_admin, ]) admin.save() desktop = User(email=fake.safe_email(), password=fake.password(), groups=[ group_desktop, group_other, ]) desktop.save() user = User(email=fake.safe_email(), password=fake.password()) user.save() self.assertTrue(admin.is_admin) self.assertFalse(desktop.is_admin) self.assertFalse(user.is_admin) self.assertListEqual(desktop.all_permissions, ['p1', 'p2']) self.assertTrue(admin.can_any('something', 'another_thing')) self.assertTrue(admin.can_all('something', 'another_thing')) self.assertTrue(desktop.can_all('p1', 'p2')) self.assertTrue(desktop.can_any('p1', 'run_marathon')) self.assertFalse(desktop.can_any('save_the_world', 'run_marathon')) self.assertFalse(user.can_any('p1', 'p2', 'p3')) self.assertFalse(user.can_any())
def test_user_create(self): """ User can be created. """ user = User(email=fake.safe_email(), password=fake.password()) user.save() self.assertGreater(len(User.objects), 0)
def load_user(user_id): """ Load the user based on the user_id. """ return User.objects(id=user_id).first()