예제 #1
0
    def test_service_account_creation(self):
        """Confirm we can create a service account and token"""
        client = self.add_client()
        test_user = User.query.get(TEST_USER_ID)
        service_user = test_user.add_service_account()

        with SessionScope(db):
            db.session.add(service_user)
            db.session.add(client)
            db.session.commit()
        service_user = db.session.merge(service_user)
        client = db.session.merge(client)

        # Did we get a service account with the correct roles and relationships
        assert len(service_user.roles) == 1
        assert 'service' == service_user.roles[0].name
        sponsorship = UserRelationship.query.filter_by(
            other_user_id=service_user.id).first()
        assert sponsorship.user_id == TEST_USER_ID
        assert sponsorship.relationship.name == 'sponsor'

        # Can we get a usable Bearer Token
        create_service_token(client=client, user=service_user)
        token = Token.query.filter_by(user_id=service_user.id).first()
        assert token

        # The token should have a very long life
        assert (token.expires > datetime.datetime.utcnow()
                + datetime.timedelta(days=364))
예제 #2
0
    def test_post_patient_report(self):
        # tests whether we can successfully post a patient report -type
        # user doc file
        client = self.add_client()
        client.intervention = INTERVENTION.SEXUAL_RECOVERY
        create_service_token(client=client, user=get_user(TEST_USER_ID))
        self.login()

        test_contents = b"This is a test."
        response = self.client.post(
            '/api/user/{}/patient_report'.format(TEST_USER_ID),
            content_type='multipart/form-data',
            data={'file': (BytesIO(test_contents), 'udoc_test.pdf')})

        assert response.status_code == 200
        udoc = db.session.query(UserDocument).order_by(
            UserDocument.id.desc()).first()
        fpath = os.path.join(current_app.root_path,
                             current_app.config.get("FILE_UPLOAD_DIR"),
                             str(udoc.uuid))
        with open(fpath, 'rb') as udoc_file:
            assert udoc_file.read() == test_contents
        os.remove(fpath)

        assert udoc.user_id == TEST_USER_ID
        assert (udoc.intervention.description ==
                INTERVENTION.SEXUAL_RECOVERY.description)
    def test_post_patient_report(self):
        #tests whether we can successfully post a patient report -type user doc file
        client = self.add_client()
        client.intervention = INTERVENTION.SEXUAL_RECOVERY
        create_service_token(client=client, user=get_user(TEST_USER_ID))
        self.login()

        test_contents = "This is a test."
        with NamedTemporaryFile(
                prefix='udoc_test_',
                suffix='.pdf',
                delete=True,
        ) as temp_pdf:
            temp_pdf.write(test_contents)
            temp_pdf.seek(0)
            tempfileIO = BytesIO(temp_pdf.read())
            rv = self.client.post(
                '/api/user/{}/patient_report'.format(TEST_USER_ID),
                content_type='multipart/form-data',
                data=dict({'file': (tempfileIO, temp_pdf.name)}))
            self.assert200(rv)
        udoc = db.session.query(UserDocument).order_by(
            UserDocument.id.desc()).first()
        fpath = os.path.join(current_app.root_path,
                             current_app.config.get("FILE_UPLOAD_DIR"),
                             str(udoc.uuid))
        with open(fpath, 'r') as udoc_file:
            self.assertEqual(udoc_file.read(), test_contents)
        os.remove(fpath)

        self.assertEqual(udoc.user_id, TEST_USER_ID)
        self.assertEqual(udoc.intervention.description,
                         INTERVENTION.SEXUAL_RECOVERY.description)
    def test_post_patient_report(self):
        # tests whether we can successfully post a patient report -type
        # user doc file
        client = self.add_client()
        client.intervention = INTERVENTION.SEXUAL_RECOVERY
        create_service_token(client=client, user=get_user(TEST_USER_ID))
        self.login()

        test_contents = b"This is a test."
        response = self.client.post(
            '/api/user/{}/patient_report'.format(TEST_USER_ID),
            content_type='multipart/form-data',
            data={'file': (BytesIO(test_contents), 'udoc_test.pdf')})

        assert response.status_code == 200
        udoc = db.session.query(UserDocument).order_by(
            UserDocument.id.desc()).first()
        fpath = os.path.join(
            current_app.root_path, current_app.config.get("FILE_UPLOAD_DIR"),
            str(udoc.uuid))
        with open(fpath, 'rb') as udoc_file:
            assert udoc_file.read() == test_contents
        os.remove(fpath)

        assert udoc.user_id == TEST_USER_ID
        assert (udoc.intervention.description
                == INTERVENTION.SEXUAL_RECOVERY.description)
    def test_preflight_invalid_service_user(self):
        # setup pre-flight conditions expected to fail
        ds_p3p = INTERVENTION.decision_support_p3p
        ds_client = Client(client_id='12345',
                           client_secret='54321',
                           user_id=TEST_USER_ID,
                           intervention=ds_p3p,
                           _redirect_uris='http://testsite.org',
                           callback_url='http://callback.one')
        service = self.add_service_user(sponsor=self.test_user)

        with SessionScope(db):
            db.session.add(ds_client)
            db.session.commit()

        ds_client = db.session.merge(ds_client)
        service = db.session.merge(service)
        service_id = service.id
        create_service_token(client=ds_client, user=service)

        # Export
        sp = SitePersistence(target_dir=self.tmpdir)
        sp.export(staging_exclusion=True)

        assert Token.query.count() == 1

        # Delete service account, and put fake patient in its place
        with SessionScope(db):
            db.session.delete(service)
            db.session.commit()

        assert User.query.count() == 1
        assert Token.query.count() == 0

        patient_role_id = Role.query.filter_by(
            name=ROLE.PATIENT.value).one().id
        patient_in_way = User(id=service_id,
                              first_name='in the',
                              last_name='way',
                              email='*****@*****.**')
        with SessionScope(db):
            db.session.add(patient_in_way)
            db.session.commit()
        with SessionScope(db):
            db.session.add(
                UserRoles(user_id=service_id, role_id=patient_role_id))
            db.session.commit()

        # Import should now fail
        with self.assertRaises(ValueError) as context:
            sp.import_(keep_unmentioned=True, staging_exclusion=True)

        assert '*****@*****.**' in str(context.exception)
    def test_preflight_invalid_service_user(self):
        # setup pre-flight conditions expected to fail
        ds_p3p = INTERVENTION.decision_support_p3p
        ds_client = Client(
            client_id='12345', client_secret='54321', user_id=TEST_USER_ID,
            intervention=ds_p3p, _redirect_uris='http://testsite.org',
            callback_url='http://callback.one')
        service = self.add_service_user(sponsor=self.test_user)

        with SessionScope(db):
            db.session.add(ds_client)
            db.session.commit()

        ds_client = db.session.merge(ds_client)
        service = db.session.merge(service)
        service_id = service.id
        create_service_token(client=ds_client, user=service)

        # Export
        sp = SitePersistence(target_dir=self.tmpdir)
        sp.export(staging_exclusion=True)

        assert Token.query.count() == 1

        # Delete service account, and put fake patient in its place
        with SessionScope(db):
            db.session.delete(service)
            db.session.commit()

        assert User.query.count() == 1
        assert Token.query.count() == 0

        patient_role_id = Role.query.filter_by(
            name=ROLE.PATIENT.value).one().id
        patient_in_way = User(
            id=service_id, first_name='in the', last_name='way',
            email='*****@*****.**')
        with SessionScope(db):
            db.session.add(patient_in_way)
            db.session.commit()
        with SessionScope(db):
            db.session.add(UserRoles(
                user_id=service_id, role_id=patient_role_id))
            db.session.commit()

        # Import should now fail
        with self.assertRaises(ValueError) as context:
            sp.import_(keep_unmentioned=True, staging_exclusion=True)

        assert '*****@*****.**' in str(context.exception)
    def test_preflight_valid(self):
        # setup pre-flight conditions expected to pass
        ds_p3p = INTERVENTION.decision_support_p3p
        ds_client = Client(client_id='12345',
                           client_secret='54321',
                           user_id=TEST_USER_ID,
                           intervention=ds_p3p,
                           _redirect_uris='http://testsite.org',
                           callback_url='http://callback.one')
        service = self.add_service_user(sponsor=self.test_user)

        with SessionScope(db):
            db.session.add(ds_client)
            db.session.commit()

        ds_client = db.session.merge(ds_client)
        service = db.session.merge(service)
        create_service_token(client=ds_client, user=service)

        # Export
        sp = SitePersistence(target_dir=self.tmpdir)
        sp.export(staging_exclusion=True)

        assert Token.query.count() == 1

        # Delete service account, expect it to return
        with SessionScope(db):
            db.session.delete(service)
            db.session.commit()

        assert User.query.count() == 1
        assert Token.query.count() == 0

        # Import
        sp.import_(keep_unmentioned=True, staging_exclusion=True)

        assert Token.query.count() == 1
        assert User.query.count() == 2
    def test_preflight_valid(self):
        # setup pre-flight conditions expected to pass
        ds_p3p = INTERVENTION.decision_support_p3p
        ds_client = Client(
            client_id='12345', client_secret='54321', user_id=TEST_USER_ID,
            intervention=ds_p3p, _redirect_uris='http://testsite.org',
            callback_url='http://callback.one')
        service = self.add_service_user(sponsor=self.test_user)

        with SessionScope(db):
            db.session.add(ds_client)
            db.session.commit()

        ds_client = db.session.merge(ds_client)
        service = db.session.merge(service)
        create_service_token(client=ds_client, user=service)

        # Export
        sp = SitePersistence(target_dir=self.tmpdir)
        sp.export(staging_exclusion=True)

        assert Token.query.count() == 1

        # Delete service account, expect it to return
        with SessionScope(db):
            db.session.delete(service)
            db.session.commit()

        assert User.query.count() == 1
        assert Token.query.count() == 0

        # Import
        sp.import_(keep_unmentioned=True, staging_exclusion=True)

        assert Token.query.count() == 1
        assert User.query.count() == 2
    def test_connected_user(self):
        """User and service tokens connected with intervention should survive"""
        owner = self.add_user('*****@*****.**')
        self.promote_user(user=owner, role_name='application_developer')
        owner = db.session.merge(owner)
        owner_id = owner.id
        service = self.add_service_user(sponsor=owner)

        # give the owner a fake auth_provider row
        ap = AuthProvider(user_id=owner_id, provider_id=1)
        with SessionScope(db):
            db.session.add(ap)
            db.session.commit()

        sm_client = Client(
            client_id='abc_123', client_secret='shh', user_id=owner_id,
            _redirect_uris='http://testsite.org',
            callback_url='http://callback.one')
        with SessionScope(db):
            db.session.add(sm_client)

        # give the owner a fake auth_provider row
        ap = AuthProvider(user=owner, provider_id=1)

        service, sm_client = map(db.session.merge, (service, sm_client))
        create_service_token(client=sm_client, user=service)
        sm = INTERVENTION.SELF_MANAGEMENT
        sm.client = sm_client

        # Setup complete - SM has an owner, a service user and a service token
        # generate the full export
        for model in staging_exclusions:
            ep = ExclusionPersistence(
                model_class=model.cls, lookup_field=model.lookup_field,
                limit_to_attributes=model.limit_to_attributes,
                filter_query=model.filter_query,
                target_dir=self.tmpdir)
            ep.export()

        # Confirm filter worked
        expected = client_users_filter().count()
        with open(path_join(self.tmpdir, 'User.json')) as f:
            serial_form = json.loads(f.read())
        assert expected == len(serial_form['entry'])

        # Modify/delete some internal db values and confirm reapplication of
        # persistence restores desired values
        owner = db.session.merge(owner)
        owner.email = str(owner_id)

        # just expecting the one service token.  purge it and the
        # owner (the service user) and the owner's auth_provider
        assert Token.query.count() == 1
        service_user_id = Token.query.one().user_id
        b4 = User.query.count()
        assert UserRelationship.query.count() == 1
        assert AuthProvider.query.count() == 1
        with SessionScope(db):
            AuthProvider.query.delete()
            Token.query.delete()
            UserRelationship.query.delete()
            User.query.filter_by(id=service_user_id).delete()
            db.session.commit()
        assert AuthProvider.query.count() == 0
        assert Token.query.count() == 0
        assert UserRelationship.query.count() == 0
        assert User.query.count() == b4 - 1

        for model in staging_exclusions:
            ep = ExclusionPersistence(
                model_class=model.cls, lookup_field=model.lookup_field,
                limit_to_attributes=model.limit_to_attributes,
                filter_query=model.filter_query,
                target_dir=self.tmpdir)
            if model.cls.__name__ == 'User':
                pass
            ep.import_(keep_unmentioned=True)

        result = User.query.get(owner_id)
        assert result.email == '*****@*****.**'
        assert AuthProvider.query.count() == 1
        assert Token.query.count() == 1
        assert UserRelationship.query.count() == 1
    def test_connected_user(self):
        """User and service tokens connected with intervention should survive"""
        owner = self.add_user('*****@*****.**')
        self.promote_user(user=owner, role_name='application_developer')
        owner = db.session.merge(owner)
        owner_id = owner.id
        service = self.add_service_user(sponsor=owner)

        # give the owner a fake auth_provider row
        ap = AuthProvider(user_id=owner_id, provider_id=1)
        with SessionScope(db):
            db.session.add(ap)
            db.session.commit()

        sm_client = Client(client_id='abc_123',
                           client_secret='shh',
                           user_id=owner_id,
                           _redirect_uris='http://testsite.org',
                           callback_url='http://callback.one')
        with SessionScope(db):
            db.session.add(sm_client)

        # give the owner a fake auth_provider row
        ap = AuthProvider(user=owner, provider_id=1)

        service, sm_client = map(db.session.merge, (service, sm_client))
        create_service_token(client=sm_client, user=service)
        sm = INTERVENTION.SELF_MANAGEMENT
        sm.client = sm_client

        # Setup complete - SM has an owner, a service user and a service token
        # generate the full export
        for model in staging_exclusions:
            ep = ExclusionPersistence(
                model_class=model.cls,
                lookup_field=model.lookup_field,
                limit_to_attributes=model.limit_to_attributes,
                filter_query=model.filter_query,
                target_dir=self.tmpdir)
            ep.export()

        # Confirm filter worked
        expected = client_users_filter().count()
        with open(path_join(self.tmpdir, 'User.json')) as f:
            serial_form = json.loads(f.read())
        assert expected == len(serial_form['entry'])

        # Modify/delete some internal db values and confirm reapplication of
        # persistence restores desired values
        owner = db.session.merge(owner)
        owner.email = str(owner_id)

        # just expecting the one service token.  purge it and the
        # owner (the service user) and the owner's auth_provider
        assert Token.query.count() == 1
        service_user_id = Token.query.one().user_id
        b4 = User.query.count()
        assert UserRelationship.query.count() == 1
        assert AuthProvider.query.count() == 1
        with SessionScope(db):
            AuthProvider.query.delete()
            Token.query.delete()
            UserRelationship.query.delete()
            User.query.filter_by(id=service_user_id).delete()
            db.session.commit()
        assert AuthProvider.query.count() == 0
        assert Token.query.count() == 0
        assert UserRelationship.query.count() == 0
        assert User.query.count() == b4 - 1

        for model in staging_exclusions:
            ep = ExclusionPersistence(
                model_class=model.cls,
                lookup_field=model.lookup_field,
                limit_to_attributes=model.limit_to_attributes,
                filter_query=model.filter_query,
                target_dir=self.tmpdir)
            if model.cls.__name__ == 'User':
                pass
            ep.import_(keep_unmentioned=True)

        result = User.query.get(owner_id)
        assert result.email == '*****@*****.**'
        assert AuthProvider.query.count() == 1
        assert Token.query.count() == 1
        assert UserRelationship.query.count() == 1