def submit_success(self, appstruct):
user = User(
email=appstruct.get('email'),
fullname=appstruct.get('fullname'),
affiliate=appstruct.get('affiliate'),
billing_email=appstruct.get('billing_email'),
valid_to=appstruct.get('valid_to'),
last_payment=appstruct.get('last_payment'),
groups=[Group.by_id(group_id) for group_id in appstruct.get('groups', [])], # noqa
properties=[UserProperty(key=prop.get('key'), value=prop.get('value')) # noqa
for prop in appstruct.get('properties', [])],
)
if appstruct.get('password'): # pragma: no branch
user.password = encrypt(appstruct['password'])
Session.add(user)
Session.flush()
self.request.registry.notify(
UserCreated(
self.request,
user,
appstruct.get('password'),
u'Created manually by {}'.format(self.request.user.email)
)
)
self.request.session.flash(u'User "{}" added.'.format(user.email))
return HTTPFound(
location=self.request.route_path('user_view', user_id=user.id))
def _make_user(id=1,
email='*****@*****.**',
fullname=u'Foö Bar',
affiliate=u'Aff',
billing_email='*****@*****.**',
valid_to=date(2014, 2, 1),
last_payment=date(2014, 1, 1),
groups=None,
properties=None,
audit_log_entries=None):
if not groups: # pragma: no branch
groups = [_make_group()]
if not properties: # pragma: no branch
properties = [_make_property()]
if not audit_log_entries: # pragma: no branch
audit_log_entries = [_make_audit_log_entry()]
return User(
id=id,
email=email,
fullname=fullname,
affiliate=affiliate,
billing_email=billing_email,
valid_to=valid_to,
last_payment=last_payment,
groups=groups,
properties=properties,
audit_log_entries=audit_log_entries,
)
def add_users():
"""Init the '*****@*****.**' and '*****@*****.**' user accounts."""
with transaction.manager:
admins = Group.by_name('admins')
staff = Group.by_name('staff')
enabled = Group.by_name('enabled')
trial = Group.by_name('trial')
# Create the admin user account
admin = User(
email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Ädmin',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
admin.groups.append(admins)
admin.groups.append(enabled)
Session.add(admin)
# Create the staff member account
staff_member = User(
email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Stäff Member',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
staff_member.groups.append(enabled)
staff_member.groups.append(staff)
Session.add(staff_member)
# Create the normal user account
one = User(
email=u'*****@*****.**',
billing_email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Öne Bar',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
one.groups.append(enabled)
one.groups.append(trial)
Session.add(one)
def ipn(self):
"""The main IPN handler, called by the IPN service."""
# skip over to-be-ignored products
if self.params.product_id in self.request.registry.settings.get(
'bimt.products_to_ignore', '').split(','):
logger.info('The product is listed on the ignore list: {}'.format(
self.params.product_id))
return 'Done.'
# try to find an existing user with given email
user = User.by_email(self.params.email)
if not user:
user = User.by_billing_email(self.params.email)
# create a new user if no existing user found
if not user:
password = generate()
user = User(
email=self.params.email,
billing_email=self.params.email,
password=encrypt(password),
fullname=u'{}'.format(self.params.fullname),
affiliate=u'{}'.format(self.params.get('affiliate', '')),
)
Session.add(user)
comment = COMMENT.format(
u'Created',
self.provider,
self.params.trans_id,
self.params.trans_type,
'',
)
logger.info(comment)
self.request.registry.notify(
UserCreated(self.request, user, password, comment))
# find a group that is used for given product
group = Group.by_product_id(self.params.product_id)
if not group:
raise ValueError('Cannot find group with product_id "{}"'.format(
self.params.product_id))
# perform IPN transaction actions
self.ipn_transaction(user, group)
# send request with same parameters to the URL specified on group
if group.forward_ipn_to_url:
requests.post(
group.forward_ipn_to_url,
params=self.request.POST,
)
logger.info('IPN re-posted to {}.'.format(
group.forward_ipn_to_url))
logger.info('IPN done.')
return 'Done.'
def test_api_key_set_on_user_creation(self, mocked_generate):
mocked_generate.return_value = 'foo'
from pyramid_bimt.events import UserCreated
user = User(email='*****@*****.**')
Session.add(user)
request = testing.DummyRequest()
request.registry.notify(UserCreated(request, user, u'foö'))
self.assertEqual(user.get_property('api_key', secure=True), u'foo')
def setUp(self):
settings = {
'bimt.app_title': 'BIMT',
}
self.request = testing.DummyRequest()
self.config = testing.setUp(request=self.request, settings=settings)
self.config.scan('pyramid_bimt.models.mailing')
self.config.include('pyramid_mailer.testing')
self.config.include('pyramid_chameleon')
self.mailer = get_mailer(self.request)
initTestingDB(users=True,
groups=True,
mailings=True,
auditlog_types=True) # noqa
add_routes_auth(self.config)
self.user = User(email='*****@*****.**')
Session.add(self.user)
Session.flush()
def setUp(self):
settings = {
'bimt.app_title': 'BIMT',
}
self.request = testing.DummyRequest()
self.config = testing.setUp(request=self.request, settings=settings)
self.config.include('pyramid_mailer.testing')
self.config.include('pyramid_chameleon')
self.mailer = get_mailer(self.request)
initTestingDB(users=True, groups=True)
self.group = Group(name='foo')
Session.add(self.group)
self.user = User(email='*****@*****.**')
Session.add(self.user)
self.user.groups = [
self.group,
]
Session.flush()
def _make_user(
self,
email='*****@*****.**',
billing_email=None,
enabled=True,
**kwargs
):
user = User(
email=email,
password=u'secret',
billing_email=billing_email,
**kwargs
)
Session.add(user)
if enabled:
user.enable()
return user
def test_audit_log_read_all(self):
from pyramid_bimt.models import AuditLogEventType
from pyramid_bimt.views.auditlog import audit_log_read_all
import transaction
self.config.testing_securitypolicy(userid='*****@*****.**',
permissive=True)
request = self.request
request.user = User(id=1, email='*****@*****.**')
entry = AuditLogEntry(
user_id=1,
event_type_id=AuditLogEventType.by_name('UserCreated').id,
)
Session.add(entry)
transaction.commit()
self.assertFalse(AuditLogEntry.get_all(request=request).first().read)
resp = audit_log_read_all(request)
self.assertIn('/activity/', resp.location)
self.assertTrue(AuditLogEntry.get_all(request=request).first().read)
def test_loginas_view_submit_success_as_user(self):
from pyramid_bimt.models import User
from pyramid_bimt.models import Group
from pyramid_bimt.views.auth import LoginAs
Session.add(
User(email='*****@*****.**', groups=[
Group.by_name('enabled'),
]))
context = User.by_email('*****@*****.**')
context.groups.append(Group.by_name('impersonators'))
request = testing.DummyRequest(
layout_manager=mock.Mock(),
session=mock.Mock(),
)
form_values = {'email': '*****@*****.**'}
request.user = context
view = LoginAs(request)
resp = view.login_as_success(form_values)
self.assertEqual(resp.location, 'http://example.com')
request.session.flash.assert_called_once_with(
u'You have successfully logged in as user "*****@*****.**".')
def test_audit_log_delete(self):
from pyramid_bimt.models import AuditLogEventType
from pyramid_bimt.views.auditlog import audit_log_delete
import transaction
self.config.testing_securitypolicy(userid='*****@*****.**',
permissive=True)
request = self.request
request.user = User(id=1, email='*****@*****.**')
entry = AuditLogEntry(
user_id=1,
event_type_id=AuditLogEventType.by_name('UserCreated').id,
)
Session.add(entry)
request.context = entry
transaction.commit()
resp = audit_log_delete(request)
self.assertIn('/activity/', resp.location)
self.assertEqual(len(handler.records), 1)
self.assertEqual(
handler.records[0].message,
'User <User:1 (email=\'[email protected]\')> removing auditlog entry '
'<AuditLogEntry:3 (user=u\'[email protected]\', type=u\'UserCreated\')>.' # noqa
)
def _make_user(email='*****@*****.**', **kwargs):
user = User(email=email, **kwargs)
Session.add(user)
return user
def test_appstruct_empty_context(self):
self.request.context = User()
self.assertEqual(self.view.appstruct(), {})
def _make_user():
user = User(email='*****@*****.**')
Session.add(user)
return user
def test_invalid_position(self):
portlets = Portlet.by_user_and_position(User(), 'foo')
self.assertEqual(portlets, [])