def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace_and_name( self ): admin = self.session.query(User).filter(User.email == "*****@*****.**").one() api = UserApi(current_user=None, session=self.session, config=self.app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) u2 = api.create_user(email="email2@email2", name="name2", do_notify=False, do_save=True) u3 = api.create_user( email="notfound@notfound", name="notfound", do_notify=False, do_save=True ) u4 = api.create_user(email="email3@email3", name="name3", do_notify=False, do_save=True) wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config) workspace = wapi.create_workspace("test workspace n°1", save_now=True) wapi = WorkspaceApi(current_user=admin, session=self.session, config=self.app_config) workspace_2 = wapi.create_workspace("test workspace n°2", save_now=True) role_api = RoleApi(current_user=admin, session=self.session, config=self.app_config) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u4, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi(current_user=u3, session=self.session, config=self.app_config) users = api2.get_known_user( "name", exclude_workspace_ids=[workspace.workspace_id], exclude_user_ids=[u4.user_id] ) assert len(users) == 1 assert users[0] == u2
def test_unit__disable_user___ok__nominal_case(self, session, app_config): api = UserApi(current_user=None, session=session, config=app_config) profile = Profile.USER user = api.create_user( email="*****@*****.**", password="******", name="bob", profile=profile, timezone="Europe/Paris", do_save=True, do_notify=False, ) user2 = api.create_user( email="*****@*****.**", password="******", name="bob2", profile=profile, timezone="Europe/Paris", do_save=True, do_notify=False, ) api2 = UserApi(current_user=user, session=session, config=app_config) api2.disable(user2) updated_user2 = api.get_one(user2.user_id) assert updated_user2.is_active is False assert updated_user2.user_id == user2.user_id assert updated_user2.email == user2.email
def test_unit__disable_user___ok__nominal_case(self): api = UserApi(current_user=None, session=self.session, config=self.app_config) gapi = GroupApi(current_user=None, session=self.session, config=self.app_config) groups = [gapi.get_one_with_name("users")] user = api.create_user( email="*****@*****.**", password="******", name="bob", groups=groups, timezone="Europe/Paris", do_save=True, do_notify=False, ) user2 = api.create_user( email="*****@*****.**", password="******", name="bob2", groups=groups, timezone="Europe/Paris", do_save=True, do_notify=False, ) api2 = UserApi(current_user=user, session=self.session, config=self.app_config) api2.disable(user2) updated_user2 = api.get_one(user2.user_id) assert updated_user2.is_active is False assert updated_user2.user_id == user2.user_id assert updated_user2.email == user2.email
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace_and_name( self, session, app_config, workspace_api_factory, role_api_factory, admin_user ): api = UserApi(current_user=admin_user, session=session, config=app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) u2 = api.create_user(email="email2@email2", name="name2", do_notify=False, do_save=True) u3 = api.create_user( email="notfound@notfound", name="notfound", do_notify=False, do_save=True ) u4 = api.create_user(email="email3@email3", name="name3", do_notify=False, do_save=True) wapi = workspace_api_factory.get() workspace = wapi.create_workspace("test workspace n°1", save_now=True) wapi = workspace_api_factory.get() workspace_2 = wapi.create_workspace("test workspace n°2", save_now=True) role_api = role_api_factory.get() role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u4, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi(current_user=u3, session=session, config=app_config) users = api2.get_known_user( "name", exclude_workspace_ids=[workspace.workspace_id], exclude_user_ids=[u4.user_id] ) assert len(users) == 1 assert users[0] == u2
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self): admin = self.session.query(models.User) \ .filter(models.User.email == '*****@*****.**') \ .one() api = UserApi( current_user=None, session=self.session, config=self.config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) u2 = api.create_user( email='email2@email2', name='name2', do_notify=False, do_save=True, ) u3 = api.create_user( email='notfound@notfound', name='notfound', do_notify=False, do_save=True, ) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace = wapi.create_workspace( 'test workspace n°1', save_now=True) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace_2 = wapi.create_workspace( 'test workspace n°2', save_now=True) role_api = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi( current_user=u3, session=self.session, config=self.config, ) users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id]) assert len(users) == 1 assert users[0] == u2
def test_unit__get_known__user__distinct_workspaces_users_by_name__exclude_workspace(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) u2 = api.create_user( email='email2@email2', name='name2', do_notify=False, do_save=True, ) u3 = api.create_user( email='notfound@notfound', name='notfound', do_notify=False, do_save=True, ) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace = wapi.create_workspace( 'test workspace n°1', save_now=True) wapi = WorkspaceApi( current_user=admin, session=self.session, config=self.app_config, ) workspace_2 = wapi.create_workspace( 'test workspace n°2', save_now=True) role_api = RoleApi( current_user=admin, session=self.session, config=self.app_config, ) role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u2, workspace_2, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False) role_api.create_one(u3, workspace_2, UserRoleInWorkspace.READER, False) api2 = UserApi( current_user=u3, session=self.session, config=self.app_config, ) users = api2.get_known_user('name', exclude_workspace_ids=[workspace.workspace_id]) assert len(users) == 1 assert users[0] == u2
def test__unit__get_notifiable_roles__ok__nominal_case(self): admin = self.session.query(User).filter( User.email == "*****@*****.**").one() wapi = WorkspaceApi(session=self.session, config=self.app_config, current_user=admin) workspace = wapi.create_workspace(label="workspace w", save_now=True) uapi = UserApi(session=self.session, current_user=admin, config=self.app_config) user_1 = uapi.create_user(email="[email protected]", auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) user_2 = uapi.create_user(email="[email protected]", auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi(session=self.session, current_user=admin, config=self.app_config) role_1 = rapi.create_one(user_1, workspace, UserRoleInWorkspace.READER, with_notif=True) role_2 = rapi.create_one(user_2, workspace, UserRoleInWorkspace.READER, with_notif=False) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 not in wapi.get_notifiable_roles(workspace=workspace)
def test_proxy_workspace_agenda__err__other_workspace_agenda(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("users")] uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi(current_user=admin, session=dbsession, config=self.app_config, show_deleted=True) workspace = workspace_api.create_workspace("test", save_now=True) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) result = self.testapp.get("/agenda/workspace/{}/".format( workspace.workspace_id), status=403) assert result.json_body["code"] == 5001
def test__unit__get_notifiable_roles__ok__do_not_show_inactive(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) workspace = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi( session=self.session, current_user=admin, config=self.app_config ) user_1 = uapi.create_user( email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify=False ) user_2 = uapi.create_user( email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify = False ) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) role_1 = rapi.create_one( user_1, workspace, UserRoleInWorkspace.READER, with_notif=True ) role_2 = rapi.create_one( user_2, workspace, UserRoleInWorkspace.READER, with_notif=True ) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 in wapi.get_notifiable_roles(workspace=workspace) user_1.is_active = False assert not role_1 in wapi.get_notifiable_roles(workspace=workspace) assert role_2 in wapi.get_notifiable_roles(workspace=workspace)
def test__unit__create_user__err__external_auth_ldap_with_password(self): api = UserApi(current_user=None, session=self.session, config=self.app_config) with pytest.raises(ExternalAuthUserPasswordModificationDisallowed): api.create_user( email="bob@bob", password="******", name="bob", auth_type=AuthType.LDAP, timezone="+2", lang="en", do_save=True, do_notify=False, )
def test__unit__get_notifiable_roles__ok__do_not_show_unknown_auth(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi( session=self.session, config=self.app_config, current_user=admin, ) workspace = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi(session=self.session, current_user=admin, config=self.app_config) user_1 = uapi.create_user(email='[email protected]', auth_type=AuthType.INTERNAL, do_save=True, do_notify=False) user_2 = uapi.create_user(email='[email protected]', auth_type=AuthType.UNKNOWN, do_save=True, do_notify=False) user_3 = uapi.create_user(email='[email protected]', auth_type=AuthType.REMOTE, do_save=True, do_notify=False) assert wapi.get_notifiable_roles(workspace=workspace) == [] rapi = RoleApi( session=self.session, current_user=admin, config=self.app_config, ) role_1 = rapi.create_one(user_1, workspace, UserRoleInWorkspace.READER, with_notif=True) role_2 = rapi.create_one(user_2, workspace, UserRoleInWorkspace.READER, with_notif=True) role_3 = rapi.create_one(user_3, workspace, UserRoleInWorkspace.READER, with_notif=True) assert role_1 in wapi.get_notifiable_roles(workspace=workspace) assert not role_2 in wapi.get_notifiable_roles(workspace=workspace) assert role_3 in wapi.get_notifiable_roles(workspace=workspace)
def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('password') assert u.display_name == 'bob' assert u.timezone == '+2' # Send mail async from redis queue with daemon daemon = MailSenderDaemon(self.app_config, burst=True) daemon.run() # check mail received response = self.get_mailhog_mails() headers = response[0]['Content']['Headers'] assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8 assert headers['To'][0] == 'bob <bob@bob>' assert headers['Subject'][0] == '[TRACIM] Created account'
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter(User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("users")] test_user = uapi.create_user( email="*****@*****.**", password="******", name="bob", groups=groups, timezone="Europe/Paris", lang="en", do_save=True, do_notify=False, ) uapi.save(test_user) uapi.disable(test_user) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "password")) res = self.testapp.get("/api/v2/auth/whoami", status=401) assert isinstance(res.json, dict) assert "code" in res.json.keys() # INFO - G.M - 2018-09-10 - Handled by marshmallow_schema assert res.json_body["code"] is None assert "message" in res.json.keys() assert "details" in res.json.keys()
def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi(current_user=None, session=self.session, config=self.app_config) u = api.create_user( email="bob@bob", password="******", name="bob", timezone="+2", do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password("password") assert u.display_name == "bob" assert u.timezone == "+2" # Send mail async from redis queue with daemon daemon = MailSenderDaemon(self.app_config, burst=True) daemon.run() # check mail received response = self.get_mailhog_mails() headers = response[0]["Content"]["Headers"] assert headers["From"][ 0] == "Tracim Notifications <test_user_from+0@localhost>" assert headers["To"][0] == "bob <bob@bob>" assert headers["Subject"][0] == "[TRACIM] Created account"
def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', lang='fr', do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('password') assert u.display_name == 'bob' assert u.timezone == '+2' # check mail received response = self.get_mailhog_mails() headers = response[0]['Content']['Headers'] assert headers['From'][ 0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8 assert headers['To'][0] == 'bob <bob@bob>' assert headers['Subject'][0] == '[TRACIM] Created account'
def create_user(self, context, request: TracimRequest, hapic_data=None): """ Create new user. Note: One of username or email required. """ app_config = request.registry.settings["CFG"] # type: CFG uapi = UserApi( current_user=request.current_user, session=request.dbsession, config=app_config # User ) if hapic_data.body.profile: profile = Profile.get_profile_from_slug(hapic_data.body.profile) else: profile = None password = hapic_data.body.password if not password and hapic_data.body.email_notification: password = password_generator() user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.email, password=password, timezone=hapic_data.body.timezone, lang=hapic_data.body.lang, name=hapic_data.body.public_name, username=hapic_data.body.username, do_notify=hapic_data.body.email_notification, allowed_space=hapic_data.body.allowed_space, profile=profile, do_save=True, ) uapi.execute_created_user_actions(user) return uapi.get_user_with_context(user)
def test_functional__webdav_access_to_root__remote_auth(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User) \ .filter(User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = uapi.create_user( '*****@*****.**', password=None, do_save=True, do_notify=False, groups=groups, auth_type=AuthType.REMOTE ) uapi.save(user) transaction.commit() extra_environ = { 'REMOTE_USER': '******', } res = self.testapp.get('/', status=200, extra_environ=extra_environ) assert res
def test_unit_update__ok_external_auth_ldap(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password=None, name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, ) api.update( email='bob@bob', user = u, name='bobi', password=None, auth_type=AuthType.LDAP, timezone='-1', lang='fr', do_save=True, ) assert u.display_name == 'bobi'
def test_unit__get_known__user__admin__by_name(self): api = UserApi(current_user=None, session=self.session, config=self.app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) users = api.get_known_user("nam") assert len(users) == 1 assert users[0] == u1
def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('password') assert u.display_name == 'bob' assert u.timezone == '+2' # Send mail async from redis queue redis = get_redis_connection(self.app_config) queue = get_rq_queue( redis, 'mail_sender', ) worker = SimpleWorker([queue], connection=queue.connection) worker.work(burst=True) # check mail received response = self.get_mailhog_mails() headers = response[0]['Content']['Headers'] assert headers['From'][ 0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8 assert headers['To'][0] == 'bob <bob@bob>' assert headers['Subject'][0] == '[TRACIM] Created account'
def test_functional__webdav_access_to_root__nominal_case(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User) \ .filter(User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = uapi.create_user('*****@*****.**', password='******', do_save=True, do_notify=False, groups=groups) # nopep8 transaction.commit() self.testapp.authorization = ( 'Basic', ( '*****@*****.**', '*****@*****.**' ) ) res = self.testapp.get('/', status=200) assert res
def test_unit__get_known__user__user__no_workspace_empty_known_user(self): admin = self.session.query(User).filter(User.email == "*****@*****.**").one() api = UserApi(current_user=admin, session=self.session, config=self.app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) api2 = UserApi(current_user=u1, session=self.session, config=self.app_config) users = api2.get_known_user("email") assert len(users) == 0
def create_user(self, context, request: TracimRequest, hapic_data=None): """ Create new user """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) gapi = GroupApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) groups = [gapi.get_one_with_name(hapic_data.body.profile)] password = hapic_data.body.password if not password and hapic_data.body.email_notification: password = password_generator() user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.email, password=password, timezone=hapic_data.body.timezone, lang=hapic_data.body.lang, name=hapic_data.body.public_name, do_notify=hapic_data.body.email_notification, groups=groups, do_save=True ) return uapi.get_user_with_context(user)
def test_proxy_user_agenda__ok__nominal_case(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) self.testapp.get("/agenda/user/{}/".format(user.user_id), status=404) event = VALID_CALDAV_BODY_PUT_EVENT self.testapp.put("/agenda/user/{}/".format(user.user_id), event, content_type="text/calendar", status=201) self.testapp.get("/agenda/user/{}/".format(user.user_id), status=200) self.testapp.delete("/agenda/user/{}/".format(user.user_id), status=200)
def test_unit_update__ok_external_auth_ldap(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password=None, name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, ) api.update( email='bob@bob', user=u, name='bobi', password=None, auth_type=AuthType.LDAP, timezone='-1', lang='fr', do_save=True, ) assert u.display_name == 'bobi'
def test_unit_update__err__external_auth_ldap_set_email(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password=None, name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, ) with pytest.raises(ExternalAuthUserEmailModificationDisallowed): api.update( email='bob@bob1', user=u, name='bobi', password=None, auth_type=AuthType.LDAP, timezone='-1', lang='fr', do_save=True, )
def test_unit_update__err__external_auth_ldap_set_email(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password=None, name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, ) with pytest.raises(ExternalAuthUserEmailModificationDisallowed): api.update( email='bob@bob1', user = u, name='bobi', password=None, auth_type=AuthType.LDAP, timezone='-1', lang='fr', do_save=True, )
def test_api___simple_search_ok__no_search_string(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter(User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi( current_user=admin, session=dbsession, config=self.app_config, show_deleted=True ) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) api.create( content_type_slug="html-document", workspace=workspace, label="test", do_save=True ) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) res = self.testapp.get("/api/v2/search/content".format(), status=200) search_result = res.json_body assert search_result assert search_result["total_hits"] == 0 assert search_result["is_total_hits_accurate"] is True assert len(search_result["contents"]) == 0
def test_unit__disable_user___err__user_cant_disable_itself(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api2 = UserApi(current_user=user, session=self.session, config=self.app_config) from tracim_backend.exceptions import UserCantDisableHimself with pytest.raises(UserCantDisableHimself): api2.disable(user)
def create_user(self, context, request: TracimRequest, hapic_data=None): """ Create new user """ app_config = request.registry.settings['CFG'] uapi = UserApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) gapi = GroupApi( current_user=request.current_user, # User session=request.dbsession, config=app_config, ) groups = [gapi.get_one_with_name(hapic_data.body.profile)] user = uapi.create_user(email=hapic_data.body.email, password=hapic_data.body.password, timezone=hapic_data.body.timezone, lang=hapic_data.body.lang, name=hapic_data.body.public_name, do_notify=hapic_data.body.email_notification, groups=groups, do_save=True) return uapi.get_user_with_context(user)
def test_unit__disable_user___err__user_cant_disable_itself(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api2 = UserApi(current_user=user,session=self.session, config=self.app_config) from tracim_backend.exceptions import UserCantDisableHimself with pytest.raises(UserCantDisableHimself): api2.disable(user)
def test_func__create_user_with_mail_notification__ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', do_save=True, do_notify=True, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('pass') assert u.display_name == 'bob' assert u.timezone == '+2' # Send mail async from redis queue with daemon daemon = MailSenderDaemon(self.app_config, burst=True) daemon.run() # check mail received response = requests.get('http://127.0.0.1:8025/api/v1/messages') response = response.json() headers = response[0]['Content']['Headers'] assert headers['From'][ 0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8 assert headers['To'][0] == 'bob <bob@bob>' assert headers['Subject'][0] == '[TRACIM] Created account'
def create_user(self, context, request: TracimRequest, hapic_data=None): """ Create new user """ app_config = request.registry.settings["CFG"] # type: CFG uapi = UserApi( current_user=request.current_user, session=request.dbsession, config=app_config # User ) gapi = GroupApi( current_user=request.current_user, session=request.dbsession, config=app_config # User ) groups = [gapi.get_one_with_name(hapic_data.body.profile)] password = hapic_data.body.password if not password and hapic_data.body.email_notification: password = password_generator() user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.email, password=password, timezone=hapic_data.body.timezone, lang=hapic_data.body.lang, name=hapic_data.body.public_name, do_notify=hapic_data.body.email_notification, groups=groups, do_save=True, ) uapi.execute_created_user_actions(user) return uapi.get_user_with_context(user)
def test_api___simple_search_ok__by_comment_content( self, created_content_name, search_string, nb_content_result, first_search_result_content_name, first_created_comment_content, second_created_comment_content, ) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter(User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi( current_user=admin, session=dbsession, config=self.app_config, show_deleted=True ) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) content = api.create( content_type_slug="html-document", workspace=workspace, label=created_content_name, do_save=True, ) api.create_comment( workspace=workspace, parent=content, content=first_created_comment_content, do_save=True ) api.create_comment( workspace=workspace, parent=content, content=second_created_comment_content, do_save=True, ) api.create( content_type_slug="html-document", workspace=workspace, label="report", do_save=True ) api.create( content_type_slug="thread", workspace=workspace, label="discussion", do_save=True ) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) params = {"search_string": search_string} res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params) search_result = res.json_body assert search_result assert search_result["total_hits"] == nb_content_result assert search_result["is_total_hits_accurate"] is False assert search_result["contents"][0]["label"] == first_search_result_content_name
def test_proxy_user_agenda__ok__workspace_filter(self) -> None: dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi(current_user=admin, session=dbsession, config=self.app_config, show_deleted=True) workspace = workspace_api.create_workspace("wp1", save_now=True) workspace.agenda_enabled = True workspace2 = workspace_api.create_workspace("wp2", save_now=True) workspace2.agenda_enabled = True workspace3 = workspace_api.create_workspace("wp3", save_now=True) workspace3.agenda_enabled = True rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.CONTRIBUTOR, False) rapi.create_one(user, workspace2, UserRoleInWorkspace.READER, False) rapi.create_one(user, workspace3, UserRoleInWorkspace.READER, False) transaction.commit() self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) params = { "workspace_ids": "{},{}".format(workspace.workspace_id, workspace3.workspace_id), "agenda_types": "workspace", } result = self.testapp.get("/api/v2/users/{}/agenda".format( user.user_id), params=params, status=200) assert len(result.json_body) == 2 agenda = result.json_body[0] assert agenda[ "agenda_url"] == "http://localhost:6543/agenda/workspace/{}/".format( workspace.workspace_id) assert agenda["with_credentials"] is True agenda = result.json_body[1] assert agenda[ "agenda_url"] == "http://localhost:6543/agenda/workspace/{}/".format( workspace3.workspace_id) assert agenda["with_credentials"] is True
def test_api__elasticsearch_search__ok__in_file_ingest_search(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User).filter( User.email == "*****@*****.**").one() uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config) gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config) groups = [gapi.get_one_with_name("trusted-users")] user = uapi.create_user( "*****@*****.**", password="******", do_save=True, do_notify=False, groups=groups, ) workspace_api = WorkspaceApi(current_user=admin, session=dbsession, config=self.app_config, show_deleted=True) workspace = workspace_api.create_workspace("test", save_now=True) rapi = RoleApi(current_user=admin, session=dbsession, config=self.app_config) rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False) api = ContentApi(session=dbsession, current_user=user, config=self.app_config) with self.session.no_autoflush: text_file = api.create( content_type_slug=content_type_list.File.slug, workspace=workspace, label="important", do_save=False, ) api.update_file_data(text_file, "test_file", "text/plain", b"we need to find stringtosearch here !") api.save(text_file) api.execute_created_content_actions(text_file) content_id = text_file.content_id transaction.commit() self.refresh_elasticsearch() params = {"search_string": "stringtosearch"} self.testapp.authorization = ("Basic", ("*****@*****.**", "*****@*****.**")) res = self.testapp.get("/api/v2/search/content".format(), status=200, params=params) search_result = res.json_body assert search_result assert search_result["total_hits"] == 1 assert search_result["is_total_hits_accurate"] is True assert len(search_result["contents"]) == 1 assert search_result["contents"][0]["content_id"] == content_id
def test_unit__get_known__user__user__no_workspace_empty_known_user( self, session, app_config, admin_user ): api = UserApi(current_user=admin_user, session=session, config=app_config) u1 = api.create_user(email="email@email", name="name", do_notify=False, do_save=True) api2 = UserApi(current_user=u1, session=session, config=app_config) users = api2.get_known_user("email") assert len(users) == 0
def test_unit__disable_user___ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) user2 = api.create_user( email='*****@*****.**', password='******', name='bob2', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api2 = UserApi(current_user=user,session=self.session, config=self.app_config) from tracim_backend.exceptions import UserCantDisableHimself api2.disable(user2) updated_user2 = api.get_one(user2.user_id) assert updated_user2.is_active == False assert updated_user2.user_id == user2.user_id assert updated_user2.email == user2.email
def test_unit__get_known__user__admin__too_short_acp_str(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) with pytest.raises(TooShortAutocompleteString): api.get_known_user('e')
def test_unit__get_known__user__admin__by_name(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) users = api.get_known_user('nam') assert len(users) == 1 assert users[0] == u1
def test__unit__create_user__err__external_auth_ldap_with_password(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(ExternalAuthUserPasswordModificationDisallowed): u = api.create_user( email='bob@bob', password='******', name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, )
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User) \ .filter(User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] test_user = uapi.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', lang='en', do_save=True, do_notify=False, ) uapi.save(test_user) uapi.disable(test_user) transaction.commit() self.testapp.authorization = ( 'Basic', ( '*****@*****.**', 'password' ) ) res = self.testapp.get('/api/v2/auth/whoami', status=401) assert isinstance(res.json, dict) assert 'code' in res.json.keys() # INFO - G.M - 2018-09-10 - Handled by marshmallow_schema assert res.json_body['code'] is None assert 'message' in res.json.keys() assert 'details' in res.json.keys()
def test_api__try_login_enpoint__err_401__user_not_activated(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User) \ .filter(User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] test_user = uapi.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) uapi.save(test_user) uapi.disable(test_user) transaction.commit() params = { 'email': '*****@*****.**', 'password': '******', } res = self.testapp.post_json( '/api/v2/auth/login', params=params, status=403, ) assert res.json_body assert 'code' in res.json_body assert res.json_body['code'] == error.AUTHENTICATION_FAILED
def test__unit__create__user__ok_nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password='******', name='bob', timezone='+2', lang='en', do_save=True, do_notify=False, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password('password') assert u.display_name == 'bob' assert u.timezone == '+2' assert u.lang == 'en'
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self): dbsession = get_tm_session(self.session_factory, transaction.manager) admin = dbsession.query(User) \ .filter(User.email == '*****@*****.**') \ .one() uapi = UserApi( current_user=admin, session=dbsession, config=self.app_config, ) gapi = GroupApi( current_user=admin, session=dbsession, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] test_user = uapi.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) uapi.save(test_user) uapi.disable(test_user) transaction.commit() headers_auth = { 'Tracim-Api-Key': 'mysuperapikey', 'Tracim-Api-Login': '******', } res = self.testapp.get( '/api/v2/auth/whoami', status=401, headers=headers_auth ) assert isinstance(res.json, dict) assert 'code' in res.json.keys() assert res.json_body['code'] is None
def test__unit__create__user__ok__external_auth_ldap(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) u = api.create_user( email='bob@bob', password=None, name='bob', auth_type=AuthType.LDAP, timezone='+2', lang='en', do_save=True, do_notify=False, ) assert u is not None assert u.email == "bob@bob" assert u.validate_password(None) is False assert u.display_name == 'bob' assert u.timezone == '+2' assert u.lang == 'en'
def test_unit__get_known__user__user__no_workspace_empty_known_user(self): admin = self.session.query(User) \ .filter(User.email == '*****@*****.**') \ .one() api = UserApi( current_user=admin, session=self.session, config=self.app_config, ) u1 = api.create_user( email='email@email', name='name', do_notify=False, do_save=True, ) api2 = UserApi( current_user=u1, session=self.session, config=self.app_config, ) users = api2.get_known_user('email') assert len(users) == 0
def test_unit__authenticate_user___err__user_not_active(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api.disable(user) with pytest.raises(AuthenticationFailed): api.authenticate('*****@*****.**', '*****@*****.**')
def create_workspaces_members_role( self, context, request: TracimRequest, hapic_data=None ) -> UserRoleWorkspaceInContext: """ Add a member to this workspace. This feature is for workspace managers and administrators. """ newly_created = False email_sent = False app_config = request.registry.settings['CFG'] # type: CFG rapi = RoleApi( current_user=request.current_user, session=request.dbsession, config=app_config, ) uapi = UserApi( current_user=request.current_user, session=request.dbsession, config=app_config, show_deactivated=True, show_deleted=True, ) try: _, user = uapi.find( user_id=hapic_data.body.user_id, email=hapic_data.body.user_email, public_name=hapic_data.body.user_public_name ) if user.is_deleted: raise UserIsDeleted('This user has been deleted. Unable to invite him.') # nopep8 if not user.is_active: raise UserIsNotActive('This user is not activated. Unable to invite him') # nopep8 except UserDoesNotExist as exc: if not uapi.allowed_to_invite_new_user(hapic_data.body.user_email): raise exc if app_config.NEW_USER_INVITATION_DO_NOTIFY: user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.user_email, password=password_generator(), do_notify=True ) if app_config.EMAIL_NOTIFICATION_ACTIVATED and \ app_config.NEW_USER_INVITATION_DO_NOTIFY and \ app_config.EMAIL_NOTIFICATION_PROCESSING_MODE.lower() == 'sync': email_sent = True else: user = uapi.create_user( auth_type=AuthType.UNKNOWN, email=hapic_data.body.user_email, password=None, do_notify=False ) newly_created = True role = rapi.create_one( user=user, workspace=request.current_workspace, role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level, # nopep8 with_notif=app_config.EMAIl_NOTIFICATION_ENABLED_ON_INVITATION, flush=True, ) return rapi.get_user_role_workspace_with_context( role, newly_created=newly_created, email_sent=email_sent, )