def test_mark_namespace_for_deletion(initialized_db):
def create_transaction(db):
return db.transaction()
# Create a user and then mark it for deletion.
user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
# Add some robots.
create_robot("foo", user)
create_robot("bar", user)
assert lookup_robot("foobar+foo") is not None
assert lookup_robot("foobar+bar") is not None
assert len(list(list_namespace_robots("foobar"))) == 2
# Add some federated user links.
attach_federated_login(user, "google", "someusername")
attach_federated_login(user, "github", "someusername")
assert FederatedLogin.select().where(
FederatedLogin.user == user).count() == 2
assert FederatedLogin.select().where(
FederatedLogin.service_ident == "someusername").exists()
# Mark the user for deletion.
queue = WorkQueue("testgcnamespace", create_transaction)
mark_namespace_for_deletion(user, [], queue)
# Ensure the older user is still in the DB.
older_user = User.get(id=user.id)
assert older_user.username != "foobar"
# Ensure the robots are deleted.
with pytest.raises(InvalidRobotException):
assert lookup_robot("foobar+foo")
with pytest.raises(InvalidRobotException):
assert lookup_robot("foobar+bar")
assert len(list(list_namespace_robots(older_user.username))) == 0
# Ensure the federated logins are gone.
assert FederatedLogin.select().where(
FederatedLogin.user == user).count() == 0
assert (not FederatedLogin.select().where(
FederatedLogin.service_ident == "someusername").exists())
# Ensure we can create a user with the same namespace again.
new_user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
assert new_user.id != user.id
# Ensure the older user is still in the DB.
assert User.get(id=user.id).username != "foobar"
def test_get_matching_users_with_same_prefix(initialized_db):
# Create a bunch of users with the same prefix.
for index in range(0, 20):
create_user_noverify('foo%s' % index, '*****@*****.**' % index, email_required=False)
# For each user, ensure that lookup of the exact name is found first.
for index in range(0, 20):
username = '******' % index
assert list(get_matching_users(username))[0].username == username
# Prefix matching.
found = list(get_matching_users('foo', limit=50))
assert len(found) == 20
def test_invite_to_team(initialized_db):
first_user = get_user('devtable')
second_user = create_user_noverify('newuser', '*****@*****.**')
def run_invite_flow(orgname):
# Create an org owned by `devtable`.
org = create_organization(orgname, orgname + '@example.com',
first_user)
# Create another team and add `devtable` to it. Since `devtable` is already
# in the org, it should be done directly.
other_team = create_team('otherteam', org, 'admin')
invite = add_or_invite_to_team(first_user,
other_team,
user_obj=first_user)
assert invite is None
assert is_in_team(other_team, first_user)
# Try to add `newuser` to the team, which should require an invite.
invite = add_or_invite_to_team(first_user,
other_team,
user_obj=second_user)
assert invite is not None
assert not is_in_team(other_team, second_user)
# Accept the invite.
confirm_team_invite(invite.invite_token, second_user)
assert is_in_team(other_team, second_user)
# Run for a new org.
run_invite_flow('firstorg')
# Create another org and repeat, ensuring the same operations perform the same way.
run_invite_flow('secondorg')
def test_create_user_with_expiration(initialized_db):
with patch("data.model.config.app_config",
{"DEFAULT_TAG_EXPIRATION": "1h"}):
user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
assert user.removed_tag_expiration_s == 60 * 60
def test_delete_namespace_via_marker(initialized_db):
def create_transaction(db):
return db.transaction()
# Create a user and then mark it for deletion.
user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
# Add some repositories.
create_repository("foobar", "somerepo", user)
create_repository("foobar", "anotherrepo", user)
# Mark the user for deletion.
queue = WorkQueue("testgcnamespace", create_transaction)
marker_id = mark_namespace_for_deletion(user, [], queue)
# Delete the user.
with check_transitive_modifications():
delete_namespace_via_marker(marker_id, [])
# Ensure the user was actually deleted.
with pytest.raises(User.DoesNotExist):
User.get(id=user.id)
with pytest.raises(DeletedNamespace.DoesNotExist):
DeletedNamespace.get(id=marker_id)
def create_organization(name,
email,
creating_user,
email_required=True,
is_possible_abuser=False):
with db_transaction():
try:
# Create the org
new_org = user.create_user_noverify(
name,
email,
email_required=email_required,
is_possible_abuser=is_possible_abuser)
new_org.organization = True
new_org.save()
# Create a team for the owners
owners_team = team.create_team("owners", new_org, "admin")
# Add the user who created the org to the owners team
team.add_user_to_team(creating_user, owners_team)
return new_org
except InvalidUsernameException as iue:
raise InvalidOrganizationException(iue.message)
def test_mark_namespace_for_deletion(initialized_db):
def create_transaction(db):
return db.transaction()
# Create a user and then mark it for deletion.
user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
# Add some robots.
create_robot("foo", user)
create_robot("bar", user)
assert lookup_robot("foobar+foo") is not None
assert lookup_robot("foobar+bar") is not None
assert len(list(list_namespace_robots("foobar"))) == 2
# Mark the user for deletion.
queue = WorkQueue("testgcnamespace", create_transaction)
mark_namespace_for_deletion(user, [], queue)
# Ensure the older user is still in the DB.
older_user = User.get(id=user.id)
assert older_user.username != "foobar"
# Ensure the robots are deleted.
with pytest.raises(InvalidRobotException):
assert lookup_robot("foobar+foo")
with pytest.raises(InvalidRobotException):
assert lookup_robot("foobar+bar")
assert len(list(list_namespace_robots(older_user.username))) == 0
# Ensure we can create a user with the same namespace again.
new_user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
assert new_user.id != user.id
# Ensure the older user is still in the DB.
assert User.get(id=user.id).username != "foobar"
def test_validation_code(token_lifetime, time_since, initialized_db):
user = create_user_noverify('foobar', '*****@*****.**', email_required=False)
created = datetime.now() - convert_to_timedelta(time_since)
verification_code, unhashed = Credential.generate()
confirmation = EmailConfirmation.create(user=user, pw_reset=True,
created=created, verification_code=verification_code)
encoded = encode_public_private_token(confirmation.code, unhashed)
with patch('data.model.config.app_config', {'USER_RECOVERY_TOKEN_LIFETIME': token_lifetime}):
result = validate_reset_code(encoded)
expect_success = convert_to_timedelta(token_lifetime) >= convert_to_timedelta(time_since)
assert expect_success == (result is not None)
def test_delete_robot(initialized_db):
# Create a robot account.
user = create_user_noverify('foobar', '*****@*****.**', email_required=False)
robot, _ = create_robot('foo', user)
# Add some notifications and other rows pointing to the robot.
create_notification('repo_push', robot)
team = create_team('someteam', get_organization('buynlarge'), 'member')
add_user_to_team(robot, team)
# Ensure the robot exists.
assert lookup_robot(robot.username).id == robot.id
# Delete the robot.
delete_robot(robot.username)
# Ensure it is gone.
with pytest.raises(InvalidRobotException):
lookup_robot(robot.username)
def test_robot(initialized_db):
# Create a robot account.
user = create_user_noverify('foobar', '*****@*****.**', email_required=False)
robot, token = create_robot('foo', user)
assert retrieve_robot_token(robot) == token
# Ensure we can retrieve its information.
found = lookup_robot('foobar+foo')
assert found == robot
creds = get_pull_credentials('foobar+foo')
assert creds is not None
assert creds['username'] == 'foobar+foo'
assert creds['password'] == token
assert verify_robot('foobar+foo', token) == robot
with pytest.raises(InvalidRobotException):
assert verify_robot('foobar+foo', 'someothertoken')
with pytest.raises(InvalidRobotException):
assert verify_robot('foobar+unknownbot', token)
def test_robot(initialized_db):
# Create a robot account.
user = create_user_noverify("foobar",
"*****@*****.**",
email_required=False)
robot, token = create_robot("foo", user)
assert retrieve_robot_token(robot) == token
# Ensure we can retrieve its information.
found = lookup_robot("foobar+foo")
assert found == robot
creds = get_pull_credentials("foobar+foo")
assert creds is not None
assert creds["username"] == "foobar+foo"
assert creds["password"] == token
assert verify_robot("foobar+foo", token) == robot
with pytest.raises(InvalidRobotException):
assert verify_robot("foobar+foo", "someothertoken")
with pytest.raises(InvalidRobotException):
assert verify_robot("foobar+unknownbot", token)
def test_create_user_with_expiration(initialized_db):
with patch('data.model.config.app_config', {'DEFAULT_TAG_EXPIRATION': '1h'}):
user = create_user_noverify('foobar', '*****@*****.**', email_required=False)
assert user.removed_tag_expiration_s == 60 * 60
