def test_mtd_interraction(self):
from geonature.core.gn_meta.mtd.mtd_utils import (
post_jdd_from_user
)
"""
Test du web service MTD
A partir d'un utilisateur renvoyé par le CAS
on insert l'utilisateur 'demo.geonature' et son organisme s'il existe pas
puis on poste les CA et JDD renvoyé à le WS MTD
"""
user = {
"id_role": 10991,
"identifiant": "test.mtd",
"nom_role": "test_mtd",
"prenom_role": "test_mtd",
"id_organisme": 104,
}
organism = {"id_organisme": 104, "nom_organisme": "test"}
resp = users.insert_organism(organism)
assert resp.status_code == 200
resp = users.insert_role(user)
# id_role 10 = id_socle 1 in test
users.insert_in_cor_role(10, user["id_role"])
assert resp.status_code == 200
jdds = post_jdd_from_user(id_user=10991, id_organism=104)
assert len(jdds) >= 1
def test_mtd_interraction(self):
from geonature.core.gn_meta.mtd_utils import post_jdd_from_user, get_jdd_by_user_id, parse_jdd_xml
"""
Test du web service MTD
A partir d'un utilisateur renvoyé par le CAS
on insert l'utilisateur 'demo.geonature' et son organisme s'il existe pas
puis on poste les CA et JDD renvoyé à le WS MTD
"""
user = {
"id_role": 10991,
"identifiant": 'test.mtd',
"nom_role": 'test_mtd',
"prenom_role": 'test_mtd',
"id_organisme": 104,
}
organism = {"id_organisme": 104, "nom_organisme": 'test'}
resp = users.insert_organism(organism)
assert resp.status_code == 200
resp = users.insert_role(user)
users.insert_in_cor_role(20003, user['id_role'])
assert resp.status_code == 200
jdds = post_jdd_from_user(id_user=10991, id_organism=104)
assert len(jdds) >= 1
def test_mtd_interraction(self):
from geonature.core.gn_meta.mtd_utils import (
post_jdd_from_user,
get_jdd_by_user_id,
parse_jdd_xml,
)
"""
Test du web service MTD
A partir d'un utilisateur renvoyé par le CAS
on insert l'utilisateur 'demo.geonature' et son organisme s'il existe pas
puis on poste les CA et JDD renvoyé à le WS MTD
"""
user = {
"id_role": 10991,
"identifiant": "test.mtd",
"nom_role": "test_mtd",
"prenom_role": "test_mtd",
"id_organisme": 104,
}
organism = {"id_organisme": 104, "nom_organisme": "test"}
resp = users.insert_organism(organism)
assert resp.status_code == 200
resp = users.insert_role(user)
# id_role 10 = id_socle 1 in test
users.insert_in_cor_role(10, user["id_role"])
assert resp.status_code == 200
jdds = post_jdd_from_user(id_user=10991, id_organism=104)
assert len(jdds) >= 1
def insert_user_and_org(info_user):
organism_id = info_user["codeOrganisme"]
if info_user["libelleLongOrganisme"] is not None:
organism_name = info_user["libelleLongOrganisme"]
else:
organism_name = "Autre"
user_login = info_user["login"]
user_id = info_user["id"]
try:
assert user_id is not None and user_login is not None
except AssertionError:
log.error("'CAS ERROR: no ID or LOGIN provided'")
raise CasAuthentificationError("CAS ERROR: no ID or LOGIN provided",
status_code=500)
# Reconciliation avec base GeoNature
if organism_id:
organism = {
"id_organisme": organism_id,
"nom_organisme": organism_name
}
resp = users.insert_organism(organism)
user = {
"id_role": user_id,
"identifiant": user_login,
"nom_role": info_user["nom"],
"prenom_role": info_user["prenom"],
"id_organisme": organism_id,
"email": info_user["email"],
"active": True,
}
try:
resp = users.insert_role(user)
except Exception as e:
log.info(e)
log.error(e)
raise CasAuthentificationError("Error insering user in GeoNature",
status_code=500)
return user
def loginCas():
"""
Login route with the INPN CAS
.. :quickref: User;
"""
config_cas = current_app.config["CAS"]
params = request.args
if "ticket" in params:
base_url = current_app.config["API_ENDPOINT"] + "/gn_auth/login_cas"
url_validate = "{url}?ticket={ticket}&service={service}".format(
url=config_cas["CAS_URL_VALIDATION"],
ticket=params["ticket"],
service=base_url,
)
response = utilsrequests.get(url_validate)
user = None
xml_dict = xmltodict.parse(response.content)
resp = xml_dict["cas:serviceResponse"]
if "cas:authenticationSuccess" in resp:
user = resp["cas:authenticationSuccess"]["cas:user"]
if user:
ws_user_url = "{url}/{user}/?verify=false".format(
url=config_cas["CAS_USER_WS"]["URL"], user=user)
try:
response = utilsrequests.get(
ws_user_url,
(
config_cas["CAS_USER_WS"]["ID"],
config_cas["CAS_USER_WS"]["PASSWORD"],
),
)
assert response.status_code == 200
except AssertionError:
log.error("Error with the inpn authentification service")
raise CasAuthentificationError(
"Error with the inpn authentification service",
status_code=500)
info_user = response.json()
organism_id = info_user["codeOrganisme"]
if info_user["libelleLongOrganisme"] is not None:
organism_name = info_user["libelleLongOrganisme"]
else:
organism_name = "Autre"
user_login = info_user["login"]
user_id = info_user["id"]
try:
assert user_id is not None and user_login is not None
except AssertionError:
log.error("'CAS ERROR: no ID or LOGIN provided'")
raise CasAuthentificationError(
"CAS ERROR: no ID or LOGIN provided", status_code=500)
# Reconciliation avec base GeoNature
if organism_id:
organism = {
"id_organisme": organism_id,
"nom_organisme": organism_name
}
resp = users.insert_organism(organism)
user = {
"id_role": user_id,
"identifiant": user_login,
"nom_role": info_user["nom"],
"prenom_role": info_user["prenom"],
"id_organisme": organism_id,
"email": info_user["email"],
"active": True,
}
try:
resp = users.insert_role(user)
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# push the user in the right group
try:
if not current_app.config["CAS"]["USERS_CAN_SEE_ORGANISM_DATA"]:
# group socle 1
users.insert_in_cor_role(
current_app.config["BDD"]["ID_USER_SOCLE_1"],
user["id_role"])
elif organism_id is None:
# group socle 1
users.insert_in_cor_role(
current_app.config["BDD"]["ID_USER_SOCLE_1"],
user["id_role"])
else:
# group socle 2
users.insert_in_cor_role(
current_app.config["BDD"]["ID_USER_SOCLE_2"],
user["id_role"])
user["id_application"] = current_app.config[
"ID_APPLICATION_GEONATURE"]
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# creation de la Response
response = make_response(
redirect(current_app.config["URL_APPLICATION"]))
cookie_exp = datetime.datetime.utcnow()
expiration = current_app.config["COOKIE_EXPIRATION"]
cookie_exp += datetime.timedelta(seconds=expiration)
# generation d'un token
s = Serializer(current_app.config["SECRET_KEY"], expiration)
token = s.dumps(user)
response.set_cookie("token", token, expires=cookie_exp)
# User cookie
current_user = {
"user_login": user_login,
"id_role": user_id,
"id_organisme": organism_id if organism_id else -1,
}
response.set_cookie("current_user",
str(current_user),
expires=cookie_exp)
return response
else:
gunicorn_error_logger.info(
"Erreur d'authentification lié au CAS, voir log du CAS")
log.error("Erreur d'authentification lié au CAS, voir log du CAS")
return render_template(
"cas_login_error.html",
cas_logout=current_app.config["CAS_PUBLIC"]["CAS_URL_LOGOUT"],
url_geonature=current_app.config["URL_APPLICATION"],
)
return jsonify({"message": "Authentification error"}, 500)
def loginCas():
"""
Login route with the INPN CAS
"""
config_cas = current_app.config['CAS']
params = request.args
if 'ticket' in params:
base_url = current_app.config['API_ENDPOINT'] + "/gn_auth/login_cas"
url_validate = "{url}?ticket={ticket}&service={service}".format(
url=config_cas['CAS_URL_VALIDATION'],
ticket=params['ticket'],
service=base_url)
response = utilsrequests.get(url_validate)
user = None
xml_dict = xmltodict.parse(response.content)
resp = xml_dict['cas:serviceResponse']
if 'cas:authenticationSuccess' in resp:
user = resp['cas:authenticationSuccess']['cas:user']
if user:
ws_user_url = "{url}/{user}/?verify=false".format(
url=config_cas['CAS_USER_WS']['URL'], user=user)
try:
response = utilsrequests.get(
ws_user_url, (config_cas['CAS_USER_WS']['ID'],
config_cas['CAS_USER_WS']['PASSWORD']))
assert response.status_code == 200
except AssertionError:
log.error("Error with the inpn authentification service")
raise CasAuthentificationError(
'Error with the inpn authentification service',
status_code=500)
info_user = response.json()
organism_id = info_user['codeOrganisme']
if info_user['libelleLongOrganisme'] is not None:
organism_name = info_user['libelleLongOrganisme']
else:
organism_name = 'Autre'
user_login = info_user['login']
user_id = info_user['id']
try:
assert user_id is not None and user_login is not None
except AssertionError:
log.error("'CAS ERROR: no ID or LOGIN provided'")
raise CasAuthentificationError(
'CAS ERROR: no ID or LOGIN provided', status_code=500)
# Reconciliation avec base GeoNature
if organism_id:
organism = {
"id_organisme": organism_id,
"nom_organisme": organism_name
}
resp = users.insert_organism(organism)
user = {
"id_role": user_id,
"identifiant": user_login,
"nom_role": info_user['nom'],
"prenom_role": info_user['prenom'],
"id_organisme": organism_id,
}
try:
resp = users.insert_role(user)
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# push the user in the right group
try:
if not current_app.config['CAS']['USERS_CAN_SEE_ORGANISM_DATA']:
# group socle 1
users.insert_in_cor_role(
current_app.config['BDD']['ID_USER_SOCLE_1'],
user['id_role'])
elif organism_id is None:
# group socle 1
users.insert_in_cor_role(
current_app.config['BDD']['ID_USER_SOCLE_1'],
user['id_role'])
else:
# group socle 2
users.insert_in_cor_role(
current_app.config['BDD']['ID_USER_SOCLE_2'],
user['id_role'])
user['id_application'] = current_app.config[
'ID_APPLICATION_GEONATURE']
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# creation de la Response
response = make_response(
redirect(current_app.config['URL_APPLICATION']))
cookie_exp = datetime.datetime.utcnow()
expiration = current_app.config['COOKIE_EXPIRATION']
cookie_exp += datetime.timedelta(seconds=expiration)
# generation d'un token
s = Serializer(current_app.config['SECRET_KEY'], expiration)
token = s.dumps(user)
response.set_cookie('token', token, expires=cookie_exp)
# User cookie
current_user = {
'user_login': user_login,
'id_role': user_id,
'id_organisme': organism_id if organism_id else -1
}
response.set_cookie('current_user',
str(current_user),
expires=cookie_exp)
return response
else:
gunicorn_error_logger.info(
"Erreur d'authentification lié au CAS, voir log du CAS")
log.error("Erreur d'authentification lié au CAS, voir log du CAS")
return render_template(
'cas_login_error.html',
cas_logout=current_app.config['CAS_PUBLIC']['CAS_URL_LOGOUT'],
url_geonature=current_app.config['URL_APPLICATION'])
return jsonify({'message': 'Authentification error'}, 500)
def loginCas():
"""
Login route with the INPN CAS
"""
config_cas = current_app.config['CAS']
params = request.args
if 'ticket' in params:
base_url = current_app.config['API_ENDPOINT'] + "/gn_auth/login_cas"
url_validate = "{url}?ticket={ticket}&service={service}".format(
url=config_cas['CAS_URL_VALIDATION'],
ticket=params['ticket'],
service=base_url
)
response = utilsrequests.get(url_validate)
user = None
xml_dict = xmltodict.parse(response.content)
resp = xml_dict['cas:serviceResponse']
if 'cas:authenticationSuccess' in resp:
user = resp['cas:authenticationSuccess']['cas:user']
if user:
ws_user_url = "{url}/{user}/?verify=false".format(
url=config_cas['CAS_USER_WS']['URL'],
user=user
)
try:
response = utilsrequests.get(
ws_user_url,
(
config_cas['CAS_USER_WS']['ID'],
config_cas['CAS_USER_WS']['PASSWORD']
)
)
assert response.status_code == 200
except AssertionError:
log.error("Error with the inpn authentification service")
raise CasAuthentificationError(
'Error with the inpn authentification service',
status_code=500
)
info_user = response.json()
organism_id = info_user['codeOrganisme']
if info_user['libelleLongOrganisme'] is not None:
organism_name = info_user['libelleLongOrganisme']
else:
organism_name = 'Autre'
user_login = info_user['login']
user_id = info_user['id']
try:
assert user_id is not None and user_login is not None
except AssertionError:
log.error(
"'CAS ERROR: no ID or LOGIN provided'"
)
raise CasAuthentificationError(
'CAS ERROR: no ID or LOGIN provided',
status_code=500
)
# Reconciliation avec base GeoNature
if organism_id:
organism = {
"id_organisme": organism_id,
"nom_organisme": organism_name
}
resp = users.insert_organism(organism)
user = {
"id_role": user_id,
"identifiant": user_login,
"nom_role": info_user['nom'],
"prenom_role": info_user['prenom'],
"id_organisme": organism_id,
}
try:
resp = users.insert_role(user)
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# push the user in the right group
try:
if not current_app.config['CAS']['USERS_CAN_SEE_ORGANISM_DATA']:
# group socle 1
users.insert_in_cor_role(current_app.config['BDD']['ID_USER_SOCLE_1'], user['id_role'])
elif organism_id is None:
# group socle 1
users.insert_in_cor_role(current_app.config['BDD']['ID_USER_SOCLE_1'], user['id_role'])
else:
# group socle 2
users.insert_in_cor_role(current_app.config['BDD']['ID_USER_SOCLE_2'], user['id_role'])
user['id_application'] = current_app.config['ID_APPLICATION_GEONATURE']
except Exception as e:
gunicorn_error_logger.info(e)
log.error(e)
# creation de la Response
response = make_response(
redirect(current_app.config['URL_APPLICATION'])
)
cookie_exp = datetime.datetime.utcnow()
expiration = current_app.config['COOKIE_EXPIRATION']
cookie_exp += datetime.timedelta(seconds=expiration)
# generation d'un token
s = Serializer(current_app.config['SECRET_KEY'], expiration)
token = s.dumps(user)
response.set_cookie('token',
token,
expires=cookie_exp)
# User cookie
current_user = {
'user_login': user_login,
'id_role': user_id,
'id_organisme': organism_id if organism_id else -1
}
response.set_cookie(
'current_user',
str(current_user),
expires=cookie_exp
)
return response
else:
gunicorn_error_logger.info(
"Erreur d'authentification lié au CAS, voir log du CAS"
)
log.error(
"Erreur d'authentification lié au CAS, voir log du CAS"
)
return render_template(
'cas_login_error.html',
cas_logout=current_app.config['CAS_PUBLIC']['CAS_URL_LOGOUT'],
url_geonature=current_app.config['URL_APPLICATION']
)
return jsonify({'message': 'Authentification error'}, 500)
