def get_user(self, patch):
users = {
'acct:[email protected]': User(username='******'),
'acct:[email protected]': User(username='******'),
}
get_user = patch('h.notification.reply.accounts.get_user')
get_user.side_effect = lambda userid, _: users.get(userid)
return get_user
def user_service(self, pyramid_config):
users = {
'acct:[email protected]': User(username='******'),
'acct:[email protected]': User(username='******'),
}
service = mock.Mock(spec_set=['fetch'])
service.fetch.side_effect = users.get
pyramid_config.register_service(service, name='user')
return service
def signup(self, require_activation=True, **kwargs):
"""
Create a new user.
If *require_activation* is ``True``, the user will be flagged as
requiring activation and an activation email will be sent.
:param require_activation: The name to use.
:type require_activation: bool.
:param identities: A list of dictionaries representing identities to
add to the new user. Each dictionary will be passed as keyword args
to :py:class:`h.models.UserIdentity`.
Remaining keyword arguments are used to construct a new
:py:class:`h.models.User` object.
:returns: the newly-created user object.
:rtype: h.models.User
"""
kwargs.setdefault('authority', self.default_authority)
# We extract any passed password as we use that separately to set the
# user's password.
password = kwargs.pop('password', None)
# Extract any passed identities for this new user
identities = kwargs.pop('identities', [])
user = User(**kwargs)
# Add identity relations to this new user, if provided
user.identities = [
UserIdentity(user=user, **i_args) for i_args in identities
]
self.session.add(user)
if password is not None:
self.password_service.update_password(user, password)
# Create a new activation for the user
if require_activation:
self._require_activation(user)
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type='reply', active=True)
self.session.add(sub)
# Record a registration with the stats service
if self.stats is not None:
self.stats.incr('auth.local.register')
return user
def signup(self, require_activation=True, **kwargs):
"""
Create a new user.
If *require_activation* is ``True``, the user will be flagged as
requiring activation and an activation email will be sent.
:param require_activation: The name to use.
:type require_activation: bool.
:param identities: A list of dictionaries representing identities to
add to the new user. Each dictionary will be passed as keyword args
to :py:class:`h.models.UserIdentity`.
Remaining keyword arguments are used to construct a new
:py:class:`h.models.User` object.
:returns: the newly-created user object.
:rtype: h.models.User
"""
kwargs.setdefault('authority', self.default_authority)
# We extract any passed password as we use that separately to set the
# user's password.
password = kwargs.pop('password', None)
# Extract any passed identities for this new user
identities = kwargs.pop('identities', [])
user = User(**kwargs)
# Add identity relations to this new user, if provided
user.identities = [UserIdentity(user=user, **i_args) for i_args in identities]
self.session.add(user)
if password is not None:
self.password_service.update_password(user, password)
# Create a new activation for the user
if require_activation:
self._require_activation(user)
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type='reply', active=True)
self.session.add(sub)
# Record a registration with the stats service
if self.stats is not None:
self.stats.incr('auth.local.register')
return user
def test_post_creates_group_on_success(self, pyramid_request, group_svc,
handle_form_submission, type_):
name = 'My new group'
creator = pyramid_request.user.username
description = 'Purpose of new group'
origins = ['https://example.com']
def call_on_success(request, form, on_success, on_failure):
return on_success({
'authority': pyramid_request.authority,
'creator': creator,
'description': description,
'group_type': type_,
'name': name,
'origins': origins,
})
handle_form_submission.side_effect = call_on_success
ctrl = GroupCreateController(pyramid_request)
ctrl.post()
if type_ == 'open':
create_method = group_svc.create_open_group
else:
create_method = group_svc.create_restricted_group
expected_userid = User(username=creator,
authority=pyramid_request.authority).userid
create_method.assert_called_with(name=name,
userid=expected_userid,
description=description,
origins=origins)
def signup(self, require_activation=True, **kwargs):
"""
Create a new user.
If *require_activation* is ``True``, the user will be flagged as
requiring activation and an activation email will be sent.
:param require_activation: The name to use.
:type require_activation: bool.
Remaining keyword arguments are passed to the
:py:class:`h.models.User` constructor.
:returns: the newly-created user object.
:rtype: h.models.User
"""
kwargs.setdefault('authority', self.default_authority)
user = User(**kwargs)
self.session.add(user)
# Create a new activation for the user
if require_activation:
self._require_activation(user)
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type='reply', active=True)
self.session.add(sub)
# Record a registration with the stats service
if self.stats is not None:
self.stats.incr('auth.local.register')
return user
def execute(self, batch, **_):
# Check that we can actually process this batch
self._check_upsert_queries(batch,
expected_keys=["authority", "username"])
# Split users and their embedded identity lists
users, identities = [], []
for command in batch:
attributes = deepcopy(command.body.attributes)
identities.append(attributes.pop("identities"))
users.append(attributes)
# Upsert the data
user_rows = self._upsert_user_table(users)
self._upsert_identities(identities,
user_ids=[row[0] for row in user_rows])
# Report back
return [
Report(id_,
public_id=User(authority=authority,
_username=username).userid)
for id_, authority, username in user_rows
]
def test_post_creates_group_on_success(self, factories, pyramid_request, group_svc, handle_form_submission,
type_, default_org):
name = 'My new group'
creator = pyramid_request.user.username
member_to_add = factories.User()
description = 'Purpose of new group'
origins = ['https://example.com']
def call_on_success(request, form, on_success, on_failure):
return on_success({
'organization': default_org.pubid,
'creator': creator,
'description': description,
'group_type': type_,
'name': name,
'origins': origins,
'members': [member_to_add.username]
})
handle_form_submission.side_effect = call_on_success
ctrl = GroupCreateController(pyramid_request)
if type_ == 'open':
create_method = group_svc.create_open_group
else:
create_method = group_svc.create_restricted_group
create_method.return_value = factories.RestrictedGroup(pubid='testgroup')
ctrl.post()
expected_userid = User(username=creator, authority=pyramid_request.default_authority).userid
create_method.assert_called_with(name=name, userid=expected_userid, description=description,
origins=origins, organization=default_org)
group_svc.add_members.assert_called_once_with(create_method.return_value, [member_to_add.userid])
def test_returns_none_when_parent_user_does_not_exist(
self, pyramid_request, reply, user_service):
users = {'acct:[email protected]': User(username='******')}
user_service.fetch.side_effect = users.get
result = get_notification(pyramid_request, reply, 'create')
assert result is None
def test_password_encrypt(self):
"""make sure user passwords are stored encrypted
"""
u1 = User(username=u'test',
password=u'test',
email=u'*****@*****.**')
assert u1.password != 'test'
self.db.add(u1)
self.db.flush()
assert u1.password != 'test'
def signup(self, **kwargs):
"""
Create a new user.
All keyword arguments are passed to the :py:class:`h.models.User`
constructor.
"""
kwargs.setdefault('authority', self.default_authority)
user = User(**kwargs)
self.session.add(user)
# Create a new activation for the user
activation = Activation()
self.session.add(activation)
user.activation = activation
# Flush the session to ensure that the user can be created and the
# activation is successfully wired up.
self.session.flush()
# Send the activation email
mail_params = self.signup_email(id=user.id,
email=user.email,
activation_code=user.activation.code)
self.mailer.send.delay(*mail_params)
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type='reply', active=True)
self.session.add(sub)
# Record a registration with the stats service
if self.stats is not None:
self.stats.incr('auth.local.register')
return user
def test_returns_none_when_reply_user_does_not_exist(
self, pyramid_request, reply, user_service):
"""
Don't send a reply if somehow the replying user ceased to exist.
It's not clear when or why this would ever happen, but we can't
construct the reply email without the user who replied existing. We log
a warning if this happens.
"""
users = {'acct:[email protected]': User(username='******')}
user_service.fetch.side_effect = users.get
result = get_notification(pyramid_request, reply, 'create')
assert result is None
def test_post_sets_group_properties(self, form_validating_to, pyramid_request):
creator = User(username='******', authority='example.org')
group = Group(name='Birdwatcher Community',
description='We watch birds all day long',
creator=creator)
group.pubid = 'the-test-pubid'
controller = views.GroupEditController(group, pyramid_request)
controller.form = form_validating_to({
'name': 'Alligatorwatcher Comm.',
'description': 'We are all about the alligators now',
})
controller.post()
assert group.name == 'Alligatorwatcher Comm.'
assert group.description == 'We are all about the alligators now'
def test_get_reads_group_properties(self, pyramid_request):
pyramid_request.create_form.return_value = FakeForm()
creator = User(username='******', authority='example.org')
group = Group(name='Birdwatcher Community',
description='We watch birds all day long',
creator=creator)
group.pubid = 'the-test-pubid'
result = views.GroupEditController(group, pyramid_request).get()
assert result == {
'form': {
'name': 'Birdwatcher Community',
'description': 'We watch birds all day long',
},
'group_path': '/g/the-test-pubid/birdwatcher-community'
}
def test_get_reads_group_properties(self, pyramid_request):
pyramid_request.create_form.return_value = FakeForm()
creator = User(username="******", authority="example.org")
group = Group(
name="Birdwatcher Community",
authority="foobar.com",
description="We watch birds all day long",
creator=creator,
)
group.pubid = "the-test-pubid"
result = views.GroupEditController(group, pyramid_request).get()
assert result == {
"form": {
"name": "Birdwatcher Community",
"description": "We watch birds all day long",
},
"group_path": "/g/the-test-pubid/birdwatcher-community",
}
def test_post_sets_group_properties(self, form_validating_to,
pyramid_request):
creator = User(username="******", authority="example.org")
group = Group(
name="Birdwatcher Community",
authority="foobar.com",
description="We watch birds all day long",
creator=creator,
)
group.pubid = "the-test-pubid"
controller = views.GroupEditController(group, pyramid_request)
controller.form = form_validating_to({
"name":
"Alligatorwatcher Comm.",
"description":
"We are all about the alligators now",
})
controller.post()
assert group.name == "Alligatorwatcher Comm."
assert group.description == "We are all about the alligators now"
def _only_return_reply_user(userid, _):
if userid == 'acct:[email protected]':
return User(username='******')
return None
def signup(self, require_activation=True, **kwargs):
"""
Create a new user.
If *require_activation* is ``True``, the user will be flagged as
requiring activation and an activation email will be sent.
:param require_activation: The name to use.
:type require_activation: bool.
:param identities: A list of dictionaries representing identities to
add to the new user. Each dictionary will be passed as keyword args
to :py:class:`h.models.UserIdentity`.
Remaining keyword arguments are used to construct a new
:py:class:`h.models.User` object.
:returns: the newly-created user object.
:rtype: h.models.User
"""
kwargs.setdefault("authority", self.default_authority)
# We extract any passed password as we use that separately to set the
# user's password.
password = kwargs.pop("password", None)
# Extract any passed identities for this new user
identities = kwargs.pop("identities", [])
user = User(**kwargs)
# Add identity relations to this new user, if provided
user.identities = [UserIdentity(user=user, **i_args) for i_args in identities]
self.session.add(user)
if password is not None:
self.password_service.update_password(user, password)
# Create a new activation for the user
if require_activation:
try:
self._require_activation(user)
except IntegrityError as e:
# When identical signup requests get issued at nearly the same time, they
# race each other to the database and result in unique contraint integrity
# errors on the user's email or username within the authority.
if (
'duplicate key value violates unique constraint "uq__user__email"'
in e.args[0]
or 'duplicate key value violates unique constraint "ix__user__userid"'
in e.args[0]
):
log.warning(
"concurrent account signup conflict error occured during user signup {}".format(
e.args[0]
)
)
raise ConflictError(
"The email address {} has already been registered.".format(
user.email
)
)
# If the exception is not related to the email or username, re-raise it.
raise
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type="reply", active=True)
self.session.add(sub)
# Record a registration with the stats service
if self.stats is not None:
self.stats.incr("auth.local.register")
return user
def reply_user(self):
return User(username='******', email='*****@*****.**')
def parent_user(self):
return User(username='******', email='*****@*****.**')
def user(self):
return User(username='******', email='*****@*****.**')
def user(db_session):
user = User(_username="******", authority=AUTHORITY)
db_session.add(user)
db_session.flush()
return user
def signup(self, require_activation=True, **kwargs):
"""
Create a new user.
If *require_activation* is ``True``, the user will be flagged as
requiring activation and an activation email will be sent.
:param require_activation: The name to use.
:type require_activation: bool.
Remaining keyword arguments are used to construct a new
:py:class:`h.models.User` object.
* *identities* A list of dictionaries representing identities to
add to the new user. Each dictionary will be passed as keyword args
to `h.models.UserIdentity`.
:returns: the newly-created user object.
:rtype: h.models.User
"""
kwargs.setdefault("authority", self.default_authority)
# We extract any passed password as we use that separately to set the
# user's password.
password = kwargs.pop("password", None)
# Extract any passed identities for this new user
identities = kwargs.pop("identities", [])
user = User(**kwargs)
# Add identity relations to this new user, if provided
user.identities = [
UserIdentity(user=user, **i_args) for i_args in identities
]
self.session.add(user)
if password is not None:
self.password_service.update_password(user, password)
# Create a new activation for the user
if require_activation:
try:
self._require_activation(user)
except IntegrityError as err:
# When identical signup requests get issued at nearly the same time, they
# race each other to the database and result in unique contraint integrity
# errors on the user's email or username within the authority.
if ('duplicate key value violates unique constraint "uq__user__email"'
in err.args[0] or
'duplicate key value violates unique constraint "ix__user__userid"'
in err.args[0]):
log.warning(
"concurrent account signup conflict error occurred during user signup %s",
err.args[0],
)
raise ConflictError(
"The email address {} has already been registered.".
format(user.email)) from err
# If the exception is not related to the email or username, re-raise it.
raise
# FIXME: this is horrible, but is needed until the
# notification/subscription system is made opt-out rather than opt-in
# (at least from the perspective of the database).
sub = Subscriptions(uri=user.userid, type="reply", active=True)
self.session.add(sub)
return user
def _only_return_parent_user(userid, _):
if userid == 'acct:[email protected]':
return User(username='******')
return None
def user(self, db_session):
user = User(authority=self.AUTHORITY, _username="******")
db_session.add(user)
return user
def user(db_session):
user = User(_username="******", authority="lms.hypothes.is")
db_session.add(user)
db_session.flush()
return user
