def test_create_new_association(self, user):
session = Client().session()
response = self.app.post('/association/new',
data={'name': 'codescouts'})
association = session.query(Association).one()
user_association = session.query(UserAssociation).one()
eq_(user_association.association_id, association.association_id)
eq_(user_association.user_id, user.user_id)
eq_(association.name, 'codescouts')
eq_(response.status_code, 302, response.data)
eq_(response.headers['Location'],
'http://localhost/association/{0}'.format(
association.association_id))
def token_url():
token = request.form['token']
api_params = {
'token': token,
'apiKey': os.environ['ENGAGE_API_KEY'],
'format': 'json',
}
response = requests.get('https://rpxnow.com/api/v2/auth_info',
params=api_params)
auth_info = json.loads(response.text)
if 'profile' not in auth_info:
return make_response('An error occurred interacting with your '
'identity provider. Since that does not '
'usually happen unless you are a radlibs '
'developer, here is the error in all its '
'terrible beauty: ' + response.text)
identifier = auth_info['profile']['identifier']
email = auth_info['profile'].get('email')
redirect_uri = request.form.get('redirect_uri', '/')
db_session = Client().session()
try:
user = db_session.query(User).\
filter(User.identifier == identifier).\
one()
except NoResultFound:
if email:
existing_users = db_session.query(User).\
filter(User.email == email).\
all()
if existing_users:
provider = provider_for_identifier(
existing_users[0].identifier)
return render_template(
'identifier_mismatch.html.jinja',
existing_provider=provider)
user = User(email=email,
identifier=identifier,
email_verified_at=utcnow())
db_session.add(user)
else:
session['partial_user'] = {'identifier': identifier}
return redirect(url_for('show_registration',
redirect_uri=redirect_uri))
session['user'] = {'identifier': identifier, 'email': email}
return redirect(redirect_uri)
def test_invite_new_user_to_association(self, user, send_invitation_mail):
user.email = "*****@*****.**"
session = Client().session()
association = Association(name='prancing ponies')
session.add(association)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=association.association_id))
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(association.association_id),
data={'email': '*****@*****.**'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'ok', 'action': 'invited'})
invite = session.query(AssociationInvite).one()
eq_(invite.email, '*****@*****.**')
eq_(invite.association_id, association.association_id)
send_invitation_mail.assert_called_once_with(
'*****@*****.**',
'*****@*****.**',
'prancing ponies',
'http://localhost/accept_invitation/{0}/'.format(invite.token))
def new_rad_by_name():
if not g.user:
return error_response('login required')
try:
parse(request.form['rad'])
except ParseError as e:
return error_response('parse error: {0}'.format(e.message))
session = Client().session()
lib_name = request.form['lib']
association_id = request.form['association_id']
try:
find_association(association_id)
except NoResultFound:
return error_response('no such association')
try:
lib = session.query(Lib).\
filter(Lib.name == lib_name).\
filter(Lib.association_id == association_id).\
one()
except NoResultFound:
return error_response("no such lib '{0}'".format(lib_name))
rad = Rad(created_by=g.user.user_id,
lib_id=lib.lib_id,
rad=request.form['rad'])
session.add(rad)
radlibs.lib.decache_lib(lib.name, lib.association_id)
return {
'status': 'ok',
'rad_id': rad.rad_id,
}
def test_add_existing_user_to_association(self, user):
session = Client().session()
association = Association(name='prancing ponies')
session.add(association)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=association.association_id))
other_user = User(email_verified_at=utcnow(), email='*****@*****.**')
session.add(other_user)
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(association.association_id),
data={'email': '*****@*****.**'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'ok', 'action': 'added'})
user_associations = session.query(
UserAssociation.user_id, UserAssociation.association_id).\
all()
eq_(user_associations, [
(user.user_id, association.association_id),
(other_user.user_id, association.association_id),
])
def edit_rad(rad_id):
if rad_id == 0:
abort(404)
if not g.user:
return error_response('login required')
try:
parse(request.form['rad'])
except ParseError as e:
return error_response('parse error: {0}'.format(e.message))
session = Client().session()
try:
(rad, lib) = session.query(Rad, Lib).\
join(Lib).\
join(Association).\
join(UserAssociation).\
filter(UserAssociation.user_id == g.user.user_id).\
filter(Rad.rad_id == rad_id).\
one()
except NoResultFound:
return error_response('no such rad')
rad.rad = request.form['rad']
session.add(rad)
radlibs.lib.decache_lib(lib.name, lib.association_id)
return {'status': 'ok'}
def find_association(association_id):
session = Client().session()
return session.query(Association).\
join(UserAssociation,
UserAssociation.association_id == Association.association_id).\
filter(Association.association_id == association_id).\
filter(UserAssociation.user_id == g.user.user_id).\
one()
def test_verify_email(self):
session = Client().session()
user = User()
session.add(user)
session.flush()
token = EmailVerificationToken.generate(user)
response = self.app.get('/verify_email/{0}'.format(token.token))
eq_(response.status_code, 200, response.data)
assert 'Thanks!' in response.data, 'response was rude'
del(user)
user = session.query(User).one()
assert user.email_verified_at, "email wasn't verified!"
tokens = session.query(EmailVerificationToken).all()
eq_(tokens, [])
def verify_email(token):
db_session = Client().session()
try:
verification_token = db_session.query(EmailVerificationToken).\
filter(EmailVerificationToken.token == token).\
one()
user = db_session.query(User).\
filter(User.user_id == verification_token.user_id).\
one()
except NoResultFound:
abort(404)
user.email_verified_at = utcnow()
db_session.add(user)
db_session.delete(verification_token)
return render_template('verification_complete.html.jinja')
def test_accept_invite_while_logged_in(self, user):
user.email = '*****@*****.**'
session = Client().session()
association = Association(name="tower of power")
session.add(association)
session.flush()
invite = AssociationInvite.generate(association.association_id,
'*****@*****.**')
session.flush()
response = self.app.get('/accept_invitation/{0}/'.format(invite.token))
eq_(response.status_code, 302, response.data)
eq_(response.headers['Location'],
'http://localhost/association/{0}'.format(association.association_id))
user_association = session.query(UserAssociation).\
filter(UserAssociation.user_id == user.user_id).\
one()
eq_(user_association.association_id, association.association_id)
invites = session.query(AssociationInvite).all()
eq_(invites, [])
def manage_association(association_id):
if not g.user:
abort(401)
session = Client().session()
try:
association = session.query(Association).\
join(UserAssociation,
UserAssociation.association_id == Association.association_id).\
filter(Association.association_id == association_id).\
filter(UserAssociation.user_id == g.user.user_id).\
one()
except NoResultFound:
abort(404)
radlibs = session.query(Lib.name,
Lib.lib_id,
Rad.rad_id,
Rad.rad).\
select_from(Lib).\
outerjoin(Rad, Lib.lib_id == Rad.lib_id).\
filter(Lib.association_id == association.association_id).\
all()
member_emails = session.query(User.email).\
join(UserAssociation, UserAssociation.user_id == User.user_id).\
filter(UserAssociation.association_id == association_id).\
all()
libs = {}
for (lib_name, lib_id, rad_id, rad) in radlibs:
if lib_name not in libs:
libs[lib_name] = {'rads': []}
libs[lib_name]['lib_id'] = lib_id
if rad:
libs[lib_name]['rads'].append({'rad_id': rad_id, 'rad': rad})
return render_template('manage_association.html.jinja',
association=association,
libs=libs,
member_emails=[e[0] for e in member_emails],
breadcrumbs=breadcrumbs(association.name))
def test_bypass_login__new_user(self):
session = Client().session()
response = self.app.post('/login_bypass', data={
'email': '*****@*****.**',
'identifier': 'http://www.facebook.com/itsme',
})
eq_(response.status_code, 302)
eq_(response.headers['Location'], 'http://localhost/')
user = session.query(User).one()
eq_(user.email, '*****@*****.**')
eq_(user.identifier, 'http://www.facebook.com/itsme')
def test_accept_invite_while_unverified_verifies_email(self, user):
user.email = '*****@*****.**'
user.email_verified_at = None
session = Client().session()
association = Association(name="tower of power")
session.add(association)
session.flush()
invite = AssociationInvite.generate(association.association_id,
'*****@*****.**')
session.flush()
response = self.app.get('/accept_invitation/{0}/'.format(invite.token))
eq_(response.status_code, 302, response.data)
del(user)
user = session.query(User).one()
assert user.email_verified_at, "Email wasn't verified"
def test_log_in_with_a_provider_that_does_not_supply_email(
self, requests, os, send_verification_mail):
session = Client().session()
os.environ = {'ENGAGE_API_KEY': 'aoeu'}
response = Mock()
requests.get.return_value = response
response.text = json.dumps({
'profile': {
'identifier': 'twitter.com/tpain',
}
})
response = self.app.post(
'/token_url',
data={'token': 'asdf', 'redirect_uri': '/language'})
eq_(response.status_code, 302)
eq_(response.headers['Location'],
'http://localhost/complete_registration?redirect_uri=%2Flanguage')
response = self.app.get('/complete_registration',
data={'redirect_uri': '/language'})
eq_(response.status_code, 200, response.data)
response = self.app.post('/complete_registration', data={
'redirect_uri': '/language',
'email': '*****@*****.**'})
eq_(response.status_code, 302, response.data)
eq_(response.headers['Location'], 'http://localhost/language')
user = session.query(User).one()
eq_(user.email, '*****@*****.**')
eq_(user.identifier, 'twitter.com/tpain')
eq_(user.email_verified_at, None)
token = session.query(EmailVerificationToken).one()
send_verification_mail.assert_called_once_with(
user,
'http://localhost/verify_email/{0}'.format(token.token))
def load_lib(lib_name):
lib_key = '{0}:{1}'.format(g.association_id, lib_name)
lib = app.cache.get(lib_key)
if not lib:
session = Client().session()
lib = session.query(Rad.rad).\
join(Lib, Lib.lib_id == Rad.lib_id).\
filter(Lib.name == lib_name).\
filter(Lib.association_id == g.association_id).\
all()
if not lib:
raise KeyError(lib_name)
lib = [rad[0] for rad in lib]
app.cache.set(lib_key, lib, timeout=60*60)
return lib
def test_create_new_lib(self, user):
session = Client().session()
association_id = self.create_association(user)
response = self.app.post(
'/association/{0}/lib/new'.format(association_id),
data={"name": "Rant"})
lib = session.query(Lib).one()
eq_(lib.name, 'Rant')
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {
'status': 'ok',
'lib_id': lib.lib_id,
})
def bypass_login():
if not app.config['DEBUG']:
abort(404)
db_session = Client().session()
email = request.form['email']
identifier = request.form['identifier']
try:
user = db_session.query(User).\
filter(User.identifier == identifier).\
one()
except NoResultFound:
user = User()
user.email = email
user.identifier = identifier
db_session.add(user)
session['user'] = {'identifier': identifier, 'email': email}
return redirect('/')
def test_add_rad__invalid_syntax(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Artist", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/{0}/rad/new'.format(lib.lib_id),
data={'rad': 'Ziggy Astral_body>dust'})
eq_(response.status_code, 200)
rads = session.query(Rad).all()
eq_(rads, [])
body = json.loads(response.data)
eq_(body, {'status': 'error',
'error': "parse error: Unexpected token '>' at line 1 "
"character 18 of 'Ziggy Astral_body>dust'"})
def test_add_new_rad(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Artist", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/{0}/rad/new'.format(lib.lib_id),
data={'rad': 'Shania Twain'})
eq_(response.status_code, 200)
rad = session.query(Rad).one()
eq_(rad.created_by, user.user_id)
eq_(rad.lib_id, lib.lib_id)
eq_(rad.rad, 'Shania Twain')
body = json.loads(response.data)
eq_(body, {'status': 'ok',
'rad_id': rad.rad_id})
def test_add_new_rad_by_name(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Song", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/rad/new', data={
'association_id': association_id,
'lib': 'Song',
'rad': 'Stairway to <Location>',
})
eq_(response.status_code, 200)
rad = session.query(Rad).one()
eq_(rad.rad, 'Stairway to <Location>')
body = json.loads(response.data)
eq_(body, {'status': 'ok',
'rad_id': rad.rad_id})
def accept_invitation(token):
if not g.user:
return render_template('invitation_registration.html.jinja')
session = Client().session()
try:
invite = session.query(AssociationInvite).\
filter(AssociationInvite.token == token).\
one()
except NoResultFound:
abort(404)
if invite.email != g.user.email:
raise StandardError('Logged-in user had email {0} and a token for an '
'invite for {1}'.format(g.user.email, invite.email))
session.add(UserAssociation(association_id=invite.association_id,
user_id=g.user.user_id))
session.delete(invite)
if g.user.email_verified_at is None:
g.user.email_verified_at = utcnow()
session.add(g.user)
return redirect(url_for('manage_association',
association_id=invite.association_id))
def invite_user(association_id):
if not g.user:
return error_response('login required')
session = Client().session()
email = request.form['email']
if not re.search(r'@.*\.', email):
return error_response("invalid email address '{0}'".format(email))
try:
association = association_for_logged_in_user(association_id)
except NoResultFound:
return error_response('no such association')
try:
user = session.query(User).\
filter(User.email == email).\
one()
except NoResultFound:
invite = AssociationInvite.generate(association_id, email)
try:
session.flush()
except IntegrityError:
return error_response('already invited')
send_invitation_mail(
email,
g.user.email,
association.name,
url_for('accept_invitation', token=invite.token, _external=True))
return {'status': 'ok', 'action': 'invited'}
user_association = UserAssociation(
user_id=user.user_id, association_id=association_id)
session.add(user_association)
try:
session.flush()
except IntegrityError:
return error_response('already in association')
return {'status': 'ok', 'action': 'added'}
