def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument
"""Assert that an anonymous admin can be POSTed."""
headers = factory_auth_header(jwt=jwt,
claims=TestJwtClaims.staff_admin_role)
rv = client.post('/api/v1/users',
headers=headers,
content_type='application/json')
rv = client.post('/api/v1/orgs',
data=json.dumps(TestOrgInfo.org_anonymous),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
org_id = dictionary['id']
rv = client.post('/api/v1/invitations',
data=json.dumps(
factory_invitation_anonymous(org_id=org_id)),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary.get('token') is not None
assert rv.status_code == http_status.HTTP_201_CREATED
rv = client.post('/api/v1/users/bcros',
data=json.dumps(TestUserInfo.user_anonymous_1),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
dictionary = json.loads(rv.data)
assert rv.status_code == http_status.HTTP_201_CREATED
assert dictionary['users'][0].get(
'username'
) == IdpHint.BCROS.value + '/' + TestUserInfo.user_anonymous_1['username']
assert dictionary['users'][0].get('password') is None
assert dictionary['users'][0].get('type') == 'ANONYMOUS'
assert schema_utils.validate(rv.json, 'anonymous_user_response')
# different error scenarios
# check expired invitation
rv = client.post('/api/v1/users/bcros',
data=json.dumps(TestUserInfo.user_anonymous_1),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary['code'] == 'EXPIRED_INVITATION'
rv = client.post('/api/v1/invitations',
data=json.dumps(
factory_invitation_anonymous(org_id=org_id)),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
# check duplicate user
rv = client.post('/api/v1/users/bcros',
data=json.dumps(TestUserInfo.user_anonymous_1),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary['code'] == 409
assert dictionary['message'] == 'The username is already taken'
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument
"""Assert that an anonymous admin can be POSTed."""
headers = factory_auth_header(jwt=jwt,
claims=TestJwtClaims.staff_admin_role)
rv = client.post('/api/v1/users',
headers=headers,
content_type='application/json')
rv = client.post('/api/v1/orgs',
data=json.dumps(TestOrgInfo.org_anonymous),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
org_id = dictionary['id']
rv = client.post('/api/v1/invitations',
data=json.dumps(
factory_invitation_anonymous(org_id=org_id)),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary.get('token') is not None
assert rv.status_code == http_status.HTTP_201_CREATED
rv = client.post('/api/v1/users/bcros',
data=json.dumps(TestUserInfo.user_anonymous_1),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
dictionary = json.loads(rv.data)
assert rv.status_code == http_status.HTTP_201_CREATED
assert dictionary['users'][0].get(
'username') == TestUserInfo.user_anonymous_1['username']
assert dictionary['users'][0].get('password') is None
assert dictionary['users'][0].get('type') == 'ANONYMOUS'
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument
"""Assert that an org admin can create members."""
headers = factory_auth_header(jwt=jwt,
claims=TestJwtClaims.staff_admin_role)
rv = client.post('/api/v1/users',
headers=headers,
content_type='application/json')
rv = client.post('/api/v1/orgs',
data=json.dumps(TestOrgInfo.org_anonymous),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
org_id = dictionary['id']
rv = client.post('/api/v1/invitations',
data=json.dumps(
factory_invitation_anonymous(org_id=org_id)),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary.get('token') is not None
assert rv.status_code == http_status.HTTP_201_CREATED
rv = client.post('/api/v1/users/bcros',
data=json.dumps(TestUserInfo.user_anonymous_1),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
dictionary = json.loads(rv.data)
headers = factory_auth_header(jwt=jwt,
claims=TestJwtClaims.get_test_real_user(
dictionary['users'][0]['keycloakGuid']))
rv = client.post('/api/v1/bulk/users',
headers=headers,
data=json.dumps(
BulkUserTestScenario.get_bulk_user1_for_org(org_id)),
content_type='application/json')
assert len(rv.json['users']) == 2
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument
"""Assert that an org admin can create members."""
headers = factory_auth_header(jwt=jwt,
claims=TestJwtClaims.staff_admin_role)
rv = client.post('/api/v1/users',
headers=headers,
content_type='application/json')
rv = client.post('/api/v1/orgs',
data=json.dumps(TestOrgInfo.org_anonymous),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
org_id = dictionary['id']
rv = client.post('/api/v1/invitations',
data=json.dumps(
factory_invitation_anonymous(org_id=org_id)),
headers=headers,
content_type='application/json')
dictionary = json.loads(rv.data)
assert dictionary.get('token') is not None
assert rv.status_code == http_status.HTTP_201_CREATED
user = {
'username': '******'.format(randint(0, 1000)),
'password': '******',
}
rv = client.post('/api/v1/users/bcros',
data=json.dumps(user),
headers={'invitation_token': dictionary.get('token')},
content_type='application/json')
# Login as this user
invited_user_token = {
'iss': CONFIG.JWT_OIDC_TEST_ISSUER,
'sub': str(uuid.uuid4()),
'firstname': 'Test',
'lastname': 'User',
'preferred_username': '******'.format(user.get('username')),
'realm_access': {
'roles': []
},
'roles': [],
'accessType': 'ANONYMOUS'
}
headers = factory_auth_header(jwt=jwt, claims=invited_user_token)
rv = client.post('/api/v1/users',
headers=headers,
content_type='application/json')
assert rv.status_code == http_status.HTTP_201_CREATED
# headers = factory_auth_header(jwt=jwt,
# claims=TestJwtClaims.anonymous_bcros_role)
user_input = BulkUserTestScenario.get_bulk_user1_for_org(org_id)
rv = client.post('/api/v1/bulk/users',
headers=headers,
data=json.dumps(user_input),
content_type='application/json')
assert len(rv.json['users']) == 2
assert schema_utils.validate(rv.json, 'anonymous_user_response')
assert rv.json['users'][0]['http_status'] == 201
assert rv.json['users'][0]['http_status'] == 201
assert rv.json['users'][0]['error'] == ''
assert rv.json['users'][1]['error'] == ''
assert rv.json['users'][0][
'username'] == IdpHint.BCROS.value + '/' + user_input['users'][0][
'username']
assert rv.json['users'][1][
'username'] == IdpHint.BCROS.value + '/' + user_input['users'][1][
'username']
rv = client.post('/api/v1/bulk/users',
headers=headers,
data=json.dumps(user_input),
content_type='application/json')
assert len(rv.json['users']) == 2
assert schema_utils.validate(rv.json, 'anonymous_user_response')
assert rv.json['users'][0]['http_status'] == 409
assert rv.json['users'][1]['http_status'] == 409
assert rv.json['users'][0]['error'] == 'The username is already taken'
assert rv.json['users'][1]['error'] == 'The username is already taken'
