def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument """Assert that an anonymous admin can be POSTed.""" headers = factory_auth_header(jwt=jwt, claims=TestJwtClaims.staff_admin_role) rv = client.post('/api/v1/users', headers=headers, content_type='application/json') rv = client.post('/api/v1/orgs', data=json.dumps(TestOrgInfo.org_anonymous), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) org_id = dictionary['id'] rv = client.post('/api/v1/invitations', data=json.dumps( factory_invitation_anonymous(org_id=org_id)), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary.get('token') is not None assert rv.status_code == http_status.HTTP_201_CREATED rv = client.post('/api/v1/users/bcros', data=json.dumps(TestUserInfo.user_anonymous_1), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') dictionary = json.loads(rv.data) assert rv.status_code == http_status.HTTP_201_CREATED assert dictionary['users'][0].get( 'username' ) == IdpHint.BCROS.value + '/' + TestUserInfo.user_anonymous_1['username'] assert dictionary['users'][0].get('password') is None assert dictionary['users'][0].get('type') == 'ANONYMOUS' assert schema_utils.validate(rv.json, 'anonymous_user_response') # different error scenarios # check expired invitation rv = client.post('/api/v1/users/bcros', data=json.dumps(TestUserInfo.user_anonymous_1), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary['code'] == 'EXPIRED_INVITATION' rv = client.post('/api/v1/invitations', data=json.dumps( factory_invitation_anonymous(org_id=org_id)), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) # check duplicate user rv = client.post('/api/v1/users/bcros', data=json.dumps(TestUserInfo.user_anonymous_1), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary['code'] == 409 assert dictionary['message'] == 'The username is already taken'
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument """Assert that an anonymous admin can be POSTed.""" headers = factory_auth_header(jwt=jwt, claims=TestJwtClaims.staff_admin_role) rv = client.post('/api/v1/users', headers=headers, content_type='application/json') rv = client.post('/api/v1/orgs', data=json.dumps(TestOrgInfo.org_anonymous), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) org_id = dictionary['id'] rv = client.post('/api/v1/invitations', data=json.dumps( factory_invitation_anonymous(org_id=org_id)), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary.get('token') is not None assert rv.status_code == http_status.HTTP_201_CREATED rv = client.post('/api/v1/users/bcros', data=json.dumps(TestUserInfo.user_anonymous_1), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') dictionary = json.loads(rv.data) assert rv.status_code == http_status.HTTP_201_CREATED assert dictionary['users'][0].get( 'username') == TestUserInfo.user_anonymous_1['username'] assert dictionary['users'][0].get('password') is None assert dictionary['users'][0].get('type') == 'ANONYMOUS'
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument """Assert that an org admin can create members.""" headers = factory_auth_header(jwt=jwt, claims=TestJwtClaims.staff_admin_role) rv = client.post('/api/v1/users', headers=headers, content_type='application/json') rv = client.post('/api/v1/orgs', data=json.dumps(TestOrgInfo.org_anonymous), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) org_id = dictionary['id'] rv = client.post('/api/v1/invitations', data=json.dumps( factory_invitation_anonymous(org_id=org_id)), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary.get('token') is not None assert rv.status_code == http_status.HTTP_201_CREATED rv = client.post('/api/v1/users/bcros', data=json.dumps(TestUserInfo.user_anonymous_1), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') dictionary = json.loads(rv.data) headers = factory_auth_header(jwt=jwt, claims=TestJwtClaims.get_test_real_user( dictionary['users'][0]['keycloakGuid'])) rv = client.post('/api/v1/bulk/users', headers=headers, data=json.dumps( BulkUserTestScenario.get_bulk_user1_for_org(org_id)), content_type='application/json') assert len(rv.json['users']) == 2
def test_add_user_admin_valid_bcros(client, jwt, session, keycloak_mock): # pylint:disable=unused-argument """Assert that an org admin can create members.""" headers = factory_auth_header(jwt=jwt, claims=TestJwtClaims.staff_admin_role) rv = client.post('/api/v1/users', headers=headers, content_type='application/json') rv = client.post('/api/v1/orgs', data=json.dumps(TestOrgInfo.org_anonymous), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) org_id = dictionary['id'] rv = client.post('/api/v1/invitations', data=json.dumps( factory_invitation_anonymous(org_id=org_id)), headers=headers, content_type='application/json') dictionary = json.loads(rv.data) assert dictionary.get('token') is not None assert rv.status_code == http_status.HTTP_201_CREATED user = { 'username': '******'.format(randint(0, 1000)), 'password': '******', } rv = client.post('/api/v1/users/bcros', data=json.dumps(user), headers={'invitation_token': dictionary.get('token')}, content_type='application/json') # Login as this user invited_user_token = { 'iss': CONFIG.JWT_OIDC_TEST_ISSUER, 'sub': str(uuid.uuid4()), 'firstname': 'Test', 'lastname': 'User', 'preferred_username': '******'.format(user.get('username')), 'realm_access': { 'roles': [] }, 'roles': [], 'accessType': 'ANONYMOUS' } headers = factory_auth_header(jwt=jwt, claims=invited_user_token) rv = client.post('/api/v1/users', headers=headers, content_type='application/json') assert rv.status_code == http_status.HTTP_201_CREATED # headers = factory_auth_header(jwt=jwt, # claims=TestJwtClaims.anonymous_bcros_role) user_input = BulkUserTestScenario.get_bulk_user1_for_org(org_id) rv = client.post('/api/v1/bulk/users', headers=headers, data=json.dumps(user_input), content_type='application/json') assert len(rv.json['users']) == 2 assert schema_utils.validate(rv.json, 'anonymous_user_response') assert rv.json['users'][0]['http_status'] == 201 assert rv.json['users'][0]['http_status'] == 201 assert rv.json['users'][0]['error'] == '' assert rv.json['users'][1]['error'] == '' assert rv.json['users'][0][ 'username'] == IdpHint.BCROS.value + '/' + user_input['users'][0][ 'username'] assert rv.json['users'][1][ 'username'] == IdpHint.BCROS.value + '/' + user_input['users'][1][ 'username'] rv = client.post('/api/v1/bulk/users', headers=headers, data=json.dumps(user_input), content_type='application/json') assert len(rv.json['users']) == 2 assert schema_utils.validate(rv.json, 'anonymous_user_response') assert rv.json['users'][0]['http_status'] == 409 assert rv.json['users'][1]['http_status'] == 409 assert rv.json['users'][0]['error'] == 'The username is already taken' assert rv.json['users'][1]['error'] == 'The username is already taken'