def test_unit__authenticate_user___err__wrong_user(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(AuthenticationFailed): api.authenticate('*****@*****.**', 'wrong_password')
def test_unit__authenticate_user___err__wrong_user(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(AuthenticationFailed): api.authenticate('*****@*****.**', 'wrong_password')
def _authenticate_user( self, request: Request, email: typing.Optional[str], password: typing.Optional[str], ) -> typing.Optional[User]: """ Helper to authenticate user in pyramid request from user email and password :param request: pyramid request :return: User or None """ app_config = request.registry.settings['CFG'] uapi = UserApi(None, session=request.dbsession, config=app_config) ldap_connector = None if AuthType.LDAP in app_config.AUTH_TYPES: ldap_connector = get_ldap_connector(request) try: user = uapi.authenticate( email=email, password=password, ldap_connector=ldap_connector ) return user except AuthenticationFailed: return None
def test_unit__authenticate_user___ok__new_user_ldap_auth_custom_profile(self): # TODO - G.M - 2018-12-05 - [ldap_profile] # support for profile attribute disabled # Should be reenabled later probably with a better code class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == '*****@*****.**' \ and password == 'professor': return None return [None, {'mail': ['*****@*****.**'], 'givenName': ['Hubert'], 'profile': ['trusted-users'], }] api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', 'professor', fake_ldap_connector()) # nopep8 assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.LDAP assert user.display_name == 'Hubert' assert user.profile.name == 'trusted-users'
def test_unit__authenticate_user___ok__new_user_ldap_auth_custom_profile( self, session, app_config ): # TODO - G.M - 2018-12-05 - [ldap_profile] # support for profile attribute disabled # Should be reenabled later probably with a better code class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == "*****@*****.**" and password == "professor": return None return [ None, { "mail": ["*****@*****.**"], "givenName": ["Hubert"], "profile": ["trusted-users"], }, ] api = UserApi(current_user=None, session=session, config=app_config) user = api.authenticate("*****@*****.**", "professor", fake_ldap_connector()) assert isinstance(user, User) assert user.email == "*****@*****.**" assert user.auth_type == AuthType.LDAP assert user.display_name == "Hubert" assert user.profile.slug == "trusted-users"
def test_unit__authenticate_user___ok__new_user_ldap_auth_custom_profile( self): # TODO - G.M - 2018-12-05 - [ldap_profile] # support for profile attribute disabled # Should be reenabled later probably with a better code class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == '*****@*****.**' \ and password == 'professor': return None return [ None, { 'mail': ['*****@*****.**'], 'givenName': ['Hubert'], 'profile': ['trusted-users'], } ] api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', 'professor', fake_ldap_connector()) # nopep8 assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.LDAP assert user.display_name == 'Hubert' assert user.profile.name == 'trusted-users'
def test_unit__authenticate_user___ok__new_user_ldap_auth(self): class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == '*****@*****.**' \ and password == 'professor': return None return [ None, { 'mail': ['*****@*****.**'], 'givenName': ['Hubert'], } ] api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', 'professor', fake_ldap_connector()) # nopep8 assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.LDAP assert user.display_name == 'Hubert' assert user.profile.name == 'users'
def test_unit__authenticate_user___err__user_not_active(self, session, app_config): api = UserApi(current_user=None, session=session, config=app_config) profile = Profile.USER user = api.create_user( email="*****@*****.**", password="******", name="bob", profile=profile, timezone="Europe/Paris", do_save=True, do_notify=False, ) api.disable(user) with pytest.raises(AuthenticationFailed): api.authenticate("*****@*****.**", "*****@*****.**")
def test_unit__authenticate_user___err__user_not_active(self): api = UserApi(current_user=None, session=self.session, config=self.app_config) gapi = GroupApi(current_user=None, session=self.session, config=self.app_config) groups = [gapi.get_one_with_name("users")] user = api.create_user( email="*****@*****.**", password="******", name="bob", groups=groups, timezone="Europe/Paris", do_save=True, do_notify=False, ) api.disable(user) with pytest.raises(AuthenticationFailed): api.authenticate("*****@*****.**", "*****@*****.**")
def authDomainUser(self, realmname: str, username: str, password: str, environ: typing.Dict[str, typing.Any]) -> bool: """ If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by http_authenticator to validate the password sent """ session = environ['tracim_context'].dbsession api = UserApi(None, session, self.app_config) try: api.authenticate( email=username, password=password, ldap_connector=environ['tracim_registry'].ldap_connector) transaction.commit() except AuthenticationFailed: return False return True
def test_unit__authenticate_user___err__no_ldap_connector(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(MissingLDAPConnector): user = api.authenticate('*****@*****.**', 'professor')
def test_unit__authenticate_user___err__no_ldap_connector(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) with pytest.raises(MissingLDAPConnector): user = api.authenticate('*****@*****.**', 'professor')
def authDomainUser(self, realmname: str, username: str, password: str, environ: typing.Dict[str, typing.Any]) -> bool: """ If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by http_authenticator to validate the password sent """ session = environ['tracim_context'].dbsession api = UserApi(None, session, self.app_config) try: api.authenticate( email=username, password=password, ldap_connector=environ['tracim_registry'].ldap_connector ) transaction.commit() except AuthenticationFailed: return False return True
def test_unit__authenticate_user___ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', '*****@*****.**') assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.INTERNAL
def test_unit__authenticate_user___ok__nominal_case(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', '*****@*****.**') assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.INTERNAL
def test_unit__authenticate_user___ok__new_user_ldap_auth(self): class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == "*****@*****.**" and password == "professor": return None return [None, {"mail": ["*****@*****.**"], "givenName": ["Hubert"]}] api = UserApi(current_user=None, session=self.session, config=self.app_config) user = api.authenticate("*****@*****.**", "professor", fake_ldap_connector()) assert isinstance(user, User) assert user.email == "*****@*****.**" assert user.auth_type == AuthType.LDAP assert user.display_name == "Hubert" assert user.profile.name == "users"
def login(self, context, request: TracimRequest, hapic_data: HapicData) -> UserInContext: """ Logs the user into the system. In case of success, the JSON returned is the user profile. In that case, a cookie is created with a session_key and an expiration date. Eg. : `session_key=932d2ad68f3a094c2d4da563ccb921e6479729f5b5f707eba91d4194979df20831be48a0; expires=Mon, 22-Oct-2018 19:37:02 GMT; Path=/; SameSite=Lax` """ login = hapic_data.body # type: LoginCredentials app_config = request.registry.settings["CFG"] # type: CFG uapi = UserApi(None, session=request.dbsession, config=app_config) ldap_connector = None if AuthType.LDAP in app_config.AUTH_TYPES: ldap_connector = get_ldap_connector(request) user = None if login.email: try: user = uapi.authenticate( login=login.email, password=login.password, ldap_connector=ldap_connector, ) except AuthenticationFailed as exc: if not login.username: raise exc if user is None: user = uapi.authenticate( login=login.username, password=login.password, ldap_connector=ldap_connector, ) remember(request, user.user_id) return uapi.get_user_with_context(user)
def test_unit__authenticate_user___err__user_not_active(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api.disable(user) with pytest.raises(AuthenticationFailed): api.authenticate('*****@*****.**', '*****@*****.**')
def test_unit__authenticate_user___err__user_not_active(self): api = UserApi( current_user=None, session=self.session, config=self.app_config, ) gapi = GroupApi( current_user=None, session=self.session, config=self.app_config, ) groups = [gapi.get_one_with_name('users')] user = api.create_user( email='*****@*****.**', password='******', name='bob', groups=groups, timezone='Europe/Paris', do_save=True, do_notify=False, ) api.disable(user) with pytest.raises(AuthenticationFailed): api.authenticate('*****@*****.**', '*****@*****.**')
def _authenticate_user( self, request: Request, login: typing.Optional[str], password: typing.Optional[str], ) -> typing.Optional[User]: """ Helper to authenticate user in pyramid request from user email or username and password :param request: pyramid request :return: User or None """ app_config = request.registry.settings["CFG"] # type: CFG uapi = UserApi(None, session=request.dbsession, config=app_config) ldap_connector = None if AuthType.LDAP in app_config.AUTH_TYPES: ldap_connector = get_ldap_connector(request) try: user = uapi.authenticate(login=login, password=password, ldap_connector=ldap_connector,) return user except AuthenticationFailed: return None
def login(self, context, request: TracimRequest, hapic_data=None): """ Logs the user into the system. In case of success, the JSON returned is the user profile. In that case, a cookie is created with a session_key and an expiration date. Eg. : `session_key=932d2ad68f3a094c2d4da563ccb921e6479729f5b5f707eba91d4194979df20831be48a0; expires=Mon, 22-Oct-2018 19:37:02 GMT; Path=/; SameSite=Lax` """ login = hapic_data.body app_config = request.registry.settings['CFG'] # type: CFG uapi = UserApi( None, session=request.dbsession, config=app_config, ) ldap_connector = None if AuthType.LDAP in app_config.AUTH_TYPES: ldap_connector = get_ldap_connector(request) user = uapi.authenticate(login.email, login.password, ldap_connector) remember(request, user.user_id) return uapi.get_user_with_context(user)
def login(self, context, request: TracimRequest, hapic_data=None): """ Logs the user into the system. In case of success, the JSON returned is the user profile. In that case, a cookie is created with a session_key and an expiration date. Eg. : `session_key=932d2ad68f3a094c2d4da563ccb921e6479729f5b5f707eba91d4194979df20831be48a0; expires=Mon, 22-Oct-2018 19:37:02 GMT; Path=/; SameSite=Lax` """ login = hapic_data.body app_config = request.registry.settings['CFG'] # type: CFG uapi = UserApi( None, session=request.dbsession, config=app_config, ) ldap_connector = None if AuthType.LDAP in app_config.AUTH_TYPES: ldap_connector = get_ldap_connector(request) user = uapi.authenticate(login.email, login.password, ldap_connector) remember(request, user.user_id) return uapi.get_user_with_context(user)
def test_unit__authenticate_user___ok__new_user_ldap_auth(self): class fake_ldap_connector(object): def authenticate(self, email: str, password: str): if not email == '*****@*****.**' \ and password == 'professor': return None return [None, {'mail': ['*****@*****.**'], 'givenName': ['Hubert'], }] api = UserApi( current_user=None, session=self.session, config=self.app_config, ) user = api.authenticate('*****@*****.**', 'professor', fake_ldap_connector()) # nopep8 assert isinstance(user, User) assert user.email == '*****@*****.**' assert user.auth_type == AuthType.LDAP assert user.display_name == 'Hubert' assert user.profile.name == 'users'
def test_unit__authenticate_user___err__wrong_user(self, session, app_config): api = UserApi(current_user=None, session=session, config=app_config) with pytest.raises(AuthenticationFailed): api.authenticate("*****@*****.**", "wrong_password")
def test_unit__authenticate_user___err__no_ldap_connector(self, session, app_config): api = UserApi(current_user=None, session=session, config=app_config) with pytest.raises(MissingLDAPConnector): api.authenticate("*****@*****.**", "professor")
def test_unit__authenticate_user___ok__nominal_case(self, session, app_config): api = UserApi(current_user=None, session=session, config=app_config) user = api.authenticate("*****@*****.**", "*****@*****.**") assert isinstance(user, User) assert user.email == "*****@*****.**" assert user.auth_type == AuthType.INTERNAL