def setUp(self): super().setUp() self.session.begin_nested() self.commentor = User(name="Commentor", email="*****@*****.**") self.author = User(name="Author", email="*****@*****.**") self.post = Post(title="Test Post", body="Test Post", user_id=self.author.id) self.answer = Answer(post_id=self.post.id, user_id=self.author.id) self.author.posts.append(self.post) self.author.answers.append(self.answer) self.post.answers.append(self.answer) self.session.add(self.commentor) self.session.add(self.author) self.session.add(self.post) self.session.add(self.answer) self.session.commit() with self.client as c: with c.session_transaction() as sess: set_session_user(self.commentor, current_session=sess) g.user = self.commentor
def auth_hack(): if not app_config.get('debug', False): return abort(404) user = User.query.first() user_session.set_session_user(user) g.user = user ip_address = getattr(request, 'access_route', [request.remote_addr])[0] login = Login(ip_address=ip_address, user_id=g.user.id) db.session.add(login) db.session.commit()
def get_or_set_user(jwt_token=None, oauth_token=None, profile={}): """ This will take an auth object and login the user. If the user does not exist, it will save (persist) the auth and create a new account using the profile details. """ if jwt_token: token = UserJWTToken.query.filter_by(identity=jwt_token.identity, issuer=jwt_token.issuer).first() elif oauth_token: token = UserOAuthToken.query.filter_by( identity=oauth_token.identity, provider_id=oauth_token.provider_id).first() else: return abort(500) user = None if token is not None: # This means the user exists user = token.user else: # This means the user does not exist and we must create it. name = profile.get('name') email = profile.get('email') # Make sure we have both fields or return missing error if not name: return render_error("Profile does not have name", error_type='bad_profile'), 400 user = User(name=name, email=email, avatar=profile.get('avatar')) if jwt_token: user.jwt_tokens.append(jwt_token) elif oauth_token: user.oauth_tokens.append(oauth_token) db.session.add(user) db.session.commit() user_session.set_session_user(user) g.user = user ip_address = getattr(request, 'access_route', [request.remote_addr])[0] login = Login(ip_address=ip_address, user_id=g.user.id) db.session.add(login) db.session.commit()
def setUp(self): super().setUp() self.session.begin_nested() self.user = User(name="Test User", email="*****@*****.**") self.post = Post(title="Test Post", body="Test Post", user_id=self.user.id) self.user.posts.append(self.post) self.session.add(self.user) self.session.add(self.post) self.session.commit() with self.client as c: with c.session_transaction() as sess: set_session_user(self.user, current_session=sess) g.user = self.user
def setUp(self): super().setUp() self.session.begin_nested() light_theme = Theme.query.filter_by(name='light').first().id self.user = User(name='Test User', email='*****@*****.**', theme=light_theme) self.session.add(self.user) self.user2 = User(name='Test User 2', email='*****@*****.**', theme=light_theme) self.session.add(self.user2) self.test_post = Post(title='Testing Votes API', body='Testing Votes API') self.user2.posts.append(self.test_post) self.session.add(self.test_post) self.answer = Answer(post_id=self.test_post.id) self.user2.answers.append(self.answer) self.test_post.answers.append(self.answer) self.session.add(self.answer) self.session.commit() with self.client as c: with c.session_transaction() as sess: set_session_user(self.user, current_session=sess) g.user = self.user self.session.begin_nested() with self.app.test_request_context(): vote_controller.do_post_vote(self.test_post.id, 1) self.session.begin_nested() with self.app.test_request_context(): vote_controller.do_answer_vote(self.answer.id, -1)
def setUp(self): super().setUp() self.session.begin_nested() light_theme = Theme(name='light') dark_theme = Theme(name='dark') self.session.add(light_theme) self.session.add(dark_theme) self.user = User(name="Test User", email="*****@*****.**", theme=light_theme.id) self.session.add(self.user) self.session.commit() with self.client as c: with c.session_transaction() as sess: set_session_user(self.user, current_session=sess) g.user = self.user
def test_make_answer_comment(self): self.session.begin_nested() short_result = self.client.post(f'/answer/comment/{self.answer.id}', data={"comment_text": "f"}) self.assert400(short_result) long_result = self.client.post( f'/answer/comment/{self.answer.id}', data={ "comment_text": "a" * (config.comments.get('max_len', 140) + 1) }) self.assert400(long_result) result = self.client.post(f'/answer/comment/{self.answer.id}', data={"comment_text": "foobarbazblargh"}) self.assert200(result) comment_id = self.answer.comments[0].id comment_result = self.client.get( f"/answer/{self.answer.id}/comment/{comment_id}") self.assert200(comment_result) self.assertEqual(comment_result.json['text'], "foobarbazblargh") with self.client as c: with c.session_transaction() as sess: set_session_user(self.author, current_session=sess) g.user = self.author sent_notifications = self.client.get(f"/notifications/all/page/1") self.assert200(comment_result) self.assertTrue(len(sent_notifications.json['data']) > 0) with self.client as c: with c.session_transaction() as sess: set_session_user(self.commentor, current_session=sess) g.user = self.commentor
def get_or_set_user(auth_token=None, profile={}, auth_opts={}): """ This will take an auth object and login the user. If the user does not exist, it will save (persist) the auth and create a new account using the profile details. """ if isinstance(g.user, User) and g.user.deleted: g.user = None return abort(401) is_append_flow = auth_opts.get('append', False) if auth_token: existing_auth_token = UserAuthToken.query.\ filter_by( auth_method=auth_token.auth_method, identity=auth_token.identity, issuer=auth_token.issuer ).first() else: return abort(500) user = None if existing_auth_token is not None and existing_auth_token.user is not None: # If the login method already belongs to another thing if is_append_flow: return render_error("Already used method", error_type='duplicate_method'), 403 # Set to existing auth token auth_token = existing_auth_token # This means the user exists user = existing_auth_token.user # make sure existing user isn't deleted if user.deleted: return abort(401) else: # If append flow + the user doesn't exist (good), we'll just add the user if is_append_flow: if not isinstance(g.user, User): return render_error("Not authorized", error_type='unauthorized'), 400 # Let's add the auth token to current user g.user.auth_tokens.append(auth_token) db.session.add(auth_token) db.session.commit() db.session.refresh(auth_token) return # This means the user does not exist and we must create it. name = profile.get('name') email = profile.get('email') # Make sure we have both fields or return missing error if not name: return render_error("Profile does not have name", error_type='bad_profile'), 400 user = User(name=name, email=email, avatar=profile.get('avatar')) user.auth_tokens.append(auth_token) db.session.add(user) db.session.commit() # Reload auth token object db.session.refresh(auth_token) user_session.set_session_user(user) g.user = user ip_address = getattr(request, 'access_route', [request.remote_addr])[0] login = Login(ip_address=ip_address, user_id=g.user.id, login_method_id=auth_token.id) db.session.add(login) db.session.commit()