def addUser():
validateAdmin()
if not request.json or not 'username' in request.json or not 'password' in request.json:
raise BadRequest(
'No username and/or pasword specified in add/user request')
try:
user = User(username=request.json['username'])
except AssertionError as e:
raise BadRequest('username error: ' + str(e))
user.set_password(request.json['password'])
if User.query.filter_by(username=request.json['username']).count():
raise BadRequest('User already exists')
if 'email' in request.json:
try:
user.email = request.json['email']
except AssertionError as e:
raise BadRequest('bad email format' + str(e))
if 'isAdmin' in request.json:
try:
user.isAdmin = request.json['isAdmin']
except AssertionError as e:
raise BadRequest('isAdmin error: ' + str(e))
if 'canEdit' in request.json:
try:
user.canEdit = request.json['canEdit']
except AssertionError as e:
raise BadRequest('canEdit error: ' + str(e))
db.session.add(user)
db.session.commit()
return jsonify(user.buildPublicJson()), 201
def test_create_user_with_invalid_canEdit(self):
with self.assertRaises(AssertionError) as cm:
User(username="******", email="*****@*****.**", canEdit=2)
the_exception = cm.exception
self.assertEqual('canEdit must resolve to a Boolean type',
the_exception.args[0])
def test_create_user_with_invalid_email(self):
with self.assertRaises(AssertionError) as cm:
User(username="******", email="foo")
the_exception = cm.exception
self.assertEqual('Provided email is not an email address',
the_exception.args[0])
def createTestEditUser(self,
username='******',
email='*****@*****.**',
password="******"):
editQuery = User.query.filter_by(username=username,
email=email,
isAdmin=False,
canEdit=True)
if editQuery.count() > 1:
return editQuery.first()
edit = User(username=username,
email=email,
isAdmin=False,
canEdit=True)
edit.set_password(password)
db.session.add(edit)
db.session.commit()
return edit
def createTestReadonlyUser(self,
username='******',
email='*****@*****.**',
password="******"):
readonlyQuery = User.query.filter_by(username=username,
email=email,
isAdmin=False,
canEdit=False)
if readonlyQuery.count() > 1:
return readonlyQuery.first()
readonly = User(username=username,
email=email,
isAdmin=False,
canEdit=False)
readonly.set_password(password)
db.session.add(readonly)
db.session.commit()
return readonly
def createTestAdminUser(self,
username='******',
email='*****@*****.**',
password="******"):
adminQuery = User.query.filter_by(username=username,
email=email,
isAdmin=True,
canEdit=True)
if adminQuery.count() > 1:
return adminQuery.first()
admin = User(username=username,
email=email,
isAdmin=True,
canEdit=True)
admin.set_password(password)
db.session.add(admin)
db.session.commit()
return admin
def checkDatabasePrerequisites():
# make sure that the database has an admin user and a root node
adminQuery = User.query.filter_by(username='******')
if adminQuery.count() == 0:
# create admin user using secrets
admin = User(username=Config.ADMIN_USERNAME,
email=Config.ADMIN_USER_EMAIL,
isAdmin=True,
canEdit=True)
admin.set_password(Config.ADMIN_USER_PASSWORD)
db.session.add(admin)
db.session.commit()
else:
admin = adminQuery.first()
rootNodeQuery = Node.query.filter_by(name=Config.ROOT_NODE_NAME,
owner=admin)
if rootNodeQuery.count() > 1:
raise RuntimeError(
'More than one root node found. The database is corrupted. Fix and try again'
)
if rootNodeQuery.count() == 0:
rootNode = Node(name=Config.ROOT_NODE_NAME, owner=admin)
db.session.add(rootNode)
db.session.commit()