def get_or_create_app(name,
redirect_uri,
user,
client_id=None,
client_secret=None):
"""
Get or creates an OAuth2 application.
"""
try:
application = Application.objects.get(name=name)
except Application.DoesNotExist:
application = Application()
application.user = user
if client_id and client_secret:
application.client_id = client_id
application.client_secret = client_secret
application.name = name
application.authorization_grant_type = Application.GRANT_AUTHORIZATION_CODE
application.client_type = Application.CLIENT_CONFIDENTIAL
application.redirect_uris = redirect_uri
application.save()
return application
def createApplication(self, user, name, id, secret):
application = Application()
application.user = user
application.client_type = 'confidential'
application.authorization_grant_type = 'password'
application.name = name
application.client_id = id
application.client_secret = secret
application.save()
def createApplication(self, user, name, id, secret):
application = Application()
application.user = user
application.client_type = 'confidential'
application.authorization_grant_type = 'password'
application.name = name
application.client_id = id
application.client_secret = secret
application.save()
def create_app():
try:
result = Application.objects.get(client_id=settings.TEST_CLIENT_ID)
except Application.DoesNotExist:
result = Application(client_id=settings.TEST_CLIENT_ID, )
result.name = settings.TEST_CLIENT_NAME
result.client_secret = settings.TEST_CLIENT_SECRET
result.redirect_uris = settings.TEST_REDIRECT_URIS
result.client_type = Application.CLIENT_CONFIDENTIAL
result.authorization_grant_type = Application.GRANT_AUTHORIZATION_CODE
result.save()
return result
def setUp(self):
user = MyUser.objects.create(username=self.username)
self.client = APIClient()
self.client.force_authenticate(user=user)
self.user = user
self.user.set_password(self.password)
self.user.save()
self.cl = APIClient()
app= Application()
app.client_id=self.client_id
app.user=self.user
app.authorization_grant_type="password"
app.client_type="public"
app.client_secret=self.client_secret
app.save()
def crearApilicationOauthAndroid(self):
if (Application.objects.filter(name='Android')):
print('[+] Aplicacion Android ya existe')
else:
aplication = Application()
aplication.name = 'Android'
aplication.client_id = 'NxZCC1cyEC4EaKWTp0WOKI8AcfxoLympY6ESrQFi'
aplication.client_secret = 'gcogobaJ4lYihODys8U9ij7BUQBbx8Uta3GVo3AVpnFcSNtDi9rg1LElTOfttDMSqh3hyjEIHFyTzrD9J48yl5lEKOXShf13vPUrGQFLr7gRAZqu8264KWd5YrShqIby'
aplication.client_type = 'confidential'
aplication.redirect_uris = ''
aplication.authorization_grant_type = 'password'
try:
aplication.save()
print('[+] Registro de Aplicacion creado')
except:
print('[+][+] Registro de Aplicacion no es valida')
print('[+][+] Error en registro de Aplicacion -> ' +
aplication.__repr__())
def crearApilicationOauthAngular(self):
if (Application.objects.filter(name='Angular')):
print('[+] Aplicacion Angular ya existe')
else:
aplication = Application()
aplication.name = 'Angular'
aplication.client_id = 'xIlTUtu3pv3YCN0NZxioinzAIvnqhaUPB3j6C9m1'
aplication.client_secret = '15VmSMITKwQTOdDxSfUtFa6SGhvSkhRbtumDSJssPaOvhL1BJAoql5SCM6EVGdEPEubougfrpR3f29GoPDhgeez3o9kWlSQFRsd03wiJiHz9Wlgp9V61y8tdom0XyZoj'
aplication.client_type = 'confidential'
aplication.redirect_uris = ''
aplication.authorization_grant_type = 'password'
try:
aplication.save()
print('[+] Registro de Aplicacion creado')
except:
print('[+][+] Registro de Aplicacion no es valida')
print('[+][+] Error en registro de Aplicacion -> ' +
aplication.__repr__())
def get_or_create_app(name, redirect_uri, user, client_id=None, client_secret=None):
"""
Get or creates an OAuth2 application.
"""
try:
application = Application.objects.get(name=name)
except Application.DoesNotExist:
application = Application()
application.user = user
if client_id and client_secret:
application.client_id = client_id
application.client_secret = client_secret
application.name = name
application.authorization_grant_type = Application.GRANT_AUTHORIZATION_CODE
application.client_type = Application.CLIENT_CONFIDENTIAL
application.redirect_uris = redirect_uri
application.save()
return application
def test_unregister(self):
"""
To test that unregistering user is working.
"""
# test not logged user can't unregister.
self.client.logout()
result = self.client.post(reverse('member-unregister'), follow=False)
self.assertEqual(result.status_code, 302)
# test logged user can register.
user = ProfileFactory()
login_check = self.client.login(username=user.user.username,
password='******')
self.assertEqual(login_check, True)
result = self.client.post(reverse('member-unregister'), follow=False)
self.assertEqual(result.status_code, 302)
self.assertEqual(
User.objects.filter(username=user.user.username).count(), 0)
# Attach a user at tutorials, articles, topics and private topics. After that,
# unregister this user and check that he is well removed in all contents.
user = ProfileFactory()
user2 = ProfileFactory()
alone_gallery = GalleryFactory()
UserGalleryFactory(gallery=alone_gallery, user=user.user)
shared_gallery = GalleryFactory()
UserGalleryFactory(gallery=shared_gallery, user=user.user)
UserGalleryFactory(gallery=shared_gallery, user=user2.user)
# first case : a published tutorial with only one author
published_tutorial_alone = PublishedContentFactory(type='TUTORIAL')
published_tutorial_alone.authors.add(user.user)
published_tutorial_alone.save()
# second case : a published tutorial with two authors
published_tutorial_2 = PublishedContentFactory(type='TUTORIAL')
published_tutorial_2.authors.add(user.user)
published_tutorial_2.authors.add(user2.user)
published_tutorial_2.save()
# third case : a private tutorial with only one author
writing_tutorial_alone = PublishableContentFactory(type='TUTORIAL')
writing_tutorial_alone.authors.add(user.user)
writing_tutorial_alone.save()
writing_tutorial_alone_galler_path = writing_tutorial_alone.gallery.get_gallery_path(
)
# fourth case : a private tutorial with at least two authors
writing_tutorial_2 = PublishableContentFactory(type='TUTORIAL')
writing_tutorial_2.authors.add(user.user)
writing_tutorial_2.authors.add(user2.user)
writing_tutorial_2.save()
self.client.login(username=self.staff.username, password="******")
# same thing for articles
published_article_alone = PublishedContentFactory(type='ARTICLE')
published_article_alone.authors.add(user.user)
published_article_alone.save()
published_article_2 = PublishedContentFactory(type='ARTICLE')
published_article_2.authors.add(user.user)
published_article_2.authors.add(user2.user)
published_article_2.save()
writing_article_alone = PublishableContentFactory(type='ARTICLE')
writing_article_alone.authors.add(user.user)
writing_article_alone.save()
writing_article_2 = PublishableContentFactory(type='ARTICLE')
writing_article_2.authors.add(user.user)
writing_article_2.authors.add(user2.user)
writing_article_2.save()
# beta content
beta_forum = ForumFactory(category=CategoryFactory())
beta_content = BetaContentFactory(author_list=[user.user],
forum=beta_forum)
beta_content_2 = BetaContentFactory(
author_list=[user.user, user2.user], forum=beta_forum)
# about posts and topics
authored_topic = TopicFactory(author=user.user, forum=self.forum11)
answered_topic = TopicFactory(author=user2.user, forum=self.forum11)
PostFactory(topic=answered_topic, author=user.user, position=2)
edited_answer = PostFactory(topic=answered_topic,
author=user.user,
position=3)
edited_answer.editor = user.user
edited_answer.save()
upvoted_answer = PostFactory(topic=answered_topic,
author=user2.user,
position=4)
upvoted_answer.like += 1
upvoted_answer.save()
CommentVote.objects.create(user=user.user,
comment=upvoted_answer,
positive=True)
private_topic = PrivateTopicFactory(author=user.user)
private_topic.participants.add(user2.user)
private_topic.save()
PrivatePostFactory(author=user.user,
privatetopic=private_topic,
position_in_topic=1)
# add API key
self.assertEqual(Application.objects.count(), 0)
self.assertEqual(AccessToken.objects.count(), 0)
api_application = Application()
api_application.client_id = 'foobar'
api_application.user = user.user
api_application.client_type = 'confidential'
api_application.authorization_grant_type = 'password'
api_application.client_secret = '42'
api_application.save()
token = AccessToken()
token.user = user.user
token.token = 'r@d0m'
token.application = api_application
token.expires = datetime.now()
token.save()
self.assertEqual(Application.objects.count(), 1)
self.assertEqual(AccessToken.objects.count(), 1)
# login and unregister:
login_check = self.client.login(username=user.user.username,
password='******')
self.assertEqual(login_check, True)
result = self.client.post(reverse('member-unregister'), follow=False)
self.assertEqual(result.status_code, 302)
# check that the bot have taken authorship of tutorial:
self.assertEqual(published_tutorial_alone.authors.count(), 1)
self.assertEqual(published_tutorial_alone.authors.first().username,
settings.ZDS_APP["member"]["external_account"])
self.assertFalse(os.path.exists(writing_tutorial_alone_galler_path))
self.assertEqual(published_tutorial_2.authors.count(), 1)
self.assertEqual(
published_tutorial_2.authors.filter(
username=settings.ZDS_APP["member"]
["external_account"]).count(), 0)
# check that published tutorials remain published and accessible
self.assertIsNotNone(
published_tutorial_2.public_version.get_prod_path())
self.assertTrue(
os.path.exists(
published_tutorial_2.public_version.get_prod_path()))
self.assertIsNotNone(
published_tutorial_alone.public_version.get_prod_path())
self.assertTrue(
os.path.exists(
published_tutorial_alone.public_version.get_prod_path()))
self.assertEqual(
self.client.get(reverse('tutorial:view',
args=[
published_tutorial_alone.pk,
published_tutorial_alone.slug
]),
follow=False).status_code, 200)
self.assertEqual(
self.client.get(reverse(
'tutorial:view',
args=[published_tutorial_2.pk, published_tutorial_2.slug]),
follow=False).status_code, 200)
# test that published articles remain accessible
self.assertTrue(
os.path.exists(
published_article_alone.public_version.get_prod_path()))
self.assertEqual(
self.client.get(reverse('article:view',
args=[
published_article_alone.pk,
published_article_alone.slug
]),
follow=True).status_code, 200)
self.assertEqual(
self.client.get(reverse(
'article:view',
args=[published_article_2.pk, published_article_2.slug]),
follow=True).status_code, 200)
# check that the tutorial for which the author was alone does not exists anymore
self.assertEqual(
PublishableContent.objects.filter(
pk=writing_tutorial_alone.pk).count(), 0)
self.assertFalse(os.path.exists(
writing_tutorial_alone.get_repo_path()))
# check that bot haven't take the authorship of the tuto with more than one author
self.assertEqual(writing_tutorial_2.authors.count(), 1)
self.assertEqual(
writing_tutorial_2.authors.filter(
username=settings.ZDS_APP["member"]
["external_account"]).count(), 0)
# authorship for the article for which user was the only author
self.assertEqual(published_article_alone.authors.count(), 1)
self.assertEqual(published_article_alone.authors.first().username,
settings.ZDS_APP["member"]["external_account"])
self.assertEqual(published_article_2.authors.count(), 1)
self.assertEqual(
PublishableContent.objects.filter(
pk=writing_article_alone.pk).count(), 0)
self.assertFalse(os.path.exists(writing_article_alone.get_repo_path()))
# not bot if another author:
self.assertEqual(
published_article_2.authors.filter(
username=settings.ZDS_APP["member"]
["external_account"]).count(), 0)
self.assertEqual(writing_article_2.authors.count(), 1)
self.assertEqual(
writing_article_2.authors.filter(
username=settings.ZDS_APP["member"]
["external_account"]).count(), 0)
# topics, gallery and PMs:
self.assertEqual(
Topic.objects.filter(author__username=user.user.username).count(),
0)
self.assertEqual(
Post.objects.filter(author__username=user.user.username).count(),
0)
self.assertEqual(
Post.objects.filter(editor__username=user.user.username).count(),
0)
self.assertEqual(
PrivatePost.objects.filter(
author__username=user.user.username).count(), 0)
self.assertEqual(
PrivateTopic.objects.filter(
author__username=user.user.username).count(), 0)
self.assertIsNotNone(Topic.objects.get(pk=authored_topic.pk))
self.assertIsNotNone(PrivateTopic.objects.get(pk=private_topic.pk))
self.assertIsNotNone(Gallery.objects.get(pk=alone_gallery.pk))
self.assertEquals(alone_gallery.get_linked_users().count(), 1)
self.assertEquals(shared_gallery.get_linked_users().count(), 1)
self.assertEquals(
UserGallery.objects.filter(user=user.user).count(), 0)
self.assertEquals(
CommentVote.objects.filter(user=user.user, positive=True).count(),
0)
self.assertEquals(
Post.objects.filter(pk=upvoted_answer.id).first().like, 0)
# zep 12, published contents and beta
self.assertIsNotNone(
PublishedContent.objects.filter(
content__pk=published_tutorial_alone.pk).first())
self.assertIsNotNone(
PublishedContent.objects.filter(
content__pk=published_tutorial_2.pk).first())
self.assertTrue(
Topic.objects.get(pk=beta_content.beta_topic.pk).is_locked)
self.assertFalse(
Topic.objects.get(pk=beta_content_2.beta_topic.pk).is_locked)
# check API
self.assertEqual(Application.objects.count(), 0)
self.assertEqual(AccessToken.objects.count(), 0)
