def switch_to_user_role(self, role: UserKind):
for user_id in self.user_map:
if self.user_map[user_id].role == role:
active_user = self.user_map[user_id]
login_request = LoginRequest(active_user.username, "kerflaag")
response = self.simulate_post("/auth/token",
json=login_request.to_json())
self.assertEqual(response.status, falcon.HTTP_200)
login_response = LoginResponse.from_json(response.json)
self.current_token = login_response.token
return login_response
def test_can_create_users(self):
n = NewUserRequest("staff", "*****@*****.**", UserKind.STAFF, "kerflaag")
response = self.simulate_post("/auth/users", json=n.to_json())
self.assertEqual(response.status, falcon.HTTP_201)
login_request = LoginRequest("staff", "kerflaag")
response = self.simulate_post("/auth/token",
json=login_request.to_json())
self.assertEqual(response.status, falcon.HTTP_200)
login_response = LoginResponse.from_json(response.json)
self.assertTrue(login_response.password_reset_needed)
def on_post(self, req, resp):
u = UserController(req.session)
t = TokenController(req.session)
l = LoginRequest.from_json(req.body)
if u.check_credentials(l):
user = u.get_user(l.username)
resp.status = falcon.HTTP_200
resp.obj = LoginResponse(token=t.get_or_create_token_for_user(user).token,
password_reset_needed=user.password_reset_needed)
else:
resp.status = falcon.HTTP_403
resp.media = None
return resp
def on_post(self, req, resp): # createUser
u = UserController(req.session)
rq = NewUserRequest.from_json(req.body)
errors = u.create_user(rq, req.user)
if errors:
resp.obj = errors
resp.status = falcon.HTTP_403
# resp.status = falcon.HTTPNotAcceptable
else:
t = TokenController(req.session)
user = u.get_user(rq.username)
token = t.get_or_create_token_for_user(user)
resp.obj = LoginResponse(token=token.token, password_reset_needed=user.password_reset_needed)
resp.status = falcon.HTTP_201
return resp
def test_admin_can_reset_user_password(self):
current_id = [
x for x in self.user_map
if self.user_map[x].role != UserKind.ADMINISTRATOR
][0]
password_change = {"newPassword": "******"}
response = self.simulate_put(
"/auth/users/{}/password".format(current_id), json=password_change)
self.assertEqual(response.status, falcon.HTTP_202)
current_user = self.user_map[current_id]
login_request = LoginRequest(current_user.username, "Blarg")
response = self.simulate_post("/auth/token",
json=login_request.to_json())
login_response = LoginResponse.from_json(response.json)
self.assertTrue(login_response.password_reset_needed)
def test_from_json(self):
ref = {"token": "blasdfasdf", "passwordResetNeeded": True}
n = LoginResponse.from_json(ref)
self.assertEqual(n.token, "blasdfasdf")
self.assertTrue(n.password_reset_needed)
def test_to_json(self):
n = LoginResponse(token="blasdfasdf", password_reset_needed=False)
ref = {"token": "blasdfasdf", "passwordResetNeeded": False}
self.assertDictEqual(n.to_json(), ref)