def submit_success(self, appstruct):
user = User(
email=appstruct.get('email'),
fullname=appstruct.get('fullname'),
affiliate=appstruct.get('affiliate'),
billing_email=appstruct.get('billing_email'),
valid_to=appstruct.get('valid_to'),
last_payment=appstruct.get('last_payment'),
groups=[Group.by_id(group_id) for group_id in appstruct.get('groups', [])], # noqa
properties=[UserProperty(key=prop.get('key'), value=prop.get('value')) # noqa
for prop in appstruct.get('properties', [])],
)
if appstruct.get('password'): # pragma: no branch
user.password = encrypt(appstruct['password'])
Session.add(user)
Session.flush()
self.request.registry.notify(
UserCreated(
self.request,
user,
appstruct.get('password'),
u'Created manually by {}'.format(self.request.user.email)
)
)
self.request.session.flash(u'User "{}" added.'.format(user.email))
return HTTPFound(
location=self.request.route_path('user_view', user_id=user.id))
def test_save_success(self):
self.request.context = User.by_id(2)
# add a property that will get updated on save_success()
self.request.context.set_property(key=u'foo', value=u'var')
result = self.view.save_success(self.APPSTRUCT)
self.assertIsInstance(result, HTTPFound)
self.assertEqual(result.location, '/user/2/')
user = User.by_id(2)
self.assertEqual(user.email, '*****@*****.**')
self.assertTrue(verify('new_secret', user.password))
self.assertEqual(user.fullname, u'Foö Bar')
self.assertEqual(user.affiliate, u'Aff')
self.assertEqual(user.billing_email, '*****@*****.**')
self.assertEqual(user.valid_to, date(2014, 2, 1))
self.assertEqual(user.last_payment, date(2014, 1, 1))
self.assertEqual(user.groups,
[Group.by_id(1), Group.by_id(3)
]) # enabled user stays enabled # noqa
self.assertEqual(user.get_property('foo'), 'bar')
self.assertEqual(user.get_property('baz'), 'bam')
self.assertEqual(user.get_property('empty'), None)
with self.assertRaises(KeyError):
user.get_property('bimt') # removed property
self.assertEqual(
self.request.session.pop_flash(),
[u'User "*****@*****.**" modified.'],
)
def test_addon_group(self):
User.by_email('*****@*****.**').groups = [
_make_group(name='foo', product_id='foo'),
_make_group(name='bar', product_id='bar', addon=True),
]
self.assertEqual(
User.by_email('*****@*****.**').product_group.name, 'foo')
def setUp(self):
from pyramid_bimt.views import DatatablesDataView
from pyramid_bimt.models import AuditLogEntry
from pyramid_bimt.models import User
self.config = testing.setUp()
initTestingDB(auditlog_types=True, users=True, groups=True)
self.request = testing.DummyRequest(user=User.by_email('*****@*****.**'))
self.view = DatatablesDataView(self.request)
self.view.model = mock.Mock()
self.view.columns = OrderedDict()
self.view.columns['foo'] = None
self.view.columns['bar'] = None
Session.add(
AuditLogEntry(user=User.by_email('*****@*****.**'), comment=u'föo'))
Session.add(
AuditLogEntry(user=User.by_email('*****@*****.**'), comment=u'bar'))
Session.flush()
class DummyDatatablesAJAXView(DatatablesDataView):
model = AuditLogEntry
columns = OrderedDict()
columns['id'] = None
columns['comment'] = None
def populate_columns(self, entry):
self.columns['id'] = entry.id
self.columns['comment'] = entry.comment
self.columns['DT_RowClass'] = 'info'
self.datatable_view = DummyDatatablesAJAXView
def ipn(self):
"""The main IPN handler, called by the IPN service."""
# skip over to-be-ignored products
if self.params.product_id in self.request.registry.settings.get(
'bimt.products_to_ignore', '').split(','):
logger.info('The product is listed on the ignore list: {}'.format(
self.params.product_id))
return 'Done.'
# try to find an existing user with given email
user = User.by_email(self.params.email)
if not user:
user = User.by_billing_email(self.params.email)
# create a new user if no existing user found
if not user:
password = generate()
user = User(
email=self.params.email,
billing_email=self.params.email,
password=encrypt(password),
fullname=u'{}'.format(self.params.fullname),
affiliate=u'{}'.format(self.params.get('affiliate', '')),
)
Session.add(user)
comment = COMMENT.format(
u'Created',
self.provider,
self.params.trans_id,
self.params.trans_type,
'',
)
logger.info(comment)
self.request.registry.notify(
UserCreated(self.request, user, password, comment))
# find a group that is used for given product
group = Group.by_product_id(self.params.product_id)
if not group:
raise ValueError('Cannot find group with product_id "{}"'.format(
self.params.product_id))
# perform IPN transaction actions
self.ipn_transaction(user, group)
# send request with same parameters to the URL specified on group
if group.forward_ipn_to_url:
requests.post(
group.forward_ipn_to_url,
params=self.request.POST,
)
logger.info('IPN re-posted to {}.'.format(
group.forward_ipn_to_url))
logger.info('IPN done.')
return 'Done.'
def test_multiple_product_groups(self):
product_group_foo = _make_group(name='foo', product_id='foo')
product_group_bar = _make_group(name='bar', product_id='bar')
product_group_foo.users.append(User.by_email('*****@*****.**'))
product_group_bar.users.append(User.by_email('*****@*****.**'))
from sqlalchemy.orm.exc import MultipleResultsFound
with self.assertRaises(MultipleResultsFound):
User.by_email('*****@*****.**').product_group
def setUp(self):
self.config = testing.setUp()
add_routes_user(self.config)
initTestingDB(users=True, groups=True, auditlog_types=True)
from pyramid_bimt.views.user import UserView
self.context = User.by_email('*****@*****.**')
self.request = testing.DummyRequest(
layout_manager=mock.Mock(), user=User.by_email('*****@*****.**'))
self.view = UserView(self.context, self.request)
def test_admin_mark_only_own_entries_as_unread(self):
self.request.user = User.by_email('*****@*****.**')
AuditLogEntry.by_id(2).user = User.by_email('*****@*****.**')
AuditLogEntry.by_id(2).read = False
self._make_view()
self.assertEqual(AuditLogEntry.by_id(2).read, True)
AuditLogEntry.by_id(2).user = User.by_email('*****@*****.**')
AuditLogEntry.by_id(2).read = False
self._make_view()
self.assertEqual(AuditLogEntry.by_id(2).read, False)
def test_api_key_set_on_user_creation(self, mocked_generate):
mocked_generate.return_value = 'foo'
from pyramid_bimt.events import UserCreated
user = User(email='*****@*****.**')
Session.add(user)
request = testing.DummyRequest()
request.registry.notify(UserCreated(request, user, u'foö'))
self.assertEqual(user.get_property('api_key', secure=True), u'foo')
def test_search_fullname_case_insensitive(self):
_make_user(email='*****@*****.**', fullname=u'AAAAA')
_make_user(email='*****@*****.**', fullname=u'aaaaa')
_make_user(email='*****@*****.**', fullname=u'BBBBB')
_make_user(email='*****@*****.**', fullname=u'bbbbb')
users = User.get_all(search='aaaaa').all()
self.assertEqual(len(users), 2)
self.assertEqual(users[0].email, '*****@*****.**')
self.assertEqual(users[1].email, '*****@*****.**')
users = User.get_all(search='AAAAA').all()
self.assertEqual(len(users), 2)
self.assertEqual(users[0].email, '*****@*****.**')
self.assertEqual(users[1].email, '*****@*****.**')
def test_empty_password_field(self):
self.request.context = User.by_id(2)
# simulate that password field was left empty
appstruct = copy.deepcopy(self.APPSTRUCT)
appstruct['password'] = ''
# submit form
self.view.save_success(appstruct)
# assert that secret fields remained unchanged
user = User.by_id(2)
self.assertEqual(user.email, '*****@*****.**')
self.assertTrue(verify('secret', user.password))
def test_loginas_view_submit_disabled_user(self):
from pyramid_bimt.models import User
from pyramid_bimt.views.auth import LoginAs
context = User.by_email('*****@*****.**')
request = testing.DummyRequest(
layout_manager=mock.Mock(),
session=mock.Mock(),
)
form_values = {'email': '*****@*****.**'}
request.user = context
view = LoginAs(request)
User.by_email('*****@*****.**').disable()
self.assertIsNone(view.login_as_success(form_values))
request.session.flash.assert_called_once_with(
u'User "*****@*****.**" is disabled.', 'error')
def test_union(self):
add_groups()
add_users()
mailing = _make_mailing(
name='foo',
groups=[Group.by_name('admins'),
Group.by_name('staff')],
)
self.request.context = mailing
self.assertItemsEqual(
self.view.recipients,
[User.by_email('*****@*****.**'),
User.by_email('*****@*****.**')],
)
def test_save_success_disabled_stays_disabled(self):
self.request.context = User.by_id(2)
self.request.context.disable()
result = self.view.save_success(self.APPSTRUCT)
self.assertIsInstance(result, HTTPFound)
self.assertEqual(result.location, '/user/2/')
user = User.by_id(2)
self.assertEqual(user.groups, [Group.by_id(1)])
self.assertEqual(
self.request.session.pop_flash(),
[u'User "*****@*****.**" modified.'],
)
def _make_user(id=1,
email='*****@*****.**',
fullname=u'Foö Bar',
affiliate=u'Aff',
billing_email='*****@*****.**',
valid_to=date(2014, 2, 1),
last_payment=date(2014, 1, 1),
groups=None,
properties=None,
audit_log_entries=None):
if not groups: # pragma: no branch
groups = [_make_group()]
if not properties: # pragma: no branch
properties = [_make_property()]
if not audit_log_entries: # pragma: no branch
audit_log_entries = [_make_audit_log_entry()]
return User(
id=id,
email=email,
fullname=fullname,
affiliate=affiliate,
billing_email=billing_email,
valid_to=valid_to,
last_payment=last_payment,
groups=groups,
properties=properties,
audit_log_entries=audit_log_entries,
)
def save_success(self, appstruct):
group = self.request.context
group.name = appstruct.get('name')
group.product_id = appstruct.get('product_id')
group.validity = appstruct.get('validity')
group.trial_validity = appstruct.get('trial_validity')
group.addon = appstruct.get('addon')
group.forward_ipn_to_url = appstruct.get('forward_ipn_to_url')
group.users = [
User.by_id(user_id) for user_id in appstruct.get('users', [])
] # noqa
group.upgrade_groups = [
Group.by_id(group_id)
for group_id in appstruct.get('upgrade_groups', [])
] # noqa
# remove properties that are not present in appstruct
for prop in copy.copy(group.properties):
if prop.key not in [p['key'] for p in appstruct['properties']]:
group.properties.remove(prop)
# update/create properties present in appstruct
for prop in appstruct['properties']:
if group.get_property(prop['key'], None) is not None:
group.set_property(key=prop['key'], value=prop['value'])
else:
group.properties.append(
GroupProperty(key=prop['key'], value=prop['value']))
self.request.session.flash(u'Group "{}" modified.'.format(group.name))
return HTTPFound(
location=self.request.route_path('group_edit', group_id=group.id))
def submit_success(self, appstruct):
group = Group(
name=appstruct.get('name'),
product_id=appstruct.get('product_id'),
validity=appstruct.get('validity'),
trial_validity=appstruct.get('trial_validity'),
addon=appstruct.get('addon'),
forward_ipn_to_url=appstruct.get('forward_ipn_to_url'),
users=[
User.by_id(user_id) for user_id in appstruct.get('users', [])
], # noqa
upgrade_groups=[
Group.by_id(group_id)
for group_id in appstruct.get('upgrade_groups', [])
], # noqa
properties=[
GroupProperty(key=prop['key'], value=prop['value'])
for prop in appstruct.get('properties', [])
],
)
Session.add(group)
Session.flush()
self.request.session.flash(u'Group "{}" added.'.format(group.name))
return HTTPFound(
location=self.request.route_path('group_edit', group_id=group.id))
def test_get_enabled(self):
enabled = User.get_enabled()
self.assertEqual(len(enabled), 3)
self.assertItemsEqual(
[user.email for user in enabled],
['*****@*****.**', '*****@*****.**', '*****@*****.**'],
)
def login_as_success(self, appstruct):
email = appstruct['email'].lower()
user = User.by_email(email)
if user is None:
self.request.session.flash(u'User with that email does not exist.',
'error')
elif not user.enabled:
self.request.session.flash(
u'User "{}" is disabled.'.format(user.email), 'error')
elif user.admin and not self.request.user.admin:
self.request.session.flash(
u'You do not have permission to login as admin user.', 'error')
elif user.staff and not self.request.user.staff:
self.request.session.flash(
u'You do not have permission to login as staff user.', 'error')
else:
headers = remember(self.request, user.email)
self.request.session.flash(
u'You have successfully logged in as user "{}".'.format(
user.email))
self.request.registry.notify(
UserLoggedInAs(self.request,
self.request.user,
comment=u'Logged in as "{}".'.format(
user.email)))
return HTTPFound(location=self.request.host_url, headers=headers)
def test_search_fullname(self):
_make_user(email='*****@*****.**', fullname=u'aaaaa')
_make_user(email='*****@*****.**', fullname=u'ccccc')
_make_user(email='*****@*****.**', fullname=u'bbbbb')
users = User.get_all(search='ccccc').all()
self.assertEqual(len(users), 1)
self.assertEqual(users[0].email, '*****@*****.**')
def test_offset(self):
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
users = User.get_all(offset=(1, 2)).all()
self.assertEqual(len(users), 1)
self.assertEqual(users[0].email, '*****@*****.**')
def test_search_email(self):
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
users = User.get_all(search='baz').all()
self.assertEqual(len(users), 1)
self.assertEqual(users[0].email, '*****@*****.**')
def add_users():
"""Init the '*****@*****.**' and '*****@*****.**' user accounts."""
with transaction.manager:
admins = Group.by_name('admins')
staff = Group.by_name('staff')
enabled = Group.by_name('enabled')
trial = Group.by_name('trial')
# Create the admin user account
admin = User(
email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Ädmin',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
admin.groups.append(admins)
admin.groups.append(enabled)
Session.add(admin)
# Create the staff member account
staff_member = User(
email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Stäff Member',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
staff_member.groups.append(enabled)
staff_member.groups.append(staff)
Session.add(staff_member)
# Create the normal user account
one = User(
email=u'*****@*****.**',
billing_email=u'*****@*****.**',
password=SECRET_ENC,
fullname=u'Öne Bar',
properties=[
UserProperty(key=u'bimt', value=u'on'),
],
)
one.groups.append(enabled)
one.groups.append(trial)
Session.add(one)
def test_groups_choices_non_admin(self):
self.request.user = User.by_email('*****@*****.**')
self.view = UserAdd(self.request)
choices = [
group for id_, group in self.view.schema['groups'].widget.values
]
self.assertFalse('enabled' in choices)
self.assertFalse('admins' in choices)
def test_no_group(self):
group = _make_group()
_make_user(groups=[
group,
])
_make_portlet(name='foo', groups=[], position='above_content')
portlets = Portlet.by_user_and_position(User.by_id(1), 'above_content')
self.assertEqual(len(portlets), 0)
def setUp(self):
from pyramid_bimt.testing import initTestingDB
from pyramid_bimt.models import User
self.config = testing.setUp()
initTestingDB(groups=True, users=True)
self.request = testing.DummyRequest(user=User.by_email('*****@*****.**'))
def setUp(self):
initTestingDB(groups=True, users=True)
self.config = testing.setUp()
self.request = testing.DummyRequest(
layout_manager=mock.Mock(),
user=User.by_id(2),
)
self.view = SettingsForm(self.request)
def __getitem__(self, key):
user = User.by_id(key)
if user:
user.__parent__ = self
user.__name__ = key
return user
else:
raise KeyError
def test_ordered_by_modified(self):
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
users = User.get_all(order_by='modified', order_direction='desc').all()
self.assertEqual(len(users), 3)
self.assertEqual(users[0].email, '*****@*****.**')
self.assertEqual(users[1].email, '*****@*****.**')
self.assertEqual(users[2].email, '*****@*****.**')
def test_ordered_by_created(self):
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
_make_user(email='*****@*****.**')
users = User.get_all(order_by='created').all()
self.assertEqual(len(users), 3)
self.assertEqual(users[0].email, '*****@*****.**')
self.assertEqual(users[1].email, '*****@*****.**')
self.assertEqual(users[2].email, '*****@*****.**')
