def test_authenticate(init_database):
user = User.create('test', 'test1')
with pytest.raises(UnauthenticatedException):
User.authenticate('test', 'test')
User.authenticate('test', 'test1')
def register():
form = RegistrationForm()
if request.method == 'POST':
if form.validate_on_submit():
User.create(form.data['username'], form.data['password'])
return redirect(url_for('user.login'))
return render_template('register.html', form=form)
def test_has_permissions(init_database):
user = User.create('test', 'test1')
user_id = user.id
permissions = Permission.query.filter(
Permission.name.in_(['entry.create', 'entry.update'])).all()
user.permissions = permissions
db.session.commit()
user = User.by_id(user_id)
assert user.has_permissions(['entry.create'])
assert not user.has_permissions(['entry.create', 'entry.delete'])
def post(self):
args = login_parser.parse_args()
try:
user = User.authenticate(args['username'], args['password'])
token = create_access_token(identity=user.username)
return {'token': token}
except UnauthenticatedException:
raise APIUnauthenticatedException()
def create():
form = EntryForm()
if request.method == 'POST':
if form.validate_on_submit():
user = User.by_id(session['user_id'])
entry = Entry.create(form.data['title'], form.data['content'],
user)
return redirect(url_for('entry.list'))
return render_template('form.html')
def login():
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
try:
user = User.authenticate(form.data['username'],
form.data['password'])
authenticate_success(user)
return redirect(current_app.config['LOGIN_REDIRECT_URL'])
except UnauthenticatedException:
pass
return render_template('login.html')
def test_entry_search(init_database):
user = User.create('test', 'test1')
Entry.create('title 1', 'content 1', user)
Entry.create('title 2', 'content 2', user)
entries = Entry.search()
assert len(entries) == 2
assert entries[0].user.id == 1
assert entries[0].id == 1
entries = Entry.search(q='2')
assert len(entries) == 1
assert entries[0].user.id == 1
assert entries[0].id == 2
def user(init_database):
user = User.create('test', 'test1')
return user
def post(self):
username = get_jwt_identity()
user = User.by_username(username)
args = create_parser.parse_args()
EntryModel.create(args['title'], args['content'], user)
return '', 201
def test_registration_form_username_exists(init_database, app):
user = User.create('username1', 'username1')
with app.test_request_context('/'):
form = RegistrationForm(MultiDict(registraition_data))
assert form.validate() == False
assert 'username exists' in form.errors['username']
def validate_username(self, field):
if User.exists(field.data):
raise ValidationError('username exists')
def _func(*args, **kwargs):
username = get_jwt_identity()
user = User.by_username(username)
if not user.has_permissions(permissions):
raise APIUnauthorizedException()
return func(*args, **kwargs)
def _func(*args, **kwargs):
user = User.by_id(session['user_id'])
if not user.has_permissions(permissions):
raise UnauthorizedException()
return func(*args, **kwargs)