def test_func__create_user_with_mail_notification__ok__nominal_case(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.app_config,
)
u = api.create_user(
email='bob@bob',
password='******',
name='bob',
timezone='+2',
do_save=True,
do_notify=True,
)
assert u is not None
assert u.email == "bob@bob"
assert u.validate_password('pass')
assert u.display_name == 'bob'
assert u.timezone == '+2'
# check mail received
response = requests.get('http://127.0.0.1:8025/api/v1/messages')
response = response.json()
headers = response[0]['Content']['Headers']
assert headers['From'][0] == 'Tracim Notifications <test_user_from+0@localhost>' # nopep8
assert headers['To'][0] == 'bob <bob@bob>'
assert headers['Subject'][0] == '[TRACIM] Created account'
def insert(self):
u = models.User()
u.display_name = 'Global manager'
u.email = '*****@*****.**'
u.password = '******'
self._session.add(u)
uapi = UserApi(
session=self._session,
config=self._config,
current_user=u)
uapi.execute_created_user_actions(u)
g1 = models.Group()
g1.group_id = 1
g1.group_name = 'users'
g1.display_name = 'Users'
g1.users.append(u)
self._session.add(g1)
g2 = models.Group()
g2.group_id = 2
g2.group_name = 'managers'
g2.display_name = 'Global Managers'
g2.users.append(u)
self._session.add(g2)
g3 = models.Group()
g3.group_id = 3
g3.group_name = 'administrators'
g3.display_name = 'Administrators'
g3.users.append(u)
self._session.add(g3)
def test_func__user_update_command__ok__remove_group(self) -> None:
"""
Test user password update
"""
api = UserApi(
current_user=None,
session=self.session,
config=self.app_config,
)
user = api.get_one_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert user.validate_password('*****@*****.**')
assert not user.validate_password('new_password')
assert user.profile.name == 'administrators'
app = TracimCLI()
result = app.run([
'user',
'update',
'-c',
'tests_configs.ini#command_test',
'-l',
'*****@*****.**',
'-p',
'new_password',
'-rmg',
'administrators',
'--debug',
])
new_user = api.get_one_by_email('*****@*****.**')
assert new_user.email == '*****@*****.**'
assert new_user.validate_password('new_password')
assert not new_user.validate_password('*****@*****.**')
assert new_user.profile.name == 'managers'
def test_get_notifiable_roles(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(
session=self.session,
config=self.app_config,
current_user=admin,
)
w = wapi.create_workspace(label='workspace w', save_now=True)
uapi = UserApi(
session=self.session,
current_user=admin,
config=self.config
)
u = uapi.create_minimal_user(email='[email protected]', save_now=True)
eq_([], wapi.get_notifiable_roles(workspace=w))
rapi = RoleApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True)
eq_([r, ], wapi.get_notifiable_roles(workspace=w))
u.is_active = False
eq_([], wapi.get_notifiable_roles(workspace=w))
def test_func__user_create_command__ok__in_admin_group(self) -> None:
"""
Test User creation with admin as group
"""
api = UserApi(
current_user=None,
session=self.session,
config=self.app_config,
)
with pytest.raises(UserDoesNotExist):
api.get_one_by_email('command_test@user')
app = TracimCLI()
result = app.run([
'user',
'create',
'-c',
'tests_configs.ini#command_test',
'-l',
'command_test@user',
'-p',
'new_password',
'-g',
'administrators',
'--debug',
])
new_user = api.get_one_by_email('command_test@user')
assert new_user.email == 'command_test@user'
assert new_user.validate_password('new_password')
assert new_user.profile.name == 'administrators'
def _get_candidate_user(
self,
request: 'TracimRequest',
) -> User:
"""
Get candidate user
:param request: pyramid request
:return: user found from header/body
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(None, session=request.dbsession, config=app_config)
login = ''
try:
login = None
if 'user_id' in request.matchdict:
user_id_str = request.matchdict['user_id']
if not isinstance(user_id_str,
str) or not user_id_str.isdecimal():
raise InvalidUserId(
'user_id is not a correct integer') # nopep8
login = int(request.matchdict['user_id'])
if not login:
raise UserNotFoundInTracimRequest(
'You request a candidate user but the context not permit to found one'
) # nopep8
user = uapi.get_one(login)
except UserNotFoundInTracimRequest as exc:
raise UserDoesNotExist('User {} not found'.format(login)) from exc
return user
def test_unit__get_current_user__err__user_not_exist(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
with pytest.raises(UserDoesNotExist):
api.get_current_user()
def test_get_one_by_email_exception(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
with pytest.raises(NoResultFound):
api.get_one_by_email('unknown')
def authDomainUser(self, realmname, username, password, environ):
"""
If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by
http_authenticator to validate the password sent
"""
api = UserApi(None, environ['tracim_dbsession'], self.app_config)
return self.isRealmUser(realmname, username, environ) and \
api.get_one_by_email(username).validate_password(password)
def test_unit__get_one_by_email__err__user_does_not_exist(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
with pytest.raises(UserDoesNotExist):
api.get_one_by_email('unknown')
def test_unit__authenticate_user___err__wrong_user(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
with pytest.raises(AuthenticationFailed):
api.authenticate_user('*****@*****.**', 'wrong_password')
def test_unit__authenticate_user___ok__nominal_case(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
user = api.authenticate_user('*****@*****.**', '*****@*****.**')
assert isinstance(user, User)
assert user.email == '*****@*****.**'
def test_func__create_new_content_with_notification__ok__nominal_case(self):
uapi = UserApi(
current_user=None,
session=self.session,
config=self.app_config,
)
current_user = uapi.get_one_by_email('*****@*****.**')
# Create new user with notification enabled on w1 workspace
wapi = WorkspaceApi(
current_user=current_user,
session=self.session,
config=self.app_config,
)
workspace = wapi.get_one_by_label('Recipes')
user = uapi.get_one_by_email('*****@*****.**')
wapi.enable_notifications(user, workspace)
api = ContentApi(
current_user=user,
session=self.session,
config=self.app_config,
)
item = api.create(
ContentType.Folder,
workspace,
None,
'parent',
do_save=True,
do_notify=False,
)
item2 = api.create(
ContentType.File,
workspace,
item,
'file1',
do_save=True,
do_notify=True,
)
# Send mail async from redis queue
redis = get_redis_connection(
self.app_config
)
queue = get_rq_queue(
redis,
'mail_sender',
)
worker = SimpleWorker([queue], connection=queue.connection)
worker.work(burst=True)
# check mail received
response = requests.get('http://127.0.0.1:8025/api/v1/messages')
response = response.json()
headers = response[0]['Content']['Headers']
assert headers['From'][0] == '"Bob i. via Tracim" <test_user_from+3@localhost>' # nopep8
assert headers['To'][0] == 'Global manager <*****@*****.**>'
assert headers['Subject'][0] == '[TRACIM] [Recipes] file1 (Open)'
assert headers['References'][0] == 'test_user_refs+22@localhost'
assert headers['Reply-to'][0] == '"Bob i. & all members of Recipes" <test_user_reply+22@localhost>' # nopep8
def test_unit__create_minimal_user__ok__nominal_case(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
u = api.create_minimal_user('bob@bob')
assert u.email == 'bob@bob'
assert u.display_name == 'bob'
def test_unit__get_current_user_ok__nominal_case(self):
user = User(email='*****@*****.**')
api = UserApi(
current_user=user,
session=self.session,
config=self.config,
)
new_user = api.get_current_user()
assert isinstance(new_user, User)
assert user == new_user
def user(self, context, request: TracimRequest, hapic_data=None):
"""
Get user infos.
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
return uapi.get_user_with_context(request.candidate_user)
def test_unit__get_all__ok__nominal_case(self):
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
u1 = api.create_minimal_user('bibi@bibi')
users = api.get_all()
# u1 + Admin user from BaseFixture
assert 2 == len(users)
def isRealmUser(self, realmname, username, environ):
"""
Called to check if for a given root, the username exists (though here we don't make difference between
root as we're always starting at tracim's root
"""
api = UserApi(None, environ['tracim_dbsession'], self.app_config)
try:
api.get_one_by_email(username)
return True
except:
return False
def whoami(self, context, request: TracimRequest, hapic_data=None):
"""
Return current logged in user or 401
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
request.current_user,
session=request.dbsession,
config=app_config,
)
user = uapi.get_current_user() # User
return uapi.get_user_with_context(user)
def disable_user(self, context, request: TracimRequest, hapic_data=None):
"""
disable user
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
uapi.disable(user=request.candidate_user, do_save=True)
return
def create_workspaces_members_role(
self,
context,
request: TracimRequest,
hapic_data=None
) -> UserRoleWorkspaceInContext:
"""
Add Members to this workspace
"""
newly_created = False
email_sent = False
app_config = request.registry.settings['CFG']
rapi = RoleApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
uapi = UserApi(
current_user=request.current_user,
session=request.dbsession,
config=app_config,
)
try:
_, user = uapi.find(
user_id=hapic_data.body.user_id,
email=hapic_data.body.user_email_or_public_name,
public_name=hapic_data.body.user_email_or_public_name
)
except UserDoesNotExist:
try:
# TODO - G.M - 2018-07-05 - [UserCreation] Reenable email
# notification for creation
user = uapi.create_user(
hapic_data.body.user_email_or_public_name,
do_notify=False
) # nopep8
newly_created = True
except EmailValidationFailed:
raise UserCreationFailed('no valid mail given')
role = rapi.create_one(
user=user,
workspace=request.current_workspace,
role_level=WorkspaceRoles.get_role_from_slug(hapic_data.body.role).level, # nopep8
with_notif=False,
flush=True,
)
return rapi.get_user_role_workspace_with_context(
role,
newly_created=newly_created,
email_sent=email_sent,
)
def login(self, context, request: TracimRequest, hapic_data=None):
"""
Logs user into the system
"""
login = hapic_data.body
app_config = request.registry.settings['CFG']
uapi = UserApi(
None,
session=request.dbsession,
config=app_config,
)
user = uapi.authenticate_user(login.email, login.password)
return uapi.get_user_with_context(user)
def set_user_email(self, context, request: TracimRequest, hapic_data=None):
"""
Set user Email
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
user = uapi.set_email(request.candidate_user,
hapic_data.body.loggedin_user_password,
hapic_data.body.email,
do_save=True)
return uapi.get_user_with_context(user)
def set_user_infos(self, context, request: TracimRequest, hapic_data=None):
"""
Set user info data
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
user = uapi.update(request.candidate_user,
name=hapic_data.body.public_name,
timezone=hapic_data.body.timezone,
do_save=True)
return uapi.get_user_with_context(user)
def _get_basic_auth_unsafe_user(request: Request, ) -> typing.Optional[User]:
"""
:param request: pyramid request
:return: User or None
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(None, session=request.dbsession, config=app_config)
try:
login = request.unauthenticated_userid
if not login:
return None
user = uapi.get_one_by_email(login)
except UserDoesNotExist:
return None
return user
def test_unit__get_all_manageable(self):
admin = self.session.query(User) \
.filter(User.email == '*****@*****.**').one()
uapi = UserApi(
session=self.session,
current_user=admin,
config=self.config,
)
# Checks a case without workspaces.
wapi = WorkspaceApi(
session=self.session,
current_user=admin,
config=self.app_config,
)
eq_([], wapi.get_all_manageable())
# Checks an admin gets all workspaces.
w4 = wapi.create_workspace(label='w4')
w3 = wapi.create_workspace(label='w3')
w2 = wapi.create_workspace(label='w2')
w1 = wapi.create_workspace(label='w1')
eq_([w1, w2, w3, w4], wapi.get_all_manageable())
# Checks a regular user gets none workspace.
gapi = GroupApi(
session=self.session,
current_user=None,
config=self.app_config,
)
u = uapi.create_minimal_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
wapi = WorkspaceApi(
session=self.session,
current_user=u,
config=self.app_config,
)
rapi = RoleApi(
session=self.session,
current_user=u,
config=self.app_config,
)
rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)
rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False)
rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([], wapi.get_all_manageable())
# Checks a manager gets only its own workspaces.
u.groups.append(gapi.get_one(Group.TIM_MANAGER))
rapi.delete_one(u.user_id, w2.workspace_id)
rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([w1, w2], wapi.get_all_manageable())
def __call__(self, environ, start_response):
environ['tracim_user'] = UserApi(
None,
session=environ['tracim_dbsession'],
config=environ['tracim_cfg'],
).get_one_by_email(environ['http_authenticator.username'])
return self._application(environ, start_response)
def test_get_all(self):
# TODO - G.M - 29-03-2018 Check why this method is not enabled
api = UserApi(
current_user=None,
session=self.session,
config=self.config,
)
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(models.User) \
.filter(models.User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
self.testapp.authorization = ('Basic', ('*****@*****.**', 'pass'))
res = self.testapp.get('/api/v2/sessions/whoami', status=401)
def set_user_password(self,
context,
request: TracimRequest,
hapic_data=None): # nopep8
"""
Set user password
"""
app_config = request.registry.settings['CFG']
uapi = UserApi(
current_user=request.current_user, # User
session=request.dbsession,
config=app_config,
)
uapi.set_password(request.candidate_user,
hapic_data.body.loggedin_user_password,
hapic_data.body.new_password,
hapic_data.body.new_password2,
do_save=True)
return
