def test_default_group(self):
resets = [useradmin.conf.DEFAULT_USER_GROUP.set_for_testing("test_default")]
try:
get_default_user_group()
c = make_logged_in_client(username="******", is_superuser=True)
# Create default group if it doesn't already exist.
assert_true(Group.objects.filter(name="test_default").exists())
# Try deleting the default group
assert_true(Group.objects.filter(name="test_default").exists())
response = c.post("/useradmin/groups/delete", {"group_names": ["test_default"]})
assert_true("default user group may not be deleted" in response.content)
assert_true(Group.objects.filter(name="test_default").exists())
# Change the name of the default group, and try deleting again
resets.append(useradmin.conf.DEFAULT_USER_GROUP.set_for_testing("new_default"))
response = c.post("/useradmin/groups/delete", {"group_names": ["test_default"]})
assert_false(Group.objects.filter(name="test_default").exists())
assert_true(Group.objects.filter(name="new_default").exists())
finally:
for reset in resets:
reset()
def test_default_group(self):
resets = [
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing('test_default')
]
try:
get_default_user_group()
c = make_logged_in_client(username='******', is_superuser=True)
# Create default group if it doesn't already exist.
assert_true(Group.objects.filter(name='test_default').exists())
# Try deleting the default group
assert_true(Group.objects.filter(name='test_default').exists())
response = c.post('/useradmin/groups/delete',
{'group_names': ['test_default']})
assert_true(
'default user group may not be deleted' in response.content)
assert_true(Group.objects.filter(name='test_default').exists())
# Change the name of the default group, and try deleting again
resets.append(
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing(
'new_default'))
response = c.post('/useradmin/groups/delete',
{'group_names': ['test_default']})
assert_false(Group.objects.filter(name='test_default').exists())
assert_true(Group.objects.filter(name='new_default').exists())
finally:
for reset in resets:
reset()
def forwards(self, orm):
try:
from useradmin.models import get_default_user_group
from desktop.lib.test_utils import revoke_permission
# Revoke S3 access to default group by default
if get_default_user_group():
revoked = revoke_permission(get_default_user_group(), 'filebrowser', 's3_access')
LOG.info('Revoked s3 permissions: %s' % revoked)
except Exception, e:
LOG.error(e)
def setUp(self):
self.client = make_logged_in_client(username='******',
groupname=get_default_user_group(),
recreate=True,
is_superuser=False)
self.user = User.objects.get(username='******')
self.user = rewrite_user(self.user)
def handle(self, *args, **options):
if not options.get('user'):
user = User.objects.get(username=pwd.getpwuid(os.getuid()).pw_name)
else:
user = options['user']
dialect = options.get('dialect', 'hive')
# Install sample notebook from fixture if notebook with sample UUID doesn't exist
if not Document2.objects.filter(uuid="7f2ea775-e067-4fde-8f5f-4d704ab9b002").exists():
sample_user = install_sample_user()
with transaction.atomic():
management.call_command('loaddata', 'initial_notebook_examples.json', verbosity=2, commit=False)
Document.objects.sync()
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR
)
Document2.objects.filter(type='notebook', owner__username__in=SAMPLE_USER_OWNERS).update(parent_directory=examples_dir)
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample notebook')
from beeswax.management.commands.beeswax_install_examples import Command
Command().handle(dialect=dialect, user=user)
def delete_group(request):
if not request.user.is_superuser:
request.audit = {
'operation': 'DELETE_GROUP',
'operationText': _get_failed_operation_text(request.user.username, 'DELETE_GROUP'),
'allowed': False
}
raise PopupException(_("You must be a superuser to delete groups."), error_code=401)
if request.method == 'POST':
try:
group_names = request.POST.getlist('group_names')
# Get the default group before getting the group, because we may be
# trying to delete the default group, and it may not have been created yet.
default_group = get_default_user_group()
if default_group is not None and default_group.name in group_names:
raise PopupException(_("The default user group may not be deleted."), error_code=401)
Group.objects.filter(name__in=group_names).delete()
request.info(_('The groups were deleted.'))
request.audit = {
'operation': 'DELETE_GROUP',
'operationText': 'Deleted Group(s): %s' % ', '.join(group_names)
}
return redirect(reverse(list_groups))
except Group.DoesNotExist:
raise PopupException(_("Group not found."), error_code=404)
else:
return render("delete_group.mako", request, {'path': request.path})
def authenticate(self, access_token):
username = access_token['screen_name']
password = access_token['oauth_token_secret']
username = force_username_case(username)
try:
if AUTH.IGNORE_USERNAME_CASE.get():
user = User.objects.get(username__iexact=username)
else:
user = User.objects.get(username=username)
except User.DoesNotExist:
if not UserProfile.objects.filter(creation_method=str(
UserProfile.CreationMethod.EXTERNAL)).exists():
is_super = True
else:
is_super = False
# Could save oauth_token detail in the user profile here
user = find_or_create_user(username, password)
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def authenticate(self, remote_user=None):
username = self.clean_username(remote_user)
username = desktop.conf.AUTH.FORCE_USERNAME_LOWERCASE.get() and username.lower() or username
is_super = False
if User.objects.count() == 0:
is_super = True
try:
if desktop.conf.AUTH.IGNORE_USERNAME_CASE.get():
user = User.objects.get(username__iexact=username)
else:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = find_or_create_user(username, None)
if user is not None and user.is_active:
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
user = rewrite_user(user)
return user
def delete_group(request, name):
if not request.user.is_superuser:
raise PopupException("You must be a superuser to delete groups.")
if request.method == 'POST':
try:
global groups_lock
__groups_lock.acquire()
try:
# Get the default group before getting the group, because we may be
# trying to delete the default group, and it may not have been created
# yet
default_group = get_default_user_group()
group = Group.objects.get(name=name)
if default_group is not None and default_group.name == name:
raise PopupException("The default user group may not be deleted.")
group.delete()
finally:
__groups_lock.release()
# Send a flash message saying "deleted"?
return list_groups(request)
except Group.DoesNotExist:
raise PopupException("Group not found.")
else:
return render("confirm.mako",
request,
dict(path=request.path, title="Delete group?"))
def authenticate(self, access_token):
username = access_token['screen_name']
password = access_token['oauth_token_secret']
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
if not UserProfile.objects.filter(creation_method=str(UserProfile.CreationMethod.EXTERNAL)).exists():
is_super=True
else:
is_super=False
# Could save oauth_token detail in the user profile here
user = find_or_create_user(username, password)
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def update_user(self, user, attributes, attribute_mapping, force_save=False):
# Do this check up here, because the auth call creates a django user upon first login per user
is_super = False
if not UserProfile.objects.filter(creation_method=str(UserProfile.CreationMethod.EXTERNAL)).exists():
# If there are no LDAP users already in the system, the first one will
# become a superuser
is_super = True
elif User.objects.filter(username=user.username).exists():
# If the user already exists, we shouldn't change its superuser
# privileges. However, if there's a naming conflict with a non-external
# user, we should do the safe thing and turn off superuser privs.
user = User.objects.get(username=user.username)
existing_profile = get_profile(user)
if existing_profile.creation_method == str(UserProfile.CreationMethod.EXTERNAL):
is_super = user.is_superuser
user = super(SAML2Backend, self).update_user(user, attributes, attribute_mapping, force_save)
if user is not None and user.is_active:
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
user = rewrite_user(user)
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
return user
return None
def handle_noargs(self, **options):
fs = cluster.get_hdfs()
create_directories(fs, [REMOTE_SAMPLE_DIR.get()])
remote_dir = REMOTE_SAMPLE_DIR.get()
# Copy examples binaries
for name in os.listdir(LOCAL_SAMPLE_DIR.get()):
local_dir = fs.join(LOCAL_SAMPLE_DIR.get(), name)
remote_data_dir = fs.join(remote_dir, name)
LOG.info(_('Copying examples %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
fs.do_as_user(fs.DEFAULT_USER, fs.copyFromLocal, local_dir, remote_data_dir)
# Copy sample data
local_dir = paths.get_thirdparty_root("sample_data")
remote_data_dir = fs.join(remote_dir, 'data')
LOG.info(_('Copying data %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
fs.do_as_user(fs.DEFAULT_USER, fs.copyFromLocal, local_dir, remote_data_dir)
# Load jobs
sample_user = install_sample_user()
management.call_command('loaddata', 'initial_pig_examples.json', verbosity=2)
Document.objects.sync()
if USE_NEW_EDITOR.get():
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR)
try:
# Don't overwrite
doc = Document.objects.get(object_id=1100713)
doc2 = Document2.objects.get(owner=sample_user, name=doc.name, type='link-pigscript')
# If document exists but has been trashed, recover from Trash
if doc2.parent_directory != examples_dir:
doc2.parent_directory = examples_dir
doc2.save()
except Document.DoesNotExist:
LOG.warn('Sample pig script document not found.')
except Document2.DoesNotExist:
if doc.content_object:
data = doc.content_object.dict
data.update({'content_type': doc.content_type.model, 'object_id': doc.object_id})
data = json.dumps(data)
doc2 = Document2.objects.create(
owner=sample_user,
parent_directory=examples_dir,
name=doc.name,
type='link-pigscript',
description=doc.description,
data=data)
LOG.info('Successfully installed sample link to pig script: %s' % (doc2.name,))
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
def delete_group(request, name):
if not request.user.is_superuser:
raise PopupException(_("You must be a superuser to delete groups."), error_code=401)
if request.method == 'POST':
try:
global groups_lock
__groups_lock.acquire()
try:
# Get the default group before getting the group, because we may be
# trying to delete the default group, and it may not have been created
# yet
default_group = get_default_user_group()
group = Group.objects.get(name=name)
if default_group is not None and default_group.name == name:
raise PopupException(_("The default user group may not be deleted."), error_code=401)
group.delete()
finally:
__groups_lock.release()
request.info(_('The group was deleted.'))
return redirect(reverse(list_groups))
except Group.DoesNotExist:
raise PopupException(_("Group not found."), error_code=404)
else:
return render("delete_group.mako", request, dict(path=request.path, groupname=name))
def handle_noargs(self, **options):
sample_user = install_sample_user()
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR
)
if not Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS).exists():
management.call_command('loaddata', 'initial_search_examples.json', verbosity=2)
Document.objects.sync()
Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS).update(parent_directory=examples_dir)
else:
# Check if sample documents are in Trash, and if so, restore them
for doc in Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS):
if doc.parent_directory != examples_dir:
doc.parent_directory = examples_dir
doc.save()
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample search dashboard')
def check_auth(self, username, password):
if pam.authenticate(username, password,
desktop.conf.AUTH.PAM_SERVICE.get()):
is_super = False
if User.objects.count() == 0:
is_super = True
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = find_or_create_user(username, None)
if user is not None and user.is_active:
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
user = rewrite_user(user)
return user
return None
def add_to_group(username, groupname=get_default_user_group().name):
user = User.objects.get(username=username)
group, created = Group.objects.get_or_create(name=groupname)
if not user.groups.filter(name=group.name).exists():
user.groups.add(group)
user.save()
def delete_group(request, name):
if not request.user.is_superuser:
raise PopupException(_("You must be a superuser to delete groups."),
error_code=401)
if request.method == 'POST':
try:
global groups_lock
__groups_lock.acquire()
try:
# Get the default group before getting the group, because we may be
# trying to delete the default group, and it may not have been created
# yet
default_group = get_default_user_group()
group = Group.objects.get(name=name)
if default_group is not None and default_group.name == name:
raise PopupException(
_("The default user group may not be deleted."),
error_code=401)
group.delete()
finally:
__groups_lock.release()
request.info(_('The group was deleted.'))
return redirect(reverse(list_groups))
except Group.DoesNotExist:
raise PopupException(_("Group not found."), error_code=404)
else:
return render("delete_group.mako", request,
dict(path=request.path, groupname=name))
def delete_group(request):
if not request.user.is_superuser:
request.audit = {
'operation': 'DELETE_GROUP',
'operationText': _get_failed_operation_text(request.user.username, 'DELETE_GROUP'),
'allowed': False
}
raise PopupException(_("You must be a superuser to delete groups."), error_code=401)
if request.method == 'POST':
try:
group_names = request.POST.getlist('group_names')
# Get the default group before getting the group, because we may be
# trying to delete the default group, and it may not have been created yet.
default_group = get_default_user_group()
if default_group is not None and default_group.name in group_names:
raise PopupException(_("The default user group may not be deleted."), error_code=401)
Group.objects.filter(name__in=group_names).delete()
request.info(_('The groups were deleted.'))
request.audit = {
'operation': 'DELETE_GROUP',
'operationText': 'Deleted Group(s): %s' % ', '.join(group_names)
}
return redirect(reverse(list_groups))
except Group.DoesNotExist:
raise PopupException(_("Group not found."), error_code=404)
else:
return render("delete_group.mako", request, {'path': request.path})
def add_to_group(username, groupname=get_default_user_group().name):
user = User.objects.get(username=username)
group, created = Group.objects.get_or_create(name=groupname)
if not user.groups.filter(name=group.name).exists():
user.groups.add(group)
user.save()
def share_to_default(self, document):
from useradmin.models import get_default_user_group # Remove build dependency
perm, created = DocumentPermission.objects.get_or_create(doc=document)
default_group = get_default_user_group()
if default_group:
perm.groups.add(default_group)
def setUp(self):
self.client = make_logged_in_client(username="******",
groupname="default",
recreate=True,
is_superuser=False)
self.client_not_me = make_logged_in_client(username="******",
groupname="default",
recreate=True,
is_superuser=False)
self.user = User.objects.get(username="******")
self.user_not_me = User.objects.get(username="******")
grant_access(self.user.username, self.user.username, "desktop")
grant_access(self.user_not_me.username, self.user_not_me.username,
"desktop")
self.default_group = get_default_user_group()
# This creates the user directories for the new user
response = self.client.get('/desktop/api2/docs/')
data = json.loads(response.content)
assert_equal('/', data['document']['path'], data)
self.home_dir = Document2.objects.get_home_directory(user=self.user)
def check_auth(self, username, password):
if pam.authenticate(username, password, desktop.conf.AUTH.PAM_SERVICE.get()):
is_super = False
if User.objects.count() == 0:
is_super = True
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = find_or_create_user(username, None)
if user is not None and user.is_active:
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
user = rewrite_user(user)
return user
return None
def share_to_default(self, document):
from useradmin.models import get_default_user_group # Remove build dependency
perm, created = DocumentPermission.objects.get_or_create(doc=document)
default_group = get_default_user_group()
if default_group:
perm.groups.add(default_group)
def _import_ldap_user(username, import_by_dn=False):
"""
Import a user from LDAP. If import_by_dn is true, this will import the user by
the distinguished name, rather than the configured username attribute.
"""
conn = ldap_access.get_connection()
user_info = conn.find_user(username, import_by_dn)
if user_info is None:
LOG.warn("Could not get LDAP details for user %s" % (username,))
return None
user, created = User.objects.get_or_create(username=user_info['username'])
profile = get_profile(user)
if not created and profile.creation_method == str(UserProfile.CreationMethod.HUE):
# This is a Hue user, and shouldn't be overwritten
LOG.warn('There was a naming conflict while importing user %s' % (username,))
return None
default_group = get_default_user_group()
if created and default_group is not None:
user.groups.add(default_group)
if 'first' in user_info:
user.first_name = user_info['first']
if 'last' in user_info:
user.last_name = user_info['last']
if 'email' in user_info:
user.email = user_info['email']
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.save()
return user
def authenticate(self, remote_user=None):
username = self.clean_username(remote_user)
username = desktop.conf.AUTH.FORCE_USERNAME_LOWERCASE.get(
) and username.lower() or username
is_super = False
if User.objects.count() == 0:
is_super = True
try:
if desktop.conf.AUTH.IGNORE_USERNAME_CASE.get():
user = User.objects.get(username__iexact=username)
else:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = find_or_create_user(username, None)
if user is not None and user.is_active:
profile = get_profile(user)
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.is_superuser = is_super
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
user = rewrite_user(user)
return user
def handle(self, *args, **options):
sample_user = install_sample_user()
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR
)
if not Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS).exists():
with transaction.atomic():
if sys.version_info[0] > 2:
management.call_command('loaddata', 'initial_search_examples.json', verbosity=2)
else:
management.call_command('loaddata', 'initial_search_examples.json', verbosity=2, commit=False)
Document.objects.sync()
Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS).update(parent_directory=examples_dir)
else:
# Check if sample documents are in Trash, and if so, restore them
for doc in Document2.objects.filter(type='search-dashboard', owner__username__in=SAMPLE_USER_OWNERS):
if doc.parent_directory != examples_dir:
doc.parent_directory = examples_dir
doc.save()
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample search dashboard')
def handle(self, *args, **options):
if not options.get('user'):
user = User.objects.get(username=pwd.getpwuid(os.getuid()).pw_name)
else:
user = options['user']
# Install sample notebook from fixture if notebook with sample UUID doesn't exist
if not Document2.objects.filter(uuid="7f2ea775-e067-4fde-8f5f-4d704ab9b002").exists():
sample_user = install_sample_user()
management.call_command('loaddata', 'initial_notebook_examples.json', verbosity=2)
Document.objects.sync()
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR
)
Document2.objects.filter(type='notebook', owner__username__in=SAMPLE_USER_OWNERS).update(parent_directory=examples_dir)
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample notebook')
from beeswax.management.commands.beeswax_install_examples import Command
app_name = 'beeswax'
Command().handle(app_name=app_name, user=user, tables='tables.json')
def test_login_does_not_reset_groups(self):
client = make_logged_in_client(username=self.test_username,
password="******")
user = User.objects.get(username=self.test_username)
test_group, created = Group.objects.get_or_create(
name=self.test_username)
default_group = get_default_user_group()
user.groups.all().delete()
assert_false(user.groups.exists())
# No groups
response = client.post('/hue/accounts/login/',
dict(username=self.test_username,
password="******"),
follow=True)
assert_equal(200, response.status_code, "Expected ok status.")
assert_equal([default_group.name],
[i for i in user.groups.values_list('name', flat=True)])
add_to_group(self.test_username, self.test_username)
# Two groups
client.get('/accounts/logout')
response = client.post('/hue/accounts/login/',
dict(username=self.test_username,
password="******"),
follow=True)
assert_equal(200, response.status_code, "Expected ok status.")
assert_equal(set([default_group.name, test_group.name]),
set(user.groups.values_list('name', flat=True)))
user.groups.filter(name=default_group.name).delete()
assert_equal(set([test_group.name]),
set(user.groups.values_list('name', flat=True)))
# Keep manual group only, don't re-add default group
client.get('/accounts/logout')
response = client.post('/hue/accounts/login/',
dict(username=self.test_username,
password="******"),
follow=True)
assert_equal(200, response.status_code, "Expected ok status.")
assert_equal([test_group.name],
list(user.groups.values_list('name', flat=True)))
user.groups.remove(test_group)
assert_false(user.groups.exists())
# Re-add default group
client.get('/accounts/logout')
response = client.post('/hue/accounts/login/',
dict(username=self.test_username,
password="******"),
follow=True)
assert_equal(200, response.status_code, "Expected ok status.")
assert_equal([default_group.name],
list(user.groups.values_list('name', flat=True)))
def _import_ldap_users_info(connection, user_info, sync_groups=False, import_by_dn=False):
"""
Import user_info found through ldap_access.find_users.
"""
imported_users = []
for ldap_info in user_info:
# Extra validation in case import by DN and username has spaces or colons
validate_username(ldap_info['username'])
user, created = ldap_access.get_or_create_ldap_user(username=ldap_info['username'])
profile = get_profile(user)
if not created and profile.creation_method == str(UserProfile.CreationMethod.HUE):
# This is a Hue user, and shouldn't be overwritten
LOG.warn(_('There was a naming conflict while importing user %(username)s') % {
'username': ldap_info['username']
})
return None
default_group = get_default_user_group()
if created and default_group is not None:
user.groups.add(default_group)
if 'first' in ldap_info:
user.first_name = ldap_info['first']
if 'last' in ldap_info:
user.last_name = ldap_info['last']
if 'email' in ldap_info:
user.email = ldap_info['email']
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.save()
imported_users.append(user)
# sync groups
if sync_groups and 'groups' in ldap_info:
old_groups = set(user.groups.all())
new_groups = set()
# Skip if 'memberOf' or 'isMemberOf' are not set
for group_dn in ldap_info['groups']:
group_ldap_info = connection.find_groups(group_dn, find_by_dn=True, scope=ldap.SCOPE_BASE)
for group_info in group_ldap_info:
# Add only if user isn't part of group.
if not user.groups.filter(name=group_info['name']).exists():
groups = import_ldap_groups(connection, group_info['dn'], import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=True)
if groups:
new_groups.update(groups)
# Remove out of date groups
remove_groups = old_groups - new_groups
remove_ldap_groups = LdapGroup.objects.filter(group__in=remove_groups)
remove_groups_filtered = [ldapgroup.group for ldapgroup in remove_ldap_groups]
user.groups.filter(group__in=remove_groups_filtered).delete()
user.groups.add(*new_groups)
Group.objects.filter(group__in=remove_groups_filtered).delete()
remove_ldap_groups.delete()
return imported_users
def install(self, django_user):
"""
Install queries. Raise InstallException on failure.
"""
LOG.info('Installing sample query: %s' % (self.name, ))
try:
# Don't overwrite
query = SavedQuery.objects.get(owner=django_user,
name=self.name,
type=self.type)
except SavedQuery.DoesNotExist:
query = SavedQuery(owner=django_user,
name=self.name,
type=self.type,
desc=self.desc)
# The data field needs to be a string. The sample file writes it
# as json (without encoding into a string) for readability.
query.data = json.dumps(self.data)
query.save()
LOG.info('Successfully installed sample design: %s' %
(self.name, ))
if beeswax.conf.USE_NEW_EDITOR.get():
try:
# Don't overwrite
doc2 = Document2.objects.get(owner=django_user,
name=self.name,
type=self._document_type(
self.type))
except Document2.DoesNotExist:
# Create document from saved query
notebook = import_saved_beeswax_query(query)
data = notebook.get_json()
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(django_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=django_user,
name=Document2.EXAMPLES_DIR)
doc2 = Document2.objects.create(owner=django_user,
parent_directory=examples_dir,
name=self.name,
type=self._document_type(
self.type),
description=self.desc,
data=data)
# Share with default group
examples_dir.share(django_user,
Document2Permission.READ_PERM,
groups=[get_default_user_group()])
doc2.save()
LOG.info('Successfully installed sample query: %s' %
(self.name, ))
def _import_ldap_users_info(connection, user_info, sync_groups=False, import_by_dn=False):
"""
Import user_info found through ldap_access.find_users.
"""
imported_users = []
for ldap_info in user_info:
# Extra validation in case import by DN and username has spaces or colons
validate_username(ldap_info['username'])
user, created = ldap_access.get_or_create_ldap_user(username=ldap_info['username'])
profile = get_profile(user)
if not created and profile.creation_method == str(UserProfile.CreationMethod.HUE):
# This is a Hue user, and shouldn't be overwritten
LOG.warn(_('There was a naming conflict while importing user %(username)s') % {
'username': ldap_info['username']
})
return None
default_group = get_default_user_group()
if created and default_group is not None:
user.groups.add(default_group)
if 'first' in ldap_info:
user.first_name = ldap_info['first']
if 'last' in ldap_info:
user.last_name = ldap_info['last']
if 'email' in ldap_info:
user.email = ldap_info['email']
profile.creation_method = UserProfile.CreationMethod.EXTERNAL
profile.save()
user.save()
imported_users.append(user)
# sync groups
if sync_groups and 'groups' in ldap_info:
old_groups = set(user.groups.all())
new_groups = set()
# Skip if 'memberOf' or 'isMemberOf' are not set
for group_dn in ldap_info['groups']:
group_ldap_info = connection.find_groups(group_dn, find_by_dn=True, scope=ldap.SCOPE_BASE)
for group_info in group_ldap_info:
# Add only if user isn't part of group.
if not user.groups.filter(name=group_info['name']).exists():
groups = import_ldap_groups(connection, group_info['dn'], import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=True)
if groups:
new_groups.update(groups)
# Remove out of date groups
remove_groups = old_groups - new_groups
remove_ldap_groups = LdapGroup.objects.filter(group__in=remove_groups)
remove_groups_filtered = [ldapgroup.group for ldapgroup in remove_ldap_groups]
user.groups.filter(group__in=remove_groups_filtered).delete()
user.groups.add(*new_groups)
Group.objects.filter(group__in=remove_groups_filtered).delete()
remove_ldap_groups.delete()
return imported_users
def check_auth(self, username, password):
user = find_or_create_user(username, None)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def install(self, django_user, interpreter=None):
"""
Install queries. Raise InstallException on failure.
"""
LOG.info('Installing sample query: %s' % (self.name,))
try:
# Don't overwrite
query = SavedQuery.objects.get(owner=django_user, name=self.name, type=self.type)
except SavedQuery.DoesNotExist:
query = SavedQuery(owner=django_user, name=self.name, type=self.type, desc=self.desc)
# The data field needs to be a string. The sample file writes it as json (without encoding into a string) for readability.
query.data = json.dumps(self.data)
query.save()
LOG.info('Successfully installed sample design: %s' % (self.name,))
if USE_NEW_EDITOR.get():
examples_dir = _get_example_directory(django_user)
document_type = self._document_type(self.type, interpreter)
notebook = import_saved_beeswax_query(query, interpreter=interpreter)
try:
# Could move PK from a uuid in queries.json at some point to handle name changes without duplicating.
# And move to a simpler json format at some point.
doc2 = Document2.objects.get(owner=django_user, name=self.name, type=document_type, is_history=False)
if doc2.parent_directory != examples_dir: # Recover from Trash or if moved
doc2.parent_directory = examples_dir
data = json.loads(doc2.data)
data['uuid'] = doc2.uuid
doc2.data = json.dumps(data) # Refresh content
doc2.save()
except Document2.DoesNotExist:
# Create new example
data = notebook.get_data()
data['isSaved'] = True
uuid = data.get('uuid')
data = json.dumps(data)
doc2 = Document2.objects.create(
uuid=uuid, # Must the same as in the notebook data
owner=django_user,
parent_directory=examples_dir,
name=self.name,
type=document_type,
description=self.desc,
data=data
)
# TODO: FK to connector object
# Share with default group
examples_dir.share(django_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample query: %s' % doc2)
def check_auth(self, username, password):
user = find_or_create_user(username, None)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def test_share_document_permissions(self):
# No doc
response = self.client.get('/home')
assert_equal({}, json.loads(response.context['json_documents']))
response = self.client_not_me.get('/home')
assert_equal({}, json.loads(response.context['json_documents']))
# Add doc
script, doc = self._add_doc('test_update_permissions')
doc_id = '%s' % doc.id
response = self.client.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
response = self.client_not_me.get('/home')
assert_false(doc_id in json.loads(response.context['json_documents']))
# Share by user
response = self.client.post("/desktop/api/doc/update_permissions", {
'doc_id': doc.id,
'data': json.dumps({'read': {'user_ids': [self.user.id, self.user_not_me.id], 'group_ids': []}})
})
assert_equal(0, json.loads(response.content)['status'], response.content)
response = self.client.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
response = self.client_not_me.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
# Un-share
response = self.client.post("/desktop/api/doc/update_permissions", {
'doc_id': doc.id,
'data': json.dumps({'read': {'user_ids': [self.user.id], 'group_ids': []}})
})
assert_equal(0, json.loads(response.content)['status'], response.content)
response = self.client.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
response = self.client_not_me.get('/home')
assert_false(doc_id in json.loads(response.context['json_documents']))
# Share by group
default_group = get_default_user_group()
response = self.client.post("/desktop/api/doc/update_permissions", {
'doc_id': doc.id,
'data': json.dumps({'read': {'user_ids': [self.user.id], 'group_ids': [default_group.id]}})
})
assert_equal(0, json.loads(response.content)['status'], response.content)
response = self.client.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
response = self.client_not_me.get('/home')
assert_true(doc_id in json.loads(response.context['json_documents']))
def handle(self, *args, **options):
fs = cluster.get_hdfs()
create_directories(fs, [REMOTE_SAMPLE_DIR.get()])
remote_dir = REMOTE_SAMPLE_DIR.get()
sample_user = install_sample_user()
# Copy examples binaries
for name in os.listdir(LOCAL_SAMPLE_DIR.get()):
local_dir = fs.join(LOCAL_SAMPLE_DIR.get(), name)
remote_data_dir = fs.join(remote_dir, name)
LOG.info(
_('Copying examples %(local_dir)s to %(remote_data_dir)s\n') %
{
'local_dir': local_dir,
'remote_data_dir': remote_data_dir
})
fs.do_as_user(sample_user.username, fs.copyFromLocal, local_dir,
remote_data_dir)
# Copy sample data
local_dir = paths.get_thirdparty_root("sample_data")
remote_data_dir = fs.join(remote_dir, 'data')
LOG.info(
_('Copying data %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir,
'remote_data_dir': remote_data_dir
})
fs.do_as_user(sample_user.username, fs.copyFromLocal, local_dir,
remote_data_dir)
# Initialize doc2, whether editor script or link
doc2 = None
# Install editor pig script without doc1 link
LOG.info("Using Hue 4, will install pig editor sample.")
doc2 = self.install_pig_script(sample_user)
if USE_NEW_EDITOR.get():
# Get or create sample user directories
LOG.info("Creating sample user directories.")
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR)
# If document exists but has been trashed, recover from Trash
if doc2 and doc2.parent_directory != examples_dir:
doc2.parent_directory = examples_dir
doc2.save()
# Share with default group
examples_dir.share(sample_user,
Document2Permission.READ_PERM,
groups=[get_default_user_group()])
def install(self, django_user, interpreter=None):
"""
Install queries. Raise InstallException on failure.
"""
LOG.info('Installing sample query: %s' % (self.name,))
try:
# Don't overwrite
query = SavedQuery.objects.get(owner=django_user, name=self.name, type=self.type)
except SavedQuery.DoesNotExist:
query = SavedQuery(owner=django_user, name=self.name, type=self.type, desc=self.desc)
# The data field needs to be a string. The sample file writes it
# as json (without encoding into a string) for readability.
query.data = json.dumps(self.data)
query.save()
LOG.info('Successfully installed sample design: %s' % (self.name,))
if USE_NEW_EDITOR.get():
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(django_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=django_user,
name=Document2.EXAMPLES_DIR
)
document_type = self._document_type(self.type, interpreter)
try:
# Don't overwrite
doc2 = Document2.objects.get(owner=django_user, name=self.name, type=document_type, is_history=False)
# If document exists but has been trashed, recover from Trash
if doc2.parent_directory != examples_dir:
doc2.parent_directory = examples_dir
doc2.save()
except Document2.DoesNotExist:
# Create document from saved query
notebook = import_saved_beeswax_query(query, interpreter=interpreter)
data = notebook.get_data()
data['isSaved'] = True
uuid = data.get('uuid')
data = json.dumps(data)
doc2 = Document2.objects.create(
uuid=uuid,
owner=django_user,
parent_directory=examples_dir,
name=self.name,
type=document_type,
description=self.desc,
data=data
)
# Share with default group
examples_dir.share(django_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample query: %s' % (self.name,))
def install(self, django_user):
"""
Install queries. Raise InstallException on failure.
"""
LOG.info('Installing sample query: %s' % (self.name,))
try:
# Don't overwrite
query = SavedQuery.objects.get(owner=django_user, name=self.name, type=self.type)
except SavedQuery.DoesNotExist:
query = SavedQuery(owner=django_user, name=self.name, type=self.type, desc=self.desc)
# The data field needs to be a string. The sample file writes it
# as json (without encoding into a string) for readability.
query.data = json.dumps(self.data)
query.save()
LOG.info('Successfully installed sample design: %s' % (self.name,))
if USE_NEW_EDITOR.get():
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(django_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=django_user,
name=Document2.EXAMPLES_DIR
)
try:
# Don't overwrite
doc2 = Document2.objects.get(owner=django_user, name=self.name, type=self._document_type(self.type))
# If document exists but has been trashed, recover from Trash
if doc2.parent_directory != examples_dir:
doc2.parent_directory = examples_dir
doc2.save()
except Document2.DoesNotExist:
# Create document from saved query
notebook = import_saved_beeswax_query(query)
data = notebook.get_data()
data['isSaved'] = True
uuid = data.get('uuid')
data = json.dumps(data)
doc2 = Document2.objects.create(
uuid=uuid,
owner=django_user,
parent_directory=examples_dir,
name=self.name,
type=self._document_type(self.type),
description=self.desc,
data=data
)
# Share with default group
examples_dir.share(django_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
LOG.info('Successfully installed sample query: %s' % (self.name,))
def setUp(self):
self.client = make_logged_in_client(username="******", groupname="default", recreate=False, is_superuser=True)
self.client_user = make_logged_in_client(username="******", groupname="default", recreate=False, is_superuser=False)
self.admin = User.objects.get(username="******")
self.user = User.objects.get(username="******")
self.group = get_default_user_group()
grant_access(self.admin.username, self.admin.username, "desktop")
grant_access(self.user.username, self.user.username, "desktop")
def __init__(self, *args, **kwargs):
super(SuperUserChangeForm, self).__init__(*args, **kwargs)
if self.instance.id:
# If the user exists already, we'll use its current group memberships
self.initial['groups'] = set(self.instance.groups.all())
else:
# If this is a new user, suggest the default group
default_group = get_default_user_group()
if default_group is not None:
self.initial['groups'] = set([default_group])
else:
self.initial['groups'] = []
def add_to_group(username, groupname=None):
if groupname is None:
group = get_default_user_group()
assert group is not None
groupname = group.name
user = User.objects.get(username=username)
group, created = Group.objects.get_or_create(name=groupname)
if not user.groups.filter(name=group.name).exists():
user.groups.add(group)
user.save()
def __init__(self, *args, **kwargs):
super(SuperUserChangeForm, self).__init__(*args, **kwargs)
if self.instance.id:
# If the user exists already, we'll use its current group memberships
self.initial['groups'] = set(self.instance.groups.all())
else:
# If his is a new user, suggest the default group
default_group = get_default_user_group()
if default_group is not None:
self.initial['groups'] = set([default_group])
else:
self.initial['groups'] = []
def add_to_group(username, groupname=None):
if groupname is None:
group = get_default_user_group()
assert group is not None
groupname = group.name
user = User.objects.get(username=username)
group, created = Group.objects.get_or_create(name=groupname)
if not user.groups.filter(name=group.name).exists():
user.groups.add(group)
user.save()
def share_to_default(self, document, name='read'):
from useradmin.models import get_default_user_group # Remove build dependency
self._check_perm(name)
if name == DocumentPermission.WRITE_PERM:
perm, created = DocumentPermission.objects.get_or_create(doc=document, perms=DocumentPermission.WRITE_PERM)
else:
perm, created = DocumentPermission.objects.get_or_create(doc=document, perms=DocumentPermission.READ_PERM)
default_group = get_default_user_group()
if default_group:
perm.groups.add(default_group)
def test_default_group():
reset_all_users()
reset_all_groups()
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing('test_default')
get_default_user_group()
c = make_logged_in_client(username='******', is_superuser=True)
# Create default group if it doesn't already exist.
assert_true(Group.objects.filter(name='test_default').exists())
# Try deleting the default group
assert_true(Group.objects.filter(name='test_default').exists())
response = c.post('/useradmin/groups/delete/test_default')
assert_true('default user group may not be deleted' in response.content)
assert_true(Group.objects.filter(name='test_default').exists())
# Change the name of the default group, and try deleting again
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing('new_default')
response = c.post('/useradmin/groups/delete/test_default')
assert_false(Group.objects.filter(name='test_default').exists())
assert_true(Group.objects.filter(name='new_default').exists())
def share_to_default(self, document, name='read'):
from useradmin.models import get_default_user_group # Remove build dependency
self._check_perm(name)
if name == DocumentPermission.WRITE_PERM:
perm, created = DocumentPermission.objects.get_or_create(doc=document, perms=DocumentPermission.WRITE_PERM)
else:
perm, created = DocumentPermission.objects.get_or_create(doc=document, perms=DocumentPermission.READ_PERM)
default_group = get_default_user_group()
if default_group:
perm.groups.add(default_group)
def test_default_group():
reset_all_users()
reset_all_groups()
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing('test_default')
get_default_user_group()
c = make_logged_in_client(username='******', is_superuser=True)
# Create default group if it doesn't already exist.
assert_true(Group.objects.filter(name='test_default').exists())
# Try deleting the default group
assert_true(Group.objects.filter(name='test_default').exists())
response = c.post('/useradmin/groups/delete', {'group_names': ['test_default']})
assert_true('default user group may not be deleted' in response.content)
assert_true(Group.objects.filter(name='test_default').exists())
# Change the name of the default group, and try deleting again
useradmin.conf.DEFAULT_USER_GROUP.set_for_testing('new_default')
response = c.post('/useradmin/groups/delete' , {'group_names': ['test_default']})
assert_false(Group.objects.filter(name='test_default').exists())
assert_true(Group.objects.filter(name='new_default').exists())
def handle_noargs(self, **options):
self.user = install_sample_user()
self.fs = cluster.get_hdfs()
LOG.info(_("Creating sample directory '%s' in HDFS") % REMOTE_SAMPLE_DIR.get())
create_directories(self.fs, [REMOTE_SAMPLE_DIR.get()])
remote_dir = REMOTE_SAMPLE_DIR.get()
# Copy examples binaries
for name in os.listdir(LOCAL_SAMPLE_DIR.get()):
local_dir = self.fs.join(LOCAL_SAMPLE_DIR.get(), name)
remote_data_dir = self.fs.join(remote_dir, name)
LOG.info(_('Copying examples %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
self.fs.do_as_user(self.fs.DEFAULT_USER, self.fs.copyFromLocal, local_dir, remote_data_dir)
# Copy sample data
local_dir = LOCAL_SAMPLE_DATA_DIR.get()
remote_data_dir = self.fs.join(remote_dir, 'data')
LOG.info(_('Copying data %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
self.fs.do_as_user(self.fs.DEFAULT_USER, self.fs.copyFromLocal, local_dir, remote_data_dir)
# Load jobs
LOG.info(_("Installing examples..."))
if ENABLE_V2.get():
management.call_command('loaddata', 'initial_oozie_examples.json', verbosity=2)
# Get or create sample user directories
home_dir = Directory.objects.get_home_directory(self.user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=self.user,
name=Document2.EXAMPLES_DIR
)
# Share oozie examples with default group
oozie_examples = Document2.objects.filter(
type__in=['oozie-workflow2', 'oozie-coordinator2', 'oozie-bundle2'],
owner=self.user,
parent_directory=None
)
oozie_examples.update(parent_directory=examples_dir)
examples_dir.share(self.user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
self.install_examples()
Document.objects.sync()
def setUp(self):
self.client = make_logged_in_client(username='******',
groupname=get_default_user_group(),
recreate=True,
is_superuser=False)
self.user = User.objects.get(username='******')
self.user = rewrite_user(self.user)
self.alone_client = make_logged_in_client(
username='******',
groupname='alone', # Not in default group
recreate=True,
is_superuser=False)
self.alone_user = User.objects.get(username='******')
self.alone_user = rewrite_user(self.alone_user)
def authenticate(self, access_token):
username = access_token['screen_name']
password = access_token['oauth_token_secret']
# Could save oauth_token detail in the user profile here
user = find_or_create_user(username, password)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def authenticate(self, access_token):
username = access_token['screen_name']
password = access_token['oauth_token_secret']
# Could save oauth_token detail in the user profile here
user = find_or_create_user(username, password)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
return user
def authenticate(self, username, password):
user = super(DemoBackend, self).authenticate(username, password)
if not user:
username = self._random_name()
user = find_or_create_user(username, None)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user = rewrite_user(user)
return user
def setUp(self):
self.client = make_logged_in_client(username="******",
groupname="default",
recreate=False,
is_superuser=True)
self.client_user = make_logged_in_client(username="******",
groupname="default",
recreate=False,
is_superuser=False)
self.admin = User.objects.get(username="******")
self.user = User.objects.get(username="******")
self.group = get_default_user_group()
grant_access(self.admin.username, self.admin.username, "desktop")
grant_access(self.user.username, self.user.username, "desktop")
def authenticate(self, username, password):
user = super(DemoBackend, self).authenticate(username, password)
if not user:
username = self._random_name()
user = find_or_create_user(username, None)
user.is_superuser = False
user.save()
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user = rewrite_user(user)
return user
def handle(self, *args, **options):
fs = cluster.get_hdfs()
create_directories(fs, [REMOTE_SAMPLE_DIR.get()])
remote_dir = REMOTE_SAMPLE_DIR.get()
sample_user = install_sample_user()
# Copy examples binaries
for name in os.listdir(LOCAL_SAMPLE_DIR.get()):
local_dir = fs.join(LOCAL_SAMPLE_DIR.get(), name)
remote_data_dir = fs.join(remote_dir, name)
LOG.info(_('Copying examples %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
fs.do_as_user(sample_user.username, fs.copyFromLocal, local_dir, remote_data_dir)
# Copy sample data
local_dir = paths.get_thirdparty_root("sample_data")
remote_data_dir = fs.join(remote_dir, 'data')
LOG.info(_('Copying data %(local_dir)s to %(remote_data_dir)s\n') % {
'local_dir': local_dir, 'remote_data_dir': remote_data_dir})
fs.do_as_user(sample_user.username, fs.copyFromLocal, local_dir, remote_data_dir)
# Initialize doc2, whether editor script or link
doc2 = None
# Install editor pig script without doc1 link
LOG.info("Using Hue 4, will install pig editor sample.")
doc2 = self.install_pig_script(sample_user)
if USE_NEW_EDITOR.get():
# Get or create sample user directories
LOG.info("Creating sample user directories.")
home_dir = Directory.objects.get_home_directory(sample_user)
examples_dir, created = Directory.objects.get_or_create(
parent_directory=home_dir,
owner=sample_user,
name=Document2.EXAMPLES_DIR)
# If document exists but has been trashed, recover from Trash
if doc2 and doc2.parent_directory != examples_dir:
doc2.parent_directory = examples_dir
doc2.save()
# Share with default group
examples_dir.share(sample_user, Document2Permission.READ_PERM, groups=[get_default_user_group()])
def setUp(self):
self.client = make_logged_in_client(username="******", groupname="default", recreate=True, is_superuser=False)
self.client_not_me = make_logged_in_client(username="******", groupname="default", recreate=True, is_superuser=False)
self.user = User.objects.get(username="******")
self.user_not_me = User.objects.get(username="******")
grant_access(self.user.username, self.user.username, "desktop")
grant_access(self.user_not_me.username, self.user_not_me.username, "desktop")
self.default_group = get_default_user_group()
# This creates the user directories for the new user
response = self.client.get('/desktop/api2/docs/')
data = json.loads(response.content)
assert_equal('/', data['document']['path'], data)
self.home_dir = Document2.objects.get_home_directory(user=self.user)
def authenticate(self, username=None, password=None):
user = super(AllowFirstUserDjangoBackend, self).authenticate(username, password)
if user is not None:
if user.is_active:
user = rewrite_user(user)
return user
return user
if self.is_first_login_ever():
user = find_or_create_user(username, password)
user = rewrite_user(user)
default_group = get_default_user_group()
if default_group is not None:
user.groups.add(default_group)
user.save()
return user
return None
