Пример #1
0
    def createTwoUsersForOnePerson(self, userID1, userID2,
                                   InternalAuthUsername, storeConnection):
        masterTenant = GetTenant(masterTenantName,
                                 storeConnection,
                                 appObj=appObj)
        CreateUser(appObj, {
            "user_unique_identifier": userID1,
            "known_as": userID1
        }, masterTenantName, "test/createTwoUsersForOnePerson",
                   storeConnection)
        CreateUser(appObj, {
            "user_unique_identifier": userID2,
            "known_as": userID2
        }, masterTenantName, "test/createTwoUsersForOnePerson",
                   storeConnection)
        authProvGUID = list(masterTenant.getAuthProviderGUIDList())[
            0]  #Just use first configured authProvider
        person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')
        authData = AddAuth(
            appObj, masterTenantName, authProvGUID, {
                "username": InternalAuthUsername,
                "password": get_APIAPP_DEFAULTHOMEADMINPASSWORD_bytes()
            }, person['guid'], storeConnection)
        associateUserWithPerson(appObj, userID1, person['guid'],
                                storeConnection)
        associateUserWithPerson(appObj, userID2, person['guid'],
                                storeConnection)

        return {'authProvGUID': authProvGUID, 'person': person}
Пример #2
0
        def fn(storeConnection):
            tenant = GetTenant(tenantName, storeConnection, appObj=appObj)
            CreateUser(appObj, {
                "user_unique_identifier": userID,
                "known_as": userID
            }, tenantName, "test/createLoginForTenant", storeConnection)
            ##Don't know if this is needed
            ##AddUserRole(appObj, userID, tenantName, constants.DefaultHasAccountRole, storeConnection)

            person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')
            authProv = tenant.getSingleAuthProviderOfType(type="internal")
            if authProv is None:
                raise Exception("No internal auth prov")
            authData = AddAuth(
                appObj=appObj,
                tenantName=tenantName,
                authProviderGUID=authProv["guid"],
                credentialDICT={
                    "username":
                    InternalAuthUsername,
                    "password":
                    getHashedPasswordUsingSameMethodAsJavascriptFrontendShouldUse(
                        username=InternalAuthUsername,
                        password=InternalAuthPassword,
                        tenantAuthProvSalt=authProv["guid"])
                },
                personGUID=person['guid'],
                storeConnection=storeConnection)
            associateUserWithPerson(appObj, userID, person['guid'],
                                    storeConnection)
            return None
    def run(self, appObj, storeConnection):
        tenantObj = GetTenant(self.tenantName, storeConnection, appObj=appObj)
        if tenantObj is None:
            raise Exception("AddInternalUserAccount: Tenant " +
                            self.tenantName + " does not exist")
        authProvDict = tenantObj.getSingleAuthProviderOfType("internal")
        if authProvDict is None:
            raise Exception(
                "AddInternalUserAccount: Tenant " + self.tenantName +
                " does not have (exactly) one internal auth provider")

        CreateUser(appObj, {
            "user_unique_identifier": self.userID,
            "known_as": self.Username
        }, self.tenantName, 'autoConfigRunner/AddInternalUserAccount',
                   storeConnection)
        person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')
        credentialJSON = {
            "username":
            self.Username,
            "password":
            getHashedPasswordUsingSameMethodAsJavascriptFrontendShouldUse(
                appObj, self.Username, self.Password,
                authProvDict['saltForPasswordHashing'])
        }
        GetAuthProvider(appObj=appObj,
                        tenantName=self.tenantName,
                        authProviderGUID=authProvDict['guid'],
                        storeConnection=storeConnection,
                        tenantObj=tenantObj).AddAuth(
                            appObj,
                            credentialJSON,
                            person['guid'],
                            storeConnection,
                            associatePersonWithAuthCalledWhenAuthIsCreated=
                            associatePersonWithAuthCalledWhenAuthIsCreated)

        associateUserWithPerson(appObj, self.userID, person['guid'],
                                storeConnection)

        for curTenant in self.Roles:
            for curRole in self.Roles[curTenant]:
                AddUserRole(appObj, self.userID, curTenant, curRole,
                            storeConnection)

        print("AddInternalUserAccount: Add " + self.Username + " to tenant " +
              tenantObj.getName())
        self.setPassed()
Пример #4
0
def RegisterUser(appObj, tenantObj, authProvGUID, credentialDICT, createdBy,
                 storeConnection, ticketObj, ticketTypeObj):
    ticketAllowsUsToCreateAUser = False
    if ticketObj is not None:
        #If the ticket was for a different tenant then the ticket type would have
        # come back as none and that is captured in the API code
        if ticketObj.getUsable(ticketTypeObj=ticketTypeObj) != "USABLE":
            raise ticketNotUsableException
        ticketAllowsUsToCreateAUser = ticketTypeObj.getAllowUserCreation()

    if not tenantObj.getAllowUserCreation():
        if not ticketAllowsUsToCreateAUser:
            raise userCreationNotAllowedException
    authProvObj = _getAuthProvider(appObj, tenantObj.getName(), authProvGUID,
                                   storeConnection, tenantObj)
    if not authProvObj.getAllowUserCreation():
        if not ticketAllowsUsToCreateAUser:
            raise userCreationNotAllowedException

    userData = authProvObj.getTypicalAuthData(credentialDICT)
    CreateUser(appObj, userData, tenantObj.getName(), createdBy,
               storeConnection)
    person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')
    authData = authProvObj.AddAuth(
        appObj,
        credentialDICT,
        person['guid'],
        storeConnection,
        associatePersonWithAuthCalledWhenAuthIsCreated=
        associatePersonWithAuthCalledWhenAuthIsCreated)
    associateUserWithPerson(appObj, userData['user_unique_identifier'],
                            person['guid'], storeConnection)

    userObj = GetUser(appObj, userData['user_unique_identifier'],
                      storeConnection)
    if ticketObj is not None:
        #This updates the existing userObj
        # and saves to the database if change was made
        appObj.TicketManager.executeTicketForUser(
            appObj=appObj,
            userObj=userObj,
            ticketObj=ticketObj,
            ticketTypeObj=ticketTypeObj,
            storeConnection=storeConnection)

    return userObj
 def createLDAPUser(self,
                    username,
                    storeConnection,
                    authProvGUID,
                    appObj=appObj):
     masterTenant = GetTenant(constants.masterTenantName,
                              storeConnection,
                              appObj=appObj)
     CreateUser(appObj, {
         "user_unique_identifier": username,
         "known_as": username
     }, constants.masterTenantName, "test/createLDAPUser", storeConnection)
     person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')
     authData = AddAuth(appObj, constants.masterTenantName, authProvGUID,
                        {"username": username}, person['guid'],
                        storeConnection)
     associateUserWithPerson(appObj, username, person['guid'],
                             storeConnection)
     return {'authProvGUID': authProvGUID, 'person': person}
Пример #6
0
def CreateMasterTenant(appObj, testingMode, storeConnection):
    print("Creating master tenant")
    _createTenant(
        appObj,
        masterTenantName,
        masterTenantDefaultDescription,
        False,
        storeConnection,
        JWTCollectionAllowedOriginList=list(
            map(
                lambda x: x.strip(),
                appObj.
                APIAPP_DEFAULTMASTERTENANTJWTCOLLECTIONALLOWEDORIGINFIELD.
                split(","))),
        TicketOverrideURL="",
        SelectAuthMessage=constants.masterTenantDefaultSelectAuthMessage,
        TenantBannerHTML=constants.masterTenantDefaultTenantBannerHTML)

    masterTenantInternalAuthProvider = AddAuthProvider(
        appObj, masterTenantName, masterTenantDefaultAuthProviderMenuText,
        masterTenantDefaultAuthProviderMenuIconLink, "internal", False,
        {"userSufix": "@internalDataStore"}, storeConnection, False, False,
        constants.masterTenantDefaultAuthProviderMenuTextInternalAuthLinkText)

    userID = appObj.defaultUserGUID
    InternalAuthUsername = appObj.APIAPP_DEFAULTHOMEADMINUSERNAME

    #User spercific creation
    CreateUser(appObj, {
        "user_unique_identifier": userID,
        "known_as": InternalAuthUsername
    }, masterTenantName, 'init/CreateMasterTenant', storeConnection)
    AddUserRole(appObj, userID, masterTenantName,
                constants.masterTenantDefaultSystemAdminRole, storeConnection)
    AddUserRole(appObj, userID, masterTenantName,
                constants.SecurityEndpointAccessRole, storeConnection)

    person = None
    if testingMode:
        person = CreatePerson(appObj, storeConnection,
                              appObj.testingDefaultPersonGUID, 'a', 'b', 'c')
    else:
        person = CreatePerson(appObj, storeConnection, None, 'a', 'b', 'c')

    credentialJSON = {
        "username":
        InternalAuthUsername,
        "password":
        getHashedPasswordUsingSameMethodAsJavascriptFrontendShouldUse(
            appObj, InternalAuthUsername,
            appObj.APIAPP_DEFAULTHOMEADMINPASSWORD,
            masterTenantInternalAuthProvider['saltForPasswordHashing'])
    }

    authData = _getAuthProvider(
        appObj, masterTenantName, masterTenantInternalAuthProvider['guid'],
        storeConnection,
        None).AddAuth(appObj,
                      credentialJSON,
                      person['guid'],
                      storeConnection,
                      associatePersonWithAuthCalledWhenAuthIsCreated=
                      associatePersonWithAuthCalledWhenAuthIsCreated)

    #mainUserIdentity with authData

    associateUserWithPerson(appObj, userID, person['guid'], storeConnection)
    def someFn(connectionContext):
      tenantJSON = self.createTenantForTesting(tenantWithNoAuthProviders)
      testDateTime = datetime.now(pytz.timezone("UTC"))
      appObj.setTestingDateTime(testDateTime)
      userID1 = 'TestUser1'
      userID2 = 'TestUser2'
      userID3 = 'TestUser3InDifferentTenant'
      InternalAuthUsername = '******'
      res = self.createTwoUsersForOnePerson(userID1, userID2, InternalAuthUsername, connectionContext)
      person = res['person']
      CreateUser(appObj, {"user_unique_identifier": userID3, "known_as": userID3}, tenantWithNoAuthProviders["Name"], "test/getMutipleIdentityResponseOnlyReturnsUsersForThisTenant", connectionContext) #might fail if I require transaction in future
      associateUserWithPerson(appObj, userID3, person['guid'], connectionContext)


      result = self.testClient.get(
        self.loginAPIPrefix + '/' + masterTenantName + '/authproviders',
        headers={"Origin": httpOrigin}
      )
      self.assertEqual(result.status_code, 200)
      resultJSON = json.loads(result.get_data(as_text=True))
      masterAuthProviderGUID = resultJSON[ 'AuthProviders' ][0]['guid']

      loginJSON = {
        ##"identityGUID": "string",
        "authProviderGUID": masterAuthProviderGUID,
        "credentialJSON": {
          "username": InternalAuthUsername,
          "password": env['APIAPP_DEFAULTHOMEADMINPASSWORD']
         }
      }
      result2 = self.testClient.post(
        self.loginAPIPrefix + '/' + masterTenantName + '/authproviders',
        data=json.dumps(loginJSON),
        content_type='application/json',
        headers={"Origin": httpOrigin}
      )
      self.assertEqual(result2.status_code, 200)
      result2JSON = json.loads(result2.get_data(as_text=True))

      user1ExcpectedResult = {
        "UserID": userID1,
        "TenantRoles": [{
          "TenantName": masterTenantName,
          "ThisTenantRoles": [DefaultHasAccountRole]
        }],
        "known_as": userID1,
        "other_data": {
          "createdBy": "test/createTwoUsersForOnePerson"
        },
        "creationDateTime": testDateTime.isoformat(),
        "lastUpdateDateTime": testDateTime.isoformat()
      }
      user2ExcpectedResult = {
        "UserID": userID2,
        "TenantRoles": [{
          "TenantName": masterTenantName,
          "ThisTenantRoles": [DefaultHasAccountRole]
        }],
        "known_as": userID2,
        "other_data": {
          "createdBy": "test/createTwoUsersForOnePerson"
        },
        "creationDateTime": testDateTime.isoformat(),
        "lastUpdateDateTime": testDateTime.isoformat()
      }
      id1Found = False
      id2Found = False

      self.assertEqual(len(result2JSON['possibleUsers']), 2, msg="Wrong number of possible Users")
      for resultUser in result2JSON['possibleUsers']:
        if resultUser['UserID'] == userID1:
          id1Found = True
          self.assertJSONStringsEqualWithIgnoredKeys(resultUser, user1ExcpectedResult, [ 'guid', 'ObjectVersion', 'associatedPersonGUIDs' ], msg="Identity 1 result mismatch")
        if resultUser['UserID'] == userID2:
          id2Found = True
          self.assertJSONStringsEqualWithIgnoredKeys(resultUser, user2ExcpectedResult, [ 'guid', 'ObjectVersion', 'associatedPersonGUIDs' ], msg="Identity 2 result mismatch")

      self.assertTrue(id1Found, msg="Identity 1 not in response")
      self.assertTrue(id2Found, msg="Identity 2 not in response")
Пример #8
0
        def someFn(connectionContext):
            masterTenant = GetTenant(masterTenantName,
                                     connectionContext,
                                     appObj=appObj)
            userID = 'TestUser'
            CreateUser(appObj, {
                "user_unique_identifier": userID,
                "known_as": userID
            }, masterTenantName, 'test/CreateMasterTenant', connectionContext)

            authProvGUID = list(masterTenant.getAuthProviderGUIDList())[
                0]  #Just use first configured authProvider
            person1 = CreatePerson(appObj, connectionContext, None, 'a', 'b',
                                   'c')
            person2 = CreatePerson(appObj, connectionContext, None, 'a', 'b',
                                   'c')
            InternalAuthUsername1 = 'SomeLogin1'
            InternalAuthUsername2 = 'SomeLogin2'
            authData1 = AddAuth(
                appObj, masterTenantName, authProvGUID, {
                    "username": InternalAuthUsername1,
                    "password": get_APIAPP_DEFAULTHOMEADMINPASSWORD_bytes()
                }, person1['guid'], connectionContext)
            authData2 = AddAuth(
                appObj, masterTenantName, authProvGUID, {
                    "username": InternalAuthUsername2,
                    "password": get_APIAPP_DEFAULTHOMEADMINPASSWORD_bytes()
                }, person2['guid'], connectionContext)
            associateUserWithPerson(appObj, userID, person1['guid'],
                                    connectionContext)
            associateUserWithPerson(appObj, userID, person2['guid'],
                                    connectionContext)

            #Try and log in and make sure both people get access to the user
            UserIDandRoles = Login(
                appObj, masterTenantName, authProvGUID, {
                    'username': InternalAuthUsername1,
                    'password': get_APIAPP_DEFAULTHOMEADMINPASSWORD_bytes()
                }, None, connectionContext, 'a', 'b', 'c')
            expectedJSONResponse = {
                'TenantRoles': {
                    "usersystem": [DefaultHasAccountRole]
                },
                'UserID':
                userID,
                "exp":
                "xx",
                "iss":
                userID,
                "authedPersonGuid":
                person1['guid'],
                "known_as":
                userID,
                "other_data": {
                    "createdBy": "test/CreateMasterTenant"
                },
                "currentlyUsedAuthKey":
                InternalAuthUsername1 + "@internalDataStore_`@\\/'internal"
            }
            self.assertJSONStringsEqualWithIgnoredKeys(
                self.decodeToken(UserIDandRoles['jwtData']['JWTToken']),
                expectedJSONResponse,
                ['exp', 'associatedPersons', 'currentlyUsedAuthProviderGuid'],
                msg="Failed to login to identity 1")

            UserIDandRoles = Login(
                appObj, masterTenantName, authProvGUID, {
                    'username': InternalAuthUsername2,
                    'password': get_APIAPP_DEFAULTHOMEADMINPASSWORD_bytes()
                }, None, connectionContext, 'a', 'b', 'c')
            expectedJSONResponse['authedPersonGuid'] = person2['guid']
            expectedJSONResponse[
                'currentlyUsedAuthKey'] = InternalAuthUsername2 + "@internalDataStore_`@\\/'internal"

            self.assertJSONStringsEqualWithIgnoredKeys(
                self.decodeToken(UserIDandRoles['jwtData']['JWTToken']),
                expectedJSONResponse,
                ['exp', 'associatedPersons', 'currentlyUsedAuthProviderGuid'],
                msg="Failed to login to identity 2")
Пример #9
0
 def someFn(connectionContext):
     return associateUserWithPerson(appObj,
                                    content["UserID"],
                                    content["personGUID"],
                                    connectionContext)