def setUp(self): self.services = service_manager.Services( user=fake.UserService(), usergroup=fake.UserGroupService()) self.user1 = self.services.user.TestAddUser('user1', 111) self.user1.obscure_email = True self.user1_view = framework_views.UserView(self.user1) self.user2 = self.services.user.TestAddUser('user2', 222) self.user2.obscure_email = False self.user2_view = framework_views.UserView(self.user2) self.user3 = self.services.user.TestAddUser('user3', 333) self.user3_view = framework_views.UserView(self.user3) self.user4 = self.services.user.TestAddUser('user4', 444, banned=True) self.user4_view = framework_views.UserView(self.user4) self.user_auth = authdata.AuthData.FromEmail(None, 'user3', self.services) self.user_auth.effective_ids = {3} self.user_auth.user_id = 3 self.users_by_id = { 1: self.user1_view, 2: self.user2_view, 3: self.user3_view, 4: self.user4_view } self.perms = permissions.EMPTY_PERMISSIONSET
def testGetAvailablity_Groups(self): user_view = framework_views.UserView(self.user, is_group=True) self.assertEquals(None, user_view.avail_message) self.assertEquals(None, user_view.avail_state) self.user.email = '*****@*****.**' user_view = framework_views.UserView(self.user) self.assertEquals(None, user_view.avail_message) self.assertEquals(None, user_view.avail_state)
def testGetAvailablity_Vacation(self): self.user.vacation_message = 'gone fishing' user_view = framework_views.UserView(self.user) self.assertEquals('gone fishing', user_view.avail_message) self.assertEquals('none', user_view.avail_state) self.user.vacation_message = ( 'Gone fishing as really long time with lots of friends and reading ' 'a long novel by a famous author. I wont have internet access but ' 'If you urgently need anything you can call Alice or Bob for most ' 'things otherwise call Charlie. Wish me luck! ') user_view = framework_views.UserView(self.user) self.assertTrue(len(user_view.avail_message) >= 50) self.assertTrue(len(user_view.avail_message_short) < 50) self.assertEquals('none', user_view.avail_state)
def testGetAvailablity_Bouncing(self): self.user.email_bounce_timestamp = 1234567890 user_view = framework_views.UserView(self.user) self.assertEquals('Email to this user bounced', user_view.avail_message) self.assertEquals(user_view.avail_message_short, user_view.avail_message) self.assertEquals('none', user_view.avail_state)
def testDeletedUserOld(self): deleted_user = user_pb2.User(user_id=0) user_view = framework_views.UserView(deleted_user) self.assertEqual( user_view.display_name, framework_constants.DELETED_USER_NAME) self.assertEqual(user_view.email, '') self.assertEqual(user_view.obscure_email, '') self.assertEqual(user_view.profile_url, '')
def _FinishInitialization(cls, cnxn, auth, services): """Fill in the test of the fields based on the user_id.""" # TODO(jrobbins): re-implement same_org if auth.user_id: auth.effective_ids = services.usergroup.LookupMemberships( cnxn, auth.user_id) auth.effective_ids.add(auth.user_id) auth.user_pb = services.user.GetUser(cnxn, auth.user_id) if auth.user_pb: auth.user_view = framework_views.UserView(auth.user_pb)
def setUp(self): self.hotlist = fake.Hotlist('hotlistName', 123, hotlist_item_fields=[ (2, 0, None, None, ''), (1, 0, None, None, ''), (5, 0, None, None, '') ], is_private=False, owner_ids=[111]) self.user1 = user_pb2.User(user_id=111) self.user1_view = framework_views.UserView(self.user1)
def MakeReqInfo(user_pb, user_id, viewed_user_pb, viewed_user_id, viewed_user_name): mr = fake.MonorailRequest(None, perms=permissions.USER_PERMISSIONSET) mr.auth.user_pb = user_pb mr.auth.user_id = user_id mr.auth.effective_ids = {user_id} mr.viewed_user_auth.email = viewed_user_name mr.viewed_user_auth.user_pb = viewed_user_pb mr.viewed_user_auth.user_id = viewed_user_id mr.viewed_user_auth.effective_ids = {viewed_user_id} mr.viewed_user_auth.user_view = framework_views.UserView(viewed_user_pb) mr.viewed_user_name = viewed_user_name mr.request = webapp2.Request.blank("/") return mr
def setUp(self): self.services = service_manager.Services( user=fake.UserService(), usergroup=fake.UserGroupService()) self.user1 = self.services.user.TestAddUser('user1', 111L) self.user1.obscure_email = True self.user1_view = framework_views.UserView(self.user1) self.user2 = self.services.user.TestAddUser('user2', 222L) self.user2.obscure_email = False self.user2_view = framework_views.UserView(self.user2) self.user3 = self.services.user.TestAddUser('user3', 333L) self.user3_view = framework_views.UserView(self.user3) self.user4 = self.services.user.TestAddUser('user4', 444L, banned=True) self.user4_view = framework_views.UserView(self.user4) self.user_auth = monorailrequest.AuthData.FromEmail( None, 'user3', self.services) self.user_auth.effective_ids = {3} self.user_auth.user_id = 3 self.users_by_id = { 1: self.user1_view, 2: self.user2_view, 3: self.user3_view, 4: self.user4_view }
def _GetUserViewAndFormattedTime(self, mr, user_id, timestamp): formatted_time = (timestr.FormatAbsoluteDate(timestamp) if timestamp else None) user = self.services.user.GetUser(mr.cnxn, user_id) if user_id else None user_view = None if user: user_view = framework_views.UserView(user) viewing_self = mr.auth.user_id == user_id # Do not obscure email if current user is a site admin. Do not obscure # email if current user is the same as the creator. For all other # cases do whatever obscure_email setting for the user is. email_obscured = (not(mr.auth.user_pb.is_site_admin or viewing_self) and user_view.obscure_email) if not email_obscured: user_view.RevealEmail() return user_view, formatted_time
def _FinishInitialization(cls, cnxn, auth, services, user_pb=None): """Fill in the test of the fields based on the user_id.""" direct_memberships = services.usergroup.LookupMemberships( cnxn, auth.user_id) auth.effective_ids = direct_memberships.copy() auth.effective_ids.add(auth.user_id) auth.user_pb = user_pb or services.user.GetUser(cnxn, auth.user_id) if auth.user_pb: auth.user_view = framework_views.UserView(auth.user_pb) computed_memberships = services.usergroup.LookupComputedMemberships( cnxn, auth.user_view.domain) auth.effective_ids.update(computed_memberships) if auth.user_pb.linked_parent_id: cls._AddEffectiveIDsOfLinkedAccounts( cnxn, services, auth.effective_ids, auth.user_pb.linked_parent_id) for child_id in auth.user_pb.linked_child_ids: cls._AddEffectiveIDsOfLinkedAccounts( cnxn, services, auth.effective_ids, child_id)
def setUp(self): self.services = service_manager.Services( issue=fake.IssueService(), user=fake.UserService(), usergroup=fake.UserGroupService(), project=fake.ProjectService(), features=fake.FeaturesService()) self.cnxn = fake.MonorailConnection() # Set up for testing getBinnedHotlistViews. # Project p1; issue i1 in p1; user u1 owns i1; ui1 is an *involved* user. self.services.user.TestAddUser('u1', 111L) project = self.services.project.TestAddProject('p1') issue_local_id = self.services.issue.CreateIssue( self.cnxn, self.services, project_id=project.project_id, summary='summary', status='Open', owner_id=111L, cc_ids=[], labels=[], field_values=[], component_ids=[], reporter_id=111L, marked_description='marked description') self.issue_id = self.services.issue.LookupIssueID( self.cnxn, project_id=project.project_id, local_id=issue_local_id) # ul1 is a *logged in* user. self.services.user.TestAddUser('ul1', 222L) # uo1 is an *other* user. self.services.user.TestAddUser('uo1', 333L) users_by_id = self.services.user.GetUsersByIDs(self.cnxn, [111L, 222L, 333L]) self.userviews_by_id = { k: framework_views.UserView(v) for k, v in users_by_id.items() } self.user_auth = monorailrequest.AuthData.FromEmail( self.cnxn, 'ul1', self.services) self.hotlist_item_fields = [(self.issue_id, None, None, None, None)]
def MakeReqInfo(user_pb, user_id, viewed_user_pb, viewed_user_id, viewed_user_name, path=None, _reveal_email=False, _params=None): if path is None: path = "/u/%d" % viewed_user_id mr = fake.MonorailRequest() mr.auth.user_pb = user_pb mr.auth.user_id = user_id mr.auth.effective_ids = {user_id} mr.viewed_user_auth.email = viewed_user_name mr.viewed_user_auth.user_pb = viewed_user_pb mr.viewed_user_auth.user_id = viewed_user_id mr.viewed_user_auth.effective_ids = {viewed_user_id} mr.viewed_user_auth.user_view = framework_views.UserView(viewed_user_pb) mr.viewed_user_name = viewed_user_name mr.request = webapp2.Request.blank("/") return mr
def testGetAvailablity_Anon(self): self.user.user_id = 0 user_view = framework_views.UserView(self.user) self.assertEquals(None, user_view.avail_message) self.assertEquals(None, user_view.avail_state)
def testGetAvailablity_ReallyLongTime(self): now = int(time.time()) self.user.last_visit_timestamp = now - 99 * framework_constants.SECS_PER_DAY user_view = framework_views.UserView(self.user) self.assertEquals('Last visit > 30 days ago', user_view.avail_message) self.assertEquals('none', user_view.avail_state)
def testGetAvailablity_NotRecent(self): now = int(time.time()) self.user.last_visit_timestamp = now - 20 * framework_constants.SECS_PER_DAY user_view = framework_views.UserView(self.user) self.assertEquals('Last visit 20 days ago', user_view.avail_message) self.assertEquals('unsure', user_view.avail_state)
def testGetAvailablity_NeverVisitied(self): self.user.last_visit_timestamp = 0 user_view = framework_views.UserView(self.user) self.assertEquals('User never visited', user_view.avail_message) self.assertEquals('never', user_view.avail_state)
def api_base_checks(request, requester, services, cnxn, auth_client_ids, auth_emails): """Base checks for API users. Args: request: The HTTP request from Cloud Endpoints. requester: The user who sends the request. services: Services object. cnxn: connection to the SQL database. auth_client_ids: authorized client ids. auth_emails: authorized emails when client is anonymous. Returns: Client ID and client email. Raises: endpoints.UnauthorizedException: If the requester is anonymous. user_svc.NoSuchUserException: If the requester does not exist in Monorail. project_svc.NoSuchProjectException: If the project does not exist in Monorail. permissions.BannedUserException: If the requester is banned. permissions.PermissionException: If the requester does not have permisssion to view. """ valid_user = False auth_err = '' client_id = None try: client_id = oauth.get_client_id(framework_constants.OAUTH_SCOPE) logging.info('Oauth client ID %s', client_id) except oauth.Error as ex: auth_err = 'oauth.Error: %s' % ex if not requester: try: requester = oauth.get_current_user(framework_constants.OAUTH_SCOPE) logging.info('Oauth requester %s', requester.email()) except oauth.Error as ex: auth_err = 'oauth.Error: %s' % ex if client_id and requester: if client_id != 'anonymous': if client_id in auth_client_ids: valid_user = True else: auth_err = 'Client ID %s is not whitelisted' % client_id # Some service accounts may have anonymous client ID else: if requester.email() in auth_emails: valid_user = True else: auth_err = 'Client email %s is not whitelisted' % requester.email() if not valid_user: raise endpoints.UnauthorizedException('Auth error: %s' % auth_err) else: logging.info('API request from user %s:%s', client_id, requester.email()) project_name = None if hasattr(request, 'projectId'): project_name = request.projectId issue_local_id = None if hasattr(request, 'issueId'): issue_local_id = request.issueId # This could raise user_svc.NoSuchUserException requester_id = services.user.LookupUserID(cnxn, requester.email()) requester_pb = services.user.GetUser(cnxn, requester_id) requester_view = framework_views.UserView(requester_pb) if permissions.IsBanned(requester_pb, requester_view): raise permissions.BannedUserException( 'The user %s has been banned from using Monorail' % requester.email()) if project_name: project = services.project.GetProjectByName( cnxn, project_name) if not project: raise project_svc.NoSuchProjectException( 'Project %s does not exist' % project_name) if project.state != project_pb2.ProjectState.LIVE: raise permissions.PermissionException( 'API may not access project %s because it is not live' % project_name) requester_effective_ids = services.usergroup.LookupMemberships( cnxn, requester_id) requester_effective_ids.add(requester_id) if not permissions.UserCanViewProject( requester_pb, requester_effective_ids, project): raise permissions.PermissionException( 'The user %s has no permission for project %s' % (requester.email(), project_name)) if issue_local_id: # This may raise a NoSuchIssueException. issue = services.issue.GetIssueByLocalID( cnxn, project.project_id, issue_local_id) perms = permissions.GetPermissions( requester_pb, requester_effective_ids, project) config = services.config.GetProjectConfig(cnxn, project.project_id) granted_perms = tracker_bizobj.GetGrantedPerms( issue, requester_effective_ids, config) if not permissions.CanViewIssue( requester_effective_ids, perms, project, issue, granted_perms=granted_perms): raise permissions.PermissionException( 'User is not allowed to view this issue %s:%d' % (project_name, issue_local_id)) return client_id, requester.email()
def testGetAvailablity_Banned(self): self.user.banned = 'spamming' user_view = framework_views.UserView(self.user) self.assertEquals('Banned', user_view.avail_message) self.assertEquals('banned', user_view.avail_state)