def create(request):
"""
Create a user.
This API endpoint allows authorised clients (those able to provide a valid
Client ID and Client Secret) to create users in their authority. These
users are created pre-activated, and are unable to log in to the web
service directly.
"""
client = request_auth_client(request)
schema = CreateUserAPISchema()
appstruct = schema.validate(_json_payload(request))
validate_auth_client_authority(client, appstruct)
appstruct['authority'] = client.authority
user_unique_service = request.find_service(name='user_unique')
try:
user_unique_service.ensure_unique(appstruct,
authority=client.authority)
except DuplicateUserError as err:
raise ConflictError(err)
user_signup_service = request.find_service(name='user_signup')
user = user_signup_service.signup(require_activation=False, **appstruct)
presenter = UserJSONPresenter(user)
return presenter.asdict()
def create(request):
"""
Create a user.
This API endpoint allows authorised clients (those able to provide a valid
Client ID and Client Secret) to create users in their authority. These
users are created pre-activated, and are unable to log in to the web
service directly.
"""
client = request_auth_client(request)
schema = CreateUserAPISchema()
appstruct = schema.validate(_json_payload(request))
validate_auth_client_authority(client, appstruct['authority'])
appstruct['authority'] = client.authority
user_unique_service = request.find_service(name='user_unique')
try:
user_unique_service.ensure_unique(appstruct, authority=client.authority)
except DuplicateUserError as err:
raise ConflictError(err)
user_signup_service = request.find_service(name='user_signup')
user = user_signup_service.signup(require_activation=False, **appstruct)
presenter = UserJSONPresenter(user)
return presenter.asdict()
def test_raises_when_authority_doesnt_match(self, pyramid_request,
auth_client):
authority = 'mismatched_authority'
with pytest.raises(
ValidationError,
match=".*authority.*does not match authenticated client"):
util.validate_auth_client_authority(auth_client, authority)
def add_member(group, request):
"""Add a member to a given group.
:raises HTTPNotFound: if the user is not found or if the use and group
authorities don't match.
"""
client = request_auth_client(request)
user_svc = request.find_service(name='user')
group_svc = request.find_service(name='group')
user = user_svc.fetch(request.matchdict['userid'])
if user is None:
raise HTTPNotFound()
validate_auth_client_authority(client, user.authority)
if user.authority != group.authority:
raise HTTPNotFound()
group_svc.member_join(group, user.userid)
return HTTPNoContent()
def test_does_not_raise_when_authority_matches(self, pyramid_request,
auth_client):
authority = 'weylandindustries.com'
util.validate_auth_client_authority(auth_client, authority)
def test_does_not_raise_when_authority_matches(self, pyramid_request, auth_client):
authority = 'weylandindustries.com'
util.validate_auth_client_authority(auth_client, authority)
def test_raises_when_authority_doesnt_match(self, pyramid_request, auth_client):
authority = 'mismatched_authority'
with pytest.raises(ValidationError,
match=".*authority.*does not match authenticated client"):
util.validate_auth_client_authority(auth_client, authority)