示例#1
0
    def import_users(self):
        """Return location and internal location records."""
        def _commit_user(user_data):
            """Commit new user in db."""
            user = User(**self.import_user(user_data))
            db.session.add(user)
            db.session.commit()
            return user.id

        for ldap_user in self.ldap_users:
            print("Importing user with person id {}".format(
                ldap_user["employeeID"][0].decode("utf8")))

            user_id = _commit_user(ldap_user)
            identity = UserIdentity(
                **self.import_user_identity(user_id, ldap_user))
            db.session.add(identity)

            profile = UserProfile(
                **self.import_user_profile(user_id, ldap_user))
            db.session.add(profile)

            client_id = (current_app.config.get(
                "CERN_APP_CREDENTIALS", {}).get("consumer_key") or "CLIENT_ID")
            remote_account = RemoteAccount(client_id=client_id,
                                           **self.import_remote_account(
                                               user_id, ldap_user))
            db.session.add(remote_account)

        db.session.commit()
示例#2
0
def system_user(app, db):
    """Create a regular system user."""
    user = User(**dict(email="*****@*****.**", active=True))
    db.session.add(user)
    db.session.commit()

    user_id = user.id

    identity = UserIdentity(**dict(id="1", method="cern", id_user=user_id))
    db.session.add(identity)

    profile = UserProfile(
        **dict(
            user_id=user_id,
            _displayname="id_" + str(user_id),
            full_name="System User",
        )
    )
    db.session.add(profile)

    remote_account = RemoteAccount(
        client_id="CLIENT_ID",
        **dict(
            user_id=user_id,
            extra_data=dict(person_id="1", department="Department"),
        )
    )
    db.session.add(remote_account)
    db.session.commit()
    return user
示例#3
0
    def _import_users(users, users_identities, users_profiles,
                      remote_accounts):
        """Import users in db."""
        click.secho('Migrating {0} users'.format(len(users)), fg='green')
        for user in users:
            user = User(**user)
            db.session.add(user)

        click.secho('Migrating {0} user identities'.format(
            len(users_identities)),
                    fg='green')

        for identity in users_identities:
            user_identity = UserIdentity(**identity)
            db.session.add(user_identity)

        click.secho('Migrating {0} user profiles'.format(len(users_profiles)),
                    fg='green')
        for profile in users_profiles:
            user_profile = UserProfile(**profile)
            db.session.add(user_profile)

        click.secho('Migrating {0} remote accoutns'.format(
            len(remote_accounts)),
                    fg='green')
        client_id = current_app.config['CERN_APP_CREDENTIALS']['consumer_key']
        for account in remote_accounts:
            remote_account = RemoteAccount(client_id=client_id, **account)
            db.session.add(remote_account)

        db.session.commit()
示例#4
0
def patron1(app, db):
    """Create a patron user."""
    user = User(**dict(email="*****@*****.**", active=True))
    db.session.add(user)
    db.session.commit()

    user_id = user.id

    identity = UserIdentity(**dict(id="1", method="cern", id_user=user_id))
    db.session.add(identity)

    profile = UserProfile(
        **dict(
            user_id=user_id,
            _displayname="id_" + str(user_id),
            full_name="System User",
        )
    )
    db.session.add(profile)

    client_id = app.config["CERN_APP_OPENID_CREDENTIALS"]["consumer_key"]
    remote_account = RemoteAccount(
        client_id=client_id,
        **dict(
            user_id=user_id,
            extra_data=dict(person_id="1", department="Department"),
        )
    )
    db.session.add(remote_account)
    db.session.commit()
    return user
示例#5
0
    def update(self, data):
        """User record update.

        :param data - dictionary representing a user record to update
        """
        from ..patrons.listener import update_from_profile
        self._validate(data=data)
        email = data.pop('email', None)
        roles = data.pop('roles', None)
        user = self.user
        with db.session.begin_nested():
            if user.profile is None:
                user.profile = UserProfile(user_id=user.id)
            profile = user.profile
            for field in self.profile_fields:
                if field == 'birth_date':
                    setattr(profile, field,
                            datetime.strptime(data.get(field), '%Y-%m-%d'))
                else:
                    setattr(profile, field, data.get(field, ''))
            # change password
            if data.get('password'):
                user.password = hash_password(data['password'])

            if email and email != user.email:
                user.email = email
            # remove the email from user data
            elif not email and user.email:
                user.email = None
            db.session.merge(user)
        db.session.commit()
        confirm_user(user)
        update_from_profile('user', self.user.profile)
        return self
示例#6
0
 def create_invenio_user_profile(self, user_id, ldap_user):
     """Return new user profile."""
     display_name = ldap_user["user_profile_full_name"]
     return UserProfile(
         user_id=user_id,
         _displayname="id_{}".format(user_id),
         full_name=display_name,
     )
示例#7
0
def create_userprofile_for(email, username, full_name):
    """Create a fake user profile."""
    user = User.query.filter_by(email=email).one_or_none()
    if user:
        profile = UserProfile(user_id=int(user.get_id()))
        profile.username = username
        profile.full_name = full_name
        db.session.add(profile)
        db.session.commit()
示例#8
0
def test_template_filter(app):
    """Test template filter."""
    with app.app_context():
        user = User(email='*****@*****.**', password='******')
        db.session.add(user)
        db.session.commit()
        user.profile = UserProfile(username='******', full_name='name')
        db.session.commit()

        assert userprofile(user.profile.user_id) == user.profile
示例#9
0
def authorize(name):
    ui_flag = session.pop('ui', None)

    client = current_auth.create_client(name)
    try:
        token = client.authorize_access_token()
    except HTTPException:
        return render_template(
            current_app.config['AUTHENTICATION_POPUP_TEMPLATE'],
            msg=f'Access not provided to {name} service.'), 400

    configs = OAUTH_SERVICES.get(name.upper(), {})
    extra_data_method = configs.get('extra_data_method')

    # TOFIX Add error handlers for reject, auth errors, etc
    extra_data = {}
    if extra_data_method:
        extra_data = extra_data_method(client, token)

    _token = _create_or_update_token(name, token)
    _token.extra_data = extra_data

    db.session.add(_token)

    # Add extra data to user profile.
    # If user profile doesn't exist yet, it creates one.
    _profile = UserProfile.get_by_userid(current_user.id)
    if not _profile:
        _profile = UserProfile(user_id=current_user.id)
        db.session.add(_profile)

    profile_data = get_oauth_profile(name, token=_token, client=client)

    if _profile.extra_data:
        profile_services = _profile.extra_data.get("services", {})
    else:
        profile_services = {}
    profile_services[name] = profile_data
    _profile.extra_data = {"services": profile_services}
    flag_modified(_profile, "extra_data")

    db.session.commit()

    if ui_flag:
        return render_template(
            current_app.config['AUTHENTICATION_POPUP_TEMPLATE'],
            msg=f'Authorization to {name} succeeded.'), 302
    else:
        return jsonify({"message": f"Authorization to {name} succeeded."}), 200
示例#10
0
def authorize(name):
    ui_flag = session.pop('ui', None)

    client = current_auth.create_client(name)
    token = client.authorize_access_token()

    configs = OAUTH_SERVICES.get(name.upper(), {})
    extra_data_method = configs.get('extra_data_method')

    # TOFIX Add error handlers for reject, auth errors, etc
    extra_data = {}
    if extra_data_method:
        extra_data = extra_data_method(client, token)

    _token = _create_or_update_token(name, token)
    _token.extra_data = extra_data

    db.session.add(_token)

    # Add extra data to user profile.
    # If user profile doesn't exist yet, it creates one.
    _profile = UserProfile.get_by_userid(current_user.id)
    if not _profile:
        _profile = UserProfile(user_id=current_user.id)
        db.session.add(_profile)

    profile_data = get_oauth_profile(name, token=_token, client=client)

    if _profile.extra_data:
        profile_services = _profile.extra_data.get("services", {})
    else:
        profile_services = {}
    profile_services[name] = profile_data
    _profile.extra_data = {"services": profile_services}
    flag_modified(_profile, "extra_data")

    db.session.commit()

    if ui_flag:
        if current_app.config['DEBUG']:
            redirect_url = "http://localhost:3000/settings/auth/connect"
        else:
            redirect_url = "/settings/auth/connect"
        return redirect(redirect_url)
    else:
        return jsonify(
            {"message": "Authorization to {} succeeded".format(name)}), 200
示例#11
0
def patron2(app, db):
    """Create a patron user without remote account."""
    user = User(**dict(email="*****@*****.**", active=True))
    db.session.add(user)
    db.session.commit()

    user_id = user.id

    profile = UserProfile(
        **dict(
            user_id=user_id,
            _displayname="id_" + str(user_id),
            full_name="System User",
        )
    )
    db.session.add(profile)
    db.session.commit()
    return user
示例#12
0
    def sync_user_and_profile(cls, data):
        """Create or update the rero user with the patron data.

        :param data - dict representing the patron data
        """
        created = False
        # start a session to be able to rollback if the data are not valid
        user = cls._get_user_by_data(data)
        with db.session.begin_nested():
            # need to create the user
            if not user:
                birth_date = data.get('birth_date')
                # sanity check
                if not birth_date:
                    raise RecordValidationError('birth_date field is required')
                # the default password is the birth date
                user = User(email=data.get('email'),
                            password=hash_password(birth_date),
                            profile=dict(),
                            active=True)
                db.session.add(user)
                created = True
            else:
                if user.email != data.get('email'):
                    user.email = data.get('email')
            # update all common fields
            if user.profile is None:
                user.profile = UserProfile(user_id=user.id)
            profile = user.profile
            for field in cls.profile_fields:
                # date field need conversion
                if field == 'birth_date':
                    setattr(profile, field,
                            datetime.strptime(data.get(field), '%Y-%m-%d'))
                elif field == 'keep_history':
                    setattr(profile, field,
                            data.get('patron', {}).get(field, True))
                else:
                    setattr(profile, field, data.get(field, ''))
            db.session.merge(user)
            data['user_id'] = user.id
            if created:
                # the fresh created user
                return user
示例#13
0
def _register_or_update_user(entries, user_account=None):
    """Register or update a user."""
    email = entries[app.config['LDAPCLIENT_EMAIL_ATTRIBUTE']].values[0]
    username = entries[app.config['LDAPCLIENT_USERNAME_ATTRIBUTE']].values[0]
    if 'LDAPCLIENT_FULL_NAME_ATTRIBUTE' in app.config:
        full_name = entries[
            app.config['LDAPCLIENT_FULL_NAME_ATTRIBUTE']].values[0]

    if user_account is None:
        kwargs = dict(email=email, active=True, password=uuid.uuid4().hex)
        _datastore.create_user(**kwargs)
        user_account = User.query.filter_by(email=email).one_or_none()
        profile = UserProfile(user_id=int(user_account.get_id()))
    else:
        user_account.email = email
        db.session.add(user_account)
        profile = user_account.profile

    profile.full_name = full_name
    profile.username = username
    db.session.add(profile)
    return user_account