def test_service_account_creation(self):
"""Confirm we can create a service account and token"""
client = self.add_client()
test_user = User.query.get(TEST_USER_ID)
service_user = test_user.add_service_account()
with SessionScope(db):
db.session.add(service_user)
db.session.add(client)
db.session.commit()
service_user = db.session.merge(service_user)
client = db.session.merge(client)
# Did we get a service account with the correct roles and relationships
assert len(service_user.roles) == 1
assert 'service' == service_user.roles[0].name
sponsorship = UserRelationship.query.filter_by(
other_user_id=service_user.id).first()
assert sponsorship.user_id == TEST_USER_ID
assert sponsorship.relationship.name == 'sponsor'
# Can we get a usable Bearer Token
create_service_token(client=client, user=service_user)
token = Token.query.filter_by(user_id=service_user.id).first()
assert token
# The token should have a very long life
assert (token.expires > datetime.datetime.utcnow()
+ datetime.timedelta(days=364))
def test_post_patient_report(self):
# tests whether we can successfully post a patient report -type
# user doc file
client = self.add_client()
client.intervention = INTERVENTION.SEXUAL_RECOVERY
create_service_token(client=client, user=get_user(TEST_USER_ID))
self.login()
test_contents = b"This is a test."
response = self.client.post(
'/api/user/{}/patient_report'.format(TEST_USER_ID),
content_type='multipart/form-data',
data={'file': (BytesIO(test_contents), 'udoc_test.pdf')})
assert response.status_code == 200
udoc = db.session.query(UserDocument).order_by(
UserDocument.id.desc()).first()
fpath = os.path.join(current_app.root_path,
current_app.config.get("FILE_UPLOAD_DIR"),
str(udoc.uuid))
with open(fpath, 'rb') as udoc_file:
assert udoc_file.read() == test_contents
os.remove(fpath)
assert udoc.user_id == TEST_USER_ID
assert (udoc.intervention.description ==
INTERVENTION.SEXUAL_RECOVERY.description)
def test_post_patient_report(self):
#tests whether we can successfully post a patient report -type user doc file
client = self.add_client()
client.intervention = INTERVENTION.SEXUAL_RECOVERY
create_service_token(client=client, user=get_user(TEST_USER_ID))
self.login()
test_contents = "This is a test."
with NamedTemporaryFile(
prefix='udoc_test_',
suffix='.pdf',
delete=True,
) as temp_pdf:
temp_pdf.write(test_contents)
temp_pdf.seek(0)
tempfileIO = BytesIO(temp_pdf.read())
rv = self.client.post(
'/api/user/{}/patient_report'.format(TEST_USER_ID),
content_type='multipart/form-data',
data=dict({'file': (tempfileIO, temp_pdf.name)}))
self.assert200(rv)
udoc = db.session.query(UserDocument).order_by(
UserDocument.id.desc()).first()
fpath = os.path.join(current_app.root_path,
current_app.config.get("FILE_UPLOAD_DIR"),
str(udoc.uuid))
with open(fpath, 'r') as udoc_file:
self.assertEqual(udoc_file.read(), test_contents)
os.remove(fpath)
self.assertEqual(udoc.user_id, TEST_USER_ID)
self.assertEqual(udoc.intervention.description,
INTERVENTION.SEXUAL_RECOVERY.description)
def test_post_patient_report(self):
# tests whether we can successfully post a patient report -type
# user doc file
client = self.add_client()
client.intervention = INTERVENTION.SEXUAL_RECOVERY
create_service_token(client=client, user=get_user(TEST_USER_ID))
self.login()
test_contents = b"This is a test."
response = self.client.post(
'/api/user/{}/patient_report'.format(TEST_USER_ID),
content_type='multipart/form-data',
data={'file': (BytesIO(test_contents), 'udoc_test.pdf')})
assert response.status_code == 200
udoc = db.session.query(UserDocument).order_by(
UserDocument.id.desc()).first()
fpath = os.path.join(
current_app.root_path, current_app.config.get("FILE_UPLOAD_DIR"),
str(udoc.uuid))
with open(fpath, 'rb') as udoc_file:
assert udoc_file.read() == test_contents
os.remove(fpath)
assert udoc.user_id == TEST_USER_ID
assert (udoc.intervention.description
== INTERVENTION.SEXUAL_RECOVERY.description)
def test_preflight_invalid_service_user(self):
# setup pre-flight conditions expected to fail
ds_p3p = INTERVENTION.decision_support_p3p
ds_client = Client(client_id='12345',
client_secret='54321',
user_id=TEST_USER_ID,
intervention=ds_p3p,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
service = self.add_service_user(sponsor=self.test_user)
with SessionScope(db):
db.session.add(ds_client)
db.session.commit()
ds_client = db.session.merge(ds_client)
service = db.session.merge(service)
service_id = service.id
create_service_token(client=ds_client, user=service)
# Export
sp = SitePersistence(target_dir=self.tmpdir)
sp.export(staging_exclusion=True)
assert Token.query.count() == 1
# Delete service account, and put fake patient in its place
with SessionScope(db):
db.session.delete(service)
db.session.commit()
assert User.query.count() == 1
assert Token.query.count() == 0
patient_role_id = Role.query.filter_by(
name=ROLE.PATIENT.value).one().id
patient_in_way = User(id=service_id,
first_name='in the',
last_name='way',
email='*****@*****.**')
with SessionScope(db):
db.session.add(patient_in_way)
db.session.commit()
with SessionScope(db):
db.session.add(
UserRoles(user_id=service_id, role_id=patient_role_id))
db.session.commit()
# Import should now fail
with self.assertRaises(ValueError) as context:
sp.import_(keep_unmentioned=True, staging_exclusion=True)
assert '*****@*****.**' in str(context.exception)
def test_preflight_invalid_service_user(self):
# setup pre-flight conditions expected to fail
ds_p3p = INTERVENTION.decision_support_p3p
ds_client = Client(
client_id='12345', client_secret='54321', user_id=TEST_USER_ID,
intervention=ds_p3p, _redirect_uris='http://testsite.org',
callback_url='http://callback.one')
service = self.add_service_user(sponsor=self.test_user)
with SessionScope(db):
db.session.add(ds_client)
db.session.commit()
ds_client = db.session.merge(ds_client)
service = db.session.merge(service)
service_id = service.id
create_service_token(client=ds_client, user=service)
# Export
sp = SitePersistence(target_dir=self.tmpdir)
sp.export(staging_exclusion=True)
assert Token.query.count() == 1
# Delete service account, and put fake patient in its place
with SessionScope(db):
db.session.delete(service)
db.session.commit()
assert User.query.count() == 1
assert Token.query.count() == 0
patient_role_id = Role.query.filter_by(
name=ROLE.PATIENT.value).one().id
patient_in_way = User(
id=service_id, first_name='in the', last_name='way',
email='*****@*****.**')
with SessionScope(db):
db.session.add(patient_in_way)
db.session.commit()
with SessionScope(db):
db.session.add(UserRoles(
user_id=service_id, role_id=patient_role_id))
db.session.commit()
# Import should now fail
with self.assertRaises(ValueError) as context:
sp.import_(keep_unmentioned=True, staging_exclusion=True)
assert '*****@*****.**' in str(context.exception)
def test_preflight_valid(self):
# setup pre-flight conditions expected to pass
ds_p3p = INTERVENTION.decision_support_p3p
ds_client = Client(client_id='12345',
client_secret='54321',
user_id=TEST_USER_ID,
intervention=ds_p3p,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
service = self.add_service_user(sponsor=self.test_user)
with SessionScope(db):
db.session.add(ds_client)
db.session.commit()
ds_client = db.session.merge(ds_client)
service = db.session.merge(service)
create_service_token(client=ds_client, user=service)
# Export
sp = SitePersistence(target_dir=self.tmpdir)
sp.export(staging_exclusion=True)
assert Token.query.count() == 1
# Delete service account, expect it to return
with SessionScope(db):
db.session.delete(service)
db.session.commit()
assert User.query.count() == 1
assert Token.query.count() == 0
# Import
sp.import_(keep_unmentioned=True, staging_exclusion=True)
assert Token.query.count() == 1
assert User.query.count() == 2
def test_preflight_valid(self):
# setup pre-flight conditions expected to pass
ds_p3p = INTERVENTION.decision_support_p3p
ds_client = Client(
client_id='12345', client_secret='54321', user_id=TEST_USER_ID,
intervention=ds_p3p, _redirect_uris='http://testsite.org',
callback_url='http://callback.one')
service = self.add_service_user(sponsor=self.test_user)
with SessionScope(db):
db.session.add(ds_client)
db.session.commit()
ds_client = db.session.merge(ds_client)
service = db.session.merge(service)
create_service_token(client=ds_client, user=service)
# Export
sp = SitePersistence(target_dir=self.tmpdir)
sp.export(staging_exclusion=True)
assert Token.query.count() == 1
# Delete service account, expect it to return
with SessionScope(db):
db.session.delete(service)
db.session.commit()
assert User.query.count() == 1
assert Token.query.count() == 0
# Import
sp.import_(keep_unmentioned=True, staging_exclusion=True)
assert Token.query.count() == 1
assert User.query.count() == 2
def test_connected_user(self):
"""User and service tokens connected with intervention should survive"""
owner = self.add_user('*****@*****.**')
self.promote_user(user=owner, role_name='application_developer')
owner = db.session.merge(owner)
owner_id = owner.id
service = self.add_service_user(sponsor=owner)
# give the owner a fake auth_provider row
ap = AuthProvider(user_id=owner_id, provider_id=1)
with SessionScope(db):
db.session.add(ap)
db.session.commit()
sm_client = Client(
client_id='abc_123', client_secret='shh', user_id=owner_id,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
with SessionScope(db):
db.session.add(sm_client)
# give the owner a fake auth_provider row
ap = AuthProvider(user=owner, provider_id=1)
service, sm_client = map(db.session.merge, (service, sm_client))
create_service_token(client=sm_client, user=service)
sm = INTERVENTION.SELF_MANAGEMENT
sm.client = sm_client
# Setup complete - SM has an owner, a service user and a service token
# generate the full export
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls, lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ep.export()
# Confirm filter worked
expected = client_users_filter().count()
with open(path_join(self.tmpdir, 'User.json')) as f:
serial_form = json.loads(f.read())
assert expected == len(serial_form['entry'])
# Modify/delete some internal db values and confirm reapplication of
# persistence restores desired values
owner = db.session.merge(owner)
owner.email = str(owner_id)
# just expecting the one service token. purge it and the
# owner (the service user) and the owner's auth_provider
assert Token.query.count() == 1
service_user_id = Token.query.one().user_id
b4 = User.query.count()
assert UserRelationship.query.count() == 1
assert AuthProvider.query.count() == 1
with SessionScope(db):
AuthProvider.query.delete()
Token.query.delete()
UserRelationship.query.delete()
User.query.filter_by(id=service_user_id).delete()
db.session.commit()
assert AuthProvider.query.count() == 0
assert Token.query.count() == 0
assert UserRelationship.query.count() == 0
assert User.query.count() == b4 - 1
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls, lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
if model.cls.__name__ == 'User':
pass
ep.import_(keep_unmentioned=True)
result = User.query.get(owner_id)
assert result.email == '*****@*****.**'
assert AuthProvider.query.count() == 1
assert Token.query.count() == 1
assert UserRelationship.query.count() == 1
def test_connected_user(self):
"""User and service tokens connected with intervention should survive"""
owner = self.add_user('*****@*****.**')
self.promote_user(user=owner, role_name='application_developer')
owner = db.session.merge(owner)
owner_id = owner.id
service = self.add_service_user(sponsor=owner)
# give the owner a fake auth_provider row
ap = AuthProvider(user_id=owner_id, provider_id=1)
with SessionScope(db):
db.session.add(ap)
db.session.commit()
sm_client = Client(client_id='abc_123',
client_secret='shh',
user_id=owner_id,
_redirect_uris='http://testsite.org',
callback_url='http://callback.one')
with SessionScope(db):
db.session.add(sm_client)
# give the owner a fake auth_provider row
ap = AuthProvider(user=owner, provider_id=1)
service, sm_client = map(db.session.merge, (service, sm_client))
create_service_token(client=sm_client, user=service)
sm = INTERVENTION.SELF_MANAGEMENT
sm.client = sm_client
# Setup complete - SM has an owner, a service user and a service token
# generate the full export
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
ep.export()
# Confirm filter worked
expected = client_users_filter().count()
with open(path_join(self.tmpdir, 'User.json')) as f:
serial_form = json.loads(f.read())
assert expected == len(serial_form['entry'])
# Modify/delete some internal db values and confirm reapplication of
# persistence restores desired values
owner = db.session.merge(owner)
owner.email = str(owner_id)
# just expecting the one service token. purge it and the
# owner (the service user) and the owner's auth_provider
assert Token.query.count() == 1
service_user_id = Token.query.one().user_id
b4 = User.query.count()
assert UserRelationship.query.count() == 1
assert AuthProvider.query.count() == 1
with SessionScope(db):
AuthProvider.query.delete()
Token.query.delete()
UserRelationship.query.delete()
User.query.filter_by(id=service_user_id).delete()
db.session.commit()
assert AuthProvider.query.count() == 0
assert Token.query.count() == 0
assert UserRelationship.query.count() == 0
assert User.query.count() == b4 - 1
for model in staging_exclusions:
ep = ExclusionPersistence(
model_class=model.cls,
lookup_field=model.lookup_field,
limit_to_attributes=model.limit_to_attributes,
filter_query=model.filter_query,
target_dir=self.tmpdir)
if model.cls.__name__ == 'User':
pass
ep.import_(keep_unmentioned=True)
result = User.query.get(owner_id)
assert result.email == '*****@*****.**'
assert AuthProvider.query.count() == 1
assert Token.query.count() == 1
assert UserRelationship.query.count() == 1