示例#1
0
    def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(models.User) \
            .filter(models.User.email == '*****@*****.**') \
            .one()
        uapi = UserApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        gapi = GroupApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        groups = [gapi.get_one_with_name('users')]
        test_user = uapi.create_user(
            email='*****@*****.**',
            password='******',
            name='bob',
            groups=groups,
            timezone='Europe/Paris',
            do_save=True,
            do_notify=False,
        )
        uapi.save(test_user)
        uapi.disable(test_user)
        transaction.commit()
        self.testapp.authorization = ('Basic', ('*****@*****.**', 'pass'))

        res = self.testapp.get('/api/v2/sessions/whoami', status=401)
 def test_unit__get_one_with_name__err__group_not_exist(self) -> None:
     """
     get one group by name who does not exist
     """
     api = GroupApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(GroupDoesNotExist):
         group = api.get_one_with_name('unknown_group')
 def test_unit__get_all__ok__nominal_case(self):
     """
     get all groups
     """
     api = GroupApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     groups = api.get_all()
     assert ['users', 'managers', 'administrators'] == [group.group_name for group in groups]  # nopep8
 def test_unit__get_one__err__group_not_exist(self) -> None:
     """
     Get one group who does not exist by id
     """
     api = GroupApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     with pytest.raises(GroupDoesNotExist):
         group = api.get_one(10)
 def test_unit__get_one_group_with_name__nominal_case(self) -> None:
     """
     get one group by name
     """
     api = GroupApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     group = api.get_one_with_name('administrators')
     assert group.group_id == 3
     assert group.group_name == 'administrators'
 def test_unit__get_one__ok_nominal_case(self) -> None:
     """
     Get one group by id
     """
     api = GroupApi(
         current_user=None,
         session=self.session,
         config=self.app_config,
     )
     group = api.get_one(1)
     assert group.group_id == 1
     assert group.group_name == 'users'
示例#7
0
 def test_unit__get_all_manageable(self):
     admin = self.session.query(User) \
         .filter(User.email == '*****@*****.**').one()
     uapi = UserApi(
         session=self.session,
         current_user=admin,
         config=self.config,
     )
     # Checks a case without workspaces.
     wapi = WorkspaceApi(
         session=self.session,
         current_user=admin,
         config=self.app_config,
     )
     eq_([], wapi.get_all_manageable())
     # Checks an admin gets all workspaces.
     w4 = wapi.create_workspace(label='w4')
     w3 = wapi.create_workspace(label='w3')
     w2 = wapi.create_workspace(label='w2')
     w1 = wapi.create_workspace(label='w1')
     eq_([w1, w2, w3, w4], wapi.get_all_manageable())
     # Checks a regular user gets none workspace.
     gapi = GroupApi(
         session=self.session,
         current_user=None,
         config=self.app_config,
     )
     u = uapi.create_minimal_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
     wapi = WorkspaceApi(
         session=self.session,
         current_user=u,
         config=self.app_config,
     )
     rapi = RoleApi(
         session=self.session,
         current_user=u,
         config=self.app_config,
     )
     rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
     rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)
     rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False)
     rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
     eq_([], wapi.get_all_manageable())
     # Checks a manager gets only its own workspaces.
     u.groups.append(gapi.get_one(Group.TIM_MANAGER))
     rapi.delete_one(u.user_id, w2.workspace_id)
     rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
     eq_([w1, w2], wapi.get_all_manageable())
 def set_profile(self, context, request: TracimRequest, hapic_data=None):
     """
     set user profile
     """
     app_config = request.registry.settings['CFG']
     uapi = UserApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     gapi = GroupApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     groups = [gapi.get_one_with_name(hapic_data.body.profile)]
     uapi.update(
         user=request.candidate_user,
         groups=groups,
         do_save=True,
     )
     return
示例#9
0
    def test_api__try_login_enpoint__err_401__user_not_activated(self):
        dbsession = get_tm_session(self.session_factory, transaction.manager)
        admin = dbsession.query(models.User) \
            .filter(models.User.email == '*****@*****.**') \
            .one()
        uapi = UserApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        gapi = GroupApi(
            current_user=admin,
            session=dbsession,
            config=self.app_config,
        )
        groups = [gapi.get_one_with_name('users')]
        test_user = uapi.create_user(
            email='*****@*****.**',
            password='******',
            name='bob',
            groups=groups,
            timezone='Europe/Paris',
            do_save=True,
            do_notify=False,
        )
        uapi.save(test_user)
        uapi.disable(test_user)
        transaction.commit()

        params = {
            'email': '*****@*****.**',
            'password': '******',
        }
        res = self.testapp.post_json(
            '/api/v2/sessions/login',
            params=params,
            status=403,
        )
 def create_user(self, context, request: TracimRequest, hapic_data=None):
     """
     Create new user
     """
     app_config = request.registry.settings['CFG']
     uapi = UserApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     gapi = GroupApi(
         current_user=request.current_user,  # User
         session=request.dbsession,
         config=app_config,
     )
     groups = [gapi.get_one_with_name(hapic_data.body.profile)]
     user = uapi.create_user(email=hapic_data.body.email,
                             password=hapic_data.body.password,
                             timezone=hapic_data.body.timezone,
                             name=hapic_data.body.public_name,
                             do_notify=hapic_data.body.email_notification,
                             groups=groups,
                             do_save=True)
     return uapi.get_user_with_context(user)
示例#11
0
 def test_unit__authenticate_user___err__user_not_active(self):
     api = UserApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     gapi = GroupApi(
         current_user=None,
         session=self.session,
         config=self.config,
     )
     groups = [gapi.get_one_with_name('users')]
     user = api.create_user(
         email='*****@*****.**',
         password='******',
         name='bob',
         groups=groups,
         timezone='Europe/Paris',
         do_save=True,
         do_notify=False,
     )
     api.disable(user)
     with pytest.raises(UserNotActive):
         api.authenticate_user('*****@*****.**', '*****@*****.**')
示例#12
0
    def take_app_action(self, parsed_args: argparse.Namespace,
                        app_context: AppEnvironment) -> None:
        # TODO - G.M - 05-04-2018 -Refactor this in order
        # to not setup object var outside of __init__ .
        self._session = app_context['request'].dbsession
        self._app_config = app_context['registry'].settings['CFG']
        self._user_api = UserApi(
            current_user=None,
            session=self._session,
            config=self._app_config,
        )
        self._group_api = GroupApi(
            current_user=None,
            session=self._session,
            config=self._app_config,
        )
        user = self._proceed_user(parsed_args)
        self._proceed_groups(user, parsed_args)

        print("User created/updated")