def test_get_all_with_parent_id(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
item = api.create(ContentType.Folder, workspace, None, 'parent', True)
item2 = api.create(ContentType.File, workspace, item, 'file1', True)
item3 = api.create(ContentType.File, workspace, None, 'file2', True)
parent_id = item.content_id
child_id = item2.content_id
uid = user.user_id
wid = workspace.workspace_id
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
items = api.get_all(None, ContentType.Any, workspace)
eq_(3, len(items))
items2 = api.get_all(parent_id, ContentType.File, workspace)
eq_(1, len(items2))
eq_(child_id, items2[0].content_id)
def test_create_comment_ok(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
p = api.create(ContentType.Page, workspace, None, 'this_is_a_page')
c = api.create_comment(workspace, p, 'this is the comment', True)
eq_(Content, c.__class__)
eq_(p.content_id, c.parent_id)
eq_(user, c.owner)
eq_(workspace, c.workspace)
eq_(ContentType.Comment, c.type)
eq_('this is the comment', c.description)
eq_('', c.label)
eq_(ActionDescription.COMMENT, c.revision_type)
def test_set_status_ok(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
c = api.create(ContentType.Folder, workspace, None, 'parent', True)
with new_revision(c):
for new_status in [
'open', 'closed-validated', 'closed-unvalidated',
'closed-deprecated'
]:
api.set_status(c, new_status)
eq_(new_status, c.status)
eq_(ActionDescription.STATUS_UPDATE, c.revision_type)
def test_unit__get_all_manageable(self):
admin = DBSession.query(User) \
.filter(User.email == '*****@*****.**').one()
uapi = UserApi(admin)
# Checks a case without workspaces.
wapi = WorkspaceApi(current_user=admin)
eq_([], wapi.get_all_manageable())
# Checks an admin gets all workspaces.
w4 = wapi.create_workspace(label='w4')
w3 = wapi.create_workspace(label='w3')
w2 = wapi.create_workspace(label='w2')
w1 = wapi.create_workspace(label='w1')
eq_([w1, w2, w3, w4], wapi.get_all_manageable())
# Checks a regular user gets none workspace.
gapi = GroupApi(None)
u = uapi.create_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
wapi = WorkspaceApi(current_user=u)
rapi = RoleApi(current_user=u)
off = 'off'
rapi.create_one(u, w4, UserRoleInWorkspace.READER, off)
rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, off)
rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, off)
rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, off)
eq_([], wapi.get_all_manageable())
# Checks a manager gets only its own workspaces.
u.groups.append(gapi.get_one(Group.TIM_MANAGER))
rapi.delete_one(u.user_id, w2.workspace_id)
rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, off)
eq_([w1, w2], wapi.get_all_manageable())
def test_search_in_description(self):
# HACK - D.A. - 2015-03-09
# This test is based on a bug which does NOT return results found
# at root of a workspace (eg a folder)
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
a = api.create(ContentType.Folder, workspace, None,
'this is randomized folder', True)
p = api.create(ContentType.Page, workspace, a,
'this is dummy label content', True)
with new_revision(p):
p.description = 'This is some amazing test'
api.save(p)
original_id = p.content_id
res = api.search(['dummy'])
eq_(1, len(res.all()))
item = res.all()[0]
eq_(original_id, item.content_id)
def test_get_all_with_filter(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
item = api.create(ContentType.Folder, workspace, None,
'thefolder', True)
item2 = api.create(ContentType.File, workspace, None, 'thefile', True)
uid = user.user_id
wid = workspace.workspace_id
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
items = api.get_all(None, ContentType.Any, workspace)
eq_(2, len(items))
items2 = api.get_all(None, ContentType.File, workspace)
eq_(1, len(items2))
eq_('thefile', items2[0].label)
items3 = api.get_all(None, ContentType.Folder, workspace)
eq_(1, len(items3))
eq_('thefolder', items3[0].label)
def test_search_in_description(self):
# HACK - D.A. - 2015-03-09
# This test is based on a bug which does NOT return results found
# at root of a workspace (eg a folder)
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
a = api.create(ContentType.Folder, workspace, None,
'this is randomized folder', True)
p = api.create(ContentType.Page, workspace, a,
'this is dummy label content', True)
with new_revision(p):
p.description = 'This is some amazing test'
api.save(p)
original_id = p.content_id
res = api.search(['dummy'])
eq_(1, len(res.all()))
item = res.all()[0]
eq_(original_id, item.content_id)
def test_unit__get_all_manageable(self):
admin = DBSession.query(User) \
.filter(User.email == '*****@*****.**').one()
uapi = UserApi(admin)
# Checks a case without workspaces.
wapi = WorkspaceApi(current_user=admin)
eq_([], wapi.get_all_manageable())
# Checks an admin gets all workspaces.
w4 = wapi.create_workspace(label='w4')
w3 = wapi.create_workspace(label='w3')
w2 = wapi.create_workspace(label='w2')
w1 = wapi.create_workspace(label='w1')
eq_([w1, w2, w3, w4], wapi.get_all_manageable())
# Checks a regular user gets none workspace.
gapi = GroupApi(None)
u = uapi.create_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True)
wapi = WorkspaceApi(current_user=u)
rapi = RoleApi(current_user=u)
rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)
rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False)
rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([], wapi.get_all_manageable())
# Checks a manager gets only its own workspaces.
u.groups.append(gapi.get_one(Group.TIM_MANAGER))
rapi.delete_one(u.user_id, w2.workspace_id)
rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False)
eq_([w1, w2], wapi.get_all_manageable())
def test_get_all_with_parent_id(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
item = api.create(ContentType.Folder, workspace, None, 'parent', True)
item2 = api.create(ContentType.File, workspace, item, 'file1', True)
item3 = api.create(ContentType.File, workspace, None, 'file2', True)
parent_id = item.content_id
child_id = item2.content_id
uid = user.user_id
wid = workspace.workspace_id
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
items = api.get_all(None, ContentType.Any, workspace)
eq_(3, len(items))
items2 = api.get_all(parent_id, ContentType.File, workspace)
eq_(1, len(items2))
eq_(child_id, items2[0].content_id)
def insert(self):
u = model.User()
u.display_name = 'Global manager'
u.email = '*****@*****.**'
u.password = '******'
self._session.add(u)
uapi = UserApi(u)
uapi.execute_created_user_actions(u)
g1 = model.Group()
g1.group_id = 1
g1.group_name = 'users'
g1.display_name = 'Users'
g1.users.append(u)
self._session.add(g1)
g2 = model.Group()
g2.group_id = 2
g2.group_name = 'managers'
g2.display_name = 'Global Managers'
g2.users.append(u)
self._session.add(g2)
g3 = model.Group()
g3.group_id = 3
g3.group_name = 'administrators'
g3.display_name = 'Administrators'
g3.users.append(u)
self._session.add(g3)
def insert(self):
u = model.User()
u.display_name = 'Global manager'
u.email = '*****@*****.**'
u.password = '******'
self._session.add(u)
uapi = UserApi(u)
uapi.execute_created_user_actions(u)
g1 = model.Group()
g1.group_id = 1
g1.group_name = 'users'
g1.display_name = 'Users'
g1.users.append(u)
self._session.add(g1)
g2 = model.Group()
g2.group_id = 2
g2.group_name = 'managers'
g2.display_name = 'Global Managers'
g2.users.append(u)
self._session.add(g2)
g3 = model.Group()
g3.group_id = 3
g3.group_name = 'administrators'
g3.display_name = 'Administrators'
g3.users.append(u)
self._session.add(g3)
def post(
self,
name: str,
email: str,
password: str,
is_tracim_manager: str = 'off',
is_tracim_admin: str = 'off',
send_email: str = 'off',
):
is_tracim_manager = h.on_off_to_boolean(is_tracim_manager)
is_tracim_admin = h.on_off_to_boolean(is_tracim_admin)
send_email = h.on_off_to_boolean(send_email)
current_user = tmpl_context.current_user
if current_user.profile.id < Group.TIM_ADMIN:
# A manager can't give large rights
is_tracim_manager = False
is_tracim_admin = False
api = UserApi(current_user)
if api.user_with_email_exists(email):
tg.flash(
_('A user with email address "{}" already exists.').format(
email), CST.STATUS_ERROR)
tg.redirect(self.url())
user = api.create_user()
user.email = email
user.display_name = name
if password:
user.password = password
elif send_email:
# Setup a random password to send email at user
password = self.generate_password()
user.password = password
user.webdav_left_digest_response_hash = '%s:/:%s' % (email, password)
api.save(user)
# Now add the user to related groups
group_api = GroupApi(current_user)
user.groups.append(group_api.get_one(Group.TIM_USER))
if is_tracim_manager:
user.groups.append(group_api.get_one(Group.TIM_MANAGER))
if is_tracim_admin:
user.groups.append(group_api.get_one(Group.TIM_ADMIN))
api.save(user)
if send_email:
email_manager = get_email_manager()
email_manager.notify_created_account(user, password=password)
api.execute_created_user_actions(user)
tg.flash(
_('User {} created.').format(user.get_display_name()),
CST.STATUS_OK)
tg.redirect(self.url())
def put(self, user_id, name, email, timezone, next_url=None):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
user_api = UserApi(current_user)
assert user_id==current_user.user_id
if next_url:
next = tg.url(next_url)
else:
next = self.url()
try:
email_user = user_api.get_one_by_email(email)
if email_user != current_user:
tg.flash(_('Email already in use'), CST.STATUS_ERROR)
tg.redirect(next)
except NoResultFound:
pass
# Only keep allowed field update
updated_fields = self._clean_update_fields({
'name': name,
'email': email,
'timezone': timezone,
})
api = UserApi(tmpl_context.current_user)
api.update(current_user, do_save=True, **updated_fields)
tg.flash(_('profile updated.'))
tg.redirect(next)
def test_mark_read(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user_a = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
user_b = uapi.create_user(email='*****@*****.**',
groups=groups, save_now=True)
wapi = WorkspaceApi(user_a)
workspace = wapi.create_workspace(
'test workspace',
save_now=True)
role_api = RoleApi(user_a)
role_api.create_one(user_b, workspace, UserRoleInWorkspace.READER, False)
cont_api_a = ContentApi(user_a)
cont_api_b = ContentApi(user_b)
page_1 = cont_api_a.create(ContentType.Page, workspace, None,
'this is a page', do_save=True)
for rev in page_1.revisions:
eq_(user_b not in rev.read_by.keys(), True)
cont_api_b.mark_read(page_1)
for rev in page_1.revisions:
eq_(user_b in rev.read_by.keys(), True)
def edit(self, id):
current_user = tmpl_context.current_user
api = UserApi(current_user)
user = api.get_one(id)
dictified_user = Context(CTX.USER).toDict(user, 'user')
return DictLikeClass(result=dictified_user)
def edit(self, id):
current_user = tmpl_context.current_user
api = UserApi(current_user)
user = api.get_one(id)
dictified_user = Context(CTX.USER).toDict(user, 'user')
return DictLikeClass(result = dictified_user)
def test_get_one_by_email(self):
api = UserApi(None)
u = api.create_user()
api.update(u, 'bibi', 'bibi@bibi', True)
uid = u.user_id
transaction.commit()
eq_(uid, api.get_one_by_email('bibi@bibi').user_id)
def test_mark_read__all(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user_a = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
user_b = uapi.create_user(email='*****@*****.**',
groups=groups,
save_now=True)
wapi = WorkspaceApi(user_a)
workspace = wapi.create_workspace('test workspace', save_now=True)
role_api = RoleApi(user_a)
role_api.create_one(user_b, workspace, UserRoleInWorkspace.READER,
False)
cont_api_a = ContentApi(user_a)
cont_api_b = ContentApi(user_b)
page_2 = cont_api_a.create(ContentType.Page,
workspace,
None,
'this is page1',
do_save=True)
page_3 = cont_api_a.create(ContentType.Thread,
workspace,
None,
'this is page2',
do_save=True)
page_4 = cont_api_a.create(ContentType.File,
workspace,
None,
'this is page3',
do_save=True)
for rev in page_2.revisions:
eq_(user_b not in rev.read_by.keys(), True)
for rev in page_3.revisions:
eq_(user_b not in rev.read_by.keys(), True)
for rev in page_4.revisions:
eq_(user_b not in rev.read_by.keys(), True)
DBSession.refresh(page_2)
DBSession.refresh(page_3)
DBSession.refresh(page_4)
cont_api_b.mark_read__all()
for rev in page_2.revisions:
eq_(user_b in rev.read_by.keys(), True)
for rev in page_3.revisions:
eq_(user_b in rev.read_by.keys(), True)
for rev in page_4.revisions:
eq_(user_b in rev.read_by.keys(), True)
def test_create_and_update_user(self):
api = UserApi(None)
u = api.create_user()
api.update(u, 'bob', 'bob@bob', True)
nu = api.get_one_by_email('bob@bob')
ok_(nu!=None)
eq_('bob@bob', nu.email)
eq_('bob', nu.display_name)
def put(self, user_id, name, email, next_url=''):
api = UserApi(tmpl_context.current_user)
user = api.get_one(int(user_id))
api.update(user, name, email, True)
tg.flash(_('User {} updated.').format(user.get_display_name()), CST.STATUS_OK)
if next_url:
tg.redirect(next_url)
tg.redirect(self.url())
def put(self, user_id, name, email, timezone: str='', next_url=''):
api = UserApi(tmpl_context.current_user)
user = api.get_one(int(user_id))
api.update(user, name, email, True, timezone=timezone)
tg.flash(_('User {} updated.').format(user.get_display_name()), CST.STATUS_OK)
if next_url:
tg.redirect(next_url)
tg.redirect(self.url())
def put(self, user_id, name, email, next_url=None):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
assert user_id==current_user.user_id
api = UserApi(tmpl_context.current_user)
api.update(current_user, name, email, True)
tg.flash(_('profile updated.'))
if next_url:
tg.redirect(tg.url(next_url))
tg.redirect(self.url())
def get_all(self, *args, **kw):
current_user = tmpl_context.current_user
api = UserApi(current_user)
users = api.get_all()
current_user_content = Context(CTX.CURRENT_USER).toDict(current_user)
fake_api = Context(CTX.USERS).toDict({'current_user': current_user_content})
dictified_users = Context(CTX.USERS).toDict(users, 'users', 'user_nb')
return DictLikeClass(result=dictified_users, fake_api=fake_api)
def get_all(self, *args, **kw):
current_user = tmpl_context.current_user
api = UserApi(current_user)
users = api.get_all()
current_user_content = Context(CTX.CURRENT_USER).toDict(current_user)
fake_api = Context(CTX.USERS).toDict({'current_user': current_user_content})
dictified_users = Context(CTX.USERS).toDict(users, 'users', 'user_nb')
return DictLikeClass(result = dictified_users, fake_api=fake_api)
def enable(self, id, next_url=None):
current_user = tmpl_context.current_user
api = UserApi(current_user)
user = api.get_one(id)
user.is_active = True
api.save(user)
tg.flash(_('User {} enabled.').format(user.get_display_name()), CST.STATUS_OK)
if next_url=='user':
tg.redirect(self.url(id=user.user_id))
tg.redirect(self.url())
def enable(self, id, next_url=None):
current_user = tmpl_context.current_user
api = UserApi(current_user)
user = api.get_one(id)
user.is_active = True
api.save(user)
tg.flash(_('User {} enabled.').format(user.get_display_name()), CST.STATUS_OK)
if next_url == 'user':
tg.redirect(self.url(id=user.user_id))
tg.redirect(self.url())
def get_one(self, user_id):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
assert user_id==current_user.user_id
api = UserApi(current_user)
current_user = api.get_one(current_user.user_id)
dictified_user = Context(CTX.USER).toDict(current_user, 'user')
current_user_content = Context(CTX.CURRENT_USER).toDict(tmpl_context.current_user)
fake_api_content = DictLikeClass(current_user=current_user_content)
fake_api = Context(CTX.WORKSPACE).toDict(fake_api_content)
return DictLikeClass(result=dictified_user, fake_api=fake_api)
def test_get_notifiable_roles(self):
admin = DBSession.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(admin)
w = wapi.create_workspace(label='workspace w', save_now=True)
uapi = UserApi(admin)
u = uapi.create_user(email='[email protected]', save_now=True)
eq_([], wapi.get_notifiable_roles(workspace=w))
rapi = RoleApi(u)
r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True)
eq_([r, ], wapi.get_notifiable_roles(workspace=w))
u.is_active = False
eq_([], wapi.get_notifiable_roles(workspace=w))
def _add_user_with_role(self, user_id: int, role_id: int, with_notif: bool, flash_msg_template)-> UserRoleInWorkspace:
user_api = UserApi(tg.tmpl_context.current_user)
user = user_api.get_one(user_id)
role_api = RoleApi(tg.tmpl_context.current_user)
role = role_api.create_one(user, tg.tmpl_context.workspace, role_id, with_notif)
tg.flash(flash_msg_template.format(
role.user.get_display_name(),
tg.tmpl_context.workspace.label,
role.role_as_label()), CST.STATUS_OK)
tg.redirect(self.parent_controller.url(tg.tmpl_context.workspace_id))
def get_one(self, user_id):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
assert user_id==current_user.user_id
api = UserApi(current_user)
current_user = api.get_one(current_user.user_id)
dictified_user = Context(CTX.USER).toDict(current_user, 'user')
current_user_content = Context(CTX.CURRENT_USER).toDict(tmpl_context.current_user)
fake_api_content = DictLikeClass(current_user=current_user_content)
fake_api = Context(CTX.WORKSPACE).toDict(fake_api_content)
return DictLikeClass(result=dictified_user, fake_api=fake_api)
def test_get_notifiable_roles(self):
admin = DBSession.query(User) \
.filter(User.email == '*****@*****.**').one()
wapi = WorkspaceApi(admin)
w = wapi.create_workspace(label='workspace w', save_now=True)
uapi = UserApi(admin)
u = uapi.create_user(email='[email protected]', save_now=True)
eq_([], wapi.get_notifiable_roles(workspace=w))
rapi = RoleApi(u)
r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif='on')
eq_([r, ], wapi.get_notifiable_roles(workspace=w))
u.is_active = False
eq_([], wapi.get_notifiable_roles(workspace=w))
def _add_user_with_role(self, user_id: int, role_id: int, with_notif: bool, flash_msg_template)-> UserRoleInWorkspace:
user_api = UserApi(tg.tmpl_context.current_user)
user = user_api.get_one(user_id)
role_api = RoleApi(tg.tmpl_context.current_user)
role = role_api.create_one(user, tg.tmpl_context.workspace, role_id, with_notif)
tg.flash(flash_msg_template.format(
role.user.get_display_name(),
tg.tmpl_context.workspace.label,
role.role_as_label()), CST.STATUS_OK)
tg.redirect(self.parent_controller.url(tg.tmpl_context.workspace_id))
def test_archive(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
item = api.create(ContentType.Folder, workspace, None,
'not_archived', True)
item2 = api.create(ContentType.Folder, workspace, None,
'to_archive', True)
uid = user.user_id
wid = workspace.workspace_id
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
items = api.get_all(None, ContentType.Any, workspace)
eq_(2, len(items))
items = api.get_all(None, ContentType.Any, workspace)
with new_revision(items[0]):
api.archive(items[0])
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
items = api.get_all(None, ContentType.Any, workspace)
eq_(1, len(items))
transaction.commit()
# Refresh instances after commit
user = uapi.get_one(uid)
workspace = WorkspaceApi(user).get_one(wid)
api = ContentApi(user)
# Test that the item is still available if "show deleted" is activated
api = ContentApi(None, show_archived=True)
items = api.get_all(None, ContentType.Any, workspace)
eq_(2, len(items))
def _before(self, *args, **kw):
"""
Instantiate the current workspace in tg.tmpl_context
:param args:
:param kw:
:return:
"""
super(self.__class__, self)._before(args, kw)
api = UserApi(tg.tmpl_context.current_user)
user_id = tg.request.controller_state.routing_args.get('user_id')
user = api.get_one(user_id)
tg.tmpl_context.user_id = user_id
tg.tmpl_context.user = user
def _before(self, *args, **kw):
"""
Instantiate the current workspace in tg.tmpl_context
:param args:
:param kw:
:return:
"""
super(self.__class__, self)._before(args, kw)
api = UserApi(tg.tmpl_context.current_user)
user_id = tg.request.controller_state.routing_args.get('user_id')
user = api.get_one(user_id)
tg.tmpl_context.user_id = user_id
tg.tmpl_context.user = user
def test_set_status_unknown_status(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
c = api.create(ContentType.Folder, workspace, None, 'parent', True)
api.set_status(c, 'unknown-status')
def test_search_in_label_or_description(self):
# HACK - D.A. - 2015-03-09
# This test is based on a bug which does NOT return results found
# at root of a workspace (eg a folder)
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
a = api.create(ContentType.Folder, workspace, None,
'this is randomized folder', True)
p1 = api.create(ContentType.Page, workspace, a,
'this is dummy label content', True)
p2 = api.create(ContentType.Page, workspace, a, 'Hey ! Jon !', True)
with new_revision(p1):
p1.description = 'This is some amazing test'
with new_revision(p2):
p2.description = 'What\'s up ?'
api.save(p1)
api.save(p2)
id1 = p1.content_id
id2 = p2.content_id
eq_(1, DBSession.query(Workspace).filter(Workspace.label == 'test workspace').count())
eq_(1, DBSession.query(ContentRevisionRO).filter(ContentRevisionRO.label == 'this is randomized folder').count())
eq_(2, DBSession.query(ContentRevisionRO).filter(ContentRevisionRO.label == 'this is dummy label content').count())
eq_(1, DBSession.query(ContentRevisionRO).filter(ContentRevisionRO.description == 'This is some amazing test').count())
eq_(2, DBSession.query(ContentRevisionRO).filter(ContentRevisionRO.label == 'Hey ! Jon !').count())
eq_(1, DBSession.query(ContentRevisionRO).filter(ContentRevisionRO.description == 'What\'s up ?').count())
res = api.search(['dummy', 'jon'])
eq_(2, len(res.all()))
eq_(True, id1 in [o.content_id for o in res.all()])
eq_(True, id2 in [o.content_id for o in res.all()])
def disable(self, id, next_url=None):
id = int(id)
current_user = tmpl_context.current_user
api = UserApi(current_user)
if current_user.user_id == id:
tg.flash(_('You can\'t de-activate your own account'), CST.STATUS_ERROR)
else:
user = api.get_one(id)
user.is_active = False
api.save(user)
tg.flash(_('User {} disabled').format(user.get_display_name()), CST.STATUS_OK)
if next_url == 'user':
tg.redirect(self.url(id=user.user_id))
tg.redirect(self.url())
def __init__(self, path: str, environ: dict, content: Content):
super(File, self).__init__(path, environ)
self.content = content
self.user = UserApi(None).get_one_by_email(
environ['http_authenticator.username'])
self.content_api = ContentApi(self.user)
def disable(self, id, next_url=None):
id = int(id)
current_user = tmpl_context.current_user
api = UserApi(current_user)
if current_user.user_id==id:
tg.flash(_('You can\'t de-activate your own account'), CST.STATUS_ERROR)
else:
user = api.get_one(id)
user.is_active = False
api.save(user)
tg.flash(_('User {} disabled').format(user.get_display_name()), CST.STATUS_OK)
if next_url=='user':
tg.redirect(self.url(id=user.user_id))
tg.redirect(self.url())
def get_one(self, workspace_id):
user = tmpl_context.current_user
workspace_api_controller = WorkspaceApi(user)
role_api = RoleApi(tg.tmpl_context.current_user)
user_api = UserApi(tg.tmpl_context.current_user)
workspace = workspace_api_controller.get_one(workspace_id)
role_list = role_api.get_roles_for_select_field()
user_list = user_api.get_all()
current_user_content = Context(CTX.CURRENT_USER).toDict(user)
dictified_workspace = Context(CTX.ADMIN_WORKSPACE).toDict(workspace, 'workspace')
fake_api_content = DictLikeClass(role_types=role_list, users=user_list, current_user=current_user_content)
fake_api = Context(CTX.ADMIN_WORKSPACE).toDict(fake_api_content)
return dict(result = dictified_workspace, fake_api = fake_api)
def put(self, user_id, name, email, next_url=None):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
assert user_id==current_user.user_id
# Only keep allowed field update
updated_fields = self._clean_update_fields({
'name': name,
'email': email
})
api = UserApi(tmpl_context.current_user)
api.update(current_user, do_save=True, **updated_fields)
tg.flash(_('profile updated.'))
if next_url:
tg.redirect(tg.url(next_url))
tg.redirect(self.url())
def get_one(self, workspace_id):
user = tmpl_context.current_user
workspace_api_controller = WorkspaceApi(user)
role_api = RoleApi(tg.tmpl_context.current_user)
user_api = UserApi(tg.tmpl_context.current_user)
workspace = workspace_api_controller.get_one(workspace_id)
role_list = role_api.get_roles_for_select_field()
user_list = user_api.get_all()
current_user_content = Context(CTX.CURRENT_USER).toDict(user)
dictified_workspace = Context(CTX.ADMIN_WORKSPACE).toDict(workspace, 'workspace')
fake_api_content = DictLikeClass(role_types=role_list, users=user_list, current_user=current_user_content)
fake_api = Context(CTX.ADMIN_WORKSPACE).toDict(fake_api_content)
return dict(result = dictified_workspace, fake_api = fake_api)
def put(self, user_id, name, email, next_url=None):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
assert user_id == current_user.user_id
# Only keep allowed field update
updated_fields = self._clean_update_fields({
'name': name,
'email': email
})
api = UserApi(tmpl_context.current_user)
api.update(current_user, do_save=True, **updated_fields)
tg.flash(_('profile updated.'))
if next_url:
tg.redirect(tg.url(next_url))
tg.redirect(self.url())
def put(self, user_id, name, email, timezone, next_url=None):
user_id = tmpl_context.current_user.user_id
current_user = tmpl_context.current_user
user_api = UserApi(current_user)
assert user_id == current_user.user_id
if next_url:
next = tg.url(next_url)
else:
next = self.url()
try:
email_user = user_api.get_one_by_email(email)
if email_user != current_user:
tg.flash(_('Email already in use'), CST.STATUS_ERROR)
tg.redirect(next)
except NoResultFound:
pass
# Only keep allowed field update
updated_fields = self._clean_update_fields({
'name': name,
'email': email,
'timezone': timezone,
})
api = UserApi(tmpl_context.current_user)
api.update(current_user, do_save=True, **updated_fields)
tg.flash(_('profile updated.'))
tg.redirect(next)
def get_one(self, user_id):
current_user = tmpl_context.current_user
api = UserApi(current_user)
# role_api = RoleApi(tg.tmpl_context.current_user)
# user_api = UserApi(tg.tmpl_context.current_user)
user = api.get_one(user_id) # FIXME
role_api = RoleApi(tg.tmpl_context.current_user)
role_list = role_api.get_roles_for_select_field()
dictified_user = Context(CTX.ADMIN_USER).toDict(user, 'user')
current_user_content = Context(CTX.CURRENT_USER).toDict(tmpl_context.current_user)
fake_api_content = DictLikeClass(current_user=current_user_content,
role_types=role_list)
fake_api = Context(CTX.ADMIN_USER).toDict(fake_api_content)
return DictLikeClass(result=dictified_user, fake_api=fake_api)
def get_one(self, user_id):
current_user = tmpl_context.current_user
api = UserApi(current_user )
# role_api = RoleApi(tg.tmpl_context.current_user)
# user_api = UserApi(tg.tmpl_context.current_user)
user = api.get_one(user_id) # FIXME
role_api = RoleApi(tg.tmpl_context.current_user)
role_list = role_api.get_roles_for_select_field()
dictified_user = Context(CTX.ADMIN_USER).toDict(user, 'user')
current_user_content = Context(CTX.CURRENT_USER).toDict(tmpl_context.current_user)
fake_api_content = DictLikeClass(current_user=current_user_content,
role_types=role_list)
fake_api = Context(CTX.ADMIN_USER).toDict(fake_api_content)
return DictLikeClass(result = dictified_user, fake_api=fake_api)
def __init__(self, path: str, environ: dict):
super(Root, self).__init__(path, environ)
self.user = UserApi(None).get_one_by_email(
environ['http_authenticator.username'])
# TODO BS 20170221: Web interface should list all workspace to. We
# disable it here for moment. When web interface will be updated to
# list all workspace, change this here to.
self.workspace_api = WorkspaceApi(self.user, force_role=True)
def test_set_status_unknown_status(self):
uapi = UserApi(None)
groups = [
GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)
]
user = uapi.create_user(email='this.is@user',
groups=groups,
save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
c = api.create(ContentType.Folder, workspace, None, 'parent', True)
with new_revision(c):
api.set_status(c, 'unknown-status')
def test_set_status_ok(self):
uapi = UserApi(None)
groups = [GroupApi(None).get_one(Group.TIM_USER),
GroupApi(None).get_one(Group.TIM_MANAGER),
GroupApi(None).get_one(Group.TIM_ADMIN)]
user = uapi.create_user(email='this.is@user',
groups=groups, save_now=True)
workspace = WorkspaceApi(user).create_workspace('test workspace',
save_now=True)
api = ContentApi(user)
c = api.create(ContentType.Folder, workspace, None, 'parent', True)
for new_status in ['open', 'closed-validated', 'closed-unvalidated',
'closed-deprecated']:
api.set_status(c, new_status)
eq_(new_status, c.status)
eq_(ActionDescription.STATUS_UPDATE, c.revision_type)
class TracimDomainController(object):
"""
The domain controller is used by http_authenticator to authenticate the user every time a request is
sent
"""
def __init__(self, presetdomain=None, presetserver=None):
self._api = UserApi(None)
def getDomainRealm(self, inputURL, environ):
return '/'
def requireAuthentication(self, realmname, environ):
return True
def isRealmUser(self, realmname, username, environ):
"""
Called to check if for a given root, the username exists (though here we don't make difference between
root as we're always starting at tracim's root
"""
try:
self._api.get_one_by_email(username)
return True
except:
return False
def get_left_digest_response_hash(self, realmname, username, environ):
"""
Called by our http_authenticator to get the hashed md5 digest for the current user that is also sent by
the webdav client
"""
try:
user = self._api.get_one_by_email(username)
return user.webdav_left_digest_response_hash
except:
return None
def authDomainUser(self, realmname, username, password, environ):
"""
If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by
http_authenticator to validate the password sent
"""
return self.isRealmUser(realmname, username, environ) and \
self._api.get_one_by_email(username).validate_password(password)
class TracimDomainController(object):
"""
The domain controller is used by http_authenticator to authenticate the user every time a request is
sent
"""
def __init__(self, presetdomain = None, presetserver = None):
self._api = UserApi(None)
def getDomainRealm(self, inputURL, environ):
return '/'
def requireAuthentication(self, realmname, environ):
return True
def isRealmUser(self, realmname, username, environ):
"""
Called to check if for a given root, the username exists (though here we don't make difference between
root as we're always starting at tracim's root
"""
try:
self._api.get_one_by_email(username)
return True
except:
return False
def get_left_digest_response_hash(self, realmname, username, environ):
"""
Called by our http_authenticator to get the hashed md5 digest for the current user that is also sent by
the webdav client
"""
try:
user = self._api.get_one_by_email(username)
return user.webdav_left_digest_response_hash
except:
return None
def authDomainUser(self, realmname, username, password, environ):
"""
If you ever feel the need to send a request al-mano with a curl, this is the function that'll be called by
http_authenticator to validate the password sent
"""
return self.isRealmUser(realmname, username, environ) and \
self._api.get_one_by_email(username).validate_password(password)
def test_user_with_email_exists(self):
api = UserApi(None)
u = api.create_user()
api.update(u, 'bibi', 'bibi@bibi', True)
transaction.commit()
eq_(True, api.user_with_email_exists('bibi@bibi'))
eq_(False, api.user_with_email_exists('unknown'))
def __init__(self, path: str, environ: dict, workspace: data.Workspace):
super(Workspace, self).__init__(path, environ)
self.workspace = workspace
self.content = None
self.user = UserApi(None).get_one_by_email(
environ['http_authenticator.username'])
self.content_api = ContentApi(self.user, show_temporary=True)
self._file_count = 0
def post(
self,
name: str,
email: str,
password: str,
is_tracim_manager: str='off',
is_tracim_admin: str='off',
send_email: str='off',
):
is_tracim_manager = h.on_off_to_boolean(is_tracim_manager)
is_tracim_admin = h.on_off_to_boolean(is_tracim_admin)
send_email = h.on_off_to_boolean(send_email)
current_user = tmpl_context.current_user
if current_user.profile.id < Group.TIM_ADMIN:
# A manager can't give large rights
is_tracim_manager = False
is_tracim_admin = False
api = UserApi(current_user)
if api.user_with_email_exists(email):
tg.flash(_('A user with email address "{}" already exists.').format(email), CST.STATUS_ERROR)
tg.redirect(self.url())
user = api.create_user()
user.email = email
user.display_name = name
if password:
user.password = password
elif send_email:
# Setup a random password to send email at user
password = str(uuid.uuid4())
user.password = password
user.webdav_left_digest_response_hash = '%s:/:%s' % (email, password)
api.save(user)
# Now add the user to related groups
group_api = GroupApi(current_user)
user.groups.append(group_api.get_one(Group.TIM_USER))
if is_tracim_manager:
user.groups.append(group_api.get_one(Group.TIM_MANAGER))
if is_tracim_admin:
user.groups.append(group_api.get_one(Group.TIM_ADMIN))
api.save(user)
if send_email:
email_manager = get_email_manager()
email_manager.notify_created_account(user, password=password)
tg.flash(_('User {} created.').format(user.get_display_name()), CST.STATUS_OK)
tg.redirect(self.url())
def _before(self, *args, **kw):
"""
Instantiate the current workspace in tg.tmpl_context
:param args:
:param kw:
:return:
"""
super(self.__class__, self)._before(args, kw)
api = UserApi(tg.tmpl_context.current_user)
user_id = tmpl_context.current_user_id
user = tmpl_context.current_user
def _create_user(self, login, password, **kwargs):
if not password:
if self._password_required():
raise CommandAbortedError("You must provide -p/--password parameter")
password = ''
try:
user = User(email=login, password=password, **kwargs)
self._session.add(user)
self._session.flush()
# We need to enable radicale if it not already done
daemons = DaemonsManager()
daemons.run('radicale', RadicaleDaemon)
user_api = UserApi(user)
user_api.execute_created_user_actions(user)
except IntegrityError:
self._session.rollback()
raise AlreadyExistError()
return user
def test_user_with_email_exists(self):
api = UserApi(None)
u = api.create_user()
api.update(u, 'bibi', 'bibi@bibi', True)
transaction.commit()
eq_(True, api.user_with_email_exists('bibi@bibi'))
eq_(False, api.user_with_email_exists('unknown'))
def test_get_one_by_email(self):
api = UserApi(None)
u = api.create_user()
api.update(u, 'bibi', 'bibi@bibi', True)
uid = u.user_id
transaction.commit()
eq_(uid, api.get_one_by_email('bibi@bibi').user_id)
def _create_user(self, login, password, **kwargs):
if not password:
if self._password_required():
raise CommandAbortedError(
"You must provide -p/--password parameter")
password = ''
try:
user = User(email=login, password=password, **kwargs)
self._session.add(user)
self._session.flush()
# We need to enable radicale if it not already done
daemons = DaemonsManager()
daemons.run('radicale', RadicaleDaemon)
user_api = UserApi(user)
user_api.execute_created_user_actions(user)
except IntegrityError:
self._session.rollback()
raise AlreadyExistError()
return user
