def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
groups = [gapi.get_one_with_name("users")]
test_user = uapi.create_user(
email="*****@*****.**",
password="******",
name="bob",
groups=groups,
timezone="Europe/Paris",
lang="en",
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
self.testapp.authorization = ("Basic", ("*****@*****.**", "password"))
res = self.testapp.get("/api/v2/auth/whoami", status=401)
assert isinstance(res.json, dict)
assert "code" in res.json.keys()
# INFO - G.M - 2018-09-10 - Handled by marshmallow_schema
assert res.json_body["code"] is None
assert "message" in res.json.keys()
assert "details" in res.json.keys()
def test_functional__webdav_access_to_root__remote_auth(self) -> None:
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
user = uapi.create_user(
'*****@*****.**',
password=None,
do_save=True,
do_notify=False,
groups=groups,
auth_type=AuthType.REMOTE
)
uapi.save(user)
transaction.commit()
extra_environ = {
'REMOTE_USER': '******',
}
res = self.testapp.get('/', status=200, extra_environ=extra_environ)
assert res
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
lang='en',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
self.testapp.authorization = (
'Basic',
(
'*****@*****.**',
'password'
)
)
res = self.testapp.get('/api/v2/auth/whoami', status=401)
assert isinstance(res.json, dict)
assert 'code' in res.json.keys()
# INFO - G.M - 2018-09-10 - Handled by marshmallow_schema
assert res.json_body['code'] is None
assert 'message' in res.json.keys()
assert 'details' in res.json.keys()
def test_api__try_login_enpoint__err_401__user_not_activated(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(models.User) \
.filter(models.User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
params = {
'email': '*****@*****.**',
'password': '******',
}
res = self.testapp.post_json(
'/api/v2/auth/login',
params=params,
status=403,
)
assert res.json_body
assert 'code' in res.json_body
assert res.json_body['code'] == error.AUTHENTICATION_FAILED
def test_api__try_login_enpoint__err_401__user_not_activated(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
params = {
'email': '*****@*****.**',
'password': '******',
}
res = self.testapp.post_json(
'/api/v2/auth/login',
params=params,
status=403,
)
assert res.json_body
assert 'code' in res.json_body
assert res.json_body['code'] == error.AUTHENTICATION_FAILED
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User) \
.filter(User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
headers_auth = {
'Tracim-Api-Key': 'mysuperapikey',
'Tracim-Api-Login': '******',
}
res = self.testapp.get(
'/api/v2/auth/whoami',
status=401,
headers=headers_auth
)
assert isinstance(res.json, dict)
assert 'code' in res.json.keys()
assert res.json_body['code'] is None
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(models.User) \
.filter(models.User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
headers_auth = {
'Tracim-Api-Key': 'mysuperapikey',
'Tracim-Api-Login': '******',
}
res = self.testapp.get('/api/v2/auth/whoami',
status=401,
headers=headers_auth)
assert isinstance(res.json, dict)
assert 'code' in res.json.keys()
assert res.json_body['code'] is None
def test_api__try_whoami_enpoint__err_401__user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(models.User) \
.filter(models.User.email == '*****@*****.**') \
.one()
uapi = UserApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
gapi = GroupApi(
current_user=admin,
session=dbsession,
config=self.app_config,
)
groups = [gapi.get_one_with_name('users')]
test_user = uapi.create_user(
email='*****@*****.**',
password='******',
name='bob',
groups=groups,
timezone='Europe/Paris',
lang='en',
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
self.testapp.authorization = ('Basic', ('*****@*****.**', 'pass'))
res = self.testapp.get('/api/v2/auth/whoami', status=401)
assert isinstance(res.json, dict)
assert 'code' in res.json.keys()
# INFO - G.M - 2018-09-10 - Handled by marshmallow_schema
assert res.json_body['code'] is None
assert 'message' in res.json.keys()
assert 'details' in res.json.keys()
def test_api__try_whoami_enpoint__err_401__remote_user_is_not_active(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
groups = [gapi.get_one_with_name("users")]
test_user = uapi.create_user(
email="*****@*****.**",
password="******",
name="bob",
groups=groups,
timezone="Europe/Paris",
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
extra_environ = {"REMOTE_USER": "******"}
res = self.testapp.get("/api/v2/auth/whoami", status=401, extra_environ=extra_environ)
assert isinstance(res.json, dict)
assert "code" in res.json.keys()
assert res.json_body["code"] is None
def test_api__try_login_enpoint__err_401__user_not_activated(self):
dbsession = get_tm_session(self.session_factory, transaction.manager)
admin = dbsession.query(User).filter(User.email == "*****@*****.**").one()
uapi = UserApi(current_user=admin, session=dbsession, config=self.app_config)
gapi = GroupApi(current_user=admin, session=dbsession, config=self.app_config)
groups = [gapi.get_one_with_name("users")]
test_user = uapi.create_user(
email="*****@*****.**",
password="******",
name="bob",
groups=groups,
timezone="Europe/Paris",
do_save=True,
do_notify=False,
)
uapi.save(test_user)
uapi.disable(test_user)
transaction.commit()
params = {"email": "*****@*****.**", "password": "******"}
res = self.testapp.post_json("/api/v2/auth/login", params=params, status=403)
assert res.json_body
assert "code" in res.json_body
assert res.json_body["code"] == ErrorCode.AUTHENTICATION_FAILED
