Compare commits
No commits in common. "a13e7b3e294d0300ab75da2042cf93ea840eb2e2" and "48e076eb165c53382571c90bac0b0572459ca43b" have entirely different histories.
a13e7b3e29
...
48e076eb16
|
@ -78,7 +78,7 @@ def create_app():
|
||||||
app.config.from_object(
|
app.config.from_object(
|
||||||
'imaginaerraum_door_admin.default_app_config.DefaultConfig'
|
'imaginaerraum_door_admin.default_app_config.DefaultConfig'
|
||||||
)
|
)
|
||||||
app.config.from_envvar('APPLICATION_SETTINGS')
|
app.config.from_envvar('APPLICATION_SETTINGS', silent=True)
|
||||||
|
|
||||||
token_file = Path(app.config.get('TOKEN_FILE'))
|
token_file = Path(app.config.get('TOKEN_FILE'))
|
||||||
if not token_file.exists():
|
if not token_file.exists():
|
||||||
|
|
|
@ -2,7 +2,7 @@ from wtforms.fields import StringField, BooleanField
|
||||||
from flask import current_app
|
from flask import current_app
|
||||||
from flask_security import hash_password
|
from flask_security import hash_password
|
||||||
from flask_security.forms import LoginForm, Required, PasswordField
|
from flask_security.forms import LoginForm, Required, PasswordField
|
||||||
from flask_security.utils import lookup_identity
|
from flask_security.utils import find_user
|
||||||
from flask_security.models import fsqla_v2 as fsqla
|
from flask_security.models import fsqla_v2 as fsqla
|
||||||
|
|
||||||
import ldap3
|
import ldap3
|
||||||
|
@ -29,7 +29,7 @@ class ExtendedLoginForm(LoginForm):
|
||||||
|
|
||||||
def validate(self):
|
def validate(self):
|
||||||
# search for user in the current database
|
# search for user in the current database
|
||||||
user = lookup_identity(self.email.data)
|
user = find_user(self.email.data)
|
||||||
if user is not None:
|
if user is not None:
|
||||||
# if a user is found we check if it is associated with LDAP or with
|
# if a user is found we check if it is associated with LDAP or with
|
||||||
# the local database
|
# the local database
|
||||||
|
|
4
setup.py
4
setup.py
|
@ -4,7 +4,7 @@ setup(install_requires=[
|
||||||
"bleach",
|
"bleach",
|
||||||
"Flask",
|
"Flask",
|
||||||
"Flask-Mail",
|
"Flask-Mail",
|
||||||
"Flask-Security-Too>=5.0.1",
|
"Flask-Security-Too",
|
||||||
"Flask-SQLAlchemy",
|
"Flask-SQLAlchemy",
|
||||||
"Flask-WTF",
|
"Flask-WTF",
|
||||||
"email_validator",
|
"email_validator",
|
||||||
|
@ -13,6 +13,6 @@ setup(install_requires=[
|
||||||
"wtforms"
|
"wtforms"
|
||||||
],
|
],
|
||||||
include_package_data=True,
|
include_package_data=True,
|
||||||
scripts=['bin/launch_webadmin.py'],
|
scripts=['bin/launch_webadmin'],
|
||||||
packages=['imaginaerraum_door_admin'],
|
packages=['imaginaerraum_door_admin'],
|
||||||
zip_safe=False)
|
zip_safe=False)
|
|
@ -2,7 +2,7 @@ import datetime
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
from bs4 import BeautifulSoup
|
from bs4 import BeautifulSoup
|
||||||
from flask_security.utils import lookup_identity
|
from flask_security.utils import find_user
|
||||||
from imaginaerraum_door_admin.door_handle import DoorHandle
|
from imaginaerraum_door_admin.door_handle import DoorHandle
|
||||||
from imaginaerraum_door_admin.auth import ExtendedLoginForm
|
from imaginaerraum_door_admin.auth import ExtendedLoginForm
|
||||||
import re
|
import re
|
||||||
|
@ -18,12 +18,9 @@ def test_login(browser, live_server):
|
||||||
|
|
||||||
response = browser.get(f'http://localhost:{live_server.port}/login')
|
response = browser.get(f'http://localhost:{live_server.port}/login')
|
||||||
|
|
||||||
email_form = browser.find_element_by_xpath('//input[@id="email"]')
|
email_form = browser.find_element('id', 'email').send_keys('gandalf')
|
||||||
email_form.send_keys('gandalf@shire.me')
|
password_form = browser.find_element('id', 'password').send_keys('shadowfax')
|
||||||
password_form = browser.find_element_by_xpath('//input[@id="password"]')
|
submit_button = browser.find_element('id', 'submit').click()
|
||||||
password_form.send_keys('shadowfax')
|
|
||||||
submit_button = browser.find_element_by_xpath('//input[@id="submit"]')
|
|
||||||
submit_button.click()
|
|
||||||
|
|
||||||
assert 'Tür öffnen' in browser.page_source
|
assert 'Tür öffnen' in browser.page_source
|
||||||
|
|
||||||
|
@ -125,7 +122,7 @@ def test_login_ldap(client, temp_user, mocker):
|
||||||
return auth, user_data
|
return auth, user_data
|
||||||
mocker.patch('imaginaerraum_door_admin.auth.ExtendedLoginForm.validate_ldap', mock_validate)
|
mocker.patch('imaginaerraum_door_admin.auth.ExtendedLoginForm.validate_ldap', mock_validate)
|
||||||
|
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
# remove local role so that ldap authentication is the default
|
# remove local role so that ldap authentication is the default
|
||||||
user.roles.pop(0)
|
user.roles.pop(0)
|
||||||
|
|
||||||
|
@ -155,7 +152,7 @@ def test_login_ldap_new_user(client, mocker):
|
||||||
mocker.patch('imaginaerraum_door_admin.auth.ExtendedLoginForm.validate_ldap', mock_validate)
|
mocker.patch('imaginaerraum_door_admin.auth.ExtendedLoginForm.validate_ldap', mock_validate)
|
||||||
|
|
||||||
# initially, the Balrog user should not exist
|
# initially, the Balrog user should not exist
|
||||||
user = lookup_identity('Balrog')
|
user = find_user('Balrog')
|
||||||
assert user is None
|
assert user is None
|
||||||
|
|
||||||
# log in temp user using ldap -> this will succeed and create a local user
|
# log in temp user using ldap -> this will succeed and create a local user
|
||||||
|
@ -164,7 +161,7 @@ def test_login_ldap_new_user(client, mocker):
|
||||||
soup = BeautifulSoup(response.data, 'html.parser')
|
soup = BeautifulSoup(response.data, 'html.parser')
|
||||||
|
|
||||||
# make sure user is now created locally
|
# make sure user is now created locally
|
||||||
user = lookup_identity('Balrog')
|
user = find_user('Balrog')
|
||||||
assert user is not None
|
assert user is not None
|
||||||
|
|
||||||
# make sure login succeeded -> Tür öffnen button will appear
|
# make sure login succeeded -> Tür öffnen button will appear
|
||||||
|
@ -266,7 +263,7 @@ def temp_admin(client_authenticated):
|
||||||
response = client_authenticated.get(
|
response = client_authenticated.get(
|
||||||
f"/promote_admin/{username}",
|
f"/promote_admin/{username}",
|
||||||
follow_redirects=True)
|
follow_redirects=True)
|
||||||
user = lookup_identity(username)
|
user = find_user(username)
|
||||||
assert user.has_role('admin')
|
assert user.has_role('admin')
|
||||||
|
|
||||||
return {'username': username,
|
return {'username': username,
|
||||||
|
@ -293,7 +290,7 @@ def test_create_admin(client_authenticated):
|
||||||
response = client_authenticated.get('/logout')
|
response = client_authenticated.get('/logout')
|
||||||
|
|
||||||
# try to log in new user using the extracted password
|
# try to log in new user using the extracted password
|
||||||
response = headless_login(client_authenticated, user='bilbo@shire.me',
|
response = headless_login(client_authenticated, user='bilbo',
|
||||||
password=password)
|
password=password)
|
||||||
# - see if it works
|
# - see if it works
|
||||||
soup = BeautifulSoup(response.data, 'html.parser')
|
soup = BeautifulSoup(response.data, 'html.parser')
|
||||||
|
@ -317,7 +314,7 @@ def test_activate_deactivate_user(temp_user, client_authenticated):
|
||||||
f"/admin_toggle_active/{temp_user['username']}",
|
f"/admin_toggle_active/{temp_user['username']}",
|
||||||
follow_redirects=True)
|
follow_redirects=True)
|
||||||
# make sure the user is now inactive
|
# make sure the user is now inactive
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is not None
|
assert user is not None
|
||||||
assert not user.active
|
assert not user.active
|
||||||
|
|
||||||
|
@ -326,7 +323,7 @@ def test_activate_deactivate_user(temp_user, client_authenticated):
|
||||||
follow_redirects=True)
|
follow_redirects=True)
|
||||||
|
|
||||||
# now the user should be active again
|
# now the user should be active again
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is not None
|
assert user is not None
|
||||||
assert user.active
|
assert user.active
|
||||||
|
|
||||||
|
@ -352,7 +349,7 @@ def test_delete_admin(temp_user, client_authenticated):
|
||||||
# we need to deactivate the user first
|
# we need to deactivate the user first
|
||||||
assert 'Bitte den Benutzer zuerst deaktivieren.' in response.data.decode()
|
assert 'Bitte den Benutzer zuerst deaktivieren.' in response.data.decode()
|
||||||
# make sure the user still exists
|
# make sure the user still exists
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is not None
|
assert user is not None
|
||||||
|
|
||||||
# deactivate the user and try deleting it again
|
# deactivate the user and try deleting it again
|
||||||
|
@ -367,7 +364,7 @@ def test_delete_admin(temp_user, client_authenticated):
|
||||||
assert 'Der eingegebene Nutzername stimmt nicht überein' \
|
assert 'Der eingegebene Nutzername stimmt nicht überein' \
|
||||||
in response.data.decode()
|
in response.data.decode()
|
||||||
# make sure the user still exists
|
# make sure the user still exists
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is not None
|
assert user is not None
|
||||||
|
|
||||||
# now we send the confirmation data with the request
|
# now we send the confirmation data with the request
|
||||||
|
@ -383,7 +380,7 @@ def test_delete_admin(temp_user, client_authenticated):
|
||||||
assert f"Benutzer {temp_user['username']} wurde gelöscht." in response.data.decode()
|
assert f"Benutzer {temp_user['username']} wurde gelöscht." in response.data.decode()
|
||||||
|
|
||||||
# make sure the user now is gone
|
# make sure the user now is gone
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is None
|
assert user is None
|
||||||
|
|
||||||
|
|
||||||
|
@ -394,7 +391,7 @@ def test_promote_user(temp_user, client_authenticated):
|
||||||
follow_redirects=True)
|
follow_redirects=True)
|
||||||
assert 'Ungültiger Nutzer' in response.data.decode()
|
assert 'Ungültiger Nutzer' in response.data.decode()
|
||||||
|
|
||||||
user = lookup_identity(temp_user['username'])
|
user = find_user(temp_user['username'])
|
||||||
assert user is not None
|
assert user is not None
|
||||||
assert not user.has_role('admin')
|
assert not user.has_role('admin')
|
||||||
# grant admin permissions to test user
|
# grant admin permissions to test user
|
||||||
|
@ -418,7 +415,7 @@ def test_demote_user(temp_admin, client_authenticated):
|
||||||
follow_redirects=True)
|
follow_redirects=True)
|
||||||
assert 'Ungültiger Nutzer' in response.data.decode()
|
assert 'Ungültiger Nutzer' in response.data.decode()
|
||||||
|
|
||||||
user = lookup_identity(temp_admin['username'])
|
user = find_user(temp_admin['username'])
|
||||||
assert user.has_role('admin')
|
assert user.has_role('admin')
|
||||||
# try removing admin permissions
|
# try removing admin permissions
|
||||||
response = client_authenticated.get(
|
response = client_authenticated.get(
|
||||||
|
|
Loading…
Reference in New Issue
Block a user