PageRenderTime 25ms CodeModel.GetById 13ms RepoModel.GetById 1ms app.codeStats 0ms

/paasmaker/pacemaker/controller/user.py

https://bitbucket.org/paasmaker/paasmaker
Python | 321 lines | 305 code | 9 blank | 7 comment | 9 complexity | 6f6ab3891643d3ce7d41616fac3c862e MD5 | raw file
    

  1. #
    2. 

  2. # Paasmaker - Platform as a Service
    3. 

  3. #
    4. 

  4. # This Source Code Form is subject to the terms of the Mozilla Public
    5. 

  5. # License, v. 2.0. If a copy of the MPL was not distributed with this
    6. 

  6. # file, You can obtain one at http://mozilla.org/MPL/2.0/.
    7. 

  7. #
    8. 

  8. 

  9. import unittest
    10. 

  10. import uuid
    11. 

  11. import logging
    12. 

  12. import json
    13. 

  13. 

  14. import paasmaker
    15. 

  15. from paasmaker.common.controller import BaseController, BaseControllerTest
    16. 

  16. from paasmaker.common.core import constants
    17. 

  17. 

  18. import colander
    19. 

  19. import tornado
    20. 

  20. import tornado.testing
    21. 

  21. import sqlalchemy
    22. 

  22. 

  23. logger = logging.getLogger(__name__)
    24. 

  24. logger.addHandler(logging.NullHandler())
    25. 

  25. 

  26. class Boolean(object):
    27. 

  27. 	def serialize(self, node, appstruct):
    28. 

  28. 		if appstruct is colander.null:
    29. 

  29. 			return colander.null
    30. 

  30. 		if not isinstance(appstruct, bool):
    31. 

  31. 		   raise Invalid(node, '%r is not a boolean')
    32. 

  32. 		return appstruct and 'true' or 'false'
    33. 

  33. 

  34. 	def deserialize(self, node, cstruct):
    35. 

  35. 		if cstruct is colander.null:
    36. 

  36. 		   return colander.null
    37. 

  37. 		if isinstance(cstruct, bool):
    38. 

  38. 			return cstruct
    39. 

  39. 		if not isinstance(cstruct, basestring):
    40. 

  40. 			raise Invalid(node, '%r is not a string' % cstruct)
    41. 

  41. 		value = cstruct.lower()
    42. 

  42. 		if value in ('true', 'yes', 'y', 'on', 't', '1'):
    43. 

  43. 			return True
    44. 

  44. 		return False
    45. 

  45. 

  46. 	def cstruct_children(self):
    47. 

  47. 		return []
    48. 

  48. 

  49. 	def unflatten(self, subnode, subpaths, subfstruct):
    50. 

  50. 		return self.deserialize(subnode, subfstruct[subnode.name])
    51. 

  51. 

  52. class UserSchema(colander.MappingSchema):
    53. 

  53. 	name = colander.SchemaNode(colander.String(),
    54. 

  54. 		title="User name",
    55. 

  55. 		description="A nice name for this user.",
    56. 

  56. 		validator=colander.Length(min=2))
    57. 

  57. 	login = colander.SchemaNode(colander.String(),
    58. 

  58. 		title="Login",
    59. 

  59. 		description="The handle that the user uses to login.",
    60. 

  60. 		validator=colander.Length(min=2))
    61. 

  61. 	email = colander.SchemaNode(colander.String(),
    62. 

  62. 		title="Email address",
    63. 

  63. 		description="The email address of this user.",
    64. 

  64. 		validator=colander.Email())
    65. 

  65. 	enabled = colander.SchemaNode(Boolean(),
    66. 

  66. 		title="Enabled",
    67. 

  67. 		description="If this user is enabled.",
    68. 

  68. 		missing=False,
    69. 

  69. 		default=False)
    70. 

  70. 	password = colander.SchemaNode(colander.String(),
    71. 

  71. 		title="Password",
    72. 

  72. 		description="The users password (blank to leave unchanged)",
    73. 

  73. 		default="",
    74. 

  74. 		missing="",
    75. 

  75. 		# TODO: more complex password requirements.
    76. 

  76. 		validator=colander.Length(min=8))
    77. 

  77. 

  78. class UserEditController(BaseController):
    79. 

  79. 	AUTH_METHODS = [BaseController.SUPER, BaseController.USER]
    80. 

  80. 

  81. 	def _get_user(self, user_id=None):
    82. 

  82. 		user = None
    83. 

  83. 		if user_id:
    84. 

  84. 			# Find and load the user.
    85. 

  85. 			user = self.session.query(
    86. 

  86. 				paasmaker.model.User
    87. 

  87. 			).get(int(user_id))
    88. 

  88. 			if not user:
    89. 

  89. 				raise HTTPError(404, "No such user.")
    90. 

  90. 

  91. 			self.add_data('user', user)
    92. 

  92. 

  93. 		return user
    94. 

  94. 

  95. 	def _default_user(self):
    96. 

  96. 		user = paasmaker.model.User()
    97. 

  97. 		user.name = ''
    98. 

  98. 		user.login = ''
    99. 

  99. 		user.email = ''
    100. 

  100. 		return user
    101. 

  101. 

  102. 	def get(self, user_id=None):
    103. 

  103. 		self.require_permission(constants.PERMISSION.USER_EDIT)
    104. 

  104. 		user = self._get_user(user_id)
    105. 

  105. 		if not user:
    106. 

  106. 			user = self._default_user()
    107. 

  107. 			self.add_data('user', user)
    108. 

  108. 

  109. 		self.client_side_render()
    110. 

  110. 

  111. 	def post(self, user_id=None):
    112. 

  112. 		self.require_permission(constants.PERMISSION.USER_EDIT)
    113. 

  113. 		user = self._get_user(user_id)
    114. 

  114. 

  115. 		valid_data = self.validate_data(UserSchema())
    116. 

  116. 

  117. 		if not user:
    118. 

  118. 			user = self._default_user()
    119. 

  119. 

  120. 		user.name = self.params['name']
    121. 

  121. 		user.login = self.params['login']
    122. 

  122. 		user.email = self.params['email']
    123. 

  123. 		user.enabled = self.params['enabled']
    124. 

  124. 

  125. 		if valid_data and not user.id:
    126. 

  126. 			# Password must be supplied.
    127. 

  127. 			if self.params['password'] == '':
    128. 

  128. 				self.add_error("No password supplied.")
    129. 

  129. 				valid_data = False
    130. 

  130. 

  131. 		if valid_data:
    132. 

  132. 			if self.params.has_key('password') and len(self.params['password']) > 0:
    133. 

  133. 				user.password = self.params['password']
    134. 

  134. 

  135. 			self.session.add(user)
    136. 

  136. 			try:
    137. 

  137. 				self.session.commit()
    138. 

  138. 				self.session.refresh(user)
    139. 

  139. 			except sqlalchemy.exc.IntegrityError, ex:
    140. 

  140. 				self.session.rollback()
    141. 

  141. 				self.reload_current_user()
    142. 

  142. 				if 'email is not' in str(ex):
    143. 

  143. 					valid_data = False
    144. 

  144. 					self.add_error('The email address is not unique.')
    145. 

  145. 				elif 'login is not' in str(ex):
    146. 

  146. 					valid_data = False
    147. 

  147. 					self.add_error('The login name is not unique.')
    148. 

  148. 				else:
    149. 

  149. 					raise ex
    150. 

  150. 

  151. 		if valid_data:
    152. 

  152. 			self.add_data('user', user)
    153. 

  153. 			self.redirect('/user/list')
    154. 

  154. 		else:
    155. 

  155. 			self.add_data('user', user)
    156. 

  156. 			self.render("user/edit.html")
    157. 

  157. 

  158. 	@staticmethod
    159. 

  159. 	def get_routes(configuration):
    160. 

  160. 		routes = []
    161. 

  161. 		routes.append((r"/user/create", UserEditController, configuration))
    162. 

  162. 		routes.append((r"/user/(\d+)", UserEditController, configuration))
    163. 

  163. 		return routes
    164. 

  164. 

  165. class UserListController(BaseController):
    166. 

  166. 	AUTH_METHODS = [BaseController.SUPER, BaseController.USER]
    167. 

  167. 

  168. 	def get(self):
    169. 

  169. 		self.require_permission(constants.PERMISSION.USER_LIST)
    170. 

  170. 		users = self.session.query(paasmaker.model.User)
    171. 

  171. 

  172. 		self._paginate('users', users)
    173. 

  173. 		# self.add_data('users', users)
    174. 

  174. 

  175. 		self.client_side_render()
    176. 

  176. 

  177. 	@staticmethod
    178. 

  178. 	def get_routes(configuration):
    179. 

  179. 		routes = []
    180. 

  180. 		routes.append((r"/user/list", UserListController, configuration))
    181. 

  181. 		return routes
    182. 

  182. 

  183. class UserEditControllerTest(BaseControllerTest):
    184. 

  184. 	config_modules = ['pacemaker']
    185. 

  185. 

  186. 	def get_app(self):
    187. 

  187. 		self.late_init_configuration(self.io_loop)
    188. 

  188. 		routes = UserEditController.get_routes({'configuration': self.configuration})
    189. 

  189. 		routes.extend(UserListController.get_routes({'configuration': self.configuration}))
    190. 

  190. 		application = tornado.web.Application(routes, **self.configuration.get_tornado_configuration())
    191. 

  191. 		return application
    192. 

  192. 

  193. 	def test_create(self):
    194. 

  194. 		# Create the user.
    195. 

  195. 		request = paasmaker.common.api.user.UserCreateAPIRequest(self.configuration)
    196. 

  196. 		request.set_superkey_auth()
    197. 

  197. 		request.set_user_params('User Name', 'username', 'username@example.com', True)
    198. 

  198. 		request.set_user_password('testtest')
    199. 

  199. 		request.send(self.stop)
    200. 

  200. 		response = self.wait()
    201. 

  201. 

  202. 		self.failIf(not response.success)
    203. 

  203. 		self.assertEquals(len(response.errors), 0, "There were errors.")
    204. 

  204. 		self.assertEquals(len(response.warnings), 0, "There were warnings.")
    205. 

  205. 		self.assertTrue(response.data.has_key('user'), "Missing user object in return data.")
    206. 

  206. 		self.assertTrue(response.data['user'].has_key('id'), "Missing ID in return data.")
    207. 

  207. 		self.assertTrue(response.data['user'].has_key('login'), "Missing login in return data.")
    208. 

  208. 		self.assertFalse(response.data['user'].has_key('password'), "Password was present in returned data.")
    209. 

  209. 		self.assertEquals(response.data['user']['enabled'], True, "User is not enabled.")
    210. 

  210. 

  211. 	def test_create_fail(self):
    212. 

  212. 		# Send through some bogus data.
    213. 

  213. 		request = paasmaker.common.api.user.UserCreateAPIRequest(self.configuration)
    214. 

  214. 		request.set_superkey_auth()
    215. 

  215. 		request.set_user_params('', '', '', True)
    216. 

  216. 		request.send(self.stop)
    217. 

  217. 		response = self.wait()
    218. 

  218. 

  219. 		self.failIf(response.success)
    220. 

  220. 		self.assertTrue('input_errors' in response.data, "Did not fail with errors.")
    221. 

  221. 		input_errors = response.data['input_errors']
    222. 

  222. 		self.assertTrue(input_errors.has_key('login'), "Missing error on login attribute.")
    223. 

  223. 		self.assertTrue(input_errors.has_key('name'), "Missing error on login attribute.")
    224. 

  224. 		self.assertTrue(input_errors.has_key('email'), "Missing error on login attribute.")
    225. 

  225. 

  226. 		# Now update the request somewhat, but fail to set a password.
    227. 

  227. 		request.set_user_params('User Name', 'username', 'username@example.com', True)
    228. 

  228. 		request.send(self.stop)
    229. 

  229. 		response = self.wait()
    230. 

  230. 

  231. 		self.failIf(response.success)
    232. 

  232. 		self.assertTrue("password" in response.errors[0], "Missing message in error.")
    233. 

  233. 

  234. 	def test_edit(self):
    235. 

  235. 		# Create the user.
    236. 

  236. 		request = paasmaker.common.api.user.UserCreateAPIRequest(self.configuration)
    237. 

  237. 		request.set_superkey_auth()
    238. 

  238. 		request.set_user_params('User Name', 'username', 'username@example.com', True)
    239. 

  239. 		request.set_user_password('testtest')
    240. 

  240. 		request.send(self.stop)
    241. 

  241. 		response = self.wait()
    242. 

  242. 

  243. 		self.failIf(not response.success)
    244. 

  244. 

  245. 		user_id = response.data['user']['id']
    246. 

  246. 

  247. 		# Set up the request.
    248. 

  248. 		request = paasmaker.common.api.user.UserEditAPIRequest(self.configuration)
    249. 

  249. 		request.set_superkey_auth()
    250. 

  250. 		# This loads the user data from the server.
    251. 

  251. 		request.load(user_id, self.stop, self.stop)
    252. 

  252. 		load_response = self.wait()
    253. 

  253. 

  254. 		# Now attempt to change the user.
    255. 

  255. 		request.set_user_name('Test Updated')
    256. 

  256. 

  257. 		# Send it along!
    258. 

  258. 		request.send(self.stop)
    259. 

  259. 		response = self.wait()
    260. 

  260. 

  261. 		self.failIf(not response.success)
    262. 

  262. 		self.assertEquals(response.data['user']['name'], 'Test Updated', 'Name was not updated.')
    263. 

  263. 		# Load up the user separately and confirm.
    264. 

  264. 		self.configuration.get_database_session(self.stop, None)
    265. 

  265. 		session = self.wait()
    266. 

  266. 		user = session.query(
    267. 

  267. 			paasmaker.model.User
    268. 

  268. 		).get(user_id)
    269. 

  269. 		self.assertEquals(user.name, 'Test Updated', 'Name was not updated.')
    270. 

  270. 

  271. 	def test_edit_fail(self):
    272. 

  272. 		# Create the user.
    273. 

  273. 		request = paasmaker.common.api.user.UserCreateAPIRequest(self.configuration)
    274. 

  274. 		request.set_superkey_auth()
    275. 

  275. 		request.set_user_params('User Name', 'username', 'username@example.com', True)
    276. 

  276. 		request.set_user_password('testtest')
    277. 

  277. 		request.send(self.stop)
    278. 

  278. 		response = self.wait()
    279. 

  279. 

  280. 		self.failIf(not response.success)
    281. 

  281. 

  282. 		user_id = response.data['user']['id']
    283. 

  283. 

  284. 		# Set up the request.
    285. 

  285. 		request = paasmaker.common.api.user.UserEditAPIRequest(self.configuration)
    286. 

  286. 		request.set_superkey_auth()
    287. 

  287. 		# This loads the user data from the server.
    288. 

  288. 		request.load(user_id, self.stop, self.stop)
    289. 

  289. 		load_response = self.wait()
    290. 

  290. 

  291. 		# Now attempt to change the user.
    292. 

  292. 		request.set_user_email('foo')
    293. 

  293. 

  294. 		# Send it along!
    295. 

  295. 		request.send(self.stop)
    296. 

  296. 		response = self.wait()
    297. 

  297. 

  298. 		self.failIf(response.success)
    299. 

  299. 		input_errors = response.data['input_errors']
    300. 

  300. 		self.assertTrue(input_errors.has_key('email'), "Missing error on email attribute.")
    301. 

  301. 

  302. 	def test_list(self):
    303. 

  303. 		# Create the user.
    304. 

  304. 		request = paasmaker.common.api.user.UserCreateAPIRequest(self.configuration)
    305. 

  305. 		request.set_superkey_auth()
    306. 

  306. 		request.set_user_params('User Name', 'username', 'username@example.com', True)
    307. 

  307. 		request.set_user_password('testtest')
    308. 

  308. 		request.send(self.stop)
    309. 

  309. 		response = self.wait()
    310. 

  310. 

  311. 		self.failIf(not response.success)
    312. 

  312. 

  313. 		request = paasmaker.common.api.user.UserListAPIRequest(self.configuration)
    314. 

  314. 		request.set_superkey_auth()
    315. 

  315. 		request.send(self.stop)
    316. 

  316. 		response = self.wait()
    317. 

  317. 

  318. 		self.failIf(not response.success)
    319. 

  319. 		self.assertTrue(response.data.has_key('users'), "Missing users list.")
    320. 

  320. 		self.assertEquals(len(response.data['users']), 1, "Not enough users returned.")
    321. 

  321. 		self.assertEquals(response.data['users'][0]['name'], 'User Name', "Returned user is not as expected.")
    322. 

  322.