Show More
| @@ -135,7 +135,7 b' class TestAdminUsersView(TestController)' | |||||
| 135 | self.log_user() |
|
135 | self.log_user() | |
| 136 | user = user_util.create_user() |
|
136 | user = user_util.create_user() | |
| 137 | user_id = user.user_id |
|
137 | user_id = user.user_id | |
| 138 |
keys = user. |
|
138 | keys = user.auth_tokens | |
| 139 | assert 2 == len(keys) |
|
139 | assert 2 == len(keys) | |
| 140 |
|
140 | |||
| 141 | response = self.app.post( |
|
141 | response = self.app.post( | |
| @@ -87,7 +87,7 b' class TestMyAccountAuthTokens(TestContro' | |||||
| 87 | self.log_user(user.username, 'qweqwe') |
|
87 | self.log_user(user.username, 'qweqwe') | |
| 88 |
|
88 | |||
| 89 | user = User.get(user_id) |
|
89 | user = User.get(user_id) | |
| 90 |
keys = user.e |
|
90 | keys = user.get_auth_tokens() | |
| 91 | assert 2 == len(keys) |
|
91 | assert 2 == len(keys) | |
| 92 |
|
92 | |||
| 93 | response = self.app.post( |
|
93 | response = self.app.post( | |
| @@ -98,7 +98,7 b' class TestMyAccountAuthTokens(TestContro' | |||||
| 98 | response.follow() |
|
98 | response.follow() | |
| 99 |
|
99 | |||
| 100 | user = User.get(user_id) |
|
100 | user = User.get(user_id) | |
| 101 |
keys = user.e |
|
101 | keys = user.get_auth_tokens() | |
| 102 | assert 3 == len(keys) |
|
102 | assert 3 == len(keys) | |
| 103 |
|
103 | |||
| 104 | response = self.app.post( |
|
104 | response = self.app.post( | |
| @@ -107,5 +107,5 b' class TestMyAccountAuthTokens(TestContro' | |||||
| 107 | assert_session_flash(response, 'Auth token successfully deleted') |
|
107 | assert_session_flash(response, 'Auth token successfully deleted') | |
| 108 |
|
108 | |||
| 109 | user = User.get(user_id) |
|
109 | user = User.get(user_id) | |
| 110 |
keys = user. |
|
110 | keys = user.auth_tokens | |
| 111 | assert 2 == len(keys) |
|
111 | assert 2 == len(keys) | |
| @@ -865,7 +865,7 b' class AuthUser(object):' | |||||
| 865 | Fills in user data and propagates values to this instance. Maps fetched |
|
865 | Fills in user data and propagates values to this instance. Maps fetched | |
| 866 | user attributes to this class instance attributes |
|
866 | user attributes to this class instance attributes | |
| 867 | """ |
|
867 | """ | |
| 868 |
log.debug('starting data propagation for new potential |
|
868 | log.debug('AuthUser: starting data propagation for new potential user') | |
| 869 | user_model = UserModel() |
|
869 | user_model = UserModel() | |
| 870 | anon_user = self.anonymous_user = User.get_default_user(cache=True) |
|
870 | anon_user = self.anonymous_user = User.get_default_user(cache=True) | |
| 871 | is_user_loaded = False |
|
871 | is_user_loaded = False | |
| @@ -904,7 +904,7 b' class AuthUser(object):' | |||||
| 904 | if not self.username: |
|
904 | if not self.username: | |
| 905 | self.username = 'None' |
|
905 | self.username = 'None' | |
| 906 |
|
906 | |||
| 907 |
log.debug('Auth |
|
907 | log.debug('AuthUser: propagated user is now %s' % self) | |
| 908 |
|
908 | |||
| 909 | def get_perms(self, user, scope=None, explicit=True, algo='higherwin', |
|
909 | def get_perms(self, user, scope=None, explicit=True, algo='higherwin', | |
| 910 | cache=False): |
|
910 | cache=False): | |
| @@ -624,10 +624,10 b' class User(Base, BaseModel):' | |||||
| 624 |
|
624 | |||
| 625 | @property |
|
625 | @property | |
| 626 | def auth_tokens(self): |
|
626 | def auth_tokens(self): | |
| 627 |
|
|
627 | auth_tokens = self.get_auth_tokens() | |
| 628 |
|
628 | return [x.api_key for x in auth_tokens] | ||
| 629 | @property |
|
629 | ||
| 630 |
def e |
|
630 | def get_auth_tokens(self): | |
| 631 | return UserApiKeys.query().filter(UserApiKeys.user == self).all() |
|
631 | return UserApiKeys.query().filter(UserApiKeys.user == self).all() | |
| 632 |
|
632 | |||
| 633 | @property |
|
633 | @property | |
| @@ -938,12 +938,11 b' class User(Base, BaseModel):' | |||||
| 938 | if details == 'basic': |
|
938 | if details == 'basic': | |
| 939 | return data |
|
939 | return data | |
| 940 |
|
940 | |||
| 941 |
a |
|
941 | auth_token_length = 40 | |
| 942 |
a |
|
942 | auth_token_replacement = '*' * auth_token_length | |
| 943 |
|
943 | |||
| 944 | extras = { |
|
944 | extras = { | |
| 945 |
'a |
|
945 | 'auth_tokens': [auth_token_replacement], | |
| 946 | 'auth_tokens': [api_key_replacement], |
|
|||
| 947 | 'active': user.active, |
|
946 | 'active': user.active, | |
| 948 | 'admin': user.admin, |
|
947 | 'admin': user.admin, | |
| 949 | 'extern_type': user.extern_type, |
|
948 | 'extern_type': user.extern_type, | |
| @@ -956,8 +955,7 b' class User(Base, BaseModel):' | |||||
| 956 | data.update(extras) |
|
955 | data.update(extras) | |
| 957 |
|
956 | |||
| 958 | if include_secrets: |
|
957 | if include_secrets: | |
| 959 |
data['a |
|
958 | data['auth_tokens'] = user.auth_tokens | |
| 960 | data['auth_tokens'] = user.extra_auth_tokens |
|
|||
| 961 | return data |
|
959 | return data | |
| 962 |
|
960 | |||
| 963 | def __json__(self): |
|
961 | def __json__(self): | |
| @@ -372,7 +372,10 b' class UserModel(BaseModel):' | |||||
| 372 | AuthTokenModel().create(username, |
|
372 | AuthTokenModel().create(username, | |
| 373 | description='Generated feed token', |
|
373 | description='Generated feed token', | |
| 374 | role=AuthTokenModel.cls.ROLE_FEED) |
|
374 | role=AuthTokenModel.cls.ROLE_FEED) | |
| 375 |
|
|
375 | kwargs = new_user.get_dict() | |
|
|
376 | # backward compat, require api_keys present | |||
|
|
377 | kwargs['api_keys'] = kwargs['auth_tokens'] | |||
|
|
378 | log_create_user(created_by=cur_user, **kwargs) | |||
| 376 | events.trigger(events.UserPostCreate(user_data)) |
|
379 | events.trigger(events.UserPostCreate(user_data)) | |
| 377 | return new_user |
|
380 | return new_user | |
| 378 | except (DatabaseError,): |
|
381 | except (DatabaseError,): | |
| @@ -675,17 +678,15 b' class UserModel(BaseModel):' | |||||
| 675 | return False |
|
678 | return False | |
| 676 |
|
679 | |||
| 677 | log.debug('filling user:%s data', dbuser) |
|
680 | log.debug('filling user:%s data', dbuser) | |
|
|
681 | user_data = dbuser.get_dict() | |||
| 678 |
|
682 | |||
| 679 | # TODO: johbo: Think about this and find a clean solution |
|
|||
| 680 | user_data = dbuser.get_dict() |
|
|||
| 681 | user_data.update(dbuser.get_api_data(include_secrets=True)) |
|
|||
| 682 | user_data.update({ |
|
683 | user_data.update({ | |
| 683 | # set explicit the safe escaped values |
|
684 | # set explicit the safe escaped values | |
| 684 | 'first_name': dbuser.first_name, |
|
685 | 'first_name': dbuser.first_name, | |
| 685 | 'last_name': dbuser.last_name, |
|
686 | 'last_name': dbuser.last_name, | |
| 686 | }) |
|
687 | }) | |
| 687 |
|
688 | |||
| 688 |
for k, v in user_data. |
|
689 | for k, v in user_data.items(): | |
| 689 | # properties of auth user we dont update |
|
690 | # properties of auth user we dont update | |
| 690 | if k not in ['auth_tokens', 'permissions']: |
|
691 | if k not in ['auth_tokens', 'permissions']: | |
| 691 | setattr(auth_user, k, v) |
|
692 | setattr(auth_user, k, v) | |
| @@ -190,13 +190,13 b' def test_get_api_data_replaces_secret_da' | |||||
| 190 | api_key_length = 40 |
|
190 | api_key_length = 40 | |
| 191 | expected_replacement = '*' * api_key_length |
|
191 | expected_replacement = '*' * api_key_length | |
| 192 |
|
192 | |||
| 193 |
for key in api_data['a |
|
193 | for key in api_data['auth_tokens']: | |
| 194 | assert key == expected_replacement |
|
194 | assert key == expected_replacement | |
| 195 |
|
195 | |||
| 196 |
|
196 | |||
| 197 | def test_get_api_data_includes_secret_data_if_activated(test_user): |
|
197 | def test_get_api_data_includes_secret_data_if_activated(test_user): | |
| 198 | api_data = test_user.get_api_data(include_secrets=True) |
|
198 | api_data = test_user.get_api_data(include_secrets=True) | |
| 199 |
assert api_data['a |
|
199 | assert api_data['auth_tokens'] == test_user.auth_tokens | |
| 200 |
|
200 | |||
| 201 |
|
201 | |||
| 202 | def test_add_perm(test_user): |
|
202 | def test_add_perm(test_user): | |
General Comments 0
You need to be logged in to leave comments.
Login now