TG-33

Merge branch 'master' of https://git.rdrive.ovh/Project_OLA/OLA
2017-03-07 06:22:21 +01:00
parent 4223964b8a 5f51010615
commit 10823c826c
19 changed files with 854 additions and 181 deletions
--- a/backend/OLA.mysql
+++ b/backend/OLA.mysql
@ -23,14 +23,15 @@ CREATE TABLE IF NOT EXISTS SETTINGS

 CREATE TABLE IF NOT EXISTS `GROUP`
 (
-    id BIGINT NOT NULL AUTO_INCREMENT,
-    `name` VARCHAR(128) NOT NULL UNIQUE,
-    `year` CHARACTER(4) NOT NULL,
-    class_short VARCHAR(128) NOT NULL,
-    class_long VARCHAR(512),
-    department VARCHAR(256),
-    resp_id BIGINT,
-    ressources_dir VARCHAR(512),
+  id             BIGINT NOT NULL AUTO_INCREMENT,
+  `name`         VARCHAR(128) NOT NULL UNIQUE,
+  `year`         CHARACTER(4) NOT NULL,
+  class_short    VARCHAR(128) NOT NULL,
+  class_long     VARCHAR(512),
+  department     VARCHAR(256),
+  resp_id        BIGINT,
+  sec_id         BIGINT,
+  ressources_dir VARCHAR(512),
    PRIMARY KEY(id)
 ) ENGINE = INNODB;

@ -96,7 +97,11 @@ CREATE TABLE IF NOT EXISTS HASHTABLE
 # Create FKs
 ALTER TABLE `GROUP`
    ADD    FOREIGN KEY (resp_id)
-    REFERENCES `USER`(id)
+    REFERENCES `USER`(id);
+
+ALTER TABLE `GROUP`
+  ADD FOREIGN KEY (sec_id)
+REFERENCES `USER` (id)
 ;

 ALTER TABLE TUTORSHIP
--- a/backend/README.md
+++ b/backend/README.md
@ -26,6 +26,9 @@ python-tk
 pdftk
 libmagickwand-dev
 ```
+```
+apt install python-dev python-pip libtiff5-dev libjpeg8-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python-tk pdftk libmagickwand-dev
+```

 ## Python

--- a/backend/app/api/UserInfoAPI.py
+++ b/backend/app/api/UserInfoAPI.py
@ -0,0 +1,12 @@
+from flask import session
+from flask_restful import Resource
+
+
+class UserInfoAPI(Resource):
+    """
+        UserInfo Api Resource
+    """
+
+    def get(self):
+        user = session["user"]
+        return {'USER': user}, 200
--- a/backend/app/api/loginAPI.py
+++ b/backend/app/api/loginAPI.py
@ -2,7 +2,6 @@ from flask import session
 from flask_restful import Resource
 from flask_restful.reqparse import RequestParser

-from app.core import cas
 from app.model import *


@ -12,6 +11,8 @@ class LoginAPI(Resource):
    """

    def get(self):
+        if "user" in session and session["user"] is not None:
+            return {'AUTH_RESULT': 'ALREADY_LOGGED'}, 201
        userInfo = self.getUserInfoFromCAS()

        if userInfo is not None:
@ -20,8 +21,10 @@ class LoginAPI(Resource):
                session['user'] = user
                return {'AUTH_RESULT': 'OK'}, 200
            else:
+                session['user'] = None
                return {'AUTH_RESULT': 'NOT_ALLOWED'}, 403
        else:
+            session['user'] = None
            return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401

    def delete(self):
--- a/backend/app/urls.py
+++ b/backend/app/urls.py
@ -1,3 +1,4 @@
+from app.api.UserInfoAPI import UserInfoAPI
 from app.api.exampleapi import SomeApi
 from app.api.loginAPI import LoginAPI
 from app.core import api
--- a/backend/tests/api/test_loginAPI.py
+++ b/backend/tests/api/test_loginAPI.py
@ -18,7 +18,8 @@ class AuthTestCase(unittest.TestCase):
            res = query.execute()
            cls.uid = res.lastrowid
            query = GROUP.insert().values(name="test", year="2017", class_long="classe toto", class_short="toto",
-                                          department="plop", ressources_dir="/plop/toto", resp_id=cls.uid)
+                                          department="plop", ressources_dir="/plop/toto", resp_id=cls.uid,
+                                          sec_id=cls.uid)
            res = query.execute()
            cls.gid = res.lastrowid
            query = TUTORSHIP.insert().values(student_id=cls.uid, ptutor_id=cls.uid, group_id=cls.gid)
@ -50,6 +51,9 @@ class AuthTestCase(unittest.TestCase):
                                 )
                             ), content_type='application/json')

+    def getUserInfo(self):
+        return self.app.get('/api/userInfo')
+
    def logout(self):
        return self.app.delete('/api/login')

@ -57,12 +61,24 @@ class AuthTestCase(unittest.TestCase):
        rv = self.login('admin', 'admin')
        self.assertEqual(rv.status_code, 200, 'Login as admin Failed')

+        rv = self.login('admin', 'admin')
+        self.assertEqual(rv.status_code, 201, 'Login as admin succeed but should have already been done')
+
+        rv = self.getUserInfo()
+        self.assertEqual(rv.status_code, 200, 'Getting user info failed')
+        self.assertEqual({"id": getUser(login="admin")["id"], "login": "admin", "email": "admin@admin.com", "role": 4,
+                          "phone": "00.00.00.00.00"}, json.loads(rv.data)['USER'], 'Invalid user info')
+
        rv = self.logout()
        self.assertEqual(rv.status_code, 200, 'Logout Failed')

        rv = self.login('adminx', 'admin')
        self.assertEqual(rv.status_code, 401, 'Authentication from CAS has not failed for the invalid user xadmin !')

+        rv = self.getUserInfo()
+        self.assertEqual(rv.status_code, 200, 'Getting user info failed')
+        self.assertIsNone(json.loads(rv.data)['USER'], 'User info should be None')
+
        rv = self.login('admin', 'adminx')
        self.assertEqual(rv.status_code, 401,
                         'Authentication from CAS has not failed for the invalid password xadmin !')