Merge branch 'release/0.5.2'

libris · Nov 2, 2017 · 4b1d5a6 · 4b1d5a6
2 parents ec29703 + dde1cec
commit 4b1d5a6
Show file tree

Hide file tree

Showing 26 changed files with 398 additions and 126 deletions.
diff --git a/README.rst b/README.rst
@@ -183,10 +183,20 @@ DB Models
 Changelog
 =========
 
+v. 0.5.2
+--------
+
+* Add ``app_version`` property to response from OAuth2 API endpoints
+* Bug fixes for OAuth2 data model; fully re-created on ``flask db upgrade``
+  (`#68 <https://github.com/libris/xl_auth/issues/68>`_)
+* Updated Voyager/SysAdmin data import (`#38 <https://github.com/libris/xl_auth/issues/38>`_)
+
+
 v. 0.5.1
 --------
 
-* Update `/oauth/verify` API response format (`#68 <https://github.com/libris/xl_auth/issues/68>`_)
+* Update ``/oauth/verify`` API response format
+  (`#68 <https://github.com/libris/xl_auth/issues/68>`_)
 * Fix bug where collections would read the wrong active/inactive state from bibdb.libris.kb.se
 
 

diff --git a/ansible/roles/xl_auth/defaults/main.yml b/ansible/roles/xl_auth/defaults/main.yml
@@ -4,4 +4,6 @@ xl_auth_admin_pass: ""
 
 xl_auth_docker: "mblomdahl/xl_auth:latest"
 
+xl_auth_force_import: ""
+
 ...
diff --git a/ansible/roles/xl_auth/tasks/main.yml b/ansible/roles/xl_auth/tasks/main.yml
@@ -78,7 +78,7 @@
     env:
       FLASK_DEBUG: 0
       SQLALCHEMY_DATABASE_URI: postgresql://xl_auth:xl_auth@postgres/prod
-  when: start_xl_auth.changed
+  when: xl_auth_force_import or start_xl_auth.changed
   tags: xl_auth
 
 ...
diff --git a/messages.pot b/messages.pot
@@ -6,9 +6,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: xl_auth 0.4.6\n"
+"Project-Id-Version: xl_auth 0.5.1\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2017-10-30 15:05+0100\n"
+"POT-Creation-Date: 2017-11-02 10:58+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -172,15 +172,15 @@ msgstr ""
 msgid "Welcome"
 msgstr ""
 
-#: tests/end2end/test_logging_in.py:59 xl_auth/public/views.py:46
+#: tests/end2end/test_logging_in.py:72 xl_auth/public/views.py:55
 msgid "You are logged out."
 msgstr ""
 
-#: tests/end2end/test_logging_in.py:73 tests/forms/test_public.py:45 xl_auth/public/forms.py:37
+#: tests/end2end/test_logging_in.py:86 tests/forms/test_public.py:45 xl_auth/public/forms.py:38
 msgid "Invalid password"
 msgstr ""
 
-#: tests/end2end/test_logging_in.py:88 tests/forms/test_public.py:35 xl_auth/public/forms.py:33
+#: tests/end2end/test_logging_in.py:101 tests/forms/test_public.py:35 xl_auth/public/forms.py:34
 msgid "Unknown username/email"
 msgstr ""
 
@@ -268,7 +268,7 @@ msgstr ""
 msgid "Collection ID \"%(collection_id)s\" does not exist"
 msgstr ""
 
-#: tests/forms/test_public.py:56 xl_auth/public/forms.py:41
+#: tests/forms/test_public.py:56 xl_auth/public/forms.py:42
 msgid "User not activated"
 msgstr ""
 
@@ -343,6 +343,14 @@ msgstr ""
 msgid "Successfully deleted OAuth2 Grant token \"%(grant_id)s\"."
 msgstr ""
 
+#: xl_auth/oauth/forms.py:14
+msgid "Scope"
+msgstr ""
+
+#: xl_auth/oauth/forms.py:15
+msgid "Confirm"
+msgstr ""
+
 #: xl_auth/permission/forms.py:19 xl_auth/templates/grants/home.html:14
 #: xl_auth/templates/permissions/home.html:16 xl_auth/templates/tokens/home.html:14
 msgid "User"
@@ -371,15 +379,15 @@ msgstr ""
 msgid "Permission"
 msgstr ""
 
-#: xl_auth/public/forms.py:17 xl_auth/templates/public/home.html:38
+#: xl_auth/public/forms.py:17 xl_auth/templates/public/home.html:39
 msgid "Username"
 msgstr ""
 
-#: xl_auth/public/forms.py:18 xl_auth/templates/public/home.html:40 xl_auth/user/forms.py:15
+#: xl_auth/public/forms.py:18 xl_auth/templates/public/home.html:41 xl_auth/user/forms.py:15
 msgid "Password"
 msgstr ""
 
-#: xl_auth/public/views.py:32
+#: xl_auth/public/views.py:40
 msgid "You are logged in."
 msgstr ""
 
@@ -533,6 +541,14 @@ msgstr ""
 msgid "Delete grant"
 msgstr ""
 
+#: xl_auth/templates/oauth/authorize.html:7 xl_auth/templates/oauth/authorize.html:20
+msgid "Authorize"
+msgstr ""
+
+#: xl_auth/templates/oauth/errors.html:7
+msgid "OAuth Error"
+msgstr ""
+
 #: xl_auth/templates/permissions/edit.html:8
 msgid "Edit Existing Permission"
 msgstr ""
@@ -564,38 +580,38 @@ msgid "Welcome to xl_auth"
 msgstr ""
 
 #: xl_auth/templates/public/home.html:10 xl_auth/templates/public/home.html:27
-msgid "This is an early alpha release of Libris authorization service."
+msgid "This is an early beta release of Libris authorization service."
 msgstr ""
 
 #: xl_auth/templates/public/home.html:13 xl_auth/templates/public/home.html:30
 msgid "See email from customer service for instructions."
 msgstr ""
 
-#: xl_auth/templates/public/home.html:34 xl_auth/templates/public/home.html:42
+#: xl_auth/templates/public/home.html:34 xl_auth/templates/public/home.html:43
 msgid "Log in"
 msgstr ""
 
-#: xl_auth/templates/public/home.html:49
+#: xl_auth/templates/public/home.html:50
 msgid "The Libris blog"
 msgstr ""
 
-#: xl_auth/templates/public/home.html:50
+#: xl_auth/templates/public/home.html:51
 msgid "Read the latest news about the Libris collaboration."
 msgstr ""
 
-#: xl_auth/templates/public/home.html:51
+#: xl_auth/templates/public/home.html:52
 msgid "Go to the blog"
 msgstr ""
 
-#: xl_auth/templates/public/home.html:54
+#: xl_auth/templates/public/home.html:55
 msgid "Support forum"
 msgstr ""
 
-#: xl_auth/templates/public/home.html:55
+#: xl_auth/templates/public/home.html:56
 msgid "Get help, ask questions and report errors."
 msgstr ""
 
-#: xl_auth/templates/public/home.html:56
+#: xl_auth/templates/public/home.html:57
 msgid "Go to kundo"
 msgstr ""
 

diff --git a/migrations/versions/22069cad6602_restructure_oauth2_models.py b/migrations/versions/22069cad6602_restructure_oauth2_models.py
@@ -0,0 +1,127 @@
+"""Restructure OAuth2 models.
+
+Revision ID: 22069cad6602
+Revises: d7b1b886bf92
+Create Date: 2017-11-02 13:41:43.920256
+
+"""
+
+from __future__ import absolute_import, division, print_function, unicode_literals
+
+import sqlalchemy as sa
+from alembic import op
+
+# Revision identifiers, used by Alembic.
+revision = '22069cad6602'
+down_revision = 'd7b1b886bf92'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    """Re-create tables 'clients', 'grants' and 'tokens'."""
+    op.drop_table('clients')
+    op.drop_table('tokens')
+    op.drop_table('grants')
+
+    op.create_table(
+        'clients',
+        sa.Column('client_id', sa.String(length=32), nullable=False),
+        sa.Column('client_secret', sa.String(length=256), nullable=False),
+        sa.Column('created_by', sa.Integer(), nullable=False),
+        sa.Column('is_confidential', sa.Boolean(), nullable=False),
+        sa.Column('_redirect_uris', sa.Text(), nullable=False),
+        sa.Column('_default_scopes', sa.Text(), nullable=False),
+        sa.Column('name', sa.String(length=64), nullable=True),
+        sa.Column('description', sa.String(length=400), nullable=True),
+        sa.ForeignKeyConstraint(['created_by'], ['users.id'], ),
+        sa.PrimaryKeyConstraint('client_id'),
+        sa.UniqueConstraint('client_secret')
+    )
+
+    op.create_table(
+        'grants',
+        sa.Column('id', sa.Integer(), nullable=False),
+        sa.Column('user_id', sa.Integer(), nullable=False),
+        sa.Column('client_id', sa.String(length=32), nullable=False),
+        sa.Column('code', sa.String(length=256), nullable=False),
+        sa.Column('redirect_uri', sa.String(length=256), nullable=False),
+        sa.Column('expires_at', sa.DateTime(), nullable=False),
+        sa.Column('_scopes', sa.Text(), nullable=False),
+        sa.ForeignKeyConstraint(['client_id'], ['clients.client_id'], ondelete='CASCADE'),
+        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+        sa.PrimaryKeyConstraint('id')
+    )
+
+    op.create_table(
+        'tokens',
+        sa.Column('id', sa.Integer(), nullable=False),
+        sa.Column('user_id', sa.Integer(), nullable=False),
+        sa.Column('client_id', sa.String(length=32), nullable=False),
+        sa.Column('token_type', sa.String(length=40), nullable=False),
+        sa.Column('access_token', sa.String(length=256), nullable=False),
+        sa.Column('refresh_token', sa.String(length=256), nullable=False),
+        sa.Column('expires_at', sa.DateTime(), nullable=False),
+        sa.Column('_scopes', sa.Text(), nullable=False),
+        sa.ForeignKeyConstraint(['client_id'], ['clients.client_id'], ondelete='CASCADE'),
+        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint('access_token'),
+        sa.UniqueConstraint('refresh_token')
+    )
+
+
+def downgrade():
+    """Revert to old version of tables 'clients', 'grants' and 'tokens'."""
+    op.drop_table('tokens')
+    op.drop_table('grants')
+    op.drop_table('clients')
+
+    op.create_table(
+        'grants',
+        sa.Column('id', sa.INTEGER(), nullable=False),
+        sa.Column('user_id', sa.INTEGER(), nullable=False),
+        sa.Column('client_id', sa.INTEGER(), nullable=False),
+        sa.Column('code', sa.VARCHAR(length=256), nullable=False),
+        sa.Column('redirect_uri', sa.VARCHAR(length=256), nullable=False),
+        sa.Column('expires_at', sa.DATETIME(), nullable=False),
+        sa.Column('_scopes', sa.TEXT(), nullable=False),
+        sa.ForeignKeyConstraint(['client_id'], ['clients.id'], ondelete='CASCADE'),
+        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+        sa.PrimaryKeyConstraint('id')
+    )
+
+    op.create_table(
+        'tokens',
+        sa.Column('id', sa.INTEGER(), nullable=False),
+        sa.Column('user_id', sa.INTEGER(), nullable=False),
+        sa.Column('client_id', sa.INTEGER(), nullable=False),
+        sa.Column('token_type', sa.VARCHAR(length=40), nullable=False),
+        sa.Column('access_token', sa.VARCHAR(length=256), nullable=False),
+        sa.Column('refresh_token', sa.VARCHAR(length=256), nullable=False),
+        sa.Column('expires_at', sa.DATETIME(), nullable=False),
+        sa.Column('_scopes', sa.TEXT(), nullable=False),
+        sa.ForeignKeyConstraint(['client_id'], ['clients.id'], ondelete='CASCADE'),
+        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint('access_token'),
+        sa.UniqueConstraint('refresh_token')
+    )
+
+    op.create_table(
+        'clients',
+        sa.Column('id', sa.INTEGER(), nullable=False),
+        sa.Column('client_id', sa.VARCHAR(length=64), nullable=False),
+        sa.Column('client_secret', sa.VARCHAR(length=256), nullable=False),
+        sa.Column('created_by', sa.INTEGER(), nullable=False),
+        sa.Column('is_confidential', sa.BOOLEAN(), nullable=False),
+        sa.Column('_redirect_uris', sa.TEXT(), nullable=False),
+        sa.Column('_default_scopes', sa.TEXT(), nullable=False),
+        sa.Column('name', sa.VARCHAR(length=64), nullable=True),
+        sa.Column('description', sa.VARCHAR(length=400), nullable=True),
+        sa.CheckConstraint('is_confidential IN (0, 1)'),
+        sa.ForeignKeyConstraint(['created_by'], ['users.id'], ),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint('client_id'),
+        sa.UniqueConstraint('client_secret')
+    )
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "xl_auth",
-  "version": "0.5.1",
+  "version": "0.5.2",
   "author": "National Library of Sweden",
   "license": "Apache-2.0",
   "description": "OAuth2 authorization for LibrisXL, replacing BibDB counterpart",

diff --git a/tests/end2end/test_deleting_client.py b/tests/end2end/test_deleting_client.py
@@ -28,7 +28,7 @@ def test_superuser_can_delete_existing_client(superuser, client, testapp):
 
     res = testapp.get('/clients/')
     # Clicks Delete button on a client
-    res = res.click(href=url_for('client.delete', id=client.id)).follow()
+    res = res.click(href=url_for('client.delete', client_id=client.client_id)).follow()
     assert res.status_code == 200
     # Client was deleted, so number of clients are 1 less than initial state
     assert _('Successfully deleted OAuth2 Client "%(name)s".', name=name) in res
@@ -54,7 +54,7 @@ def test_user_cannot_delete_client(user, client, testapp):
     testapp.get('/clients/', status=403)
 
     # Try to delete
-    testapp.delete(url_for('client.delete', id=client.id), status=403)
+    testapp.delete(url_for('client.delete', client_id=client.client_id), status=403)
 
     # Nothing was deleted
     assert len(Client.query.all()) == old_count
diff --git a/tests/end2end/test_editing_client.py b/tests/end2end/test_editing_client.py
@@ -27,7 +27,7 @@ def test_superuser_can_edit_existing_client(superuser, client, testapp):
 
     res = testapp.get('/clients/')
     # Clicks Edit Client button
-    res = res.click(href=url_for('client.edit', id=client.id))
+    res = res.click(href=url_for('client.edit', client_id=client.client_id))
 
     # Fills out the form
     form = res.forms['editForm']
@@ -66,4 +66,4 @@ def test_user_cannot_edit_existing_client(user, client, testapp):
     testapp.get('/clients/', status=403)
 
     # Try to go directly to edit
-    testapp.get(url_for('client.edit', id=client.id), status=403)
+    testapp.get(url_for('client.edit', client_id=client.client_id), status=403)
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,4 +4,6 @@ xl_auth_admin_pass: ""

		xl_auth_docker: "mblomdahl/xl_auth:latest"

		xl_auth_force_import: ""

		...