Merge branch 'develop' into feature/51_restore_mail_notifier

README.md

@@ -74,23 +74,44 @@ Initialize the database using [tracimcli](doc/cli.md) tool
 
     tracimcli db init
 
-### Run Tracim_backend ###
+create wsgidav configuration file for webdav:
 
-Run your project:
+    cp wsgidav.conf.sample wsgidav.conf
 
-    pserve development.ini
+## Run Tracim_backend ##
 
-### Configure and Run Webdav Server (Unstable) ###
+### With Uwsgi ###
 
-create wsgidav configuration file :
+Run all services with uwsgi
 
-    cp wsgidav.conf.sample wsgidav.conf
+    # install uwsgi with pip ( unneeded if you already have uwsgi with python3 plugin enabled)
+    sudo pip3 install uwsgi
+    # set tracim_conf_file path
+    export TRACIM_CONF_PATH="$(pwd)/development.ini"
+    export TRACIM_WEBDAV_CONF_PATH="$(pwd)/wsgidav.conf"
+    # pyramid webserver
+    uwsgi -d /tmp/tracim_web.log --http-socket :6543 --wsgi-file wsgi/web.py -H env --pidfile /tmp/tracim_web.pid
+    # webdav wsgidav server
+    uwsgi -d /tmp/tracim_webdav.log --http-socket :3030 --wsgi-file wsgi/webdav.py -H env --pidfile /tmp/tracim_webdav.pid
+
+to stop them:
+
+    # pyramid webserver
+    uwsgi --stop /tmp/tracim_web.pid
+    # webdav wsgidav server
+    uwsgi --stop /tmp/tracim_webdav.pid
+
+### With Waitress (legacy way, usefull for debug) ###
+
+run tracim_backend web api:
+
+    pserve developement.ini
 
 run wsgidav server:
 
     tracimcli webdav start
 
-### Run Tests ###
+## Run Tests and others checks ##
 
 Before running some functional test related to email, you need a local working *MailHog*
 see here : https://github.com/mailhog/MailHog
@@ -100,7 +121,6 @@ You can run it this way with docker :
     docker pull mailhog/mailhog
     docker run -d -p 1025:1025 -p 8025:8025 mailhog/mailhog
 
-
 Run your project's tests:
 
     pytest

tracim/__init__.py

@@ -16,6 +16,7 @@ from tracim.lib.utils.authorization import TRACIM_DEFAULT_PERM
 from tracim.views import BASE_API_V2
 from tracim.views.core_api.session_controller import SessionController
 from tracim.views.errors import ErrorSchema
+from tracim.lib.utils.cors import add_cors_support
 
 
 def main(global_config, **settings):
@@ -31,6 +32,9 @@ def main(global_config, **settings):
         basic_auth_check_credentials,
         realm=BASIC_AUTH_WEBUI_REALM,
     )
+    configurator.include(add_cors_support)
+    # make sure to add this before other routes to intercept OPTIONS
+    configurator.add_cors_preflight_handler()
     # Default authorization : Accept anything.
     configurator.set_authorization_policy(AcceptAllAuthorizationPolicy())
     configurator.set_authentication_policy(authn_policy)

tracim/lib/utils/cors.py

@@ -0,0 +1,77 @@
+# -*- coding: utf-8 -*-
+# INFO - G.M -17-05-2018 - CORS support
+# original code from https://gist.github.com/mmerickel/1afaf64154b335b596e4
+# see also
+# here : https://groups.google.com/forum/#!topic/pylons-discuss/2Sw4OkOnZcE
+from pyramid.events import NewResponse
+
+
+def add_cors_support(config):
+    # INFO - G.M - 17-05-2018 - CORS Preflight stuff (special requests)
+    config.add_directive(
+        'add_cors_preflight_handler',
+        add_cors_preflight_handler
+    )
+    config.add_route_predicate('cors_preflight', CorsPreflightPredicate)
+
+    # INFO - G.M - 17-05-2018 CORS Headers for all responses
+    config.add_subscriber(add_cors_to_response, NewResponse)
+
+
+class CorsPreflightPredicate(object):
+    def __init__(self, val, config):
+        self.val = val
+
+    def text(self):
+        return 'cors_preflight = %s' % bool(self.val)
+
+    phash = text
+
+    def __call__(self, context, request):
+        if not self.val:
+            return False
+        return (
+            request.method == 'OPTIONS' and
+            'Origin' in request.headers and
+            'Access-Control-Request-Method' in request.headers
+        )
+
+
+def add_cors_preflight_handler(config):
+    # INFO - G.M - 17-05-2018 - Add route for CORS preflight
+    # see https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request
+    # for more info about preflight
+
+    config.add_route(
+        'cors-options-preflight', '/{catch_all:.*}',
+        cors_preflight=True,
+    )
+    config.add_view(
+        cors_options_view,
+        route_name='cors-options-preflight',
+    )
+
+
+def cors_options_view(context, request):
+    response = request.response
+    if 'Access-Control-Request-Headers' in request.headers:
+        response.headers['Access-Control-Allow-Methods'] = (
+            'OPTIONS,HEAD,GET,POST,PUT,DELETE'
+        )
+    response.headers['Access-Control-Allow-Headers'] = (
+        'Content-Type,Accept,Accept-Language,Authorization,X-Request-ID'
+    )
+    return response
+
+
+def add_cors_to_response(event):
+    # INFO - G.M - 17-05-2018 - Add some CORS headers to all requests
+    request = event.request
+    response = event.response
+    if 'Origin' in request.headers:
+        response.headers['Access-Control-Expose-Headers'] = (
+            'Content-Type,Date,Content-Length,Authorization,X-Request-ID'
+        )
+        # TODO - G.M - 17-05-2018 - Allow to configure this header in config
+        response.headers['Access-Control-Allow-Origin'] = '*'
+        response.headers['Access-Control-Allow-Credentials'] = 'true'

tracim/tests/functional/test_session.py

@@ -37,7 +37,7 @@ class TestLoginEndpointUnititedDB(FunctionalTestNoDB):
 
 class TestLoginEndpoint(FunctionalTest):
 
-    def test_api__try_login_enpoint__ok_204__nominal_case(self):
+    def test_api__try_login_enpoint__ok_200__nominal_case(self):
         params = {
             'email': 'admin@admin.admin',
             'password': 'admin@admin.admin',
@@ -45,8 +45,17 @@ class TestLoginEndpoint(FunctionalTest):
         res = self.testapp.post_json(
             '/api/v2/sessions/login',
             params=params,
-            status=204,
+            status=200,
         )
+        assert res.json_body['display_name'] == 'Global manager'
+        assert res.json_body['email'] == 'admin@admin.admin'
+        assert res.json_body['created']
+        assert res.json_body['is_active']
+        assert res.json_body['profile']
+        assert isinstance(res.json_body['profile']['id'], int)
+        assert res.json_body['profile']['slug'] == 'administrators'
+        assert res.json_body['caldav_url'] is None
+        assert res.json_body['avatar_url'] is None
 
     def test_api__try_login_enpoint__err_400__bad_password(self):
         params = {

tracim/views/core_api/session_controller.py

@@ -25,7 +25,8 @@ class SessionController(Controller):
     @hapic.handle_exception(AuthenticationFailed, HTTPStatus.BAD_REQUEST)
     # TODO - G.M - 17-04-2018 - fix output header ?
     # @hapic.output_headers()
-    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
+    @hapic.output_body(UserSchema(),)
+    #@hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
     def login(self, context, request: TracimRequest, hapic_data=None):
         """
         Logs user into the system
@@ -38,7 +39,8 @@ class SessionController(Controller):
             session=request.dbsession,
             config=app_config,
         )
-        return uapi.authenticate_user(login.email, login.password)
+        user = uapi.authenticate_user(login.email, login.password)
+        return uapi.get_user_with_context(user)
 
     @hapic.with_api_doc()
     @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8

wsgi/web.py

@@ -0,0 +1,9 @@
+# coding=utf-8
+# Runner for uwsgi
+import os
+import pyramid.paster
+
+config_uri = os.environ['TRACIM_CONF_PATH']
+
+pyramid.paster.setup_logging(config_uri)
+application = pyramid.paster.get_app(config_uri)

wsgi/webdav.py

@@ -0,0 +1,12 @@
+# coding=utf-8
+# Runner for uwsgi
+from tracim.lib.webdav import WebdavAppFactory
+import os
+
+config_uri = os.environ['TRACIM_CONF_PATH']
+webdav_config_uri = os.environ['TRACIM_WEBDAV_CONF_PATH']
+app_factory = WebdavAppFactory(
+    tracim_config_file_path=config_uri,
+    webdav_config_file_path=webdav_config_uri,
+)
+application = app_factory.get_wsgi_app()