Merge branch 'feature/578_add_api_for_workspace/apps' of github.com:tracim/tracim_backend into fix/few_more_tests

setup.py

@@ -39,6 +39,7 @@ requires = [
     'lxml',
     'redis',
     'rq',
+    'python-slugify',
 ]
 
 tests_require = [

tracim/__init__.py

@@ -18,6 +18,9 @@ from tracim.lib.utils.authorization import TRACIM_DEFAULT_PERM
 from tracim.lib.webdav import WebdavAppFactory
 from tracim.views import BASE_API_V2
 from tracim.views.core_api.session_controller import SessionController
+from tracim.views.core_api.system_controller import SystemController
+from tracim.views.core_api.user_controller import UserController
+from tracim.views.core_api.workspace_controller import WorkspaceController
 from tracim.views.errors import ErrorSchema
 from tracim.lib.utils.cors import add_cors_support
 
@@ -62,8 +65,14 @@ def web(global_config, **local_settings):
     context.handle_exception(NotFound, 404)
     context.handle_exception(OperationalError, 500)
     # Add controllers
-    session_api = SessionController()
-    configurator.include(session_api.bind, route_prefix=BASE_API_V2)
+    session_controller = SessionController()
+    system_controller = SystemController()
+    user_controller = UserController()
+    workspace_controller = WorkspaceController()
+    configurator.include(session_controller.bind, route_prefix=BASE_API_V2)
+    configurator.include(system_controller.bind, route_prefix=BASE_API_V2)
+    configurator.include(user_controller.bind, route_prefix=BASE_API_V2)
+    configurator.include(workspace_controller.bind, route_prefix=BASE_API_V2)
     hapic.add_documentation_view(
         '/api/v2/doc',
         'Tracim v2 API',

tracim/command/user.py

@@ -175,6 +175,7 @@ class UserCommand(AppContextCommand):
         self._group_api = GroupApi(
             current_user=None,
             session=self._session,
+            config=self._app_config,
         )
         user = self._proceed_user(parsed_args)
         self._proceed_groups(user, parsed_args)

tracim/fixtures/content.py

@@ -24,10 +24,12 @@ class Content(Fixture):
         admin_workspace_api = WorkspaceApi(
             current_user=admin,
             session=self._session,
+            config=self._config,
         )
         bob_workspace_api = WorkspaceApi(
             current_user=bob,
             session=self._session,
+            config=self._config
         )
         content_api = ContentApi(
             current_user=admin,
@@ -37,12 +39,25 @@ class Content(Fixture):
         role_api = RoleApi(
             current_user=admin,
             session=self._session,
+            config=self._config,
         )
 
         # Workspaces
-        w1 = admin_workspace_api.create_workspace('w1', save_now=True)
-        w2 = bob_workspace_api.create_workspace('w2', save_now=True)
-        w3 = admin_workspace_api.create_workspace('w3', save_now=True)
+        w1 = admin_workspace_api.create_workspace(
+            'w1',
+            description='This is a workspace',
+            save_now=True
+        )
+        w2 = bob_workspace_api.create_workspace(
+            'w2',
+            description='A great workspace',
+            save_now=True
+        )
+        w3 = admin_workspace_api.create_workspace(
+            'w3',
+            description='Just another workspace',
+            save_now=True
+        )
 
         # Workspaces roles
         role_api.create_one(

tracim/lib/core/group.py

@@ -4,6 +4,8 @@ import typing
 from sqlalchemy.orm.exc import NoResultFound
 
 from tracim.exceptions import GroupNotExist
+from tracim import CFG
+
 
 __author__ = 'damien'
 
@@ -18,9 +20,12 @@ class GroupApi(object):
             self,
             session: Session,
             current_user: typing.Optional[User],
+            config: CFG
+
     ):
         self._user = current_user
         self._session = session
+        self._config = config
 
     def _base_query(self) -> Query:
         return self._session.query(Group)

tracim/lib/core/user.py

@@ -10,7 +10,7 @@ from tracim.lib.mail_notifier.notifier import get_email_manager
 from sqlalchemy.orm import Session
 
 from tracim import CFG
-from tracim.models.auth import User
+from tracim.models.auth import User, Group
 from sqlalchemy.orm.exc import NoResultFound
 from tracim.exceptions import WrongUserPassword, UserNotExist
 from tracim.exceptions import AuthenticationFailed
@@ -49,7 +49,11 @@ class UserApi(object):
         """
         Get one user by user id
         """
-        return self._base_query().filter(User.user_id == user_id).one()
+        try:
+            user = self._base_query().filter(User.user_id == user_id).one()
+        except NoResultFound:
+            raise UserNotExist()
+        return user
 
     def get_one_by_email(self, email: str) -> User:
         """
@@ -57,7 +61,11 @@ class UserApi(object):
         :param email: Email of the user
         :return: one user
         """
-        return self._base_query().filter(User.email == email).one()
+        try:
+            user = self._base_query().filter(User.email == email).one()
+        except NoResultFound:
+            raise UserNotExist()
+        return user
 
     # FIXME - G.M - 24-04-2018 - Duplicate method with get_one.
     def get_one_by_id(self, id: int) -> User:
@@ -98,7 +106,7 @@ class UserApi(object):
                 return user
             else:
                 raise WrongUserPassword()
-        except (WrongUserPassword, NoResultFound):
+        except (WrongUserPassword, NoResultFound, UserNotExist):
             raise AuthenticationFailed()
 
     # Actions

tracim/lib/core/userworkspace.py

@@ -1,10 +1,13 @@
 # -*- coding: utf-8 -*-
 import typing
 
+from tracim import CFG
+from tracim.models.context_models import UserRoleWorkspaceInContext
+
 __author__ = 'damien'
 
 from sqlalchemy.orm import Session
-from tracim.models.auth import User
+from tracim.models.auth import User, Group
 from tracim.models.data import Workspace
 from tracim.models.data import UserRoleInWorkspace
 from tracim.models.data import RoleType
@@ -38,6 +41,20 @@ class RoleApi(object):
         ],
     }
 
+    def get_user_role_workspace_with_context(
+            self,
+            user_role: UserRoleInWorkspace
+    ) -> UserRoleWorkspaceInContext:
+        """
+        Return WorkspaceInContext object from Workspace
+        """
+        workspace = UserRoleWorkspaceInContext(
+            user_role=user_role,
+            dbsession=self._session,
+            config=self._config,
+        )
+        return workspace
+
     @classmethod
     def role_can_read_member_role(cls, reader_role: int, tested_role: int) \
             -> bool:
@@ -56,9 +73,13 @@ class RoleApi(object):
 
         return role
 
-    def __init__(self, session: Session, current_user: typing.Optional[User]):
+    def __init__(self,
+                 session: Session,
+                 current_user: typing.Optional[User],
+                 config: CFG):
         self._session = session
         self._user = current_user
+        self._config = config
 
     def _get_one_rsc(self, user_id, workspace_id):
         """
@@ -99,8 +120,8 @@ class RoleApi(object):
         return self._session.query(UserRoleInWorkspace)\
             .filter(UserRoleInWorkspace.user_id == user_id)
 
-    def get_all_for_user(self, user_id):
-        return self._get_all_for_user(user_id).all()
+    def get_all_for_user(self, user: User):
+        return self._get_all_for_user(user.user_id).all()
 
     def get_all_for_user_order_by_workspace(
             self,
@@ -109,9 +130,9 @@ class RoleApi(object):
         return self._get_all_for_user(user_id)\
             .join(UserRoleInWorkspace.workspace).order_by(Workspace.label).all()
 
-    def get_all_for_workspace(self, workspace_id):
+    def get_all_for_workspace(self, workspace:Workspace):
         return self._session.query(UserRoleInWorkspace)\
-            .filter(UserRoleInWorkspace.workspace_id == workspace_id).all()
+            .filter(UserRoleInWorkspace.workspace_id == workspace.workspace_id).all()  # nopep8
 
     def save(self, role: UserRoleInWorkspace):
         self._session.flush()

tracim/lib/core/workspace.py

@@ -3,11 +3,14 @@ import typing
 
 from sqlalchemy.orm import Query
 from sqlalchemy.orm import Session
+
+from tracim import CFG
 from tracim.lib.utils.translation import fake_translator as _
 
 from tracim.lib.core.userworkspace import RoleApi
 from tracim.models.auth import Group
 from tracim.models.auth import User
+from tracim.models.context_models import WorkspaceInContext
 from tracim.models.data import UserRoleInWorkspace
 from tracim.models.data import Workspace
 
@@ -20,6 +23,7 @@ class WorkspaceApi(object):
             self,
             session: Session,
             current_user: User,
+            config: CFG,
             force_role: bool=False
     ):
         """
@@ -28,6 +32,7 @@ class WorkspaceApi(object):
         """
         self._session = session
         self._user = current_user
+        self._config = config
         self._force_role = force_role
 
     def _base_query_without_roles(self):
@@ -42,6 +47,20 @@ class WorkspaceApi(object):
             filter(UserRoleInWorkspace.user_id == self._user.user_id).\
             filter(Workspace.is_deleted == False)
 
+    def get_workspace_with_context(
+            self,
+            workspace: Workspace
+    ) -> WorkspaceInContext:
+        """
+        Return WorkspaceInContext object from Workspace
+        """
+        workspace = WorkspaceInContext(
+            workspace=workspace,
+            dbsession=self._session,
+            config=self._config,
+        )
+        return workspace
+
     def create_workspace(
             self,
             label: str='',
@@ -62,6 +81,7 @@ class WorkspaceApi(object):
         role_api = RoleApi(
             session=self._session,
             current_user=self._user,
+            config=self._config
         )
 
         role = role_api.create_one(

tracim/lib/mail_notifier/notifier.py

@@ -238,6 +238,7 @@ class EmailManager(object):
         notifiable_roles = WorkspaceApi(
             current_user=user,
             session=self.session,
+            config=self.config
         ).get_notifiable_roles(content.workspace)
 
         if len(notifiable_roles) <= 0:

tracim/lib/utils/authentification.py

@@ -4,6 +4,7 @@ from pyramid.request import Request
 from sqlalchemy.orm.exc import NoResultFound
 
 from tracim import TracimRequest
+from tracim.exceptions import UserNotExist
 from tracim.lib.core.user import UserApi
 from tracim.models import User
 
@@ -50,6 +51,6 @@ def _get_basic_auth_unsafe_user(
         if not login:
             return None
         user = uapi.get_one_by_email(login)
-    except NoResultFound:
+    except (NoResultFound, UserNotExist):
         return None
     return user

tracim/lib/utils/authorization.py

@@ -44,6 +44,26 @@ class AcceptAllAuthorizationPolicy(object):
 # We prefer to use decorators
 
 
+def require_same_user_or_profile(group):
+    """
+    Decorator for view to restrict access of tracim request if candidate user
+    is distinct from authenticated user and not with high enough profile.
+    :param group: value from Group Object
+    like Group.TIM_USER or Group.TIM_MANAGER
+    :return:
+    """
+    def decorator(func):
+        def wrapper(self, context, request: 'TracimRequest'):
+            auth_user = request.current_user
+            candidate_user = request.candidate_user
+            if auth_user.user_id == candidate_user.user_id or \
+                    auth_user.profile.id >= group:
+                return func(self, context, request)
+            raise InsufficientUserProfile()
+        return wrapper
+    return decorator
+
+
 def require_profile(group):
     """
     Decorator for view to restrict access of tracim request if profile is
@@ -80,4 +100,4 @@ def require_workspace_role(minimal_required_role):
             raise InsufficientUserWorkspaceRole()
 
         return wrapper
-    return decorator
+    return decorator

tracim/lib/utils/request.py

@@ -1,8 +1,11 @@
-import typing
+# -*- coding: utf-8 -*-
+"""
+TracimRequest and related functions
+"""
 from pyramid.request import Request
 from sqlalchemy.orm.exc import NoResultFound
 
-from tracim.exceptions import NotAuthentificated
+from tracim.exceptions import NotAuthentificated, UserNotExist
 from tracim.exceptions import WorkspaceNotFound
 from tracim.exceptions import ImmutableAttribute
 from tracim.lib.core.user import UserApi
@@ -32,8 +35,13 @@ class TracimRequest(Request):
             decode_param_names,
             **kw
         )
+        # Current workspace, found by request headers or content
         self._current_workspace = None  # type: Workspace
+        # Authenticated user
         self._current_user = None  # type: User
+        # User found from request headers, content, distinct from authenticated
+        # user
+        self._user_candidate = None  # type: User
         # INFO - G.M - 18-05-2018 - Close db at the end of the request
         self.add_finished_callback(self._cleanup)
 
@@ -64,8 +72,11 @@ class TracimRequest(Request):
 
     @property
     def current_user(self) -> User:
+        """
+        Get user from authentication mecanism.
+        """
         if self._current_user is None:
-            self.current_user = get_safe_user(self)
+            self.current_user = get_auth_safe_user(self)
         return self._current_user
 
     @current_user.setter
@@ -76,6 +87,19 @@ class TracimRequest(Request):
             )
         self._current_user = user
 
+    # TODO - G.M - 24-05-2018 - Find a better naming for this ?
+    @property
+    def candidate_user(self) -> User:
+        """
+        Get user from headers/body request. This user is not
+        the one found by authentication mecanism. This user
+        can help user to know about who one page is about in
+        a similar way as current_workspace.
+        """
+        if self._user_candidate is None:
+            self.candidate_user = get_candidate_user(self)
+        return self._user_candidate
+
     def _cleanup(self, request: 'TracimRequest') -> None:
         """
         Close dbsession at the end of the request in order to avoid exception
@@ -89,11 +113,43 @@ class TracimRequest(Request):
         self._current_workspace = None
         self.dbsession.close()
 
+
+    @candidate_user.setter
+    def candidate_user(self, user: User) -> None:
+        if self._user_candidate is not None:
+            raise ImmutableAttribute(
+                "Can't modify already setted candidate_user"
+            )
+        self._user_candidate = user
 ###
 # Utils for TracimRequest
 ###
 
-def get_safe_user(
+
+def get_candidate_user(
+        request: TracimRequest
+) -> User:
+    """
+    Get candidate user
+    :param request: pyramid request
+    :return: user found from header/body
+    """
+    app_config = request.registry.settings['CFG']
+    uapi = UserApi(None, session=request.dbsession, config=app_config)
+
+    try:
+        login = None
+        if 'user_id' in request.matchdict:
+            login = request.matchdict['user_id']
+        if not login:
+            raise UserNotExist('no user_id found, incorrect request ?')
+        user = uapi.get_one(login)
+    except NoResultFound:
+        raise NotAuthentificated('User not found')
+    return user
+
+
+def get_auth_safe_user(
         request: TracimRequest,
 ) -> User:
     """
@@ -126,10 +182,15 @@ def get_workspace(
     """
     workspace_id = ''
     try:
-        if 'workspace_id' not in request.json_body:
-            raise WorkspaceNotFound('No workspace_id param in json body')
-        workspace_id = request.json_body['workspace_id']
-        wapi = WorkspaceApi(current_user=user, session=request.dbsession)
+        if 'workspace_id' in request.matchdict:
+            workspace_id = request.matchdict['workspace_id']
+        if not workspace_id:
+            raise WorkspaceNotFound('No workspace_id param')
+        wapi = WorkspaceApi(
+            current_user=user,
+            session=request.dbsession,
+            config=request.registry.settings['CFG']
+        )
         workspace = wapi.get_one(workspace_id)
     except JSONDecodeError:
         raise WorkspaceNotFound('Bad json body')

tracim/lib/webdav/dav_provider.py

@@ -72,7 +72,11 @@ class Provider(DAVProvider):
         if path == root_path:
             return resources.RootResource(path, environ, user=user, session=session)
 
-        workspace_api = WorkspaceApi(current_user=user, session=session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=session,
+            config=self.app_config,
+        )
         workspace = self.get_workspace_from_path(path, workspace_api)
 
         # If the request path is in the form root/name, then we return a WorkspaceResource resource
@@ -194,7 +198,11 @@ class Provider(DAVProvider):
 
         workspace = self.get_workspace_from_path(
             path,
-            WorkspaceApi(current_user=user, session=session)
+            WorkspaceApi(
+                current_user=user,
+                session=session,
+                config=self.app_config,
+            )
         )
 
         if parent_path == root_path or workspace is None:

tracim/lib/webdav/resources.py

@@ -90,7 +90,8 @@ class RootResource(DAVCollection):
         self.workspace_api = WorkspaceApi(
             current_user=self.user,
             session=session,
-            force_role=True
+            force_role=True,
+            config=self.provider.app_config
         )
 
     def __repr__(self) -> str:
@@ -1254,6 +1255,7 @@ class FileResource(DAVNonCollection):
             workspace_api = WorkspaceApi(
                 current_user=self.user,
                 session=self.session,
+                config=self.provider.app_config,
                 )
             content_api = ContentApi(
                 current_user=self.user,

tracim/models/applications.py

@@ -0,0 +1,87 @@
+# coding=utf-8
+import typing
+
+
+class Application(object):
+    """
+    Application class with data needed for frontend
+    """
+    def __init__(
+            self,
+            label: str,
+            slug: str,
+            icon: str,
+            hexcolor: str,
+            is_active: bool,
+            config: typing.Dict[str, str],
+            main_route: str,
+    ) -> None:
+        self.label = label
+        self.slug = slug
+        self.icon = icon
+        self.hexcolor = hexcolor
+        self.is_active = is_active
+        self.config = config
+        self.main_route = main_route
+
+
+# TODO - G.M - 21-05-2018 Do not rely on hardcoded app list
+# default apps
+calendar = Application(
+    label='Calendar',
+    slug='calendar',
+    icon='calendar-alt',
+    hexcolor='#757575',
+    is_active=True,
+    config={},
+    main_route='/#/workspaces/{workspace_id}/calendar',
+)
+
+thread = Application(
+    label='Threads',
+    slug='contents/threads',
+    icon='comments-o',
+    hexcolor='#ad4cf9',
+    is_active=True,
+    config={},
+    main_route='/#/workspaces/{workspace_id}/contents?type=thread',
+
+)
+
+file = Application(
+    label='Files',
+    slug='contents/files',
+    icon='paperclip',
+    hexcolor='#FF9900',
+    is_active=True,
+    config={},
+    main_route='/#/workspaces/{workspace_id}/contents?type=file',
+)
+
+pagemarkdownplus = Application(
+    label='Rich Markdown Files',  # TODO - G.M - 24-05-2018 - Check label
+    slug='contents/pagemarkdownplus',
+    icon='file-code',
+    hexcolor='#f12d2d',
+    is_active=True,
+    config={},
+    main_route='/#/workspaces/{workspace_id}/contents?type=pagemarkdownplus',
+)
+
+pagehtml = Application(
+    label='Text Documents',  # TODO - G.M - 24-05-2018 - Check label
+    slug='contents/pagehtml',
+    icon='file-text-o',
+    hexcolor='#3f52e3',
+    is_active=True,
+    config={},
+    main_route='/#/workspaces/{workspace_id}/contents?type=pagehtml',
+)
+# List of applications
+applications = [
+    pagehtml,
+    pagemarkdownplus,
+    file,
+    thread,
+    calendar,
+]

tracim/models/auth.py

@@ -96,6 +96,11 @@ class Profile(object):
              Group.TIM_MANAGER_GROUPNAME,
              Group.TIM_ADMIN_GROUPNAME]
 
+    _IDS = [Group.TIM_NOBODY,
+            Group.TIM_USER,
+            Group.TIM_MANAGER,
+            Group.TIM_ADMIN]
+
     # TODO - G.M - 18-04-2018 [Cleanup] Drop this
     # _LABEL = [l_('Nobody'),
     #           l_('Users'),

tracim/models/context_models.py

@@ -2,10 +2,14 @@
 import typing
 from datetime import datetime
 
+from slugify import slugify
 from sqlalchemy.orm import Session
 from tracim import CFG
 from tracim.models import User
 from tracim.models.auth import Profile
+from tracim.models.data import Workspace, UserRoleInWorkspace
+from tracim.models.workspace_menu_entries import default_workspace_menu_entry, \
+    WorkspaceMenuEntry
 
 
 class LoginCredentials(object):
@@ -74,3 +78,136 @@ class UserInContext(object):
     def avatar_url(self) -> typing.Optional[str]:
         # TODO - G-M - 20-04-2018 - [Avatar] Add user avatar feature
         return None
+
+
+class WorkspaceInContext(object):
+    """
+    Interface to get Workspace data and Workspace data related to context.
+    """
+
+    def __init__(self, workspace: Workspace, dbsession: Session, config: CFG):
+        self.workspace = workspace
+        self.dbsession = dbsession
+        self.config = config
+
+    @property
+    def workspace_id(self) -> int:
+        """
+        numeric id of the workspace.
+        """
+        return self.workspace.workspace_id
+
+    @property
+    def id(self) -> int:
+        """
+        alias of workspace_id
+        """
+        return self.workspace_id
+
+    @property
+    def label(self) -> str:
+        """
+        get workspace label
+        """
+        return self.workspace.label
+
+    @property
+    def description(self) -> str:
+        """
+        get workspace description
+        """
+        return self.workspace.description
+
+    @property
+    def slug(self) -> str:
+        """
+        get workspace slug
+        """
+        return slugify(self.workspace.label)
+
+    @property
+    def sidebar_entries(self) -> typing.List[WorkspaceMenuEntry]:
+        """
+        get sidebar entries, those depends on activated apps.
+        """
+        # TODO - G.M - 22-05-2018 - Rework on this in
+        # order to not use hardcoded list
+        # list should be able to change (depending on activated/disabled
+        # apps)
+        return default_workspace_menu_entry(self.workspace)
+
+
+class UserRoleWorkspaceInContext(object):
+    """
+    Interface to get UserRoleInWorkspace data and related content
+
+    """
+    def __init__(
+            self,
+            user_role: UserRoleInWorkspace,
+            dbsession: Session,
+            config: CFG,
+    )-> None:
+        self.user_role = user_role
+        self.dbsession = dbsession
+        self.config = config
+
+    @property
+    def user_id(self) -> int:
+        """
+        User who has the role has this id
+        :return: user id as integer
+        """
+        return self.user_role.user_id
+
+    @property
+    def workspace_id(self) -> int:
+        """
+        This role apply only on the workspace with this workspace_id
+        :return: workspace id as integer
+        """
+        return self.user_role.workspace_id
+
+    # TODO - G.M - 23-05-2018 - Check the API spec for this this !
+
+    @property
+    def role_id(self) -> int:
+        """
+        role as int id, each value refer to a different role.
+        """
+        return self.user_role.role
+
+    @property
+    def role_slug(self) -> str:
+        """
+        simple name of the role of the user.
+        can be anything from UserRoleInWorkspace SLUG, like
+        'not_applicable', 'reader',
+        'contributor', 'content_manager', 'workspace_manager'
+        :return: user workspace role as slug.
+        """
+        return UserRoleInWorkspace.SLUG[self.user_role.role]
+
+    @property
+    def user(self) -> UserInContext:
+        """
+        User who has this role, with context data
+        :return: UserInContext object
+        """
+        return UserInContext(
+            self.user_role.user,
+            self.dbsession,
+            self.config
+        )
+
+    @property
+    def workspace(self) -> WorkspaceInContext:
+        """
+        Workspace related to this role, with his context data
+        :return: WorkspaceInContext object
+        """
+        return WorkspaceInContext(
+            self.user_role.workspace,
+            self.dbsession,
+            self.config
+        )

tracim/models/data.py

@@ -131,6 +131,14 @@ class UserRoleInWorkspace(DeclarativeBase):
     WORKSPACE_MANAGER = 8
 
     # TODO - G.M - 10-04-2018 - [Cleanup] Drop this
+
+    SLUG = dict()
+    SLUG[NOT_APPLICABLE] = 'not_applicable'
+    SLUG[READER] = 'reader'
+    SLUG[CONTRIBUTOR] = 'contributor'
+    SLUG[CONTENT_MANAGER] = 'content_manager'
+    SLUG[WORKSPACE_MANAGER] = 'workspace_manager'
+
     LABEL = dict()
     LABEL[0] = l_('N/A')
     LABEL[1] = l_('Reader')
@@ -166,7 +174,10 @@ class UserRoleInWorkspace(DeclarativeBase):
         return UserRoleInWorkspace.LABEL[self.role]
 
     @classmethod
-    def get_all_role_values(self):
+    def get_all_role_values(cls) -> typing.List[int]:
+        """
+        Return all valid role value
+        """
         return [
             UserRoleInWorkspace.READER,
             UserRoleInWorkspace.CONTRIBUTOR,
@@ -174,6 +185,17 @@ class UserRoleInWorkspace(DeclarativeBase):
             UserRoleInWorkspace.WORKSPACE_MANAGER
         ]
 
+    @classmethod
+    def get_all_role_slug(cls) -> typing.List[str]:
+        """
+        Return all valid role slug
+        """
+        # INFO - G.M - 25-05-2018 - Be carefull, as long as this method
+        # and get_all_role_values are both used for API, this method should
+        # return item in the same order as get_all_role_values
+        return [cls.SLUG[value] for value in cls.get_all_role_values()]
+
+
 class RoleType(object):
     def __init__(self, role_id):
         self.role_type_id = role_id

tracim/models/workspace_menu_entries.py

@@ -0,0 +1,71 @@
+# coding=utf-8
+import typing
+from copy import copy
+
+from tracim.models.applications import applications
+from tracim.models.data import Workspace
+
+
+class WorkspaceMenuEntry(object):
+    """
+    Application class with data needed for frontend
+    """
+    def __init__(
+            self,
+            label: str,
+            slug: str,
+            icon: str,
+            hexcolor: str,
+            route: str,
+    ) -> None:
+        self.slug = slug
+        self.label = label
+        self.route = route
+        self.hexcolor = hexcolor
+        self.icon = icon
+
+
+dashboard_menu_entry = WorkspaceMenuEntry(
+  slug='dashboard',
+  label='Dashboard',
+  route='/#/workspaces/{workspace_id}/dashboard',
+  hexcolor='#252525',
+  icon="",
+)
+all_content_menu_entry = WorkspaceMenuEntry(
+  slug="contents/all",
+  label="All Contents",
+  route="/#/workspaces/{workspace_id}/contents",
+  hexcolor="#fdfdfd",
+  icon="",
+)
+
+
+def default_workspace_menu_entry(
+    workspace: Workspace,
+)-> typing.List[WorkspaceMenuEntry]:
+    """
+    Get default menu entry for a workspace
+    """
+    menu_entries = [
+        copy(dashboard_menu_entry),
+        copy(all_content_menu_entry),
+    ]
+    for app in applications:
+        if app.main_route:
+            new_entry = WorkspaceMenuEntry(
+                slug=app.slug,
+                label=app.label,
+                hexcolor=app.hexcolor,
+                icon=app.icon,
+                route=app.main_route
+            )
+            menu_entries.append(new_entry)
+
+    for entry in menu_entries:
+        entry.route = entry.route.replace(
+            '{workspace_id}',
+            str(workspace.workspace_id)
+        )
+
+    return menu_entries

tracim/tests/__init__.py

@@ -45,19 +45,20 @@ class FunctionalTest(unittest.TestCase):
 
         }
         hapic.reset_context()
+        self.engine = get_engine(self.settings)
+        DeclarativeBase.metadata.create_all(self.engine)
+        self.session_factory = get_session_factory(self.engine)
+        self.app_config = CFG(self.settings)
+        self.app_config.configure_filedepot()
         self.init_database(self.settings)
+        DepotManager._clear()
         self.run_app()
 
     def run_app(self):
         app = web({}, **self.settings)
-        self.init_database(self.settings)
         self.testapp = TestApp(app)
 
     def init_database(self, settings):
-        self.engine = get_engine(settings)
-        DeclarativeBase.metadata.create_all(self.engine)
-        self.session_factory = get_session_factory(self.engine)
-        self.app_config = CFG(settings)
         with transaction.manager:
             dbsession = get_tm_session(self.session_factory, transaction.manager)
             try:
@@ -171,6 +172,7 @@ class DefaultTest(StandardTest):
         WorkspaceApi(
             current_user=user,
             session=self.session,
+            config=self.app_config,
         ).create_workspace(name, save_now=True)
 
         eq_(

tracim/tests/commands/test_commands.py

@@ -11,7 +11,7 @@ import tracim
 from tracim.command import TracimCLI
 from tracim.command.user import UserCommand
 from tracim.exceptions import UserAlreadyExistError, BadCommandError, \
-    GroupNotExist
+    GroupNotExist, UserNotExist
 from tracim.lib.core.user import UserApi
 from tracim.tests import CommandFunctionalTest
 
@@ -48,7 +48,7 @@ class TestCommands(CommandFunctionalTest):
             session=self.session,
             config=self.app_config,
         )
-        with pytest.raises(NoResultFound):
+        with pytest.raises(UserNotExist):
             api.get_one_by_email('command_test@user')
         app = TracimCLI()
         result = app.run([
@@ -72,7 +72,7 @@ class TestCommands(CommandFunctionalTest):
             session=self.session,
             config=self.app_config,
         )
-        with pytest.raises(NoResultFound):
+        with pytest.raises(UserNotExist):
             api.get_one_by_email('command_test@user')
         app = TracimCLI()
         result = app.run([

tracim/tests/functional/test_mail_notification.py

@@ -127,6 +127,7 @@ class TestNotificationsSync(MailHogTest):
         wapi = WorkspaceApi(
             current_user=current_user,
             session=self.session,
+            config=self.app_config,
         )
         workspace = wapi.get_one_by_label('w1')
         user = uapi.get_one_by_email('bob@fsf.local')
@@ -218,6 +219,7 @@ class TestNotificationsAsync(MailHogTest):
         wapi = WorkspaceApi(
             current_user=current_user,
             session=self.session,
+            config=self.app_config,
         )
         workspace = wapi.get_one_by_label('w1')
         user = uapi.get_one_by_email('bob@fsf.local')

tracim/tests/functional/test_system.py

@@ -0,0 +1,77 @@
+# coding=utf-8
+"""
+Tests for /api/v2/system subpath endpoints.
+"""
+from tracim.tests import FunctionalTest
+
+
+class TestApplicationsEndpoint(FunctionalTest):
+    """
+    Tests for /api/v2/system/applications
+    """
+
+    def test_api__get_applications__ok_200__nominal_case(self):
+        """
+        Get applications list with a registered user.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/system/applications', status=200)
+        res = res.json_body
+        application = res[0]
+        assert application['label'] == "Text Documents"
+        assert application['slug'] == 'contents/pagehtml'
+        assert application['icon'] == 'file-text-o'
+        assert application['hexcolor'] == '#3f52e3'
+        assert application['is_active'] is True
+        assert 'config' in application
+        application = res[1]
+        assert application['label'] == "Rich Markdown Files"
+        assert application['slug'] == 'contents/pagemarkdownplus'
+        assert application['icon'] == 'file-code'
+        assert application['hexcolor'] == '#f12d2d'
+        assert application['is_active'] is True
+        assert 'config' in application
+        application = res[2]
+        assert application['label'] == "Files"
+        assert application['slug'] == 'contents/files'
+        assert application['icon'] == 'paperclip'
+        assert application['hexcolor'] == '#FF9900'
+        assert application['is_active'] is True
+        assert 'config' in application
+        application = res[3]
+        assert application['label'] == "Threads"
+        assert application['slug'] == 'contents/threads'
+        assert application['icon'] == 'comments-o'
+        assert application['hexcolor'] == '#ad4cf9'
+        assert application['is_active'] is True
+        assert 'config' in application
+        application = res[4]
+        assert application['label'] == "Calendar"
+        assert application['slug'] == 'calendar'
+        assert application['icon'] == 'calendar-alt'
+        assert application['hexcolor'] == '#757575'
+        assert application['is_active'] is True
+        assert 'config' in application
+
+    def test_api__get_workspace__err_401__unregistered_user(self):
+        """
+        Get applications list with an unregistered user (bad auth)
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/system/applications', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()

tracim/tests/functional/test_user.py

@@ -0,0 +1,137 @@
+# -*- coding: utf-8 -*-
+"""
+Tests for /api/v2/users subpath endpoints.
+"""
+from tracim.tests import FunctionalTest
+from tracim.fixtures.content import Content as ContentFixtures
+from tracim.fixtures.users_and_groups import Base as BaseFixture
+
+
+class TestUserWorkspaceEndpoint(FunctionalTest):
+    # -*- coding: utf-8 -*-
+    """
+    Tests for /api/v2/users/{user_id}/workspaces
+    """
+    fixtures = [BaseFixture, ContentFixtures]
+
+    def test_api__get_user_workspaces__ok_200__nominal_case(self):
+        """
+        Check obtain all workspaces reachables for user with user auth.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/users/1/workspaces', status=200)
+        res = res.json_body
+        workspace = res[0]
+        assert workspace['id'] == 1
+        assert workspace['label'] == 'w1'
+        assert len(workspace['sidebar_entries']) == 7
+
+        sidebar_entry = workspace['sidebar_entries'][0]
+        assert sidebar_entry['slug'] == 'dashboard'
+        assert sidebar_entry['label'] == 'Dashboard'
+        assert sidebar_entry['route'] == '/#/workspaces/1/dashboard'  # nopep8
+        assert sidebar_entry['hexcolor'] == "#252525"
+        assert sidebar_entry['icon'] == ""
+
+        sidebar_entry = workspace['sidebar_entries'][1]
+        assert sidebar_entry['slug'] == 'contents/all'
+        assert sidebar_entry['label'] == 'All Contents'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#fdfdfd"
+        assert sidebar_entry['icon'] == ""
+
+        sidebar_entry = workspace['sidebar_entries'][2]
+        assert sidebar_entry['slug'] == 'contents/pagehtml'
+        assert sidebar_entry['label'] == 'Text Documents'
+        assert sidebar_entry['route'] == '/#/workspaces/1/contents?type=pagehtml'  # nopep8
+        assert sidebar_entry['hexcolor'] == "#3f52e3"
+        assert sidebar_entry['icon'] == "file-text-o"
+
+        sidebar_entry = workspace['sidebar_entries'][3]
+        assert sidebar_entry['slug'] == 'contents/pagemarkdownplus'
+        assert sidebar_entry['label'] == 'Rich Markdown Files'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=pagemarkdownplus"    # nopep8
+        assert sidebar_entry['hexcolor'] == "#f12d2d"
+        assert sidebar_entry['icon'] == "file-code"
+
+        sidebar_entry = workspace['sidebar_entries'][4]
+        assert sidebar_entry['slug'] == 'contents/files'
+        assert sidebar_entry['label'] == 'Files'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=file"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#FF9900"
+        assert sidebar_entry['icon'] == "paperclip"
+
+        sidebar_entry = workspace['sidebar_entries'][5]
+        assert sidebar_entry['slug'] == 'contents/threads'
+        assert sidebar_entry['label'] == 'Threads'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=thread"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#ad4cf9"
+        assert sidebar_entry['icon'] == "comments-o"
+
+        sidebar_entry = workspace['sidebar_entries'][6]
+        assert sidebar_entry['slug'] == 'calendar'
+        assert sidebar_entry['label'] == 'Calendar'
+        assert sidebar_entry['route'] == "/#/workspaces/1/calendar"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#757575"
+        assert sidebar_entry['icon'] == "calendar-alt"
+
+    def test_api__get_user_workspaces__err_403__unallowed_user(self):
+        """
+        Check obtain all workspaces reachables for one user
+        with another non-admin user auth.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'lawrence-not-real-email@fsf.local',
+                'foobarbaz'
+            )
+        )
+        res = self.testapp.get('/api/v2/users/1/workspaces', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_user_workspaces__err_401__unregistered_user(self):
+        """
+        Check obtain all workspaces reachables for one user
+        without correct user auth (user unregistered).
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/users/1/workspaces', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_user_workspaces__err_404__user_does_not_exist(self):
+        """
+        Check obtain all workspaces reachables for one user who does
+        not exist
+        with a correct user auth.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/users/5/workspaces', status=404)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()

tracim/tests/functional/test_workspaces.py

@@ -0,0 +1,218 @@
+# -*- coding: utf-8 -*-
+"""
+Tests for /api/v2/workspaces subpath endpoints.
+"""
+from tracim.tests import FunctionalTest
+from tracim.fixtures.content import Content as ContentFixtures
+from tracim.fixtures.users_and_groups import Base as BaseFixture
+
+
+class TestWorkspaceEndpoint(FunctionalTest):
+    """
+    Tests for /api/v2/workspaces/{workspace_id} endpoint
+    """
+
+    fixtures = [BaseFixture, ContentFixtures]
+
+    def test_api__get_workspace__ok_200__nominal_case(self) -> None:
+        """
+        Check obtain workspace reachable for user.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1', status=200)
+        workspace = res.json_body
+        assert workspace['id'] == 1
+        assert workspace['slug'] == 'w1'
+        assert workspace['label'] == 'w1'
+        assert workspace['description'] == 'This is a workspace'
+        assert len(workspace['sidebar_entries']) == 7
+
+        sidebar_entry = workspace['sidebar_entries'][0]
+        assert sidebar_entry['slug'] == 'dashboard'
+        assert sidebar_entry['label'] == 'Dashboard'
+        assert sidebar_entry['route'] == '/#/workspaces/1/dashboard'  # nopep8
+        assert sidebar_entry['hexcolor'] == "#252525"
+        assert sidebar_entry['icon'] == ""
+
+        sidebar_entry = workspace['sidebar_entries'][1]
+        assert sidebar_entry['slug'] == 'contents/all'
+        assert sidebar_entry['label'] == 'All Contents'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#fdfdfd"
+        assert sidebar_entry['icon'] == ""
+
+        sidebar_entry = workspace['sidebar_entries'][2]
+        assert sidebar_entry['slug'] == 'contents/pagehtml'
+        assert sidebar_entry['label'] == 'Text Documents'
+        assert sidebar_entry['route'] == '/#/workspaces/1/contents?type=pagehtml'  # nopep8
+        assert sidebar_entry['hexcolor'] == "#3f52e3"
+        assert sidebar_entry['icon'] == "file-text-o"
+
+        sidebar_entry = workspace['sidebar_entries'][3]
+        assert sidebar_entry['slug'] == 'contents/pagemarkdownplus'
+        assert sidebar_entry['label'] == 'Rich Markdown Files'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=pagemarkdownplus"    # nopep8
+        assert sidebar_entry['hexcolor'] == "#f12d2d"
+        assert sidebar_entry['icon'] == "file-code"
+
+        sidebar_entry = workspace['sidebar_entries'][4]
+        assert sidebar_entry['slug'] == 'contents/files'
+        assert sidebar_entry['label'] == 'Files'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=file"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#FF9900"
+        assert sidebar_entry['icon'] == "paperclip"
+
+        sidebar_entry = workspace['sidebar_entries'][5]
+        assert sidebar_entry['slug'] == 'contents/threads'
+        assert sidebar_entry['label'] == 'Threads'
+        assert sidebar_entry['route'] == "/#/workspaces/1/contents?type=thread"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#ad4cf9"
+        assert sidebar_entry['icon'] == "comments-o"
+
+        sidebar_entry = workspace['sidebar_entries'][6]
+        assert sidebar_entry['slug'] == 'calendar'
+        assert sidebar_entry['label'] == 'Calendar'
+        assert sidebar_entry['route'] == "/#/workspaces/1/calendar"  # nopep8
+        assert sidebar_entry['hexcolor'] == "#757575"
+        assert sidebar_entry['icon'] == "calendar-alt"
+
+    def test_api__get_workspace__err_403__unallowed_user(self) -> None:
+        """
+        Check obtain workspace unreachable for user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'lawrence-not-real-email@fsf.local',
+                'foobarbaz'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspace__err_401__unregistered_user(self) -> None:
+        """
+        Check obtain workspace without registered user.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspace__err_403__workspace_does_not_exist(self) -> None:  # nopep8
+        """
+        Check obtain workspace who does not exist with an existing user.
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/5', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+
+class TestWorkspaceMembersEndpoint(FunctionalTest):
+    """
+    Tests for /api/v2/workspaces/{workspace_id}/members endpoint
+    """
+
+    fixtures = [BaseFixture, ContentFixtures]
+
+    def test_api__get_workspace_members__ok_200__nominal_case(self):
+        """
+        Check obtain workspace members list with a reachable workspace for user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
+        assert len(res) == 2
+        user_role = res[0]
+        assert user_role['role_slug'] == 'workspace_manager'
+        assert user_role['role_id'] == 8
+        assert user_role['user_id'] == 1
+        assert user_role['workspace_id'] == 1
+        assert user_role['user']['display_name'] == 'Global manager'
+        # TODO - G.M - 24-05-2018 - [Avatar] Replace
+        # by correct value when avatar feature will be enabled
+        assert user_role['user']['avatar_url'] is None
+
+    def test_api__get_workspace_members__err_403__unallowed_user(self):
+        """
+        Check obtain workspace members list with an unreachable workspace for
+        user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'lawrence-not-real-email@fsf.local',
+                'foobarbaz'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/3/members', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspace_members__err_401__unregistered_user(self):
+        """
+        Check obtain workspace members list with an unregistered user
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'john@doe.doe',
+                'lapin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/1/members', status=401)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()
+
+    def test_api__get_workspace_members__err_403__workspace_does_not_exist(self):  # nopep8
+        """
+        Check obtain workspace members list with an existing user but
+        an unexisting workspace
+        """
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get('/api/v2/workspaces/5/members', status=403)
+        assert isinstance(res.json, dict)
+        assert 'code' in res.json.keys()
+        assert 'message' in res.json.keys()
+        assert 'details' in res.json.keys()

tracim/tests/library/test_content_api.py

@@ -107,7 +107,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None,session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -116,7 +120,8 @@ class TestContentApi(DefaultTest):
                                         groups=groups, save_now=True)
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace('test workspace', save_now=True)
         api = ContentApi(
             current_user=user,
@@ -133,7 +138,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user,
@@ -154,7 +163,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user, 
@@ -168,7 +181,11 @@ class TestContentApi(DefaultTest):
         # Test that the item is still available if "show deleted" is activated
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         api = ContentApi(
             current_user=user,
             session=self.session,
@@ -184,14 +201,25 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
 
-        user = uapi.create_minimal_user(email='this.is@user',
-                                        groups=groups, save_now=True)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        user = uapi.create_minimal_user(
+            email='this.is@user',
+            groups=groups,
+            save_now=True,
+        )
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -210,7 +238,11 @@ class TestContentApi(DefaultTest):
         transaction.commit()
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         api = ContentApi(
             session=self.session,
             current_user=user,
@@ -231,7 +263,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user, 
@@ -245,7 +281,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user,
@@ -269,7 +309,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -281,7 +325,8 @@ class TestContentApi(DefaultTest):
         )
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -301,7 +346,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user, 
@@ -326,7 +375,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -335,7 +388,8 @@ class TestContentApi(DefaultTest):
                                         groups=groups, save_now=True)
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config
         ).create_workspace('test workspace', save_now=True)
         api = ContentApi(
             current_user=user, 
@@ -371,7 +425,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user = uapi.get_one(uid)
-        workspace_api = WorkspaceApi(current_user=user, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.get_one(wid)
         api = ContentApi(
             current_user=user,
@@ -394,7 +452,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -405,7 +464,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -432,7 +492,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -443,7 +504,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -474,7 +536,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -485,7 +548,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -516,7 +580,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -534,12 +599,17 @@ class TestContentApi(DefaultTest):
         )
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
         )
-        RoleApi(current_user=user, session=self.session).create_one(
+        RoleApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        ).create_one(
             user2,
             workspace,
             UserRoleInWorkspace.WORKSPACE_MANAGER,
@@ -581,6 +651,7 @@ class TestContentApi(DefaultTest):
         workspace2 = WorkspaceApi(
             current_user=user2,
             session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace2',
             save_now=True
@@ -628,7 +699,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -646,12 +718,17 @@ class TestContentApi(DefaultTest):
         )
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
         )
-        RoleApi(current_user=user, session=self.session).create_one(
+        RoleApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        ).create_one(
             user2,
             workspace,
             UserRoleInWorkspace.WORKSPACE_MANAGER,
@@ -692,7 +769,8 @@ class TestContentApi(DefaultTest):
         )
         workspace2 = WorkspaceApi(
             current_user=user2,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace2',
             save_now=True
@@ -738,7 +816,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -756,12 +835,17 @@ class TestContentApi(DefaultTest):
         )
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
         )
-        RoleApi(current_user=user, session=self.session).create_one(
+        RoleApi(
+            current_user=user,
+            session=self.session,
+            config=self.app_config,
+        ).create_one(
             user2, workspace,
             UserRoleInWorkspace.WORKSPACE_MANAGER,
             with_notif=False
@@ -837,7 +921,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -851,6 +936,7 @@ class TestContentApi(DefaultTest):
         wapi = WorkspaceApi(
             current_user=user_a,
             session=self.session,
+            config=self.app_config,
         )
         workspace1 = wapi.create_workspace(
             'test workspace n°1',
@@ -862,6 +948,7 @@ class TestContentApi(DefaultTest):
         role_api1 = RoleApi(
             current_user=user_a,
             session=self.session,
+            config=self.app_config,
         )
         role_api1.create_one(
             user_b,
@@ -873,6 +960,7 @@ class TestContentApi(DefaultTest):
         role_api2 = RoleApi(
             current_user=user_b,
             session=self.session,
+            config=self.app_config,
         )
         role_api2.create_one(user_b, workspace2, UserRoleInWorkspace.READER,
                              False)
@@ -940,7 +1028,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config = self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -957,10 +1046,15 @@ class TestContentApi(DefaultTest):
             save_now=True
         )
 
-        wapi = WorkspaceApi(current_user=user_a, session=self.session)
+        wapi = WorkspaceApi(
+            current_user=user_a,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace_api = WorkspaceApi(
             current_user=user_a,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         workspace = wapi.create_workspace(
             'test workspace',
@@ -969,6 +1063,7 @@ class TestContentApi(DefaultTest):
         role_api = RoleApi(
             current_user=user_a,
             session=self.session,
+            config=self.app_config,
         )
         role_api.create_one(
             user_b,
@@ -1004,7 +1099,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -1023,6 +1122,7 @@ class TestContentApi(DefaultTest):
         wapi = WorkspaceApi(
             current_user=user_a,
             session=self.session,
+            config=self.app_config,
         )
         workspace = wapi.create_workspace(
             'test workspace',
@@ -1031,6 +1131,7 @@ class TestContentApi(DefaultTest):
         role_api = RoleApi(
             current_user=user_a,
             session=self.session,
+            config=self.app_config,
         )
         role_api.create_one(
             user_b,
@@ -1097,7 +1198,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -1108,7 +1213,11 @@ class TestContentApi(DefaultTest):
             save_now=True
         )
 
-        workspace_api = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -1121,7 +1230,8 @@ class TestContentApi(DefaultTest):
 
         RoleApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1152,7 +1262,8 @@ class TestContentApi(DefaultTest):
         user1 = uapi.get_one(u1id)
         workspace = WorkspaceApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).get_one(wid)
         api = ContentApi(
             current_user=user1,
@@ -1193,6 +1304,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).get_one(wid)
         api = ContentApi(
             current_user=user1,
@@ -1216,7 +1328,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config = self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1231,6 +1344,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -1241,7 +1355,8 @@ class TestContentApi(DefaultTest):
 
         RoleApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1293,7 +1408,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1305,7 +1421,11 @@ class TestContentApi(DefaultTest):
             save_now=True
         )
 
-        workspace_api = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -1318,6 +1438,7 @@ class TestContentApi(DefaultTest):
         RoleApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1345,7 +1466,11 @@ class TestContentApi(DefaultTest):
 
         # Refresh instances after commit
         user1 = uapi.get_one(u1id)
-        workspace_api2 = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api2 = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api2.get_one(wid)
         api = ContentApi(
             current_user=user1,
@@ -1387,6 +1512,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).get_one(wid)
 
         updated = api.get_one(pcid, ContentType.Any, workspace)
@@ -1407,6 +1533,7 @@ class TestContentApi(DefaultTest):
         group_api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1418,7 +1545,11 @@ class TestContentApi(DefaultTest):
             save_now=True,
         )
 
-        workspace_api = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -1430,6 +1561,7 @@ class TestContentApi(DefaultTest):
         RoleApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1485,7 +1617,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -1497,7 +1633,11 @@ class TestContentApi(DefaultTest):
         )
         u1id = user1.user_id
 
-        workspace_api = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -1509,7 +1649,8 @@ class TestContentApi(DefaultTest):
 
         RoleApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1545,7 +1686,8 @@ class TestContentApi(DefaultTest):
         ).get_one(u1id)
         workspace = WorkspaceApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).get_one(wid)
 
         content = api.get_one(pcid, ContentType.Any, workspace)
@@ -1583,6 +1725,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).get_one(wid)
         u2 = UserApi(
             current_user=None,
@@ -1632,7 +1775,8 @@ class TestContentApi(DefaultTest):
         )
         group_api = GroupApi(
             current_user=None,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1645,7 +1789,11 @@ class TestContentApi(DefaultTest):
         )
         u1id = user1.user_id
 
-        workspace_api = WorkspaceApi(current_user=user1, session=self.session)
+        workspace_api = WorkspaceApi(
+            current_user=user1,
+            session=self.session,
+            config=self.app_config,
+        )
         workspace = workspace_api.create_workspace(
             'test workspace',
             save_now=True
@@ -1657,7 +1805,8 @@ class TestContentApi(DefaultTest):
 
         RoleApi(
             current_user=user1,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_one(
             user2,
             workspace,
@@ -1692,6 +1841,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).get_one(wid)
 
         content = api.get_one(pcid, ContentType.Any, workspace)
@@ -1729,6 +1879,7 @@ class TestContentApi(DefaultTest):
         workspace = WorkspaceApi(
             current_user=user1,
             session=self.session,
+            config=self.app_config,
         ).get_one(wid)
         # show archived is used at the top end of the test
         api = ContentApi(
@@ -1782,6 +1933,7 @@ class TestContentApi(DefaultTest):
         group_api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1792,7 +1944,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True
@@ -1802,7 +1955,6 @@ class TestContentApi(DefaultTest):
             current_user=user, 
             session=self.session,
             config=self.app_config,
-
         )
         a = api.create(ContentType.Folder, workspace, None,
                        'this is randomized folder', True)
@@ -1837,6 +1989,7 @@ class TestContentApi(DefaultTest):
         group_api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
@@ -1847,7 +2000,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'test workspace',
             save_now=True,
@@ -1888,7 +2042,11 @@ class TestContentApi(DefaultTest):
             config=self.app_config,
             current_user=None,
         )
-        group_api = GroupApi(current_user=None, session=self.session)
+        group_api = GroupApi(
+            current_user=None,
+            session=self.session,
+            config=self.app_config,
+        )
         groups = [group_api.get_one(Group.TIM_USER),
                   group_api.get_one(Group.TIM_MANAGER),
                   group_api.get_one(Group.TIM_ADMIN)]
@@ -1898,7 +2056,8 @@ class TestContentApi(DefaultTest):
 
         workspace = WorkspaceApi(
             current_user=user,
-            session=self.session
+            session=self.session,
+            config=self.app_config,
         ).create_workspace('test workspace', save_now=True)
 
         api = ContentApi(
@@ -2032,6 +2191,7 @@ class TestContentApiSecurity(DefaultTest):
         bob_workspace = WorkspaceApi(
             current_user=bob,
             session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'bob_workspace',
             save_now=True,
@@ -2039,6 +2199,7 @@ class TestContentApiSecurity(DefaultTest):
         admin_workspace = WorkspaceApi(
             current_user=admin,
             session=self.session,
+            config=self.app_config,
         ).create_workspace(
             'admin_workspace',
             save_now=True,

tracim/tests/library/test_group_api.py

@@ -18,6 +18,7 @@ class TestGroupApi(DefaultTest):
         api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         group = api.get_one(1)
         assert group.group_id == 1
@@ -30,6 +31,7 @@ class TestGroupApi(DefaultTest):
         api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         with pytest.raises(GroupNotExist):
             group = api.get_one(10)
@@ -41,6 +43,7 @@ class TestGroupApi(DefaultTest):
         api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         group = api.get_one_with_name('administrators')
         assert group.group_id == 3
@@ -53,6 +56,7 @@ class TestGroupApi(DefaultTest):
         api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         with pytest.raises(GroupNotExist):
             group = api.get_one_with_name('unknown_group')
@@ -64,6 +68,7 @@ class TestGroupApi(DefaultTest):
         api = GroupApi(
             current_user=None,
             session=self.session,
+            config=self.app_config,
         )
         groups = api.get_all()
         assert ['users', 'managers', 'administrators'] == [group.group_name for group in groups]  # nopep8

tracim/tests/library/test_user_api.py

@@ -91,7 +91,7 @@ class TestUserApi(DefaultTest):
             session=self.session,
             config=self.config,
         )
-        with pytest.raises(NoResultFound):
+        with pytest.raises(UserNotExist):
             api.get_one_by_email('unknown')
 
     def test_unit__get_all__ok__nominal_case(self):
@@ -187,4 +187,4 @@ class TestUserApi(DefaultTest):
             config=self.config,
         )
         with pytest.raises(AuthenticationFailed):
-            api.authenticate_user('unknown_user', 'wrong_password')
+            api.authenticate_user('admin@admin.admin', 'wrong_password')

tracim/tests/library/test_workspace.py

@@ -44,6 +44,7 @@ class TestThread(DefaultTest):
             .filter(User.email == 'admin@admin.admin').one()
         wapi = WorkspaceApi(
             session=self.session,
+            config=self.app_config,
             current_user=admin,
         )
         w = wapi.create_workspace(label='workspace w', save_now=True)
@@ -57,6 +58,7 @@ class TestThread(DefaultTest):
         rapi = RoleApi(
             session=self.session,
             current_user=admin,
+            config=self.app_config,
         )
         r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True)
         eq_([r, ], wapi.get_notifiable_roles(workspace=w))
@@ -75,6 +77,7 @@ class TestThread(DefaultTest):
         wapi = WorkspaceApi(
             session=self.session,
             current_user=admin,
+            config=self.app_config,
         )
         eq_([], wapi.get_all_manageable())
         # Checks an admin gets all workspaces.
@@ -87,15 +90,18 @@ class TestThread(DefaultTest):
         gapi = GroupApi(
             session=self.session,
             current_user=None,
+            config=self.app_config,
         )
         u = uapi.create_minimal_user('u.s@e.r', [gapi.get_one(Group.TIM_USER)], True)
         wapi = WorkspaceApi(
             session=self.session,
-            current_user=u
+            current_user=u,
+            config=self.app_config,
         )
         rapi = RoleApi(
             session=self.session,
-            current_user=u
+            current_user=u,
+            config=self.app_config,
         )
         rapi.create_one(u, w4, UserRoleInWorkspace.READER, False)
         rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False)

tracim/views/core_api/schemas.py

@@ -1,13 +1,16 @@
 # coding=utf-8
 import marshmallow
 from marshmallow import post_load
+from marshmallow.validate import OneOf
 
-from tracim.models.context_models import LoginCredentials, UserInContext
+from tracim.models.auth import Profile
+from tracim.models.context_models import LoginCredentials
+from tracim.models.data import UserRoleInWorkspace
 
 
 class ProfileSchema(marshmallow.Schema):
-    id = marshmallow.fields.Int(dump_only=True)
-    slug = marshmallow.fields.String(attribute='name')
+    id = marshmallow.fields.Int(dump_only=True, validate=OneOf(Profile._IDS))
+    slug = marshmallow.fields.String(attribute='name', validate=OneOf(Profile._NAME))
 
 
 class UserSchema(marshmallow.Schema):
@@ -32,6 +35,14 @@ class UserSchema(marshmallow.Schema):
     )
 
 
+class UserIdPathSchema(marshmallow.Schema):
+    user_id = marshmallow.fields.Int()
+
+
+class WorkspaceIdPathSchema(marshmallow.Schema):
+    workspace_id = marshmallow.fields.Int()
+
+
 class BasicAuthSchema(marshmallow.Schema):
 
     email = marshmallow.fields.Email(required=True)
@@ -48,3 +59,57 @@ class LoginOutputHeaders(marshmallow.Schema):
 
 class NoContentSchema(marshmallow.Schema):
     pass
+
+
+class WorkspaceMenuEntrySchema(marshmallow.Schema):
+    slug = marshmallow.fields.String()
+    label = marshmallow.fields.String()
+    route = marshmallow.fields.String()
+    hexcolor = marshmallow.fields.String()
+    icon = marshmallow.fields.String()
+
+
+class WorkspaceSchema(marshmallow.Schema):
+    id = marshmallow.fields.Int()
+    slug = marshmallow.fields.String()
+    label = marshmallow.fields.String()
+    description = marshmallow.fields.String()
+    sidebar_entries = marshmallow.fields.Nested(
+        WorkspaceMenuEntrySchema,
+        many=True,
+    )
+
+
+class WorkspaceDigestSchema(marshmallow.Schema):
+    id = marshmallow.fields.Int()
+    label = marshmallow.fields.String()
+    sidebar_entries = marshmallow.fields.Nested(
+        WorkspaceMenuEntrySchema,
+        many=True,
+    )
+
+
+class WorkspaceMemberSchema(marshmallow.Schema):
+    role_id = marshmallow.fields.Int(validate=OneOf(UserRoleInWorkspace.get_all_role_values()))  # nopep8
+    role_slug = marshmallow.fields.String(validate=OneOf(UserRoleInWorkspace.get_all_role_slug()))  # nopep8
+    user_id = marshmallow.fields.Int()
+    workspace_id = marshmallow.fields.Int()
+    user = marshmallow.fields.Nested(
+        UserSchema(only=('display_name', 'avatar_url'))
+    )
+
+
+class ApplicationConfigSchema(marshmallow.Schema):
+    pass
+    #  TODO - G.M - 24-05-2018 - Set this
+
+
+class ApplicationSchema(marshmallow.Schema):
+    label = marshmallow.fields.String()
+    slug = marshmallow.fields.String()
+    icon = marshmallow.fields.String()
+    hexcolor = marshmallow.fields.String()
+    is_active = marshmallow.fields.Boolean()
+    config = marshmallow.fields.Nested(
+        ApplicationConfigSchema,
+    )

tracim/views/core_api/system_controller.py

@@ -0,0 +1,42 @@
+# coding=utf-8
+from pyramid.config import Configurator
+
+from tracim.exceptions import NotAuthentificated, InsufficientUserProfile
+from tracim.lib.utils.authorization import require_profile
+from tracim.models import Group
+from tracim.models.applications import applications
+
+try:  # Python 3.5+
+    from http import HTTPStatus
+except ImportError:
+    from http import client as HTTPStatus
+
+from tracim import TracimRequest
+from tracim.extensions import hapic
+from tracim.views.controllers import Controller
+from tracim.views.core_api.schemas import ApplicationSchema
+
+
+class SystemController(Controller):
+
+    @hapic.with_api_doc()
+    @hapic.handle_exception(NotAuthentificated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @require_profile(Group.TIM_USER)
+    @hapic.output_body(ApplicationSchema(many=True),)
+    def applications(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get list of alls applications installed in this tracim instance.
+        """
+        return applications
+
+    def bind(self, configurator: Configurator) -> None:
+        """
+        Create all routes and views using pyramid configurator
+        for this controller
+        """
+
+        # Applications
+        configurator.add_route('applications', '/system/applications', request_method='GET')  # nopep8
+        configurator.add_view(self.applications, route_name='applications')
+

tracim/views/core_api/user_controller.py

@@ -0,0 +1,55 @@
+from pyramid.config import Configurator
+from sqlalchemy.orm.exc import NoResultFound
+
+from tracim.lib.utils.authorization import require_same_user_or_profile
+from tracim.models import Group
+from tracim.models.context_models import WorkspaceInContext
+
+try:  # Python 3.5+
+    from http import HTTPStatus
+except ImportError:
+    from http import client as HTTPStatus
+
+from tracim import hapic, TracimRequest
+from tracim.exceptions import NotAuthentificated, InsufficientUserProfile, \
+    UserNotExist
+from tracim.lib.core.user import UserApi
+from tracim.lib.core.workspace import WorkspaceApi
+from tracim.views.controllers import Controller
+from tracim.views.core_api.schemas import UserIdPathSchema, \
+    WorkspaceDigestSchema
+
+
+class UserController(Controller):
+
+    @hapic.with_api_doc()
+    @hapic.handle_exception(NotAuthentificated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(UserNotExist, HTTPStatus.NOT_FOUND)
+    @require_same_user_or_profile(Group.TIM_ADMIN)
+    @hapic.input_path(UserIdPathSchema())
+    @hapic.output_body(WorkspaceDigestSchema(many=True),)
+    def user_workspace(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get list of user workspaces
+        """
+        app_config = request.registry.settings['CFG']
+        wapi = WorkspaceApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        return [
+            WorkspaceInContext(workspace, request.dbsession, app_config)
+            for workspace in wapi.get_all_for_user(request.candidate_user)
+        ]
+
+    def bind(self, configurator: Configurator) -> None:
+        """
+        Create all routes and views using pyramid configurator
+        for this controller
+        """
+
+        # Applications
+        configurator.add_route('user_workspace', '/users/{user_id}/workspaces', request_method='GET')  # nopep8
+        configurator.add_view(self.user_workspace, route_name='user_workspace')

tracim/views/core_api/workspace_controller.py

@@ -0,0 +1,86 @@
+import typing
+
+from pyramid.config import Configurator
+from sqlalchemy.orm.exc import NoResultFound
+
+from tracim.lib.core.userworkspace import RoleApi
+from tracim.lib.utils.authorization import require_workspace_role
+from tracim.models.context_models import WorkspaceInContext, \
+    UserRoleWorkspaceInContext
+from tracim.models.data import UserRoleInWorkspace
+
+try:  # Python 3.5+
+    from http import HTTPStatus
+except ImportError:
+    from http import client as HTTPStatus
+
+from tracim import hapic, TracimRequest
+from tracim.exceptions import NotAuthentificated, InsufficientUserProfile, \
+    WorkspaceNotFound
+from tracim.lib.core.user import UserApi
+from tracim.lib.core.workspace import WorkspaceApi
+from tracim.views.controllers import Controller
+from tracim.views.core_api.schemas import WorkspaceSchema, UserSchema, \
+    WorkspaceIdPathSchema, WorkspaceMemberSchema
+
+
+class WorkspaceController(Controller):
+
+    @hapic.with_api_doc()
+    @hapic.handle_exception(NotAuthentificated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @require_workspace_role(UserRoleInWorkspace.READER)
+    @hapic.input_path(WorkspaceIdPathSchema())
+    @hapic.output_body(WorkspaceSchema())
+    def workspace(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get workspace informations
+        """
+        wid = hapic_data.path['workspace_id']
+        app_config = request.registry.settings['CFG']
+        wapi = WorkspaceApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        return wapi.get_workspace_with_context(request.current_workspace)
+
+    @hapic.with_api_doc()
+    @hapic.handle_exception(NotAuthentificated, HTTPStatus.UNAUTHORIZED)
+    @hapic.handle_exception(InsufficientUserProfile, HTTPStatus.FORBIDDEN)
+    @hapic.handle_exception(WorkspaceNotFound, HTTPStatus.FORBIDDEN)
+    @require_workspace_role(UserRoleInWorkspace.READER)
+    @hapic.input_path(WorkspaceIdPathSchema())
+    @hapic.output_body(WorkspaceMemberSchema(many=True))
+    def workspaces_members(
+            self,
+            context,
+            request: TracimRequest,
+            hapic_data=None
+    ) -> typing.List[UserRoleWorkspaceInContext]:
+        """
+        Get Members of this workspace
+        """
+        app_config = request.registry.settings['CFG']
+        rapi = RoleApi(
+            current_user=request.current_user,
+            session=request.dbsession,
+            config=app_config,
+        )
+        return [
+            rapi.get_user_role_workspace_with_context(user_role)
+            for user_role in rapi.get_all_for_workspace(request.current_workspace)
+        ]
+
+    def bind(self, configurator: Configurator) -> None:
+        """
+        Create all routes and views using pyramid configurator
+        for this controller
+        """
+
+        # Applications
+        configurator.add_route('workspace', '/workspaces/{workspace_id}', request_method='GET')  # nopep8
+        configurator.add_view(self.workspace, route_name='workspace')
+        configurator.add_route('workspace_members', '/workspaces/{workspace_id}/members', request_method='GET')  # nopep8
+        configurator.add_view(self.workspaces_members, route_name='workspace_members')  # nopep8