basic installation command

canaille/__init__.py

@@ -23,7 +23,7 @@ from logging.config import dictConfig
 from .flaskutils import current_user
 from .ldaputils import LDAPObject
 from .oauth2utils import config_oauth
-from .models import User, Token, AuthorizationCode, Client, Consent, Group
+from .models import User, Group
 
 try:  # pragma: no cover
     import sentry_sdk
@@ -67,18 +67,6 @@ def create_app(config=None):
     return app
 
 
-def setup_ldap_tree(app):
-    conn = ldap.initialize(app.config["LDAP"]["URI"])
-    if app.config["LDAP"].get("TIMEOUT"):
-        conn.set_option(ldap.OPT_NETWORK_TIMEOUT, app.config["LDAP"]["TIMEOUT"])
-    conn.simple_bind_s(app.config["LDAP"]["BIND_DN"], app.config["LDAP"]["BIND_PW"])
-    Token.initialize(conn)
-    AuthorizationCode.initialize(conn)
-    Client.initialize(conn)
-    Consent.initialize(conn)
-    conn.unbind_s()
-
-
 def setup_ldap_connection(app):
     g.ldap = ldap.initialize(app.config["LDAP"]["URI"])
     if app.config["LDAP"].get("TIMEOUT"):
@@ -138,7 +126,6 @@ def setup_app(app):
         app.url_map.strict_slashes = False
 
         config_oauth(app)
-        setup_ldap_tree(app)
         app.register_blueprint(canaille.account.bp)
         app.register_blueprint(canaille.groups.bp, url_prefix="/groups")
         app.register_blueprint(canaille.oauth.bp, url_prefix="/oauth")

canaille/commands.py

@@ -46,3 +46,21 @@ def check():
     except ConfigurationException as exc:
         print(exc)
         sys.exit(1)
+
+
+@cli.command()
+@with_appcontext
+def install():
+    """
+    Installs nubla.
+    """
+    from canaille.installation import install
+    from canaille.configuration import validate, ConfigurationException
+
+    try:
+        validate(current_app.config, validate_remote=True)
+        install(current_app.config)
+
+    except ConfigurationException as exc:
+        print(exc)
+        sys.exit(1)

canaille/installation.py

@@ -0,0 +1,19 @@
+import ldap
+from .models import Token, AuthorizationCode, Client, Consent
+
+
+def install(config):
+    setup_ldap_tree(config)
+
+
+def setup_ldap_tree(config):
+    conn = ldap.initialize(config["LDAP"]["URI"])
+    if config["LDAP"].get("TIMEOUT"):
+        conn.set_option(ldap.OPT_NETWORK_TIMEOUT, config["LDAP"]["TIMEOUT"])
+
+    conn.simple_bind_s(config["LDAP"]["BIND_DN"], config["LDAP"]["BIND_PW"])
+    Token.initialize(conn)
+    AuthorizationCode.initialize(conn)
+    Client.initialize(conn)
+    Consent.initialize(conn)
+    conn.unbind_s()

tests/conftest.py

@@ -10,6 +10,7 @@ from flask_webtest import TestApp
 from werkzeug.security import gen_salt
 from canaille import create_app
 from canaille.models import User, Client, Token, AuthorizationCode, Consent, Group
+from canaille.installation import setup_ldap_tree
 from canaille.ldaputils import LDAPObject
 
 
@@ -124,7 +125,7 @@ def slapd_connection(slapd_server):
 def configuration(slapd_server, smtpd, keypair_path):
     smtpd.config.use_starttls = True
     private_key_path, public_key_path = keypair_path
-    return {
+    conf = {
         "SECRET_KEY": gen_salt(24),
         "OAUTH2_METADATA_FILE": "canaille/conf/oauth-authorization-server.sample.json",
         "OIDC_METADATA_FILE": "canaille/conf/openid-configuration.sample.json",
@@ -182,6 +183,8 @@ def configuration(slapd_server, smtpd, keypair_path):
             "FROM_ADDR": "admin@mydomain.tld",
         },
     }
+    setup_ldap_tree(conf)
+    return conf
 
 
 @pytest.fixture
@@ -199,7 +202,6 @@ def testclient(app):
 
 @pytest.fixture
 def client(app, slapd_connection, other_client):
-    Client.ocs_by_name(slapd_connection)
     c = Client(
         oauthClientID=gen_salt(24),
         oauthClientName="Some client",
@@ -234,7 +236,6 @@ def client(app, slapd_connection, other_client):
 
 @pytest.fixture
 def other_client(app, slapd_connection):
-    Client.ocs_by_name(slapd_connection)
     c = Client(
         oauthClientID=gen_salt(24),
         oauthClientName="Some other client",
@@ -269,7 +270,6 @@ def other_client(app, slapd_connection):
 
 @pytest.fixture
 def authorization(app, slapd_connection, user, client):
-    AuthorizationCode.ocs_by_name(slapd_connection)
     a = AuthorizationCode(
         oauthCode="my-code",
         oauthClient=client.dn,
@@ -335,7 +335,6 @@ def moderator(app, slapd_connection):
 
 @pytest.fixture
 def token(slapd_connection, client, user):
-    Token.ocs_by_name(slapd_connection)
     t = Token(
         oauthAccessToken=gen_salt(48),
         oauthAudience=[client.dn],
@@ -353,7 +352,6 @@ def token(slapd_connection, client, user):
 
 @pytest.fixture
 def consent(slapd_connection, client, user):
-    Consent.ocs_by_name(slapd_connection)
     t = Consent(
         oauthClient=client.dn,
         oauthSubject=user.dn,