|
|
|
|
''' Tests for the account resources '''
|
|
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
|
|
|
|
|
|
from pyramid.testing import DummyRequest, DummyResource
|
|
|
|
|
|
|
|
|
|
from .. import app_config, dbsession, get_example_user # noqa: F401
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_registration_token_acl():
|
|
|
|
|
''' test access controll list for RegistrationTokenResource '''
|
|
|
|
|
from pyramid.security import Allow, Everyone, DENY_ALL
|
|
|
|
|
from ordr.resources.account import RegistrationTokenResource
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request='request')
|
|
|
|
|
resource = RegistrationTokenResource('name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'register'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_registration_acl():
|
|
|
|
|
''' test access controll list for RegistrationResource '''
|
|
|
|
|
from pyramid.security import Allow, Everyone, DENY_ALL
|
|
|
|
|
from ordr.resources.account import RegistrationResource
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request='request')
|
|
|
|
|
resource = RegistrationResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'register'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_registration_get_registration_form():
|
|
|
|
|
''' test 'get_registration_form()' method of RegistrationResource '''
|
|
|
|
|
from ordr.resources.account import RegistrationResource
|
|
|
|
|
import deform
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = RegistrationResource('a name', parent)
|
|
|
|
|
form = resource.get_registration_form()
|
|
|
|
|
|
|
|
|
|
assert isinstance(form, deform.Form)
|
|
|
|
|
assert len(form.buttons) == 2
|
|
|
|
|
assert form.buttons[0].title == 'Create Account'
|
|
|
|
|
assert form.buttons[1].title == 'Cancel'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_registration_getitem_found(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method returns child resource '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import (
|
|
|
|
|
RegistrationResource,
|
|
|
|
|
RegistrationTokenResource
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
token = user.issue_token(request, TokenSubject.REGISTRATION)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = RegistrationResource('a name', parent)
|
|
|
|
|
result = resource[token.hash]
|
|
|
|
|
|
|
|
|
|
assert isinstance(result, RegistrationTokenResource)
|
|
|
|
|
assert result.__name__ == token.hash
|
|
|
|
|
assert result.__parent__ == resource
|
|
|
|
|
assert result.model == token
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_registration_getitem_not_found(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method raises KeyError '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import RegistrationResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
user.issue_token(request, TokenSubject.REGISTRATION)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = RegistrationResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
with pytest.raises(KeyError):
|
|
|
|
|
resource['unknown hash']
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_token_acl():
|
|
|
|
|
''' test access controll list for PasswordResetTokenResource '''
|
|
|
|
|
from pyramid.security import Allow, Everyone, DENY_ALL
|
|
|
|
|
from ordr.resources.account import PasswordResetTokenResource
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request='request')
|
|
|
|
|
resource = PasswordResetTokenResource('name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'reset'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_token_get_reset_form():
|
|
|
|
|
''' test the setup of the password reset form'''
|
|
|
|
|
from ordr.resources.account import PasswordResetTokenResource
|
|
|
|
|
import deform
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = PasswordResetTokenResource('some name', parent)
|
|
|
|
|
form = resource.get_reset_form()
|
|
|
|
|
|
|
|
|
|
assert isinstance(form, deform.Form)
|
|
|
|
|
assert len(form.buttons) == 2
|
|
|
|
|
assert form.buttons[0].title == 'Set New Password'
|
|
|
|
|
assert form.buttons[1].title == 'Cancel'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_acl():
|
|
|
|
|
''' test access controll list for PasswordResetResource '''
|
|
|
|
|
from pyramid.security import Allow, Everyone, DENY_ALL
|
|
|
|
|
from ordr.resources.account import PasswordResetResource
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request='request')
|
|
|
|
|
resource = PasswordResetResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'reset'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_getitem_found(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method returns child resource '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import (
|
|
|
|
|
PasswordResetResource,
|
|
|
|
|
PasswordResetTokenResource
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
token = user.issue_token(request, TokenSubject.RESET_PASSWORD)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = PasswordResetResource('a name', parent)
|
|
|
|
|
result = resource[token.hash]
|
|
|
|
|
|
|
|
|
|
assert isinstance(result, PasswordResetTokenResource)
|
|
|
|
|
assert result.__name__ == token.hash
|
|
|
|
|
assert result.__parent__ == resource
|
|
|
|
|
assert result.model == token
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_getitem_not_found(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method raises KeyError '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import PasswordResetResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
user.issue_token(request, TokenSubject.RESET_PASSWORD)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = PasswordResetResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
with pytest.raises(KeyError):
|
|
|
|
|
resource['unknown hash']
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_change_email_token_acl(dbsession): # noqa: F811
|
|
|
|
|
''' test access controll list for PasswordResetTokenResource '''
|
|
|
|
|
from pyramid.security import Allow, DENY_ALL
|
|
|
|
|
from ordr.models.account import Role, Token, TokenSubject
|
|
|
|
|
from ordr.resources.account import ChangeEmailTokenResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.USER)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
user.issue_token(request, TokenSubject.CHANGE_EMAIL)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
token = dbsession.query(Token).first()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request='request')
|
|
|
|
|
resource = ChangeEmailTokenResource('name', parent, model=token)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [(Allow, 'user:3', 'edit'), DENY_ALL]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_set_model_from_request():
|
|
|
|
|
''' test access controll list for PasswordResetResource '''
|
|
|
|
|
from ordr.resources.account import AccountResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(user='Amy McDonald')
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.model == 'Amy McDonald'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_acl():
|
|
|
|
|
''' test access controll list for PasswordResetResource '''
|
|
|
|
|
from pyramid.security import (
|
|
|
|
|
Allow,
|
|
|
|
|
Everyone,
|
|
|
|
|
Authenticated,
|
|
|
|
|
DENY_ALL
|
|
|
|
|
)
|
|
|
|
|
from ordr.resources.account import AccountResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
assert resource.__acl__() == [
|
|
|
|
|
(Allow, Everyone, 'view'),
|
|
|
|
|
(Allow, Everyone, 'login'),
|
|
|
|
|
(Allow, Everyone, 'logout'),
|
|
|
|
|
(Allow, Everyone, 'register'),
|
|
|
|
|
(Allow, Everyone, 'reset'),
|
|
|
|
|
(Allow, Authenticated, 'edit'),
|
|
|
|
|
DENY_ALL
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize('key', ['register', 'forgot']) # noqa: F811
|
|
|
|
|
def test_account_resource_getitem_static(dbsession, key):
|
|
|
|
|
''' test '__getitem__()' method returns static resources '''
|
|
|
|
|
from ordr.resources.account import (
|
|
|
|
|
AccountResource,
|
|
|
|
|
PasswordResetResource,
|
|
|
|
|
RegistrationResource
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('some name', parent)
|
|
|
|
|
result = resource[key]
|
|
|
|
|
|
|
|
|
|
if key == 'register':
|
|
|
|
|
assert isinstance(result, RegistrationResource)
|
|
|
|
|
elif key == 'forgot':
|
|
|
|
|
assert isinstance(result, PasswordResetResource)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_getitem_token(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method returns child resource '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import (
|
|
|
|
|
AccountResource,
|
|
|
|
|
ChangeEmailTokenResource
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
token = user.issue_token(request, TokenSubject.CHANGE_EMAIL)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('a name', parent)
|
|
|
|
|
result = resource[token.hash]
|
|
|
|
|
|
|
|
|
|
assert isinstance(result, ChangeEmailTokenResource)
|
|
|
|
|
assert result.__name__ == token.hash
|
|
|
|
|
assert result.__parent__ == resource
|
|
|
|
|
assert result.model == token
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_getitem_not_found(dbsession): # noqa: F811
|
|
|
|
|
''' test '__getitem__()' method raises KeyError '''
|
|
|
|
|
from ordr.models.account import Role, TokenSubject
|
|
|
|
|
from ordr.resources.account import AccountResource
|
|
|
|
|
|
|
|
|
|
request = DummyRequest(dbsession=dbsession)
|
|
|
|
|
|
|
|
|
|
user = get_example_user(Role.NEW)
|
|
|
|
|
user.issue_token(request, TokenSubject.CHANGE_EMAIL)
|
|
|
|
|
dbsession.add(user)
|
|
|
|
|
dbsession.flush()
|
|
|
|
|
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('a name', parent)
|
|
|
|
|
|
|
|
|
|
with pytest.raises(KeyError):
|
|
|
|
|
resource['unknown hash']
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_get_settings_form():
|
|
|
|
|
''' test the setup of the settings form'''
|
|
|
|
|
from ordr.resources.account import AccountResource
|
|
|
|
|
import deform
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('some name', parent)
|
|
|
|
|
form = resource.get_settings_form()
|
|
|
|
|
|
|
|
|
|
assert isinstance(form, deform.Form)
|
|
|
|
|
assert len(form.buttons) == 2
|
|
|
|
|
assert form.buttons[0].title == 'Change Settings'
|
|
|
|
|
assert form.buttons[1].title == 'Cancel'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_account_resource_get_password_form():
|
|
|
|
|
''' test the setup of the change password form'''
|
|
|
|
|
from ordr.resources.account import AccountResource
|
|
|
|
|
import deform
|
|
|
|
|
|
|
|
|
|
request = DummyRequest()
|
|
|
|
|
parent = DummyResource(request=request)
|
|
|
|
|
resource = AccountResource('some name', parent)
|
|
|
|
|
form = resource.get_password_form()
|
|
|
|
|
|
|
|
|
|
assert isinstance(form, deform.Form)
|
|
|
|
|
assert len(form.buttons) == 2
|
|
|
|
|
assert form.buttons[0].title == 'Change Password'
|
|
|
|
|
assert form.buttons[1].title == 'Cancel'
|
