import deform import pytest from pyramid.httpexceptions import HTTPFound from pyramid.testing import DummyRequest, DummyResource from ... import ( # noqa: F401 app_config, dbsession, get_example_user, get_post_request ) def test_forgotten_password_form(): ''' test the view for the forgotten password form ''' from ordr.resources.account import PasswordResetResource from ordr.views.account import forgotten_password_form request = DummyRequest() parent = DummyResource(request=request) context = PasswordResetResource(name=None, parent=parent) result = forgotten_password_form(context, None) assert result == {'formerror': False} @pytest.mark.parametrize( # noqa: F811 'identifier', ['TerryGilliam', 'gilliam@example.com', 'Gilliam@Example.com'] ) def test_forgotten_password_processing_ok(dbsession, identifier): ''' test the processing of the forgotten password form ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import PasswordResetResource from ordr.views.account import ( forgotten_password_form_processing ) user = get_example_user(Role.USER) dbsession.add(user) dbsession.flush() post_data = { 'identifier': identifier, 'send_mail': 'send_mail', } request = DummyRequest(dbsession=dbsession, POST=post_data) parent = DummyResource(request=request) context = PasswordResetResource(name=None, parent=parent) result = forgotten_password_form_processing(context, request) assert isinstance(result, HTTPFound) assert result.location == 'http://example.com//verify' # a token should be created token = user.tokens[0] assert token.subject == TokenSubject.RESET_PASSWORD # a verification email should be sent # this is tested in the functional test since request.registry.notify # doesn't know about event subscribers in the unittest @pytest.mark.parametrize( # noqa: F811 'identifier', ['', 'GrahamChapman', 'unknown@example.com'] ) def test_forgotten_password_processing_not_ok(dbsession, identifier): ''' test error processing of the forgotten password form ''' from ordr.models.account import Role, Token from ordr.resources.account import PasswordResetResource from ordr.views.account import ( forgotten_password_form_processing ) user = get_example_user(Role.UNVALIDATED) dbsession.add(user) dbsession.flush() post_data = { 'identifier': identifier, 'send_mail': 'send_mail', } request = DummyRequest(dbsession=dbsession, POST=post_data) parent = DummyResource(request=request) context = PasswordResetResource(name=None, parent=parent) result = forgotten_password_form_processing(context, request) assert result == {'formerror': True} assert dbsession.query(Token).count() == 0 def test_forgotten_password_processing_cancel(dbsession): # noqa: F811 ''' test the canceling of the forgotten password form ''' from ordr.models.account import Token from ordr.resources.account import PasswordResetResource from ordr.views.account import ( forgotten_password_form_processing ) post_data = { 'identifier': 'TerryGilliam', 'cancel': 'cancel', } request = DummyRequest(dbsession=dbsession, POST=post_data) parent = DummyResource(request=request) context = PasswordResetResource(name=None, parent=parent) result = forgotten_password_form_processing(context, request) assert isinstance(result, HTTPFound) assert result.location == 'http://example.com//' assert dbsession.query(Token).count() == 0 def test_forgotten_password_verify_email(): ''' test the message view for check your email ''' from ordr.views.account import forgotten_password_verify_email result = forgotten_password_verify_email(None, None) assert result == {} def test_forgotten_password_completed(): ''' test the view for a completed reset process ''' from ordr.views.account import forgotten_password_completed result = forgotten_password_completed(None, None) assert result == {} def test_reset_password_form(): ''' test reset password form view ''' from ordr.resources.account import PasswordResetTokenResource from ordr.schemas.account import ResetPasswordSchema from ordr.views.account import reset_password_form request = DummyRequest() parent = DummyResource(request=request) context = PasswordResetTokenResource(name=None, parent=parent) result = reset_password_form(context, None) form = result['form'] assert isinstance(form, deform.Form) assert isinstance(form.schema, ResetPasswordSchema) def test_reset_password_form_processing_valid(dbsession): # noqa: F811 ''' test reset password form processing ''' from ordr.models.account import User, Role, Token, TokenSubject from ordr.resources.account import PasswordResetTokenResource from ordr.views.account import reset_password_form_processing data = { '__start__': 'password:mapping', 'password': 'Lost in La Mancha', 'password-confirm': 'Lost in La Mancha', '__end__': 'password:mapping', 'change': 'Set New Password' } request = get_post_request(data, dbsession=dbsession) user = get_example_user(Role.USER) dbsession.add(user) user.issue_token(request, TokenSubject.RESET_PASSWORD) dbsession.flush() token = dbsession.query(Token).first() parent = DummyResource(request=request) context = PasswordResetTokenResource(name=None, parent=parent, model=token) result = reset_password_form_processing(context, request) # return value of function call assert isinstance(result, HTTPFound) assert result.location == 'http://example.com/completed' # password of the user should be updated user = dbsession.query(User).filter_by(username='TerryGilliam').first() assert user.check_password('Lost in La Mancha') token_count = dbsession.query(Token).count() assert token_count == 0 def test_reset_password_form_processing_invalid_data(dbsession): # noqa: F811 ''' test reset password form processing ''' from ordr.models.account import Role, Token, TokenSubject from ordr.resources.account import PasswordResetTokenResource from ordr.schemas.account import ResetPasswordSchema from ordr.views.account import reset_password_form_processing data = { '__start__': 'password:mapping', 'password': 'does not match', 'password-confirm': 'the confirmation', '__end__': 'password:mapping', 'change': 'Set New Password' } request = get_post_request(data, dbsession=dbsession) user = get_example_user(Role.USER) dbsession.add(user) user.issue_token(request, TokenSubject.RESET_PASSWORD) dbsession.flush() token = dbsession.query(Token).first() parent = DummyResource(request=request) context = PasswordResetTokenResource(name=None, parent=parent, model=token) result = reset_password_form_processing(context, request) form = result['form'] assert isinstance(form, deform.Form) assert isinstance(form.schema, ResetPasswordSchema) def test_reset_password_form_processing_cancel(dbsession): # noqa: F811 ''' test reset password form processing ''' from ordr.models.account import Role, Token, TokenSubject from ordr.resources.account import PasswordResetTokenResource from ordr.views.account import reset_password_form_processing data = { '__start__': 'password:mapping', 'password': 'Lost in La Mancha', 'password-confirm': 'Lost in La Mancha', '__end__': 'password:mapping', 'cancel': 'Cancel' } request = get_post_request(data, dbsession=dbsession) user = get_example_user(Role.USER) dbsession.add(user) user.issue_token(request, TokenSubject.RESET_PASSWORD) dbsession.flush() token = dbsession.query(Token).first() parent = DummyResource(request=request) context = PasswordResetTokenResource(name=None, parent=parent, model=token) result = reset_password_form_processing(context, request) assert isinstance(result, HTTPFound) assert result.location == 'http://example.com//'