''' Tests for the account resources ''' import pytest from pyramid.testing import DummyRequest, DummyResource from .. import app_config, dbsession, get_example_user # noqa: F401 def test_registration_token_acl(): ''' test access controll list for RegistrationTokenResource ''' from pyramid.security import Allow, Everyone, DENY_ALL from ordr.resources.account import RegistrationTokenResource parent = DummyResource(request='request') resource = RegistrationTokenResource('name', parent) assert resource.__acl__() == [(Allow, Everyone, 'register'), DENY_ALL] def test_registration_acl(): ''' test access controll list for RegistrationResource ''' from pyramid.security import Allow, Everyone, DENY_ALL from ordr.resources.account import RegistrationResource parent = DummyResource(request='request') resource = RegistrationResource('a name', parent) assert resource.__acl__() == [(Allow, Everyone, 'register'), DENY_ALL] def test_registration_get_registration_form(): ''' test 'get_registration_form()' method of RegistrationResource ''' from ordr.resources.account import RegistrationResource import deform request = DummyRequest() parent = DummyResource(request=request) resource = RegistrationResource('a name', parent) form = resource.get_registration_form() assert isinstance(form, deform.Form) assert len(form.buttons) == 2 assert form.buttons[0].title == 'Create Account' assert form.buttons[1].title == 'Cancel' def test_registration_getitem_found(dbsession): # noqa: F811 ''' test '__getitem__()' method returns child resource ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import ( RegistrationResource, RegistrationTokenResource ) request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) token = user.issue_token(request, TokenSubject.REGISTRATION) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = RegistrationResource('a name', parent) result = resource[token.hash] assert isinstance(result, RegistrationTokenResource) assert result.__name__ == token.hash assert result.__parent__ == resource assert result.model == token def test_registration_getitem_not_found(dbsession): # noqa: F811 ''' test '__getitem__()' method raises KeyError ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import RegistrationResource request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) user.issue_token(request, TokenSubject.REGISTRATION) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = RegistrationResource('a name', parent) with pytest.raises(KeyError): resource['unknown hash'] def test_password_reset_token_acl(): ''' test access controll list for PasswordResetTokenResource ''' from pyramid.security import Allow, Everyone, DENY_ALL from ordr.resources.account import PasswordResetTokenResource parent = DummyResource(request='request') resource = PasswordResetTokenResource('name', parent) assert resource.__acl__() == [(Allow, Everyone, 'reset'), DENY_ALL] def test_password_reset_token_get_reset_form(): ''' test the setup of the password reset form''' from ordr.resources.account import PasswordResetTokenResource import deform request = DummyRequest() parent = DummyResource(request=request) resource = PasswordResetTokenResource('some name', parent) form = resource.get_reset_form() assert isinstance(form, deform.Form) assert len(form.buttons) == 2 assert form.buttons[0].title == 'Set New Password' assert form.buttons[1].title == 'Cancel' def test_password_reset_acl(): ''' test access controll list for PasswordResetResource ''' from pyramid.security import Allow, Everyone, DENY_ALL from ordr.resources.account import PasswordResetResource parent = DummyResource(request='request') resource = PasswordResetResource('a name', parent) assert resource.__acl__() == [(Allow, Everyone, 'reset'), DENY_ALL] def test_password_reset_getitem_found(dbsession): # noqa: F811 ''' test '__getitem__()' method returns child resource ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import ( PasswordResetResource, PasswordResetTokenResource ) request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) token = user.issue_token(request, TokenSubject.RESET_PASSWORD) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = PasswordResetResource('a name', parent) result = resource[token.hash] assert isinstance(result, PasswordResetTokenResource) assert result.__name__ == token.hash assert result.__parent__ == resource assert result.model == token def test_password_reset_getitem_not_found(dbsession): # noqa: F811 ''' test '__getitem__()' method raises KeyError ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import PasswordResetResource request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) user.issue_token(request, TokenSubject.RESET_PASSWORD) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = PasswordResetResource('a name', parent) with pytest.raises(KeyError): resource['unknown hash'] def test_change_email_token_acl(dbsession): # noqa: F811 ''' test access controll list for PasswordResetTokenResource ''' from pyramid.security import Allow, DENY_ALL from ordr.models.account import Role, Token, TokenSubject from ordr.resources.account import ChangeEmailTokenResource request = DummyRequest() user = get_example_user(Role.USER) dbsession.add(user) user.issue_token(request, TokenSubject.CHANGE_EMAIL) dbsession.flush() token = dbsession.query(Token).first() parent = DummyResource(request='request') resource = ChangeEmailTokenResource('name', parent, model=token) assert resource.__acl__() == [(Allow, 'user:3', 'edit'), DENY_ALL] def test_account_resource_set_model_from_request(): ''' test access controll list for PasswordResetResource ''' from ordr.resources.account import AccountResource request = DummyRequest(user='Amy McDonald') parent = DummyResource(request=request) resource = AccountResource('a name', parent) assert resource.model == 'Amy McDonald' def test_account_resource_acl(): ''' test access controll list for PasswordResetResource ''' from pyramid.security import ( Allow, Everyone, Authenticated, DENY_ALL ) from ordr.resources.account import AccountResource request = DummyRequest() parent = DummyResource(request=request) resource = AccountResource('a name', parent) assert resource.__acl__() == [ (Allow, Everyone, 'view'), (Allow, Everyone, 'login'), (Allow, Everyone, 'logout'), (Allow, Everyone, 'register'), (Allow, Everyone, 'reset'), (Allow, Authenticated, 'edit'), DENY_ALL ] @pytest.mark.parametrize('key', ['register', 'forgot']) # noqa: F811 def test_account_resource_getitem_static(dbsession, key): ''' test '__getitem__()' method returns static resources ''' from ordr.resources.account import ( AccountResource, PasswordResetResource, RegistrationResource ) request = DummyRequest(dbsession=dbsession) parent = DummyResource(request=request) resource = AccountResource('some name', parent) result = resource[key] if key == 'register': assert isinstance(result, RegistrationResource) elif key == 'forgot': assert isinstance(result, PasswordResetResource) def test_account_resource_getitem_token(dbsession): # noqa: F811 ''' test '__getitem__()' method returns child resource ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import ( AccountResource, ChangeEmailTokenResource ) request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) token = user.issue_token(request, TokenSubject.CHANGE_EMAIL) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = AccountResource('a name', parent) result = resource[token.hash] assert isinstance(result, ChangeEmailTokenResource) assert result.__name__ == token.hash assert result.__parent__ == resource assert result.model == token def test_account_resource_getitem_not_found(dbsession): # noqa: F811 ''' test '__getitem__()' method raises KeyError ''' from ordr.models.account import Role, TokenSubject from ordr.resources.account import AccountResource request = DummyRequest(dbsession=dbsession) user = get_example_user(Role.NEW) user.issue_token(request, TokenSubject.CHANGE_EMAIL) dbsession.add(user) dbsession.flush() parent = DummyResource(request=request) resource = AccountResource('a name', parent) with pytest.raises(KeyError): resource['unknown hash'] def test_account_resource_get_settings_form(): ''' test the setup of the settings form''' from ordr.resources.account import AccountResource import deform request = DummyRequest() parent = DummyResource(request=request) resource = AccountResource('some name', parent) form = resource.get_settings_form() assert isinstance(form, deform.Form) assert len(form.buttons) == 2 assert form.buttons[0].title == 'Change Settings' assert form.buttons[1].title == 'Cancel' def test_account_resource_get_password_form(): ''' test the setup of the change password form''' from ordr.resources.account import AccountResource import deform request = DummyRequest() parent = DummyResource(request=request) resource = AccountResource('some name', parent) form = resource.get_password_form() assert isinstance(form, deform.Form) assert len(form.buttons) == 2 assert form.buttons[0].title == 'Change Password' assert form.buttons[1].title == 'Cancel'