You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
241 lines
8.2 KiB
241 lines
8.2 KiB
import deform |
|
import pytest |
|
|
|
from pyramid.httpexceptions import HTTPFound |
|
from pyramid.testing import DummyRequest, DummyResource |
|
|
|
from .. import ( # noqa: F401 |
|
app_config, |
|
dbsession, |
|
get_example_user, |
|
get_post_request |
|
) |
|
|
|
|
|
def test_forgotten_password_form(): |
|
''' test the view for the forgotten password form ''' |
|
from ordr.resources.account import PasswordResetResource |
|
from ordr.views.forgotten_password import forgotten_password_form |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
context = PasswordResetResource(name=None, parent=parent) |
|
result = forgotten_password_form(context, None) |
|
|
|
assert result == {'formerror': False} |
|
|
|
|
|
@pytest.mark.parametrize( # noqa: F811 |
|
'identifier', |
|
['TerryGilliam', 'gilliam@example.com', 'Gilliam@Example.com'] |
|
) |
|
def test_forgotten_password_processing_ok(dbsession, identifier): |
|
''' test the processing of the forgotten password form ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import PasswordResetResource |
|
from ordr.views.forgotten_password import ( |
|
forgotten_password_form_processing |
|
) |
|
|
|
user = get_example_user(Role.USER) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
post_data = { |
|
'identifier': identifier, |
|
'send_mail': 'send_mail', |
|
} |
|
request = DummyRequest(dbsession=dbsession, POST=post_data) |
|
parent = DummyResource(request=request) |
|
context = PasswordResetResource(name=None, parent=parent) |
|
result = forgotten_password_form_processing(context, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com//verify' |
|
|
|
# a token should be created |
|
token = user.tokens[0] |
|
assert token.subject == TokenSubject.RESET_PASSWORD |
|
|
|
# a verification email should be sent |
|
# this is tested in the functional test since request.registry.notify |
|
# doesn't know about event subscribers in the unittest |
|
|
|
|
|
@pytest.mark.parametrize( # noqa: F811 |
|
'identifier', |
|
['', 'GrahamChapman', 'unknown@example.com'] |
|
) |
|
def test_forgotten_password_processing_not_ok(dbsession, identifier): |
|
''' test error processing of the forgotten password form ''' |
|
from ordr.models.account import Role, Token |
|
from ordr.resources.account import PasswordResetResource |
|
from ordr.views.forgotten_password import ( |
|
forgotten_password_form_processing |
|
) |
|
|
|
user = get_example_user(Role.UNVALIDATED) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
post_data = { |
|
'identifier': identifier, |
|
'send_mail': 'send_mail', |
|
} |
|
request = DummyRequest(dbsession=dbsession, POST=post_data) |
|
parent = DummyResource(request=request) |
|
context = PasswordResetResource(name=None, parent=parent) |
|
result = forgotten_password_form_processing(context, request) |
|
|
|
assert result == {'formerror': True} |
|
assert dbsession.query(Token).count() == 0 |
|
|
|
|
|
def test_forgotten_password_processing_cancel(dbsession): # noqa: F811 |
|
''' test the canceling of the forgotten password form ''' |
|
from ordr.models.account import Token |
|
from ordr.resources.account import PasswordResetResource |
|
from ordr.views.forgotten_password import ( |
|
forgotten_password_form_processing |
|
) |
|
|
|
post_data = { |
|
'identifier': 'TerryGilliam', |
|
'cancel': 'cancel', |
|
} |
|
request = DummyRequest(dbsession=dbsession, POST=post_data) |
|
parent = DummyResource(request=request) |
|
context = PasswordResetResource(name=None, parent=parent) |
|
result = forgotten_password_form_processing(context, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com//' |
|
assert dbsession.query(Token).count() == 0 |
|
|
|
|
|
def test_verify(): |
|
''' test the message view for check your email ''' |
|
from ordr.views.forgotten_password import verify |
|
result = verify(None, None) |
|
assert result == {} |
|
|
|
|
|
def test_completed(): |
|
''' test the view for a completed reset process ''' |
|
from ordr.views.forgotten_password import completed |
|
result = completed(None, None) |
|
assert result == {} |
|
|
|
|
|
def test_reset_password_form(): |
|
''' test reset password form view ''' |
|
from ordr.resources.account import PasswordResetTokenResource |
|
from ordr.schemas.account import ResetPasswordSchema |
|
from ordr.views.forgotten_password import reset_password_form |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
context = PasswordResetTokenResource(name=None, parent=parent) |
|
result = reset_password_form(context, None) |
|
form = result['form'] |
|
|
|
assert isinstance(form, deform.Form) |
|
assert isinstance(form.schema, ResetPasswordSchema) |
|
|
|
|
|
def test_reset_password_form_processing_valid(dbsession): # noqa: F811 |
|
''' test reset password form processing ''' |
|
from ordr.models.account import User, Role, Token, TokenSubject |
|
from ordr.resources.account import PasswordResetTokenResource |
|
from ordr.views.forgotten_password import reset_password_form_processing |
|
|
|
data = { |
|
'__start__': 'password:mapping', |
|
'password': 'Lost in La Mancha', |
|
'password-confirm': 'Lost in La Mancha', |
|
'__end__': 'password:mapping', |
|
'change': 'Set New Password' |
|
} |
|
request = get_post_request(dbsession, data) |
|
|
|
user = get_example_user(Role.USER) |
|
dbsession.add(user) |
|
user.issue_token(request, TokenSubject.RESET_PASSWORD) |
|
dbsession.flush() |
|
token = dbsession.query(Token).first() |
|
|
|
parent = DummyResource(request=request) |
|
context = PasswordResetTokenResource(name=None, parent=parent, model=token) |
|
result = reset_password_form_processing(context, request) |
|
|
|
# return value of function call |
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com/completed' |
|
|
|
# password of the user should be updated |
|
user = dbsession.query(User).filter_by(username='TerryGilliam').first() |
|
assert user.check_password('Lost in La Mancha') |
|
|
|
token_count = dbsession.query(Token).count() |
|
assert token_count == 0 |
|
|
|
|
|
def test_reset_password_form_processing_invalid_data(dbsession): # noqa: F811 |
|
''' test reset password form processing ''' |
|
from ordr.models.account import Role, Token, TokenSubject |
|
from ordr.resources.account import PasswordResetTokenResource |
|
from ordr.schemas.account import ResetPasswordSchema |
|
from ordr.views.forgotten_password import reset_password_form_processing |
|
|
|
data = { |
|
'__start__': 'password:mapping', |
|
'password': 'does not match', |
|
'password-confirm': 'the confirmation', |
|
'__end__': 'password:mapping', |
|
'change': 'Set New Password' |
|
} |
|
request = get_post_request(dbsession, data) |
|
|
|
user = get_example_user(Role.USER) |
|
dbsession.add(user) |
|
user.issue_token(request, TokenSubject.RESET_PASSWORD) |
|
dbsession.flush() |
|
token = dbsession.query(Token).first() |
|
|
|
parent = DummyResource(request=request) |
|
context = PasswordResetTokenResource(name=None, parent=parent, model=token) |
|
result = reset_password_form_processing(context, request) |
|
|
|
form = result['form'] |
|
|
|
assert isinstance(form, deform.Form) |
|
assert isinstance(form.schema, ResetPasswordSchema) |
|
|
|
|
|
def test_reset_password_form_processing_cancel(dbsession): # noqa: F811 |
|
''' test reset password form processing ''' |
|
from ordr.models.account import Role, Token, TokenSubject |
|
from ordr.resources.account import PasswordResetTokenResource |
|
from ordr.views.forgotten_password import reset_password_form_processing |
|
|
|
data = { |
|
'__start__': 'password:mapping', |
|
'password': 'Lost in La Mancha', |
|
'password-confirm': 'Lost in La Mancha', |
|
'__end__': 'password:mapping', |
|
'cancel': 'Cancel' |
|
} |
|
request = get_post_request(dbsession, data) |
|
|
|
user = get_example_user(Role.USER) |
|
dbsession.add(user) |
|
user.issue_token(request, TokenSubject.RESET_PASSWORD) |
|
dbsession.flush() |
|
token = dbsession.query(Token).first() |
|
|
|
parent = DummyResource(request=request) |
|
context = PasswordResetTokenResource(name=None, parent=parent, model=token) |
|
result = reset_password_form_processing(context, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com//'
|
|
|