CPI Ordering System (the old version)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
 
 
 
 
 

241 lines
8.2 KiB

import deform
import pytest
from pyramid.httpexceptions import HTTPFound
from pyramid.testing import DummyRequest, DummyResource
from .. import ( # noqa: F401
app_config,
dbsession,
get_example_user,
get_post_request
)
def test_forgotten_password_form():
''' test the view for the forgotten password form '''
from ordr.resources.account import PasswordResetResource
from ordr.views.forgotten_password import forgotten_password_form
request = DummyRequest()
parent = DummyResource(request=request)
context = PasswordResetResource(name=None, parent=parent)
result = forgotten_password_form(context, None)
assert result == {'formerror': False}
@pytest.mark.parametrize( # noqa: F811
'identifier',
['TerryGilliam', 'gilliam@example.com', 'Gilliam@Example.com']
)
def test_forgotten_password_processing_ok(dbsession, identifier):
''' test the processing of the forgotten password form '''
from ordr.models.account import Role, TokenSubject
from ordr.resources.account import PasswordResetResource
from ordr.views.forgotten_password import (
forgotten_password_form_processing
)
user = get_example_user(Role.USER)
dbsession.add(user)
dbsession.flush()
post_data = {
'identifier': identifier,
'send_mail': 'send_mail',
}
request = DummyRequest(dbsession=dbsession, POST=post_data)
parent = DummyResource(request=request)
context = PasswordResetResource(name=None, parent=parent)
result = forgotten_password_form_processing(context, request)
assert isinstance(result, HTTPFound)
assert result.location == 'http://example.com//verify'
# a token should be created
token = user.tokens[0]
assert token.subject == TokenSubject.RESET_PASSWORD
# a verification email should be sent
# this is tested in the functional test since request.registry.notify
# doesn't know about event subscribers in the unittest
@pytest.mark.parametrize( # noqa: F811
'identifier',
['', 'GrahamChapman', 'unknown@example.com']
)
def test_forgotten_password_processing_not_ok(dbsession, identifier):
''' test error processing of the forgotten password form '''
from ordr.models.account import Role, Token
from ordr.resources.account import PasswordResetResource
from ordr.views.forgotten_password import (
forgotten_password_form_processing
)
user = get_example_user(Role.UNVALIDATED)
dbsession.add(user)
dbsession.flush()
post_data = {
'identifier': identifier,
'send_mail': 'send_mail',
}
request = DummyRequest(dbsession=dbsession, POST=post_data)
parent = DummyResource(request=request)
context = PasswordResetResource(name=None, parent=parent)
result = forgotten_password_form_processing(context, request)
assert result == {'formerror': True}
assert dbsession.query(Token).count() == 0
def test_forgotten_password_processing_cancel(dbsession): # noqa: F811
''' test the canceling of the forgotten password form '''
from ordr.models.account import Token
from ordr.resources.account import PasswordResetResource
from ordr.views.forgotten_password import (
forgotten_password_form_processing
)
post_data = {
'identifier': 'TerryGilliam',
'cancel': 'cancel',
}
request = DummyRequest(dbsession=dbsession, POST=post_data)
parent = DummyResource(request=request)
context = PasswordResetResource(name=None, parent=parent)
result = forgotten_password_form_processing(context, request)
assert isinstance(result, HTTPFound)
assert result.location == 'http://example.com//'
assert dbsession.query(Token).count() == 0
def test_verify():
''' test the message view for check your email '''
from ordr.views.forgotten_password import verify
result = verify(None, None)
assert result == {}
def test_completed():
''' test the view for a completed reset process '''
from ordr.views.forgotten_password import completed
result = completed(None, None)
assert result == {}
def test_reset_password_form():
''' test reset password form view '''
from ordr.resources.account import PasswordResetTokenResource
from ordr.schemas.account import ResetPasswordSchema
from ordr.views.forgotten_password import reset_password_form
request = DummyRequest()
parent = DummyResource(request=request)
context = PasswordResetTokenResource(name=None, parent=parent)
result = reset_password_form(context, None)
form = result['form']
assert isinstance(form, deform.Form)
assert isinstance(form.schema, ResetPasswordSchema)
def test_reset_password_form_processing_valid(dbsession): # noqa: F811
''' test reset password form processing '''
from ordr.models.account import User, Role, Token, TokenSubject
from ordr.resources.account import PasswordResetTokenResource
from ordr.views.forgotten_password import reset_password_form_processing
data = {
'__start__': 'password:mapping',
'password': 'Lost in La Mancha',
'password-confirm': 'Lost in La Mancha',
'__end__': 'password:mapping',
'change': 'Set New Password'
}
request = get_post_request(dbsession, data)
user = get_example_user(Role.USER)
dbsession.add(user)
user.issue_token(request, TokenSubject.RESET_PASSWORD)
dbsession.flush()
token = dbsession.query(Token).first()
parent = DummyResource(request=request)
context = PasswordResetTokenResource(name=None, parent=parent, model=token)
result = reset_password_form_processing(context, request)
# return value of function call
assert isinstance(result, HTTPFound)
assert result.location == 'http://example.com/completed'
# password of the user should be updated
user = dbsession.query(User).filter_by(username='TerryGilliam').first()
assert user.check_password('Lost in La Mancha')
token_count = dbsession.query(Token).count()
assert token_count == 0
def test_reset_password_form_processing_invalid_data(dbsession): # noqa: F811
''' test reset password form processing '''
from ordr.models.account import Role, Token, TokenSubject
from ordr.resources.account import PasswordResetTokenResource
from ordr.schemas.account import ResetPasswordSchema
from ordr.views.forgotten_password import reset_password_form_processing
data = {
'__start__': 'password:mapping',
'password': 'does not match',
'password-confirm': 'the confirmation',
'__end__': 'password:mapping',
'change': 'Set New Password'
}
request = get_post_request(dbsession, data)
user = get_example_user(Role.USER)
dbsession.add(user)
user.issue_token(request, TokenSubject.RESET_PASSWORD)
dbsession.flush()
token = dbsession.query(Token).first()
parent = DummyResource(request=request)
context = PasswordResetTokenResource(name=None, parent=parent, model=token)
result = reset_password_form_processing(context, request)
form = result['form']
assert isinstance(form, deform.Form)
assert isinstance(form.schema, ResetPasswordSchema)
def test_reset_password_form_processing_cancel(dbsession): # noqa: F811
''' test reset password form processing '''
from ordr.models.account import Role, Token, TokenSubject
from ordr.resources.account import PasswordResetTokenResource
from ordr.views.forgotten_password import reset_password_form_processing
data = {
'__start__': 'password:mapping',
'password': 'Lost in La Mancha',
'password-confirm': 'Lost in La Mancha',
'__end__': 'password:mapping',
'cancel': 'Cancel'
}
request = get_post_request(dbsession, data)
user = get_example_user(Role.USER)
dbsession.add(user)
user.issue_token(request, TokenSubject.RESET_PASSWORD)
dbsession.flush()
token = dbsession.query(Token).first()
parent = DummyResource(request=request)
context = PasswordResetTokenResource(name=None, parent=parent, model=token)
result = reset_password_form_processing(context, request)
assert isinstance(result, HTTPFound)
assert result.location == 'http://example.com//'