You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
290 lines
9.5 KiB
290 lines
9.5 KiB
''' Tests for the account resources ''' |
|
|
|
import pytest |
|
|
|
from pyramid.testing import DummyRequest, DummyResource |
|
|
|
from .. import app_config, dbsession, get_example_user # noqa: F401 |
|
|
|
|
|
def test_registration_token_acl(): |
|
''' test access controll list for RegistrationTokenResource ''' |
|
from pyramid.security import Allow, Everyone, DENY_ALL |
|
from ordr.resources.account import RegistrationTokenResource |
|
|
|
parent = DummyResource(request='request') |
|
resource = RegistrationTokenResource('name', parent) |
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'view'), DENY_ALL] |
|
|
|
|
|
def test_registration_acl(): |
|
''' test access controll list for RegistrationResource ''' |
|
from pyramid.security import Allow, Everyone, DENY_ALL |
|
from ordr.resources.account import RegistrationResource |
|
|
|
parent = DummyResource(request='request') |
|
resource = RegistrationResource('a name', parent) |
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'view'), DENY_ALL] |
|
|
|
|
|
def test_registration_get_registration_form(): |
|
''' test 'get_registration_form()' method of RegistrationResource ''' |
|
from ordr.resources.account import RegistrationResource |
|
import deform |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
resource = RegistrationResource('a name', parent) |
|
form = resource.get_registration_form() |
|
|
|
assert isinstance(form, deform.Form) |
|
assert len(form.buttons) == 2 |
|
assert form.buttons[0].title == 'Create Account' |
|
assert form.buttons[1].title == 'Cancel' |
|
|
|
|
|
def test_registration_getitem_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method returns child resource ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import ( |
|
RegistrationResource, |
|
RegistrationTokenResource |
|
) |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
token = user.issue_token(request, TokenSubject.REGISTRATION) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = RegistrationResource('a name', parent) |
|
result = resource[token.hash] |
|
|
|
assert isinstance(result, RegistrationTokenResource) |
|
assert result.__name__ == token.hash |
|
assert result.__parent__ == resource |
|
assert result.model == token |
|
|
|
|
|
def test_registration_getitem_not_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method raises KeyError ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import RegistrationResource |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
user.issue_token(request, TokenSubject.REGISTRATION) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = RegistrationResource('a name', parent) |
|
|
|
with pytest.raises(KeyError): |
|
resource['unknown hash'] |
|
|
|
|
|
def test_password_reset_token_acl(): |
|
''' test access controll list for PasswordResetTokenResource ''' |
|
from pyramid.security import Allow, Everyone, DENY_ALL |
|
from ordr.resources.account import PasswordResetTokenResource |
|
|
|
parent = DummyResource(request='request') |
|
resource = PasswordResetTokenResource('name', parent) |
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'view'), DENY_ALL] |
|
|
|
|
|
def test_password_reset_token_get_reset_form(): |
|
''' test the setup of the password reset form''' |
|
from ordr.resources.account import PasswordResetTokenResource |
|
import deform |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
resource = PasswordResetTokenResource('some name', parent) |
|
form = resource.get_reset_form() |
|
|
|
assert isinstance(form, deform.Form) |
|
assert len(form.buttons) == 2 |
|
assert form.buttons[0].title == 'Set New Password' |
|
assert form.buttons[1].title == 'Cancel' |
|
|
|
|
|
def test_password_reset_acl(): |
|
''' test access controll list for PasswordResetResource ''' |
|
from pyramid.security import Allow, Everyone, DENY_ALL |
|
from ordr.resources.account import PasswordResetResource |
|
|
|
parent = DummyResource(request='request') |
|
resource = PasswordResetResource('a name', parent) |
|
|
|
assert resource.__acl__() == [(Allow, Everyone, 'view'), DENY_ALL] |
|
|
|
|
|
def test_password_reset_getitem_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method returns child resource ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import ( |
|
PasswordResetResource, |
|
PasswordResetTokenResource |
|
) |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
token = user.issue_token(request, TokenSubject.RESET_PASSWORD) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = PasswordResetResource('a name', parent) |
|
result = resource[token.hash] |
|
|
|
assert isinstance(result, PasswordResetTokenResource) |
|
assert result.__name__ == token.hash |
|
assert result.__parent__ == resource |
|
assert result.model == token |
|
|
|
|
|
def test_password_reset_getitem_not_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method raises KeyError ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import PasswordResetResource |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
user.issue_token(request, TokenSubject.RESET_PASSWORD) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = PasswordResetResource('a name', parent) |
|
|
|
with pytest.raises(KeyError): |
|
resource['unknown hash'] |
|
|
|
|
|
def test_change_email_reset_token_acl(dbsession): # noqa: F811 |
|
''' test access controll list for PasswordResetTokenResource ''' |
|
from pyramid.security import Allow, DENY_ALL |
|
from ordr.models.account import Role, Token, TokenSubject |
|
from ordr.resources.account import ChangeEmailTokenResource |
|
|
|
request = DummyRequest() |
|
|
|
user = get_example_user(Role.USER) |
|
dbsession.add(user) |
|
user.issue_token(request, TokenSubject.CHANGE_EMAIL) |
|
dbsession.flush() |
|
token = dbsession.query(Token).first() |
|
|
|
parent = DummyResource(request='request') |
|
resource = ChangeEmailTokenResource('name', parent, model=token) |
|
|
|
assert resource.__acl__() == [(Allow, 'user:3', 'edit'), DENY_ALL] |
|
|
|
|
|
def test_account_resource_set_model_from_request(): |
|
''' test access controll list for PasswordResetResource ''' |
|
from ordr.resources.account import AccountResource |
|
|
|
request = DummyRequest(user='Amy McDonald') |
|
parent = DummyResource(request=request) |
|
resource = AccountResource('a name', parent) |
|
|
|
assert resource.model == 'Amy McDonald' |
|
|
|
|
|
def test_account_resource_acl(): |
|
''' test access controll list for PasswordResetResource ''' |
|
from pyramid.security import Allow, Authenticated, DENY_ALL |
|
from ordr.resources.account import AccountResource |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
resource = AccountResource('a name', parent) |
|
|
|
assert resource.__acl__() == [(Allow, Authenticated, 'edit'), DENY_ALL] |
|
|
|
|
|
def test_account_resource_getitem_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method returns child resource ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import ( |
|
AccountResource, |
|
ChangeEmailTokenResource |
|
) |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
token = user.issue_token(request, TokenSubject.CHANGE_EMAIL) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = AccountResource('a name', parent) |
|
result = resource[token.hash] |
|
|
|
assert isinstance(result, ChangeEmailTokenResource) |
|
assert result.__name__ == token.hash |
|
assert result.__parent__ == resource |
|
assert result.model == token |
|
|
|
|
|
def test_account_resource_getitem_not_found(dbsession): # noqa: F811 |
|
''' test '__getitem__()' method raises KeyError ''' |
|
from ordr.models.account import Role, TokenSubject |
|
from ordr.resources.account import AccountResource |
|
|
|
request = DummyRequest(dbsession=dbsession) |
|
|
|
user = get_example_user(Role.NEW) |
|
user.issue_token(request, TokenSubject.CHANGE_EMAIL) |
|
dbsession.add(user) |
|
dbsession.flush() |
|
|
|
parent = DummyResource(request=request) |
|
resource = AccountResource('a name', parent) |
|
|
|
with pytest.raises(KeyError): |
|
resource['unknown hash'] |
|
|
|
|
|
def test_account_resource_get_settings_form(): |
|
''' test the setup of the settings form''' |
|
from ordr.resources.account import AccountResource |
|
import deform |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
resource = AccountResource('some name', parent) |
|
form = resource.get_settings_form() |
|
|
|
assert isinstance(form, deform.Form) |
|
assert len(form.buttons) == 2 |
|
assert form.buttons[0].title == 'Change Settings' |
|
assert form.buttons[1].title == 'Cancel' |
|
|
|
|
|
def test_account_resource_get_password_form(): |
|
''' test the setup of the change password form''' |
|
from ordr.resources.account import AccountResource |
|
import deform |
|
|
|
request = DummyRequest() |
|
parent = DummyResource(request=request) |
|
resource = AccountResource('some name', parent) |
|
form = resource.get_password_form() |
|
|
|
assert isinstance(form, deform.Form) |
|
assert len(form.buttons) == 2 |
|
assert form.buttons[0].title == 'Change Password' |
|
assert form.buttons[1].title == 'Cancel'
|
|
|