You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
190 lines
5.9 KiB
190 lines
5.9 KiB
''' Tests for ordr2.views.account ''' |
|
|
|
import deform |
|
import pytest |
|
|
|
from pyramid.httpexceptions import HTTPFound |
|
from pyramid.testing import DummyRequest, DummyResource |
|
from pyramid_mailer import get_mailer |
|
from webob.multidict import MultiDict |
|
|
|
from .. import app_config, dbsession, get_user, create_users, set_deform_data |
|
|
|
|
|
REGISTRATION_FORM_DATA = MultiDict([ |
|
('username', 'AmyMcDonald'), |
|
('first_name', 'Amy'), |
|
('last_name', 'McDonald'), |
|
('email', 'mcdonald@example.com'), |
|
('__start__', 'password:mapping'), |
|
('password', 'Amy'), |
|
('password-confirm', 'Amy'), |
|
('__end__', 'password:mapping'), |
|
]) |
|
|
|
|
|
@pytest.mark.parametrize('rolename', ['user', 'purchaser', 'admin']) |
|
def test_account_login_active_users(dbsession, rolename): |
|
''' login ok for active users ''' |
|
from ordr2.views.account import login |
|
create_users(dbsession) |
|
|
|
user = get_user(rolename) |
|
request = DummyRequest( |
|
dbsession=dbsession, |
|
post={ |
|
'username': user.username, |
|
'password': user.first_name |
|
} |
|
) |
|
result = login(None, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == '//orders' |
|
|
|
|
|
@pytest.mark.parametrize('rolename', ['unvalidated', 'new', 'inactive']) |
|
def test_account_login_fails_inactive_users(dbsession, rolename): |
|
''' login fails for inactive users ''' |
|
from ordr2.views.account import login |
|
create_users(dbsession) |
|
|
|
user = get_user(rolename) |
|
request = DummyRequest( |
|
dbsession=dbsession, |
|
post={ |
|
'username': user.username, |
|
'password': user.first_name |
|
} |
|
) |
|
result = login(None, request) |
|
|
|
assert result == {} |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'username, password', [ |
|
('EricIdle', 'wrong password'), |
|
('unknown user', 'Eric'), |
|
('unknown user', 'wrong password'), |
|
('', '') |
|
] |
|
) |
|
def test_account_login_fails_wrong_credentials(dbsession, username, password): |
|
''' login fails for unknown or wrong credentials ''' |
|
from ordr2.views.account import login |
|
create_users(dbsession) |
|
|
|
request = DummyRequest( |
|
dbsession=dbsession, |
|
post={ |
|
'username': username, |
|
'password': password |
|
} |
|
) |
|
result = login(None, request) |
|
|
|
assert result == {} |
|
|
|
|
|
def test_logout(app_config): |
|
''' logout works ''' |
|
from ordr2.views.account import logout |
|
user = get_user('admin') |
|
|
|
request = DummyRequest(user=user) |
|
result = logout(None, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com//' |
|
|
|
|
|
def test_registration_form(app_config): |
|
''' registration form ''' |
|
from ordr2.views.account import registration_form |
|
|
|
request = DummyRequest() |
|
context = DummyResource() |
|
result = registration_form(context, request) |
|
|
|
assert isinstance(result['form'], deform.Form) |
|
|
|
|
|
def test_registration_form_processing_ok(dbsession): |
|
''' registration form processing with valid data''' |
|
from ordr2.models.account import User, Role, TokenSubject |
|
from ordr2.views.account import registration_form_processing |
|
|
|
user = get_user('user') # intentionally not added to database |
|
context = DummyResource(model=user) |
|
request = DummyRequest(dbsession=dbsession, context=context) |
|
set_deform_data(request, REGISTRATION_FORM_DATA) |
|
result = registration_form_processing(context, request) |
|
|
|
# return value of function call |
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com/registered' |
|
|
|
# user should be added to database |
|
user = dbsession.query(User).first() |
|
assert user.username == REGISTRATION_FORM_DATA['username'] |
|
assert user.first_name == REGISTRATION_FORM_DATA['first_name'] |
|
assert user.last_name == REGISTRATION_FORM_DATA['last_name'] |
|
assert user.email == REGISTRATION_FORM_DATA['email'] |
|
assert user.check_password(REGISTRATION_FORM_DATA['password']) |
|
assert user.role == Role.UNVALIDATED |
|
|
|
# a token should be created |
|
token = user.tokens[0] |
|
assert token.subject == TokenSubject.USER_REGISTRATION |
|
|
|
# and a verification email should be sent |
|
# mailer = get_mailer(request.registry) |
|
# last_mail = mailer.outbox[-1] |
|
# assert 'Please verify your email address ' in last_mail.html |
|
# assert 'http://example.com/' + token.hash in last_mail.html |
|
|
|
|
|
def test_registration_form_processing_cancel(app_config): |
|
''' canceling registration form processing ''' |
|
from ordr2.models.account import User, Role, TokenSubject |
|
from ordr2.views.account import registration_form_processing |
|
|
|
user = get_user('user') # intentionally not added to database |
|
context = DummyResource(model=user) |
|
request = DummyRequest(dbsession=dbsession, context=context) |
|
set_deform_data(request, REGISTRATION_FORM_DATA, {'Cancel': 'Cancel'}) |
|
result = registration_form_processing(context, request) |
|
|
|
assert isinstance(result, HTTPFound) |
|
assert result.location == 'http://example.com//' |
|
|
|
|
|
@pytest.mark.parametrize( |
|
'key,value', [ |
|
('username', ''), |
|
('username', 'TerryGilliam'), |
|
('first_name', ''), |
|
('last_name', ''), |
|
('email', ''), |
|
('email', 'no email'), |
|
('email', 'gilliam@example.com'), |
|
('password', ''), |
|
('password-confirm', ''), |
|
('password-confirm', 'no match') |
|
] |
|
) |
|
def test_registration_form_processing_validation_error(dbsession, key, value): |
|
''' registration form processing with valid data''' |
|
from ordr2.models.account import User, Role, TokenSubject |
|
from ordr2.views.account import registration_form_processing |
|
|
|
admin = get_user('user') |
|
dbsession.add(admin) |
|
context = DummyResource(model=get_user('admin')) |
|
request = DummyRequest(dbsession=dbsession, context=context) |
|
set_deform_data(request, REGISTRATION_FORM_DATA, {key: value}) |
|
result = registration_form_processing(context, request) |
|
|
|
# return value of function call |
|
assert isinstance(result['form'], deform.Form)
|
|
|