def test_moderator_role(self):
u = User(username='******',
email='*****@*****.**',
password='******')
u.role_id = 2
self.assertTrue(u.can(Permission.MODERATE))
self.assertFalse(u.can(Permission.ADMIN))
def test_password(self):
u = User(username='******',
email='*****@*****.**',
password='******')
self.assertTrue(u.password_hash is not None)
self.assertTrue(u.check_password('password'))
self.assertFalse(u.check_password('fake_password'))
def test_token_auth(self):
# add a user
u = User(username='******',
email='*****@*****.**',
password='******')
u.confirmed = True
db.session.add(u)
db.session.commit()
# issue a request with a bad token
response = self.client.get(url_for('api.view_user_costs'),
headers=self.get_api_headers(
'bad-token', ''))
self.assertTrue(response.status_code == 401)
# get a token
response = self.client.get(url_for('api.view_user_costs'),
headers=self.get_api_headers(
'*****@*****.**', 'password'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('token'))
token = json_response['token']
# issue a request with the token
response = self.client.get(url_for('api.view_user_costs'),
headers=self.get_api_headers(token, ''))
self.assertTrue(response.status_code == 200)
def testInsert(self):
st = time.time()
u = User(login='******', password='******')
u.save()
print(time.time() - st)
assert True
def test_password_hash(self):
u = User(username='******',
email='*****@*****.**',
password='******')
u2 = User(username='******',
email='*****@*****.**',
password='******')
self.assertTrue(u.password_hash != u2.password_hash)
def test_to_json(self):
u = User(username='******',
email='*****@*****.**',
password='******')
db.session.add(u)
db.session.commit()
json_user = u.to_json()
expected_keys = ['url', 'username', 'role', 'groups']
self.assertEqual(sorted(json_user), sorted(expected_keys))
self.assertTrue('api/users' in json_user['url'])
def test_groups(self):
# add a user
u = User(username='******',
email='*****@*****.**',
password='******')
u.confirmed = True
db.session.add(u)
db.session.commit()
# create invalid test group
response = self.client.post(url_for('api.create_group'),
headers=self.get_api_headers(
'*****@*****.**', 'password'),
data=json.dumps({'name': ''}))
self.assertTrue(response.status_code == 400)
# create valid group
response = self.client.post(url_for('api.create_group'),
headers=self.get_api_headers(
'*****@*****.**', 'password'),
data=json.dumps({'name': 'test_api'}))
self.assertTrue(response.status_code == 201)
url = response.headers.get('url')
self.assertIsNotNone(url)
# test response of creation group api
response = self.client.get(url,
headers=self.get_api_headers(
'*****@*****.**', 'password'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['url'] == url)
self.assertTrue(json_response['name'] == 'test_api')
json_group = json_response
# create invalid memberships
response = self.client.post(url_for('api.membership'),
headers=self.get_api_headers(
'*****@*****.**', 'password'),
data=json.dumps({
'wrong': 1,
'group_id': 2
}))
self.assertTrue(response.status_code == 400)
# create valid memberships
response = self.client.post(url_for('api.create_group'),
headers=self.get_api_headers(
'*****@*****.**', 'password'),
data=json.dumps({
'user_id': 1,
'group_id': 1
}))
self.assertTrue(response.status_code == 201)
def deploy():
"""Run deployment tasks."""
from flask_migrate import upgrade
from main_app.models import Role, User
# migrate database to latest revision
upgrade()
# create user roles
Role.insert_roles()
# create self-follows for all users
User.add_self_follows()
def check_user_exist(user, createNew=False):
"""Check if a user exists. If the user doesn't exist, create a new one"""
user_query_result = User.objects.filter(user_id=user.id)
if not user_query_result.exists():
if not createNew:
return False
user_settings = UserSettings()
user_settings.save()
result_user = User(user_id=user.id, username=user.username, settings=user_settings)
result_user.save()
else:
result_user = user_query_result.first()
return result_user
def signup():
if current_user.is_anonymous:
form = RegistrationForm()
if form.validate_on_submit():
if User.query.filter_by(username=form.username.data).first(
) or User.query.filter_by(email=form.email.data).first():
flash("The username or the email has already been registered")
else:
user = User(username=form.username.data.strip(),
email=form.email.data.strip(),
password=form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(
url_for('core.index')
) #to be changed to the main chatting page when created
errors = []
[
errors.append(x) for x in form.username.errors +
form.email.errors + form.password.errors + form.pass_confirm.errors
]
return render_template('signup.html', form=form, errors=errors)
else:
abort(404)
def register_page():
title = "Register"
if current_user.is_authenticated:
return redirect(url_for('home_page'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash('Congratulations, you are now registered!!!')
return redirect(url_for('login_page'))
return render_template('register.html', title=title, form=form)
class LoginTest(TestCase):
def setUp(self):
self.user = User(login='******', password='******')
self.user.save()
def testExists(self):
self.assertEqual(User.objects.get(login='******', password='******'),
self.user)
self.assertFalse(
User.objects.filter(login='******', password='******').exists(),
False)
def testInsert(self):
st = time.time()
u = User(login='******', password='******')
u.save()
print(time.time() - st)
assert True
def create_db_command():
create_db()
find_user = User.query.filter_by(username="******").first()
if not find_user:
user = User(username="******",
password="******")
db.session.add(user)
db.session.commit()
else:
print("User already exists!")
def register():
data = dict(request.form)
user, errors = User.register(data)
if user:
login_user(user)
return redirect(url_for('index'))
for error in errors:
flash(error)
return render_template('auth/register.html',
title='Регистрация',
params=request.form)
def post(self, request, **kwargs):
fname = request.POST.get('fname').strip()
lname = request.POST.get('lname').strip()
gender = request.POST.get('gender')
login = request.POST.get('login').strip()
email = request.POST.get('email').strip()
phone = request.POST.get('phone').strip()
password = request.POST.get('password').strip()
rpassword = request.POST.get('rep-password').strip()
try:
photo = request.FILES['photo']
except:
if gender is None or gender == 'm':
photo = '/main_app/img/male.jpg'
else:
photo = '/main_app/img/female.png'
if User.objects.filter(login=login).first() is not None:
return render(request, "main_app/registration.html",
{'error': 'Login is not unique'})
if password != rpassword:
return render(request, "main_app/registration.html",
{'error': 'Passwords should match'})
u = User(fname=fname,
lname=lname,
gender=gender,
login=login,
email=email,
phone=phone,
password=password,
photo=photo)
u.save()
request.session['user'] = u.pk
user_details = UserLearningDetail(user=u)
user_details.save()
return redirect('/first_test')
def test_confirmation_token(self):
u = User(username='******',
email='*****@*****.**',
password='******')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token()
self.assertTrue(u.confirm(token))
u2 = User(username='******',
email='*****@*****.**',
password='******')
db.session.add(u2)
db.session.commit()
self.assertFalse(u2.confirm(token))
# test expiration confirmation token
token = u2.generate_confirmation_token(expiration=1)
sleep(2)
self.assertFalse(u2.confirm(token))
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data,
username=form.username.data,
password=form.password.data)
try:
db.session.add(user)
db.session.commit()
except IntegrityError:
return render_template('register.html', form=form)
token = user.generate_reset_token()
send_mail(user.email,
'Confirm Your Account',
'confirm',
user=user,
token=token)
flash('Thank you for the registration')
return redirect(url_for('users.login'))
return render_template('register.html', form=form)
def test_bad_auth(self):
# add a user
u = User(username='******',
email='*****@*****.**',
password='******')
db.session.add(u)
db.session.commit()
# authenticate with bad password
response = self.client.get(url_for('api.view_user_costs'),
headers=self.get_api_headers(
'username', 'password'))
self.assertTrue(response.status_code == 401)
def test_unconfirmed_account(self):
# add an unconfirmed user
u = User(username='******',
email='*****@*****.**',
password='******')
db.session.add(u)
db.session.commit()
# get list of posts with the unconfirmed account
response = self.client.get(url_for('api.view_user_costs'),
headers=self.get_api_headers(
'*****@*****.**', 'password'))
self.assertTrue(response.status_code == 403)
def signup():
if current_user.is_anonymous:
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data,
password=form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('core.index'))
return render_template('signup.html', form=form)
else:
abort(404)
def add_account(request):
form = AddAccountForm(request.POST,
req_user_dcode=request.user.Ins_ID.Dcode)
context = {
'form': form,
}
if form.is_valid():
if re.match(r'[A-Za-z0-9]{8,}', form.cleaned_data['password']):
user = User(
Ins_ID=form.cleaned_data['instructor'],
password=make_password(form.cleaned_data['password']),
)
user.save()
user = User.objects.get(
Ins_ID=form.cleaned_data['instructor']) # Email
# message = """
# Dear: {}
# An account has been created for you.
# password: {}
# Examination Control Committee""".format(
# form.cleaned_data['instructor'], form.cleaned_data['password'])
# mail_thread = Thread(target=send_mail, args=(message, [user.Ins_ID.Email]))
# mail_thread.start()
# sms_thread = Thread(target=send_sms, args=(message,))
# sms_thread.start()
messages.success(
request,
'Successfully created account: {}'.format(user.Ins_ID))
return HttpResponseRedirect('/hod/ManageAccounts')
else:
messages.error(
request,
'Password should be a combination of Alphabets and Numbers and more than 8 characters'
)
return HttpResponseRedirect('/hod/ManageAccounts')
return render(request, 'hod/cud/AddAccount.html', context)
def demo_register():
form = DemoRegForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
db.session.add(user)
db.session.commit()
return redirect(url_for('users.login'))
return render_template('demo_register.html',
title='Demo Register',
form=form)
def handle(self, *args, **kwargs):
new_users = [
User(login=random_login(),
password=random_password(),
full_name=random_name(),
rights=kwargs['rights']) for i in range(kwargs['number'])
]
User.objects.bulk_create(new_users)
if kwargs['save']:
if 'filename' in kwargs:
self.save_users(new_users, fn=kwargs['filename'])
else:
self.save_users(new_users)
def handle(self, *args, **options):
if User.objects.exists() or Posting.objects.exists() or RidePosting.objects.exists() \
or ItemPosting.objects.exists() or Comment.objects.exists():
print('Data already loaded...exiting.')
return
print("Proceeding to add data")
print("Adding user data")
for row in DictReader(open('./test_user_data_01.csv')):
user = User()
user.name = row['Name']
user.email = row['Email']
user.role = row['role']
user.save()
def register():
# if current_user.is_authenticated:
# return redirect(url_for('Requests'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
db.session.add(user)
db.session.commit()
flash('Your account has been created! You are now able to log in',
'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
def test_follow(self):
u1 = User(username='******', email="*****@*****.**")
u2 = User(username='******', email="*****@*****.**")
db.session.add(u1)
db.session.add(u2)
db.session.commit()
self.assertEqual(u1.followed.all(), [])
self.assertEqual(u1.followers.all(), [])
u1.follow(u2)
db.session.commit()
self.assertTrue(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 1)
self.assertEqual(u1.followed.first().username, 'sam')
self.assertEqual(u2.followers.count(), 1)
self.assertEqual(u2.followers.first().username, 'susan')
u1.unfollow(u2)
db.session.commit()
self.assertFalse(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 0)
self.assertEqual(u2.followers.count(), 0)
def register():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegistrationForm() #Create instance
#register first time user in the database, with the password in the hashed
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
db.session.add(user)
db.session.commit()
flash(
'Your Account has been created. You can now log in for {}'.format(
form.username.data), 'success')
return redirect(url_for('login'))
return render_template('register.html', title='register', form=form)
def register_logic(request):
info = request.GET
username = info.get('username')
psw = info.get('psw')
User(username=username, password=psw).save()
return redirect('login_page')
def setUp(self):
self.user = User(login='******', password='******')
self.user.save()
def setUp(self):
u = User(login='******', password='******')
u.save()
self.wd = WebDriver()