def test_change_password(logger, mongodb):
"""The the single call to change a users password.
"""
username = '******'
plain_pw = '1234567890'
confirm_plain_pw = '1234567890'
new_plain_pw = '0987654321'
assert user.count() == 0
assert user.find(username=username) == []
with pytest.raises(user.UserNotFoundError):
# The user isn't present to recover
user.change_password(
username,
plain_pw,
confirm_plain_pw,
new_plain_pw
)
# Add the user:
user_dict = dict(
username=username,
password=plain_pw,
display_name='Bob Sprocket',
email='*****@*****.**',
)
item1 = user.add(**user_dict)
is_valid = pwtools.validate_password(plain_pw, item1['password_hash'])
assert is_valid is True
# Now change the password
user.change_password(
username,
plain_pw,
confirm_plain_pw,
new_plain_pw
)
item2 = user.get(username)
# old password is not valid:
is_valid = pwtools.validate_password(plain_pw, item2['password_hash'])
assert is_valid is False
is_valid = pwtools.validate_password(
new_plain_pw, item2['password_hash']
)
assert is_valid is True
def user_add(request):
"""Add a new user to the system when the data is PUT to the server.
The user dict that's posted must validate against
userdata.creation_required_fields(user_data).
"""
log = get_log("user_add")
user_data = request.json_body
log.debug(
"Validating new user<{}>: {!r}".format(type(user_data), user_data)
)
user_data = userdata.creation_required_fields(user_data)
rc = user.add(**user_data)
return rc
def test_unicode_fields(logger, mongodb):
"""Test the entry of unicode username, email, display name.
"""
username = u'andrés.bolívar'
assert user.count() == 0
assert user.find(username=username) == []
plain_pw = u'í12345í67890é'
user_dict = dict(
username=username,
password=plain_pw,
display_name=u'Andrés Plácido Bolívar',
email=u'andrés.bolí[email protected]',
phone=u''
)
item1 = user.add(**user_dict)
# Check the password is converted into a hashed password correctly:
is_validate = pwtools.validate_password(
plain_pw, item1['password_hash']
)
assert is_validate is True
# Try recoving by username, display_name, etc
#
for field in user_dict:
if field == "password":
# skip, no such thing as find via password.
continue
items = user.find(**{field: user_dict[field]})
assert items == [item1]
item1 = items[0]
assert item1['username'] == user_dict['username']
assert item1['display_name'] == user_dict['display_name']
assert item1['email'] == user_dict['email']
assert item1['phone'] == user_dict['phone']
def testBasicCRUD(logger, mongodb):
"""Test the basic add and get method
"""
username = '******'
assert user.count() == 0
assert user.find(username=username) == []
# Test I cannot add a user if I don't provide either a
# password or a password_hash
#
user_dict = dict(
username=username,
# Not provied password or password hash
#password='******',
)
with pytest.raises(user.UserAddError):
user.add(**user_dict)
plain_pw = '1234567890'
user_dict = dict(
username=username,
password=plain_pw,
display_name='Bob Sprocket',
email='*****@*****.**',
phone='9876543210'
)
item1 = user.add(**user_dict)
# The password is hashed and then stored as password_hash. The password
# it removed and never stored.
assert "password" not in item1
# Check the password is converted into a hashed password correctly:
is_validate = pwtools.validate_password(
plain_pw, item1['password_hash']
)
assert is_validate is True
# Make sure I cannot add the same username again:
with pytest.raises(user.UserPresentError):
user.add(**user_dict)
assert user.find(username=username) == [item1]
assert user.has(username) is True
assert user.count() == 1
item2 = user.get(username)
assert item2["username"] == user_dict['username']
assert item2['display_name'] == user_dict['display_name']
assert item2['email'] == user_dict['email']
assert item2['phone'] == user_dict['phone']
user.remove(item2['username'])
assert user.count() == 0
assert user.has(item2['username']) is False
with pytest.raises(user.UserRemoveError):
user.remove(item2['username'])
def testExtraField(logger, mongodb):
"""Test the arbitrary dic that can be used to store useful fields
per user.
"""
username = '******'
plain_pw = '1234567890'
assert user.count() == 0
assert user.find(username=username) == []
user_dict = dict(
username=username,
password=plain_pw,
display_name='Bob Sprocket',
email='*****@*****.**',
phone='9876543210'
)
item1 = user.add(**user_dict)
# Make sure I cannot add the same username again:
with pytest.raises(user.UserPresentError):
user.add(**user_dict)
assert user.find(username=username) == [item1]
assert user.has(username) is True
assert user.count() == 1
item2 = user.get(username)
assert item2['username'] == user_dict['username']
assert item2['display_name'] == user_dict['display_name']
is_validate = pwtools.validate_password(
plain_pw, item1['password_hash']
)
assert is_validate is True
is_validate = pwtools.validate_password(
"not the right one", item1['password_hash']
)
assert is_validate is False
assert item2['email'] == user_dict['email']
assert item2['phone'] == user_dict['phone']
# Now update all the user fields that can be changed
# and add some extra data to the arbitrary fields:
#
oauth_tokens = dict(
# Some pretend googleservice oauth data:
googleauth=dict(
request_token="1234567890",
)
)
user_dict = dict(
username=username,
# change the password. new_password will be hashed and
# its has stored as password_hash:
new_password="******",
display_name='Bobby',
email='*****@*****.**',
phone='12121212',
oauth_tokens=oauth_tokens,
cats='big',
teatime=1,
)
user.update(**user_dict)
item2 = user.get(username)
assert item2['username'] == user_dict['username']
assert item2['display_name'] == user_dict['display_name']
is_validate = pwtools.validate_password(
"ifidexmemwb", item2['password_hash']
)
assert is_validate is True
is_validate = pwtools.validate_password(
plain_pw, item2['password_hash']
)
assert is_validate is False
is_validate = pwtools.validate_password(
"not the right one", item1['password_hash']
)
assert is_validate is False
assert item2['email'] == user_dict['email']
assert item2['phone'] == user_dict['phone']
assert item2['oauth_tokens'] == oauth_tokens
assert item2['cats'] == 'big'
assert item2['teatime'] == 1