def test_reset_confirm_pin_with_good_pin(self):
uuid = 'reset_confirm_pin_good_pin'
new_pin = '1122'
client.create_buyer(uuid, self.pin)
client.set_new_pin(uuid, new_pin)
assert client.reset_confirm_pin(uuid, new_pin)
assert client.verify_pin(uuid, new_pin)
def test_set_new_pin_for_reset_with_alpha_pin(self):
uuid = 'set_new_pin_for_reset_with_alpha_pin'
client.create_buyer(uuid, self.pin)
res = client.set_new_pin(uuid, 'meow')
assert res.get('errors')
eq_(res['errors'].get('new_pin'),
[ERROR_STRINGS['PIN may only consists of numbers']])
def test_create_buyer_with_confirmed_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email, pin=self.pin, pin_confirmed=True)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': self.pin, 'pin_confirmed': True})
def test_create_buyer_with_confirmed_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email, pin=self.pin, pin_confirmed=True)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': self.pin, 'pin_confirmed': True})
def test_create_buyer_without_confirmed_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email, pin_confirmed=True)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email, 'pin': None,
'pin_confirmed': False})
def test_create_buyer_without_confirmed_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email, pin_confirmed=True)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email, 'pin': None,
'pin_confirmed': False})
def test_create_buyer_with_email(self, slumber):
uuid = 'with_email'
self.buyer_data['uuid'] = uuid
self.buyer_data['email'] = self.email
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': None, 'pin_confirmed': False})
def test_create_buyer_with_email(self, slumber):
uuid = 'with_email'
self.buyer_data['uuid'] = uuid
self.buyer_data['email'] = self.email
slumber.generic.buyer.post.return_value = self.buyer_data
client.create_buyer(uuid, self.email)
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': None, 'pin_confirmed': False})
def test_change_pin_with_existing_pin(self):
uuid = "change_pin_with_existing_pin"
pin = "5432"
new_pin = pin[::-1]
client.create_buyer(uuid, pin)
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get("pin")
assert client.verify_pin(uuid, new_pin)
def test_change_pin_with_existing_pin(self):
uuid = 'change_pin_with_existing_pin'
pin = '5432'
new_pin = pin[::-1]
client.create_buyer(uuid, pin)
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get('pin')
assert client.verify_pin(uuid, new_pin)
def test_reset_confirm_pin_with_bad_pin(self):
uuid = "reset_confirm_pin_bad_pin"
new_pin = "1122"
client.create_buyer(uuid, self.pin)
client.set_new_pin(uuid, new_pin)
assert client.reset_confirm_pin(uuid, new_pin)
assert client.verify_pin(uuid, new_pin)
assert not client.reset_confirm_pin(uuid, self.pin)
assert client.verify_pin(uuid, new_pin)
def create(request):
form = forms.CreatePinForm()
if request.method == 'POST':
form = forms.CreatePinForm(uuid=get_user(request), data=request.POST)
if form.is_valid():
if getattr(form, 'buyer_exists', False):
try:
res = client.change_pin(form.uuid,
form.cleaned_data['pin'],
etag=form.buyer_etag)
except ResourceModified:
return system_error(request, code=msg.RESOURCE_MODIFIED)
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return http.HttpResponseRedirect(reverse('pin.confirm'))
form.no_pin = True
return render(request, 'pin/pin_form.html', {'form': form,
'title': _('Create a Pin'),
'action': reverse('pin.create'),
'pin_form_tracking' : {
'pin_error_codes': form.pin_error_codes,
},
'track_cancel': {
'action': 'pin cancel',
'label': 'Create Pin Page',
}})
def set_user(request, email, verified=None):
if not check_whitelist(email):
log.warning('Whitelist denied access to: {0}'.format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get('uuid') != uuid
request.session['uuid'] = uuid
# This is only used by navigator.id.watch()
request.session['logged_in_user'] = email
# Leave previous was_verified behaviour for Persona.
if verified is not None:
request.session['was_reverified'] = verified
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
log.info('Created buyer {uuid} for email {email}'
.format(uuid=uuid, email=email))
log.info('Buyer uuid is {uuid} for email {email}'
.format(uuid=uuid, email=email))
super_powers = email in settings.USERS_WITH_SUPER_POWERS
log.info('user has super powers? {user}: {powers}'
.format(user=email, powers=super_powers))
request.session['super_powers'] = super_powers
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def create(request):
form = forms.CreatePinForm()
if request.method == 'POST':
form = forms.CreatePinForm(uuid=get_user(request), data=request.POST)
if form.is_valid():
if getattr(form, 'buyer_exists', False):
try:
res = client.change_pin(form.uuid,
form.cleaned_data['pin'],
etag=form.buyer_etag)
except ResourceModified:
return system_error(request, code=msg.RESOURCE_MODIFIED)
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return http.HttpResponseRedirect(reverse('pin.confirm'))
form.no_pin = True
return render(
request, 'pin/pin_form.html', {
'form': form,
'title': _('Create a Pin'),
'action': reverse('pin.create'),
'pin_form_tracking': {
'pin_error_codes': form.pin_error_codes,
},
'track_cancel': {
'action': 'pin cancel',
'label': 'Create Pin Page',
}
})
def test_create_buyer_with_long_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(
content={'pin': ['PIN_4_NUMBERS_LONG']}))
buyer = client.create_buyer('with_long_pin', '12345')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'), [ERROR_STRINGS['PIN_4_NUMBERS_LONG']])
def test_create_buyer_with_short_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'pin': [msg.PIN_4_NUMBERS_LONG]
}))
buyer = client.create_buyer('with_short_pin', self.email, pin='123')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'), [msg.PIN_4_NUMBERS_LONG])
def test_create_buyer_with_existing_uuid(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'uuid': [msg.BUYER_UUID_ALREADY_EXISTS]
}))
buyer = client.create_buyer(self.uuid, self.email, pin='1234')
assert buyer.get('errors')
eq_(buyer['errors'].get('uuid'), [msg.BUYER_UUID_ALREADY_EXISTS])
def test_create_buyer_with_long_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'pin': [msg.PIN_4_NUMBERS_LONG]
}))
buyer = client.create_buyer('with_long_pin', self.email, pin='12345')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'), [msg.PIN_4_NUMBERS_LONG])
def test_create_buyer_with_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.pin)
eq_(buyer.get('uuid'), uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
def test_create_buyer_with_existing_uuid(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(
content={'uuid': ['BUYER_UUID_ALREADY_EXISTS']}))
buyer = client.create_buyer(self.uuid, '1234')
assert buyer.get('errors')
eq_(buyer['errors'].get('uuid'),
[ERROR_STRINGS['BUYER_UUID_ALREADY_EXISTS']])
def test_create_buyer_with_alpha_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'pin': ['PIN_ONLY_NUMBERS']
}))
buyer = client.create_buyer('with_alpha_pin', self.email, pin='lame')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'), [ERROR_STRINGS['PIN_ONLY_NUMBERS']])
def test_create_buyer_with_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.pin)
eq_(buyer.get('uuid'), uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
def test_change_pin_to_remove_exising_pin(self):
uuid = 'change_pin_to_remove_exising_pin'
pin = '5467'
new_pin = None
buyer = client.create_buyer(uuid, pin)
assert buyer.get('pin')
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert not buyer.get('pin')
def test_create_buyer_with_long_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'pin': ['PIN must be exactly 4 numbers long']
}))
buyer = client.create_buyer('with_long_pin', '12345')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'),
[ERROR_STRINGS['PIN must be exactly 4 numbers long']])
def test_create_buyer_with_existing_uuid(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'uuid': ['Buyer with this Uuid already exists.']
}))
buyer = client.create_buyer(self.uuid, '1234')
assert buyer.get('errors')
eq_(buyer['errors'].get('uuid'),
[ERROR_STRINGS['Buyer with this Uuid already exists.']])
def test_change_pin_to_remove_exising_pin(self):
uuid = "change_pin_to_remove_exising_pin"
pin = "5467"
new_pin = None
buyer = client.create_buyer(uuid, pin)
assert buyer.get("pin")
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert not buyer.get("pin")
def test_create_buyer_without_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid)
eq_(buyer.get('uuid'), uuid)
assert not buyer.get('pin')
assert buyer.get('resource_pk')
def test_create_buyer_with_short_pin(self, slumber):
slumber.generic.buyer.post.side_effect = HttpClientError(
response=self.create_error_response(content={
'pin': ['PIN_4_NUMBERS_LONG']
}))
buyer = client.create_buyer('with_short_pin', '123')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'),
[ERROR_STRINGS['PIN_4_NUMBERS_LONG']])
def test_create_buyer_without_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid)
eq_(buyer.get('uuid'), uuid)
assert not buyer.get('pin')
assert buyer.get('resource_pk')
def test_change_pin_without_existing_pin(self):
uuid = 'change_pin_without_existing_pin'
new_pin = '1234'
buyer = client.create_buyer(uuid)
assert not buyer.get('pin')
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get('pin')
assert client.verify_pin(uuid, new_pin)
def test_change_pin_without_existing_pin(self):
uuid = "change_pin_without_existing_pin"
new_pin = "1234"
buyer = client.create_buyer(uuid)
assert not buyer.get("pin")
client.change_pin(uuid, new_pin)
buyer = client.get_buyer(uuid)
assert buyer.get("pin")
assert client.verify_pin(uuid, new_pin)
def test_create_buyer_with_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.email, pin=self.pin)
eq_(buyer.get('uuid'), uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': self.pin, 'pin_confirmed': False})
def test_create_buyer_with_pin(self, slumber):
uuid = 'with_pin'
self.buyer_data['uuid'] = uuid
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.email, pin=self.pin)
eq_(buyer.get('uuid'), uuid)
assert buyer.get('pin')
assert buyer.get('resource_pk')
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email,
'pin': self.pin, 'pin_confirmed': False})
def test_create_buyer_without_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.email)
eq_(buyer.get('uuid'), uuid)
assert not buyer.get('pin')
assert buyer.get('resource_pk')
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email, 'pin': None,
'pin_confirmed': False})
def test_create_buyer_without_pin(self, slumber):
uuid = 'no_pin:1234'
self.buyer_data['uuid'] = uuid
del self.buyer_data['pin']
slumber.generic.buyer.post.return_value = self.buyer_data
buyer = client.create_buyer(uuid, self.email)
eq_(buyer.get('uuid'), uuid)
assert not buyer.get('pin')
assert buyer.get('resource_pk')
slumber.generic.buyer.post.assert_called_with(
{'uuid': uuid, 'email': self.email, 'pin': None,
'pin_confirmed': False})
def create(request):
form = forms.CreatePinForm()
if request.method == "POST":
form = forms.CreatePinForm(uuid=get_user(request), data=request.POST)
if form.is_valid():
if hasattr(form, "buyer"):
res = client.change_pin(form.buyer, form.cleaned_data["pin"])
else:
res = client.create_buyer(form.uuid, form.cleaned_data["pin"])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return http.HttpResponseRedirect(reverse("pin.confirm"))
return render(request, "pin/create.html", {"form": form})
def create(request):
form = forms.CreatePinForm()
if request.method == 'POST':
form = forms.CreatePinForm(uuid=get_user(request), data=request.POST)
if form.is_valid():
if hasattr(form, 'buyer'):
res = client.change_pin(form.buyer, form.cleaned_data['pin'])
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return http.HttpResponseRedirect(reverse('pin.confirm'))
return render(request, 'pin/pin_form.html', {'form': form,
'title': _('Create your PIN:'),
'action': reverse('pin.create') })
def create(self, request):
form = CreatePinForm(uuid=request.session["uuid"], data=request.DATA)
if form.is_valid():
if getattr(form, "buyer_exists", None):
res = client.change_pin(form.uuid, form.cleaned_data["pin"], etag=form.buyer_etag)
else:
res = client.create_buyer(form.uuid, form.cleaned_data["pin"])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return response.Response(status=201)
return response.Response(status=201)
return app_error(request)
def create(request):
form = forms.CreatePinForm()
if request.method == 'POST':
form = forms.CreatePinForm(uuid=get_user(request), data=request.POST)
if form.is_valid():
if getattr(form, 'buyer_exists', False):
res = client.change_pin(form.uuid, form.cleaned_data['pin'])
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return http.HttpResponseRedirect(reverse('pin.confirm'))
form.no_pin = True
return render(request, 'pin/pin_form.html', {'form': form,
'title': _('Create a Pin'),
'action': reverse('pin.create')})
def set_user(request, email):
if not check_whitelist(email):
log.warning('Whitelist denied access to: {0}'.format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get('uuid') != uuid
request.session['uuid'] = uuid
# This is only used by navigator.id.watch()
request.session['logged_in_user'] = email
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def create(self, request):
form = CreatePinForm(uuid=request.session['uuid'], data=request.DATA)
if form.is_valid():
if getattr(form, 'buyer_exists', None):
res = client.change_pin(form.uuid,
form.cleaned_data['pin'],
etag=form.buyer_etag)
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
set_user_has_pin(request, True)
return response.Response(status=201)
return response.Response(status=201)
return app_error(request)
def create(request):
form = forms.CreatePinForm()
if request.method == 'POST':
# TODO(Wraithan): Get the buyer's UUID once identity is figured out
# with webpay.
stub_uuid = 'dat:uuid'
form = forms.CreatePinForm(uuid=stub_uuid, data=request.POST)
if form.is_valid():
if hasattr(form, 'buyer'):
res = client.change_pin(form.buyer, form.cleaned_data['pin'])
else:
res = client.create_buyer(form.uuid, form.cleaned_data['pin'])
if form.handle_client_errors(res):
# TODO(Wraithan): Replace with proper redirect
return render(request, 'pin/create_success.html',
{'form': form})
return render(request, 'pin/create.html', {'form': form})
def set_user(request, email, verified=None):
if not check_whitelist(email):
log.warning("Whitelist denied access to: {0}".format(email))
raise PermissionDenied
uuid = get_uuid(email)
new_uuid = request.session.get("uuid") != uuid
request.session["uuid"] = uuid
# This is only used by navigator.id.watch()
request.session["logged_in_user"] = email
# Leave previous was_verified behaviour for Persona.
if verified is not None:
request.session["was_reverified"] = verified
buyer = client.get_buyer(uuid)
if not buyer:
buyer = client.create_buyer(uuid, email)
log.info("Created buyer {uuid} for email {email}".format(uuid=uuid, email=email))
log.info("Buyer uuid is {uuid} for email {email}".format(uuid=uuid, email=email))
return update_session(request, uuid, new_uuid, email, buyer=buyer)
def test_create_buyer_without_pin(self):
uuid = 'no_pin:1234'
buyer = client.create_buyer(uuid)
eq_(buyer.get('uuid'), uuid)
assert not buyer.get('pin')
assert buyer.get('id')
def setUpClass(cls):
# TODO(Wraithan): Add a mocked backend so we have idempotent tests.
invalid_urls = (None, 'http://example.com')
if (getattr(settings, 'SOLITUDE_URL', None) in invalid_urls):
raise SkipTest
client.create_buyer('dat:uuid', '1234')
def test_set_new_pin_for_reset(self):
uuid = 'set_new_pin_for_reset'
client.create_buyer(uuid, self.pin)
eq_(client.set_new_pin(uuid, '1122'), {})
def test_create_buyer_with_alpha_pin(self):
buyer = client.create_buyer('with_alpha_pin', 'lame')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'),
[ERROR_STRINGS['PIN may only consists of numbers']])
def test_create_buyer_with_pin(self):
uuid = 'with_pin'
buyer = client.create_buyer(uuid, self.pin)
eq_(buyer.get('uuid'), uuid)
assert buyer.get('pin')
assert buyer.get('id')
def test_create_buyer_with_long_pin(self):
buyer = client.create_buyer('with_long_pin', '12345')
assert buyer.get('errors')
eq_(buyer['errors'].get('pin'),
[ERROR_STRINGS['PIN must be exactly 4 numbers long']])
def test_create_buyer_with_existing_uuid(self):
buyer = client.create_buyer(self.uuid, '1234')
assert buyer.get('errors')
eq_(buyer['errors'].get('uuid'),
[ERROR_STRINGS['Buyer with this Uuid already exists.']])
def test_confirm_pin_with_good_pin(self):
uuid = 'confirm_pin_good_pin'
client.create_buyer(uuid, self.pin)
assert client.confirm_pin(uuid, self.pin)
def test_confirm_pin_with_bad_pin(self):
uuid = 'confirm_pin_bad_pin'
client.create_buyer(uuid, self.pin)
assert not client.confirm_pin(uuid, self.pin[::-1])
def test_verify_without_confirm_and_good_pin(self):
uuid = 'verify_pin_good_pin'
client.create_buyer(uuid, self.pin)
assert not client.verify_pin(uuid, self.pin)['valid']
