Ejemplo n.º 1
0
def test_properties():
    pe = PendingEmail('abc')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'

    assert pe.username == 'abc'
    assert pe.new_email == '*****@*****.**'
    assert pe.verify_code == 'bibble'
Ejemplo n.º 2
0
def test_properties():
    pe = PendingEmail('abc')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'

    assert pe.username == 'abc'
    assert pe.new_email == '*****@*****.**'
    assert pe.verify_code == 'bibble'
Ejemplo n.º 3
0
def test_delete():
    test_creation()

    pe = PendingEmail('abc')
    pe.delete()
    assert not pe.in_db

    pe = PendingEmail('abc')
    assert not pe.in_db
Ejemplo n.º 4
0
    def test_is_email_used_pending_email_change(self):
        email = '*****@*****.**'
        pe = PendingEmail('pu')
        pe.verify_code = 'vc'
        pe.new_email = email
        pe.save()

        used = helpers.email_used(email)
        assert used == True
Ejemplo n.º 5
0
def test_none_listed_after_removal():
    test_creation()

    all_list = PendingEmail.ListAll()
    for pu in all_list:
        pu.delete()

    all_list = PendingEmail.ListAll()
    assert len(all_list) == 0
Ejemplo n.º 6
0
def test_update():
    test_creation()
    new_email = '*****@*****.**'

    pe = PendingEmail('abc')
    pe.new_email = new_email
    pe.save()

    pe = PendingEmail('abc')
    assert pe.new_email == new_email
Ejemplo n.º 7
0
def test_email_change_request():
    """ Test that change requests via POST at /user/ are handled correclty. """
    username = "******"
    old_email = User(username).email
    new_email = "*****@*****.**"
    params = {
        "username": "******",
        "password": "******",
        "new_email": new_email,
    }

    r, data = test_helpers.server_post("/user/student_coll1_1", params)
    assert r.status == 200, data
    user = User(username)
    assert user.email == old_email

    ps = test_helpers.last_email()
    toaddr = ps.toaddr
    assert toaddr == new_email

    vars = ps.template_vars
    first_name = user.first_name
    assert first_name == vars['name']

    template = ps.template_name
    assert template == 'change_email'

    test_helpers.assert_load_template(template, vars)

    pe = PendingEmail(username)
    assert pe.in_db
    assert pe.new_email == new_email
Ejemplo n.º 8
0
def test_user_get_other_can_view():
    # Set up a pending email for the student
    pe = PendingEmail('student_coll1_1')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'
    pe.save()

    params = {"username":"******",
              "password":"******",
              }

    r,data = test_helpers.server_get("/user/student_coll1_1", params)
    assert r.status == 200
    assert data.find("student_coll1_1") != -1
    assert 'email' not in data
    assert 'new_email' not in data
Ejemplo n.º 9
0
def verify_email(username, code):
    """
    Verifies to the system that an email address exists, and assigns it to a user.
    Expected to be used only by users clicking links in email-verfication emails.
    Not part of the documented API.
    """

    change_request = PendingEmail(username)

    if not change_request.in_db:
        return "No such change request", 404

    if change_request.age > timedelta(days=2):
        return "Request not valid", 410

    if change_request.verify_code != code:
        return "Invalid verification code", 403

    log_action('changing email',
               user=username,
               new_email=change_request.new_email)

    u = User(change_request.username)
    u.set_email(change_request.new_email)
    u.save()

    return "Email address successfully changed", 200
Ejemplo n.º 10
0
def verify_email(username, code):
    """
    Verifies to the system that an email address exists, and assigns it to a user.
    Expected to be used only by users clicking links in email-verfication emails.
    Not part of the documented API.
    """

    change_request = PendingEmail(username)

    if not change_request.in_db:
        return "No such change request", 404, PLAINTEXT_HEADER

    email_change_days = config.config.getint('nemesis', 'email_change_days')
    max_age = timedelta(days=email_change_days)

    if change_request.age > max_age:
        return "Request not valid", 410, PLAINTEXT_HEADER

    if change_request.verify_code != code:
        return "Invalid verification code", 403, PLAINTEXT_HEADER

    log_action('changing email',
               user=username,
               new_email=change_request.new_email)

    u = User(change_request.username)
    u.set_email(change_request.new_email)
    u.save()

    return "Email address successfully changed", 200, PLAINTEXT_HEADER
Ejemplo n.º 11
0
def clear_old_emails():
    for pe in PendingEmail.ListAll():
        # deliberately a larger delta than we restrict against to avoid
        # accidentally removing vaild entries
        if pe.age > timedelta(days=3):
            log_action('expiring email change', pe)
            pe.delete()
Ejemplo n.º 12
0
def test_send_email():
    first_name = 'jim'
    verification_url = 'http://verify'
    new_email = '*****@*****.**'
    pe = PendingEmail('abc')
    pe.new_email = new_email
    pe.send_verification_email(first_name, verification_url)

    ps = test_helpers.last_email()

    vars = ps.template_vars
    assert first_name == vars['name']
    assert verification_url == vars['url']
    toaddr = ps.toaddr
    assert new_email == toaddr

    template = ps.template_name
    assert template == 'change_email'

    test_helpers.assert_load_template(template, vars)
Ejemplo n.º 13
0
def email_used(email):
    if User.email_used(email):
        return True

    if any(pe.new_email == email for pe in PendingEmail.ListAll()):
        return True

    if any(pu.email == email for pu in PendingUser.ListAll()):
        return True

    return False
Ejemplo n.º 14
0
def clear_old_emails():
    # deliberately a larger delta than we restrict against to avoid
    # accidentally removing vaild entries
    email_change_days = config.getint('nemesis', 'email_change_days')
    email_change_days += 0.5
    max_age = timedelta(days=email_change_days)

    for pe in PendingEmail.ListAll():
        if pe.age > max_age:
            log_action('expiring email change', pe)
            pe.delete()
Ejemplo n.º 15
0
def request_new_email(user, new_email):
    userid = user.username

    pe = PendingEmail(userid)

    if user.email == new_email:
        if pe.in_db:
            pe.delete()
        return

    verify_code = helpers.create_verify_code(userid, new_email)
    pe.new_email = new_email
    pe.verify_code = verify_code
    pe.save()

    url = url_for('verify_email',
                  username=userid,
                  code=verify_code,
                  _external=True)
    pe.send_verification_email(user.first_name, url)
Ejemplo n.º 16
0
def test_send_email():
    first_name = 'jim'
    verification_url = 'https://verify'
    new_email = '*****@*****.**'
    pe = PendingEmail('abc')
    pe.new_email = new_email
    pe.send_verification_email(first_name, verification_url)

    ps = test_helpers.last_email()

    vars = ps.template_vars
    assert first_name == vars['name']
    assert verification_url == vars['url']
    toaddr = ps.toaddr
    assert new_email == toaddr

    template = ps.template_name
    assert template == 'change_email'

    test_helpers.assert_load_template(template, vars)
Ejemplo n.º 17
0
def request_new_email(user, new_email):
    userid = user.username

    pe = PendingEmail(userid)

    if user.email == new_email:
        if pe.in_db:
            pe.delete()
        return

    verify_code = helpers.create_verify_code(userid, new_email)
    pe.new_email = new_email
    pe.verify_code = verify_code
    pe.save()

    url = url_for('verify_email', username=userid, code=verify_code, _external=True)
    pe.send_verification_email(user.first_name, url)
Ejemplo n.º 18
0
def test_update():
    test_creation()
    new_email = '*****@*****.**'

    pe = PendingEmail('abc')
    pe.new_email = new_email
    pe.save()

    pe = PendingEmail('abc')
    assert pe.new_email == new_email
Ejemplo n.º 19
0
def test_creation():
    pe = PendingEmail('abc')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'

    pe.save()
    assert pe.in_db

    pe = PendingEmail('abc')
    assert pe.in_db
    assert pe.username == 'abc'
    assert pe.new_email == '*****@*****.**'
    assert pe.verify_code == 'bibble'
    age = pe.age
    assert age > timedelta()
    assert age < timedelta(minutes = 1)
Ejemplo n.º 20
0
def test_one_listed():
    test_creation()

    all_list = PendingEmail.ListAll()
    assert len(all_list) == 1

    pe = all_list[0]

    assert type(pe) == PendingEmail

    assert pe.in_db
    assert pe.username == 'abc'
    assert pe.new_email == '*****@*****.**'
    assert pe.verify_code == 'bibble'
Ejemplo n.º 21
0
    def test_is_email_used_pending_email_change(self):
        email = '*****@*****.**'
        pe = PendingEmail('pu')
        pe.verify_code = 'vc'
        pe.new_email = email
        pe.save()

        used = helpers.email_used(email)
        assert used == True
Ejemplo n.º 22
0
def test_delete():
    test_creation()

    pe = PendingEmail('abc')
    pe.delete()
    assert not pe.in_db

    pe = PendingEmail('abc')
    assert not pe.in_db
Ejemplo n.º 23
0
def user_details(requesting_user, userid):
    if not requesting_user.can_view(userid):
        return AUTHORIZATION_DENIED

    user = User.create_user(userid)
    details = user.details_dictionary_for(requesting_user)

    if 'email' in details:
        # The requesting user can view the emails -- also tell them
        # about any pending changes.
        email_change_rq = PendingEmail(user.username)
        if email_change_rq.in_db:
            new_email = email_change_rq.new_email
            if new_email != details['email']:
                details['new_email'] = new_email
    return json.dumps(details), 200
Ejemplo n.º 24
0
def user_details(userid):
    ah = AuthHelper(request)

    if not (ah.auth_will_succeed and ah.user.can_view(userid)):
        return ah.auth_error_json, 403

    user = User.create_user(userid)
    details = user.details_dictionary_for(ah.user)

    if 'email' in details:
        """Then the requesting user can view the emails -- also tell them
        about any pending changes."""
        email_change_rq = PendingEmail(user.username)
        if email_change_rq.in_db:
            new_email = email_change_rq.new_email
            if new_email != details['email']:
                details['new_email'] = new_email
    return json.dumps(details), 200
Ejemplo n.º 25
0
def test_creation():
    pe = PendingEmail('abc')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'

    pe.save()
    assert pe.in_db

    pe = PendingEmail('abc')
    assert pe.in_db
    assert pe.username == 'abc'
    assert pe.new_email == '*****@*****.**'
    assert pe.verify_code == 'bibble'
    age = pe.age
    assert age > timedelta()
    assert age < timedelta(minutes = 1)
Ejemplo n.º 26
0
def test_email_change_request_reset():
    """ Test that change requests via POST at /user/ are handled correclty. """
    username = "******"
    old_email = User(username).email
    new_email = "*****@*****.**"
    setup_new_email(username, new_email, 'bees')

    params = {
        "username": "******",
        "password": "******",
        "new_email": old_email,
    }

    r, data = test_helpers.server_post("/user/student_coll1_1", params)
    assert r.status == 200, data
    user = User(username)
    assert user.email == old_email

    pe = PendingEmail(username)
    assert not pe.in_db, 'POST using original email should have cleared request'

    test_helpers.assert_no_emails()
Ejemplo n.º 27
0
def test_user_get_other_can_view():
    # Set up a pending email for the student
    pe = PendingEmail('student_coll1_1')
    pe.new_email = '*****@*****.**'
    pe.verify_code = 'bibble'
    pe.save()

    params = {
        "username": "******",
        "password": "******",
    }

    r, data = test_helpers.server_get("/user/student_coll1_1", params)
    assert r.status == 200
    assert data.find("student_coll1_1") != -1
    assert 'email' not in data
    assert 'new_email' not in data
Ejemplo n.º 28
0
    def test_clear_old_emails(self):
        pe = PendingEmail('old')
        pe.new_email = '*****@*****.**'
        pe.verify_code = 'bibble-old'
        pe.save()

        self._make_old('email_changes', 'old')

        pe = PendingEmail('abc')
        pe.new_email = '*****@*****.**'
        pe.verify_code = 'bibble-new'
        pe.save()

        helpers.clear_old_emails()

        pe = PendingEmail('old')
        assert not pe.in_db

        pe = PendingEmail('abc')
        assert pe.in_db
Ejemplo n.º 29
0
def test_none_listed_at_start():
    all_list = PendingEmail.ListAll()
    assert len(all_list) == 0
Ejemplo n.º 30
0
def test_invalid_property():
    pe = PendingEmail('abc')
    print pe.bacon
Ejemplo n.º 31
0
def setup_new_email(username, new_email, verify_code):
    pe = PendingEmail(username)
    pe.new_email = new_email
    pe.verify_code = verify_code
    pe.save()
Ejemplo n.º 32
0
def setup_new_email(username, new_email, verify_code):
    pe = PendingEmail(username)
    pe.new_email = new_email
    pe.verify_code = verify_code
    pe.save()
Ejemplo n.º 33
0
    def test_clear_old_emails(self):
        pe = PendingEmail('old')
        pe.new_email = '*****@*****.**'
        pe.verify_code = 'bibble-old'
        pe.save()

        self._make_old('email_changes', 'old')

        pe = PendingEmail('abc')
        pe.new_email = '*****@*****.**'
        pe.verify_code = 'bibble-new'
        pe.save()

        helpers.clear_old_emails()

        pe = PendingEmail('old')
        assert not pe.in_db

        pe = PendingEmail('abc')
        assert pe.in_db
Ejemplo n.º 34
0
def test_empty_at_start():
    pe = PendingEmail('abc')
    assert pe.in_db == False
    assert pe.new_email is None
    assert pe.verify_code is None
    assert pe.age == timedelta()