def manage_user(): error = None user = getUser(session["username"]) if request.method == 'POST': username, email, name, newPassword = (None, ) * 4 if hashPassword(request.form['currentPassword'], user.salt) != user.password_hash: error = 'Password is incorrect.' if not request.form['username'] is None and request.form[ 'username'] != '' and request.form['username'] != user.username: if getUser(request.form['username']) is not None: error = 'Username already taken.' username = request.form['username'] if request.form['email'] != '' and request.form['email'] != user.email: email = request.form['email'] if request.form['name'] != '' and request.form['name'] != user.name: name = request.form['name'] if request.form['newPassword'] != '': if len(request.form['newPassword']) < 4: error = "Password must be at least 4 charactors" newPassword = request.form['newPassword'] if error is None: user = editUser(user, username=username, password=newPassword, name=name, email=email) session['username'] = user.username return render_template( 'manage_user.html', error=error, user=user, username=user.username ) #Redudent username is required for template to know user is logged in
def test_removeEventFromPage(self): pages = event.getPagesByOwner(user.getUser("username")) self.assertEqual(len(pages[0].events), 1) event.removeEventFromPage(pages[0].events[0]) pages = event.getPagesByOwner(user.getUser("username")) self.assertEqual(len(pages[0].events), 0) self.assertEqual(len(event.getEventsByOwner(user.getUser("username"))), 2)
def test_getUser(self): person = user.getUser("username") self.assertEqual(person.salt, "salt") #Retreive by username works testPerson = user.User.query.filter_by(username="******").first() person = user.getUser(testPerson.id) self.assertEqual(person.name, "jeff bob") #Retreive by id works self.assertRaises(TypeError, lambda : user.getUser(user.User())) #Does not accept User objects self.assertRaises(TypeError, lambda : user.getUser(3.4)) #Does not accept floats
def test_checkRemember(self): cookie = user.addRemember(user.getUser("test")) self.assertEqual(user.checkRemember(cookie), user.getUser("test")) self.assertIsNone(user.checkRemember("Not a cookie")) remember = user.RememberUser.query.filter_by(cookie=cookie).first() remember.timestamp = datetime.datetime.utcnow() - datetime.timedelta( days=31) db.session.commit() self.assertIsNone(user.checkRemember(cookie))
def test_deletePage(self): pages = event.getPagesByOwner(user.getUser("test")) event.deletePage(pages[0]) self.assertIsNone(event.getPageById(pages[0].id)) self.assertEqual(len(event.getPagesByOwner(user.getUser("test"))), 1) pages = event.getPagesByOwner(user.getUser("username")) eventid = pages[0].events[0].id self.assertIsNotNone(event.getEventById(eventid)) event.deletePage(pages[0]) self.assertIsNone(event.getEventById(eventid))
def test_editUser(self): user1 = user.getUser("username") user1new = user.editUser(user1, username="******") self.assertEqual(user1.id, user1new.id) self.assertEqual(user1new.username, "farquad") user1 = user.addUser("Test1", "Test1", "Test1") self.assertRaises(ValueError, lambda: user.editUser(user1, "Test2", "ah")) user1new = user.getUser(user1.id) self.assertEqual(user1.username, user1new.username) #Test rollback user1new = user.editUser(user1, password="******") self.assertTrue(user.authenticateUser(user1new.username, "newPassword"))
def test_editPage(self): pages = event.getPagesByOwner(user.getUser("test")) pageId = pages[0].id oldName = pages[0].name pageNew = event.editPage(pageId, name="A new name") self.assertNotEqual(pageNew.name, oldName) self.assertEqual(pageNew.name, event.getPageById(pageId).name) jeffsPages = len(user.getUser("Jeff").pages) pageNew = event.editPage(pageId, name="A newer name", owner=user.getUser("Jeff")) self.assertEqual(jeffsPages + 1, len(user.getUser("Jeff").pages)) pageNew = event.editPage(pageId, discription="an indecisive page") self.assertEqual(pageNew.discription, "an indecisive page")
def test_addUser(self): newUser = user.addUser("dust", "goodPassword") self.assertEqual(newUser, user.getUser("dust")) #Add user self.assertRaises( ValueError, lambda: user.addUser("", "goodPassword")) #Min length username self.assertRaises(ValueError, lambda: user.addUser( "f" * 31, "goodPassword")) #Max length username self.assertRaises( TypeError, lambda: user.addUser(None, "goodPassword")) #Username type self.assertRaises( ValueError, lambda: user.addUser("another", "123")) #Min length password self.assertRaises(TypeError, lambda: user.addUser("one", None)) #Password type self.assertRaises(ValueError, lambda: user.addUser( "bytes", "goodPassword", name="F" * 61)) #Max length name self.assertRaises(ValueError, lambda: user.addUser( "the", "goodPassword", email="F" * 61)) #Min length email self.assertRaises( ValueError, lambda: user.addUser("dust", "goodPassword")) #Duplicate username otherUser = user.addUser("jimbo", "goodPassword") self.assertNotEqual(newUser.salt, otherUser.salt) #Check for proper salting self.assertNotEqual(newUser.password_hash, otherUser.password_hash) #Check for proper hashing
def create_or_edit(): """Create or update an event. If id is passed as a a query parameter then update the event corresponding to that query parameter. """ error = None if request.method == 'POST': id = request.form.get('id') id = int(id) if id else None # Edit or create the event based on whether we have an id and also # the type of event that we have. name = request.form.get('name') owner = getUser(current_username()).id event_type = EventType(int(request.form.get('event_type'))) description = request.form['description'] startTime = momentToPyDatetime( request.form['start_time'] ) if event_type == EventType.EVENT or event_type == EventType.REMINDER else None endTime = momentToPyDatetime( request.form['end_time'] ) if event_type == EventType.EVENT else None password = request.form[ 'event_password'] if event_type == event_type.ENCRYPTED else None if id: editEvent(id, name=name, owner=owner, event_type=event_type, description=description, start_time=startTime, end_time=endTime, password=password) else: createEvent(name=name, owner=owner, event_type=event_type, description=description, start_time=startTime, end_time=endTime, password=password) return redirect(url_for('events.index')) # Get an event if we are editing an event id = request.args.get('id') event = None if id: event = getEventById(int(id)) if event.event_type == EventType.ENCRYPTED and not checkCachedEncrypted( event): #If this encrypted event hasn't had its password entered already, then send back to event page return redirect(url_for('events.index')) return render_template('events_create.html', event=event, username=current_username(), EventType=EventType, error=error, checkCachedEncrypted=checkCachedEncrypted)
def getPagesByOwner(owner): """Gets a list of pages by owner Args: owner (User | Int): owner User object or id Returns: ([Page]): the pages """ if type(owner) == int: owner = user.getUser(owner) return owner.pages
def generatePopulateDB(): generateDB() user.addUser(username="******", password="******", name="name", email="*****@*****.**") user.addUser(username="******", password="******", name="testname") user.addUser(username="******", password="******", name="Jeff jeff", email="*****@*****.**") user.addUser(username="******", password="******") event.createEvent(name="Wake up", owner=user.getUser("test").id, event_type=event.EventType.REMINDER, start_time=datetime.datetime.now()) event.createEvent(name="Rocks", owner=user.getUser("Jeff").id, description="Granit, Bassalt, Quartz", event_type=event.EventType.NOTE) event.createEvent(name="Short party", owner=user.getUser("username").id, event_type=event.EventType.EVENT, start_time=datetime.datetime.now(), end_time=datetime.datetime.now() + datetime.timedelta(hours=3)) event.createEvent( name="Secrets", owner=user.getUser("test").id, event_type=event.EventType.ENCRYPTED, password="******", description= "Some passwords, SSNs, creditcard numbers, and otherthings you shouldn't trust this app with" ) event.createPage(name="test page", owner=user.getUser("test"), description="This is a test page") event.createPage(name="test page 2", owner=user.getUser("test")) event.createPage(name="Jeffs stuff", owner=user.getUser("Jeff")) page1 = event.createPage(name="more thigns", owner=user.getUser("username")) event.createEvent(name="its on a page", owner=user.getUser("username").id, event_type=event.EventType.NOTE, page=page1)
def index(): user = getUser(current_username()) search = request.args.get('q') search = search if search else '' event_type = request.args.get('event_type') event_type = EventType(int(event_type)) if event_type else None return render_template('events.html', events=getEventsByOwner(user, search=search, event_type=event_type), username=current_username, search=search, EventType=EventType, pyDatetimeToMoment=pyDatetimeToMoment, checkCachedEncrypted=checkCachedEncrypted)
def createEvent(name, owner, event_type, discrption=None, start_time=None, end_time=None, parent=None): if name is None or 60 < len(name) or len(name) <= 0: raise ValueError("Name length out of range") if owner is None or user.getUser(owner) is None: raise ValueError("Must have a valid owner") if not type(event_type) is EventType: raise ValueError("Must have a valid event type") if not parent is None and Event.query.filter_by(id=parent).first() is None: raise ValueError("Parent, if used, must be a valid event") if event_type == EventType.NOTE and (not start_time is None or not end_time is None): raise ValueError("Note types do not have start or end times") elif event_type == EventType.REMINDER and (start_time is None or not end_time is None): raise ValueError("Reminder types have a start time and no end times") elif event_type == EventType.EVENT and (start_time is None or end_time is None): raise ValueError("Event types have start and end times") elif event_type == EventType.ALL_DAY and (start_time is None or end_time is None): raise ValueError("All day types have start and end times") db.session.add( Event(owner_id=owner, name=name, event_type=event_type, discrption=discrption, start_time=start_time, end_time=end_time, parent_id=parent)) db.session.commit() return Event.query.filter_by(owner_id=owner, name=name, event_type=event_type, discrption=discrption, start_time=start_time, end_time=end_time, parent_id=parent).first()
def signup(): error = None if request.method == 'POST': username = request.form['username'] password = request.form['password'] email = request.form['email'] name = request.form['name'] # Need to check if username is already taken here check = getUser(username) is not None if check: error = 'Username already taken.' else: try: addUser(username=username, password=password, name=name, email=email) session['username'] = username return redirect('/') except (ValueError, TypeError) as e: error = str(e) return render_template('signup.html', error=error)
def test_addRemember(self): cookie = user.addRemember(user.getUser("test")) self.assertEqual( len( user.RememberUser.query.filter_by( user_id=user.getUser("test").id).all()), 1)
def test_add(self): page1 = event.createPage("pagepage", user.getUser("test")) self.assertIsNotNone(page1) self.assertRaises( ValueError, lambda: event.createPage("", user.getUser("test").id))
def test_findByUser(self): event0 = event.createEvent("quick Note", 2, event.EventType.NOTE) self.assertEqual(len(event.getEventByOwner(2)), 1) self.assertEqual(len(event.getEventByOwner(user.getUser(1))), 2)
def test_getPagesByOwner(self): pages = event.getPagesByOwner(user.getUser("test")) self.assertEqual(len(pages), 2)
def test_getPage(self): pages = event.getPagesByOwner(user.getUser("test")) self.assertEqual(pages[0], event.getPageById(pages[0].id)) self.assertEqual(pages[1], event.getPageById(pages[1].id)) self.assertIsNone(event.getPageById(2000))