def test_expired_confirmation_token(mockdata):
user = User(password='******')
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token(1)
time.sleep(2)
assert user.confirm(token) is False
def test_valid_email_change_token(mockdata):
user = User(email='*****@*****.**', password='******')
db.session.add(user)
db.session.commit()
token = user.generate_email_change_token('*****@*****.**')
assert user.change_email(token) is True
assert user.email == '*****@*****.**'
def test_valid_reset_token(mockdata):
user = User(password='******')
db.session.add(user)
db.session.commit()
token = user.generate_reset_token()
assert user.reset_password(token, 'vegan bacon') is True
assert user.verify_password('vegan bacon') is True
def test_duplicate_email_change_token(mockdata):
user1 = User(email='*****@*****.**', password='******')
user2 = User(email='*****@*****.**', password='******')
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user2.generate_email_change_token('*****@*****.**')
assert user2.change_email(token) is False
assert user2.email == '*****@*****.**'
def test_area_coordinator_with_dept_is_valid(mockdata):
user1 = User(email='*****@*****.**',
username='******',
password='******',
is_area_coordinator=True,
ac_department_id=1)
db.session.add(user1)
db.session.commit()
assert user1.is_area_coordinator is True
assert user1.ac_department_id == 1
def test_invalid_reset_token(mockdata):
user1 = User(password='******')
user2 = User(password='******')
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user1.generate_reset_token()
assert user2.reset_password(token, 'tempeh') is False
assert user2.verify_password('vegan bacon') is True
def test_invalid_confirmation_token(mockdata):
user1 = User(password='******')
user2 = User(password='******')
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user1.generate_confirmation_token()
assert user2.confirm(token) is False
def test_admin_cannot_delete_other_admin(mockdata, client, session):
with current_app.test_request_context():
login_admin(client)
user = User(is_administrator=True, email='*****@*****.**')
session.add(user)
session.commit()
user_id = user.id
rv = client.post(url_for('auth.delete_user', user_id=user_id),
follow_redirects=True)
assert rv.status_code == 403
assert User.query.get(user_id) is not None
def test_invalid_email_change_token(mockdata):
user1 = User(email='*****@*****.**', password='******')
user2 = User(email='*****@*****.**', password='******')
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user1.generate_email_change_token('*****@*****.**')
assert user2.change_email(token) is False
assert user2.email == '*****@*****.**'
def test_valid_confirmation_token(mockdata):
user = User(password='******')
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
assert user.confirm(token) is True
def test_password_salting(mockdata):
user1 = User(password='******')
user2 = User(password='******')
assert user1.password_hash != user2.password_hash
def test_password_verification_failure(mockdata):
user = User(password='******')
assert user.verify_password('vegan bacon') is False
def test_password_verification_success(mockdata):
user = User(password='******')
assert user.verify_password('bacon') is True
def test_password_set_success(mockdata):
user = User(password='******')
assert user.password_hash is not None
def test_password_not_printed(mockdata):
user = User(password='******')
with raises(AttributeError):
user.password
def test_user_repr(mockdata):
user = User(username='******')
assert user.__repr__() == "<User '{}'>".format(user.username)
