def test_user_by_email_address(log):
u1 = M.User.register(dict(username='******'), make_project=False)
u2 = M.User.register(dict(username='******'), make_project=False)
addr1 = M.EmailAddress(email='*****@*****.**',
confirmed=True,
claimed_by_user_id=u1._id)
addr2 = M.EmailAddress(email='*****@*****.**',
confirmed=True,
claimed_by_user_id=u2._id)
# both users are disabled
u1.disabled, u2.disabled = True, True
ThreadLocalORMSession.flush_all()
assert_equal(M.User.by_email_address('*****@*****.**'), None)
assert_equal(log.warn.call_count, 0)
# only u2 is active
u1.disabled, u2.disabled = True, False
ThreadLocalORMSession.flush_all()
assert_equal(M.User.by_email_address('*****@*****.**'), u2)
assert_equal(log.warn.call_count, 0)
# both are active
u1.disabled, u2.disabled = False, False
ThreadLocalORMSession.flush_all()
assert_in(M.User.by_email_address('*****@*****.**'), [u1, u2])
assert_equal(log.warn.call_count, 1)
# invalid email returns None, but not user which claimed
# [email protected] as before
nobody = M.EmailAddress(email='*****@*****.**',
confirmed=True,
claimed_by_user_id=u1._id)
ThreadLocalORMSession.flush_all()
assert_equal(M.User.by_email_address('*****@*****.**'), u1)
assert_equal(M.User.by_email_address('invalid'), None)
def test_send_password_reset_link(self, gen_message_id, sendmail):
user = M.User.by_username('test-user')
user.set_pref('email_address', '*****@*****.**')
M.EmailAddress(email='*****@*****.**',
confirmed=True,
claimed_by_user_id=user._id)
ThreadLocalORMSession.flush_all()
with td.audits('Password recovery link sent to: [email protected]',
user=True):
r = self.app.post('/nf/admin/user/send_password_reset_link',
params={'username': '******'})
hash = user.get_tool_data('AuthPasswordReset', 'hash')
text = '''Your username is test-user
To update your password on %s, please visit the following URL:
%s/auth/forgotten_password/%s''' % (config['site_name'], config['base_url'],
hash)
sendmail.post.assert_called_once_with(
sender='noreply@localhost',
toaddr='*****@*****.**',
fromaddr='"{}" <{}>'.format(config['site_name'],
config['forgemail.return_path']),
reply_to=config['forgemail.return_path'],
subject='Allura Password recovery',
message_id=gen_message_id(),
text=text)
def test_email_address_send_verification_link():
addr = M.EmailAddress(email='*****@*****.**',
claimed_by_user_id=c.user._id)
addr.send_verification_link()
with patch('allura.tasks.mail_tasks.smtp_client._client') as _client:
M.MonQTask.run_ready()
return_path, rcpts, body = _client.sendmail.call_args[0]
assert_equal(rcpts, ['*****@*****.**'])
def test_email_address():
addr = M.EmailAddress(_id='*****@*****.**', claimed_by_user_id=c.user._id)
ThreadLocalORMSession.flush_all()
assert addr.claimed_by_user() == c.user
addr2 = M.EmailAddress.upsert('*****@*****.**')
addr3 = M.EmailAddress.upsert('*****@*****.**')
assert addr3 is addr
assert addr2 is not addr
assert addr2
addr4 = M.EmailAddress.upsert('*****@*****.**')
assert addr4 is addr2
addr.send_verification_link()
assert addr is c.user.address_object('*****@*****.**')
c.user.claim_address('*****@*****.**')
assert '*****@*****.**' in c.user.email_addresses
def test_email_address():
addr = M.EmailAddress(email='*****@*****.**',
claimed_by_user_id=c.user._id)
ThreadLocalORMSession.flush_all()
assert addr.claimed_by_user() == c.user
addr2 = M.EmailAddress.create('*****@*****.**')
addr3 = M.EmailAddress.create('*****@*****.**')
# Duplicate emails are allowed, until the email is confirmed
assert addr3 is not addr
assert addr2 is not addr
assert addr2
addr4 = M.EmailAddress.create('*****@*****.**')
assert addr4 is not addr2
assert addr is c.user.address_object('*****@*****.**')
c.user.claim_address('*****@*****.**')
assert '*****@*****.**' in c.user.email_addresses
def test_email_address_claimed_by_user():
addr = M.EmailAddress(_id='*****@*****.**',
claimed_by_user_id=c.user._id)
c.user.disabled = True
ThreadLocalORMSession.flush_all()
assert addr.claimed_by_user() is None
