Example #1
0
 def testEmail(self):
     from euphorie.client.tests.utils import MockMailFixture
     from euphorie.client.tests.utils import addAccount
     self.addDummySurvey()
     addAccount()
     mail_fixture = MockMailFixture()
     self.portal.email_from_address = "*****@*****.**"
     self.portal.email_from_name = "Euphorie website"
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getLink("I forgot my password").click()
     browser.getControl(name="loginname").value = "*****@*****.**"
     browser.getControl(name="next").click()
     self.assertEqual(len(mail_fixture.storage), 1)
     (args, kw) = mail_fixture.storage[0]
     (mail, mto, mfrom) = args[:3]
     self.assertEqual(mfrom, "*****@*****.**")
     self.assertEqual(mto, "*****@*****.**")
     self.assertEqual(
             unicode(mail["Subject"]),
             u"OiRA registration reminder")
     body = mail.get_payload(0).get_payload(decode=True)\
             .decode(mail.get_content_charset("utf-8"))
     self.failUnless(u"Øle" in body)
Example #2
0
 def test_invalid_token(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     with mock.patch('euphorie.client.api.authentication.generate_token',
             return_value='1-otherhash'):
         addAccount()
         self.assertTrue(self.authenticate_token('1-hash') is None)
Example #3
0
    def test_token_expires_after_12_hours(self):
        self.add_dummy_survey()
        addAccount()
        mail_fixture = MockMailFixture()

        browser = self.get_browser()
        url = self.portal.client.nl.absolute_url()

        browser.open(url + "/@@login")
        browser.getLink("I forgot my password").click()
        browser.getControl(
            name="form.widgets.email").value = "*****@*****.**"
        browser.getControl(name="form.buttons.save").click()

        args = mail_fixture.storage[0][0]
        mail = args[0]
        mail_text = "".join([
            (part.get_payload(decode=True)
             or b"").decode(part.get_content_charset("iso-8859-1"))
            for part in mail.walk()
        ])
        token = re.search("passwordreset/(\\S*)", mail_text).group(1)
        ppr = api.portal.get_tool("portal_password_reset")
        _, expiry = ppr._requests[token]
        self.assertLessEqual(
            expiry,
            datetime.datetime.now() + datetime.timedelta(hours=12))
Example #4
0
    def setUp(self):
        super(TestCloningViews, self).setUp()
        self.loginAsPortalOwner()
        addSurvey(self.portal, BASIC_SURVEY)
        self.jane = addAccount("*****@*****.**", password="******")
        self.john = addAccount("*****@*****.**", password="******")

        group = model.Group(group_id="1")
        model.Session.add(group)

        self.jane.group = group
        self.john.group = group
        model.Session.flush()

        survey_session = model.SurveySession(
            title="Dummy session",
            created=datetime(2012, 4, 22, 23, 5, 12),
            modified=datetime(2012, 4, 23, 11, 50, 30),
            zodb_path="nl/ict/software-development",
            account=self.jane,
            group=group,
            company=model.Company(country="nl",
                                  employees="1-9",
                                  referer="other"),
        )
        module = survey_session.addChild(
            model.Module(title="module 1", module_id="1", zodb_path="a"))
        risk = module.addChild(
            model.Risk(title="question 1", risk_id="1", zodb_path="a/b"))
        model.ActionPlan(action_plan="This is the plan", risk=risk)
        model.Session.add(survey_session)
Example #5
0
 def test_invalid_token(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     with mock.patch('euphorie.client.api.authentication.generate_token',
                     return_value='1-otherhash'):
         addAccount()
         self.assertTrue(self.authenticate_token('1-hash') is None)
Example #6
0
 def test_known_account(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     with mock.patch('euphorie.client.api.authentication.generate_token',
                     return_value='1-hash'):
         addAccount()
         self.assertEqual(self.authenticate_token('1-hash'),
                          ('1', '*****@*****.**'))
Example #7
0
 def test_known_account(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     with mock.patch('euphorie.client.api.authentication.generate_token',
             return_value='1-hash'):
         addAccount()
         self.assertEqual(
                 self.authenticate_token('1-hash'),
                 ('1', '*****@*****.**'))
Example #8
0
 def test_login_not_case_sensitive(self):
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password="******")
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getControl(name="__ac_name").value = "*****@*****.**"
     browser.getControl(name="__ac_password:utf8:ustring").value = "secret"
     browser.getControl(name="login").click()
     self.assertTrue("@@login" not in browser.url)
Example #9
0
 def test_use_session_cookie_by_default(self):
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password="******")
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getControl(name="__ac_name").value = "*****@*****.**"
     browser.getControl(name="__ac_password:utf8:ustring").value = "secret"
     browser.getControl(name="login").click()
     auth_cookie = browser.cookies.getinfo("__ac")
     self.assertEqual(auth_cookie["expires"], None)
Example #10
0
 def test_extra_ga_pageview_post_login(self):
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password="******")
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getControl(name="__ac_name").value = "*****@*****.**"
     browser.getControl(name="__ac_password:utf8:ustring").value = "secret"
     browser.getControl(name="login").click()
     self.assertTrue(
         re.search("trackPageview.*login/success", browser.contents)
         is not None)
 def test_login_not_case_sensitive(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     self.assertTrue('@@login' not in browser.url)
Example #12
0
 def test_extra_ga_pageview_post_login(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     self.assertTrue(re.search('trackPageview.*login_form/success', browser.contents) is not None)
Example #13
0
 def test_login_not_case_sensitive(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     self.assertTrue('@@login' not in browser.url)
 def test_use_session_cookie_by_default(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     auth_cookie = browser.cookies.getinfo('__ac')
     self.assertEqual(auth_cookie['expires'], None)
Example #15
0
 def test_use_session_cookie_by_default(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     auth_cookie = browser.cookies.getinfo('__ac')
     self.assertEqual(auth_cookie['expires'], None)
Example #16
0
 def test_remember_user_sets_cookie_expiration(self):
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password="******")
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getControl(name="__ac_name").value = "*****@*****.**"
     browser.getControl(name="__ac_password:utf8:ustring").value = "secret"
     browser.getControl(name="remember").value = True
     browser.getControl(name="login").click()
     auth_cookie = browser.cookies.getinfo("__ac")
     self.assertNotEqual(auth_cookie["expires"], None)
     delta = auth_cookie["expires"] - datetime.datetime.now(
         auth_cookie["expires"].tzinfo)
     self.assertTrue(delta.days > 100)
Example #17
0
 def test_with_introduction(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.client.api.authentication import generate_token
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     survey = self.portal.client['nl']['ict']['software-development']
     survey.introduction = u'<p>Fancy intro.</p>'
     account = addAccount(password='******')
     survey_session = SurveySession(
         title=u'Dummy session',
         created=datetime.datetime(2012, 4, 22, 23, 5, 12),
         modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
         zodb_path='nl/ict/software-development',
         account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open('http://nohost/plone/client/api/users/1/sessions/1')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertTrue('introduction' in response)
     self.assertEqual(response['introduction'], u'<p>Fancy intro.</p>')
Example #18
0
 def test_extra_ga_pageview_post_login(self):
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name="next").click()
     self.assertTrue(
         re.search('trackPageview.*login_form/success', browser.contents)
         is not None)
Example #19
0
    def test_get_no_company_data_present(self):
        import datetime
        import json
        from z3c.saconfig import Session
        from euphorie.client.model import SurveySession
        from euphorie.content.tests.utils import BASIC_SURVEY
        from euphorie.client.tests.utils import addAccount
        from euphorie.client.tests.utils import addSurvey
        from euphorie.client.api.authentication import generate_token
        from Products.Five.testbrowser import Browser

        self.loginAsPortalOwner()
        addSurvey(self.portal, BASIC_SURVEY)
        account = addAccount(password="******")
        survey_session = SurveySession(
            title=u"Dummy session",
            created=datetime.datetime(2012, 4, 22, 23, 5, 12),
            modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
            zodb_path="nl/ict/software-development",
            account=account,
        )
        Session.add(survey_session)
        browser = Browser()
        browser.addHeader("X-Euphorie-Token", generate_token(account))
        browser.open("http://nohost/plone/client/api/users/1/sessions/1/company")
        self.assertEqual(browser.headers["Content-Type"], "application/json")
        response = json.loads(browser.contents)
        self.assertEqual(response["type"], "company")
Example #20
0
 def test_browser_get(self):
     import datetime
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.api.authentication import generate_token
     from tno.euphorie.model import DutchCompany
     from Products.Five.testbrowser import Browser
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     survey_session.dutch_company = DutchCompany(
             title=u'Acme B.V.',
             employees='40h',
             email='*****@*****.**',
             submit_date=datetime.date(2012, 6, 6))
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.handleErrors = False
     browser.open(
             'http://nohost/plone/client/api/users/1/sessions/1/'
             'report-actionplan')
     self.assertEqual(browser.headers['Content-Type'], 'application/rtf')
     self.assertTrue('Bedrijfsnaam' in browser.contents)
Example #21
0
 def test_get(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import Company
     from euphorie.client.model import SurveySession
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.api.authentication import generate_token
     from Products.Five.testbrowser import Browser
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account,
             company=Company(country='nl',
                             employees='1-9',
                             referer='other'))
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open(
             'http://nohost/plone/client/api/users/1/sessions/1/company')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(response['type'], 'company')
Example #22
0
 def test_get_no_company_data_present(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.api.authentication import generate_token
     from Products.Five.testbrowser import Browser
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open(
             'http://nohost/plone/client/api/users/1/sessions/1/company')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(response['type'], 'company')
Example #23
0
 def test_browser(self):
     import datetime
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.client.api.authentication import generate_token
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.handleErrors = False
     browser.open('http://nohost/plone/client/api/users/1/'
                     'sessions/1/report-timeline')
     self.assertEqual(
             browser.headers['Content-Type'],
             'application/vnd.openxmlformats-'
                                     'officedocument.spreadsheetml.sheet')
Example #24
0
 def test_browser(self):
     import datetime
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.client.api.authentication import generate_token
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
         title=u'Dummy session',
         created=datetime.datetime(2012, 4, 22, 23, 5, 12),
         modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
         zodb_path='nl/ict/software-development',
         account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.handleErrors = False
     browser.open('http://nohost/plone/client/api/users/1/'
                  'sessions/1/report-timeline')
     self.assertEqual(
         browser.headers['Content-Type'], 'application/vnd.openxmlformats-'
         'officedocument.spreadsheetml.sheet')
Example #25
0
 def test_with_introduction(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.client.api.authentication import generate_token
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     survey = self.portal.client['nl']['ict']['software-development']
     survey.introduction = u'<p>Fancy intro.</p>'
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open('http://nohost/plone/client/api/users/1/sessions/1')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertTrue('introduction' in response)
     self.assertEqual(response['introduction'], u'<p>Fancy intro.</p>')
Example #26
0
 def test_get_empty_profile(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.content.tests.utils import PROFILE_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.api.authentication import generate_token
     self.loginAsPortalOwner()
     addSurvey(self.portal, PROFILE_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
         title=u'Dummy session',
         created=datetime.datetime(2012, 4, 22, 23, 5, 12),
         modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
         zodb_path='nl/ict/software-development',
         account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open(
         'http://nohost/plone/client/api/users/1/sessions/1/profile')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(set(response), set(['id', 'type', 'title',
                                          'profile']))
     self.assertEqual(response['id'], 1)
     self.assertEqual(response['type'], 'profile')
     self.assertEqual(response['title'], u'Dummy session')
     self.assertEqual(response['profile'], [{
         'id': u'1',
         'question': u'List all your departments:',
         'value': []
     }])
Example #27
0
    def test_token_invalid_after_use(self):
        self.add_dummy_survey()
        addAccount()
        mail_fixture = MockMailFixture()

        browser = self.get_browser()
        url = self.portal.client.nl.absolute_url()

        browser.open(url + "/@@login")
        browser.getLink("I forgot my password").click()
        browser.getControl(
            name="form.widgets.email").value = "*****@*****.**"
        browser.getControl(name="form.buttons.save").click()

        args = mail_fixture.storage[0][0]
        mail = args[0]
        mail_text = "".join([
            (part.get_payload(decode=True)
             or b"").decode(part.get_content_charset("iso-8859-1"))
            for part in mail.walk()
        ])

        reset_url = re.search("http.*passwordreset/\\S*", mail_text).group(0)
        browser.open(reset_url)
        browser.getControl(
            name="form.widgets.new_password").value = "Test12345678"
        browser.getControl(name="form.widgets.new_password_confirmation"
                           ).value = "Test12345678"
        browser.getControl(name="form.buttons.save").click()

        self.assertIn("success", browser.contents)

        # Token has been used already - second time should fail
        browser.open(reset_url)
        self.assertIn("Invalid security token", browser.contents)

        # You're free to fill in the form but it won't work
        browser.getControl(
            name="form.widgets.new_password").value = "Test12345670"
        browser.getControl(name="form.widgets.new_password_confirmation"
                           ).value = "Test12345670"
        browser.getControl(name="form.buttons.save").click()

        self.assertNotIn("success", browser.contents)
Example #28
0
    def test_token_expired(self):
        self.add_dummy_survey()
        addAccount()
        mail_fixture = MockMailFixture()

        browser = self.get_browser()
        url = self.portal.client.nl.absolute_url()

        browser.open(url + "/@@login")
        browser.getLink("I forgot my password").click()
        browser.getControl(
            name="form.widgets.email").value = "*****@*****.**"
        browser.getControl(name="form.buttons.save").click()

        args = mail_fixture.storage[0][0]
        mail = args[0]
        mail_text = "".join([
            (part.get_payload(decode=True)
             or b"").decode(part.get_content_charset("iso-8859-1"))
            for part in mail.walk()
        ])
        token = re.search("passwordreset/(\\S*)", mail_text).group(1)
        # fake that the token has expired
        ppr = api.portal.get_tool("portal_password_reset")
        ppr._requests[token] = (ppr._requests[token][0],
                                datetime.datetime(2001, 1, 1))
        ppr._p_changed = 1
        transaction.commit()

        reset_url = re.search("http.*passwordreset/\\S*", mail_text).group(0)
        browser.open(reset_url)
        self.assertIn("Invalid security token", browser.contents)

        # You're free to fill in the form but it won't work

        browser.getControl(
            name="form.widgets.new_password").value = "Test12345678"
        browser.getControl(name="form.widgets.new_password_confirmation"
                           ).value = "Test12345678"
        browser.getControl(name="form.buttons.save").click()

        self.assertNotIn("success", browser.contents)
        self.assertIn("Invalid security token", browser.contents)
 def test_remember_user_sets_cookie_expiration(self):
     import datetime
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name='remember').value = ['True']
     browser.getControl(name="next").click()
     auth_cookie = browser.cookies.getinfo('__ac')
     self.assertNotEqual(auth_cookie['expires'], None)
     delta = auth_cookie['expires'] - datetime.datetime.now(
                                         auth_cookie['expires'].tzinfo)
     self.assertTrue(delta.days > 100)
Example #30
0
 def test_remember_user_sets_cookie_expiration(self):
     import datetime
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     addAccount(password='******')
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getControl(name='__ac_name').value = '*****@*****.**'
     browser.getControl(name='__ac_password:utf8:ustring').value = 'secret'
     browser.getControl(name='remember').value = ['True']
     browser.getControl(name="next").click()
     auth_cookie = browser.cookies.getinfo('__ac')
     self.assertNotEqual(auth_cookie['expires'], None)
     delta = auth_cookie['expires'] - datetime.datetime.now(
         auth_cookie['expires'].tzinfo)
     self.assertTrue(delta.days > 100)
Example #31
0
 def test_user_info(self):
     import json
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.api.authentication import generate_token
     account = addAccount()
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.handleErrors = False
     browser.open('http://nohost/plone/client/api/users/1')
     response = json.loads(browser.contents)
     self.assertEqual(response['type'], 'user')
Example #32
0
 def test_user_info(self):
     import json
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.api.authentication import generate_token
     account = addAccount()
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.handleErrors = False
     browser.open('http://nohost/plone/client/api/users/1')
     response = json.loads(browser.contents)
     self.assertEqual(response['type'], 'user')
 def test_modify_updates_last_modifier(self):
     account = addAccount(password="******")
     survey_session = model.SurveySession(title="Dummy session",
                                          account=account,
                                          zodb_path="")
     self.assertEqual(survey_session.modified, None)
     self.assertEqual(survey_session.last_modifier, None)
     with api.env.adopt_user(user=account):
         notify(ObjectModifiedEvent(survey_session))
     self.assertIsInstance(survey_session.modified, datetime)
     self.assertEqual(survey_session.last_modifier, account)
Example #34
0
 def test_do_GET_basic(self):
     import json
     from euphorie.client.api.authentication import generate_token
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open('http://nohost/plone/client/api/users/1/sessions')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(set(response), set(['sessions']))
     self.assertEqual(response['sessions'], [])
Example #35
0
 def test_record_last_login_time(self):
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password="******")
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getControl(name="__ac_name").value = "*****@*****.**"
     browser.getControl(name="__ac_password:utf8:ustring").value = "secret"
     browser.getControl(name="login").click()
     last_login = Session().query(account.__class__).one().last_login
     delta = datetime.datetime.now(last_login.tzinfo) - last_login
     self.assertAlmostEqual(delta.seconds / 10, 0)
Example #36
0
def _setup_session(portal):
    from euphorie.content.tests.utils import BASIC_SURVEY
    from euphorie.client.tests.utils import addAccount
    from euphorie.client.tests.utils import addSurvey
    from euphorie.client.session import create_survey_session
    from euphorie.client.profile import set_session_profile
    addSurvey(portal, BASIC_SURVEY)
    survey = portal.client['nl']['ict']['software-development']
    account = addAccount(password='******')
    survey_session = create_survey_session(u'Dummy session', survey, account)
    survey_session = set_session_profile(survey, survey_session, {})
    return (account, survey, survey_session)
Example #37
0
 def test_do_GET_basic(self):
     import json
     from euphorie.client.api.authentication import generate_token
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open('http://nohost/plone/client/api/users/1/sessions')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(set(response), set(['sessions']))
     self.assertEqual(response['sessions'], [])
Example #38
0
def _setup_session(portal):
    from euphorie.content.tests.utils import BASIC_SURVEY
    from euphorie.client.tests.utils import addAccount
    from euphorie.client.tests.utils import addSurvey
    from euphorie.client.session import create_survey_session
    from euphorie.client.profile import set_session_profile
    addSurvey(portal, BASIC_SURVEY)
    survey = portal.client['nl']['ict']['software-development']
    account = addAccount(password='******')
    survey_session = create_survey_session(u'Dummy session',
            survey, account)
    survey_session = set_session_profile(survey, survey_session, {})
    return (account, survey, survey_session)
Example #39
0
 def test_email(self):
     self.add_dummy_survey()
     addAccount()
     mail_fixture = MockMailFixture()
     browser = self.get_browser()
     browser.open(self.portal.client.nl.absolute_url() + "/@@login")
     browser.getLink("I forgot my password").click()
     browser.getControl(
         name="form.widgets.email").value = "*****@*****.**"
     browser.getControl(name="form.buttons.save").click()
     self.assertEqual(len(mail_fixture.storage), 1)
     (args, kw) = mail_fixture.storage[0]
     (mail, mto, mfrom) = args[:3]
     self.assertEqual(mfrom, "*****@*****.**")
     self.assertEqual(mto, "*****@*****.**")
     self.assertEqual(
         six.text_type(mail["Subject"]),
         "OiRA password reset instructions",
     )
     body = (mail.get_payload(0).get_payload(decode=True).decode(
         mail.get_content_charset("utf-8")))
     self.assertTrue("/passwordreset/" in body)
Example #40
0
 def _make_risk(self, login):
     from sqlalchemy.orm import object_session
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import Risk
     from euphorie.client.model import SurveySession
     account = addAccount(login=login)
     session = object_session(account)
     risk = Risk(risk_id='15',
                 path='01',
                 zodb_path='/foo/bar/1',
                 session=SurveySession(account=account,
                                       zodb_path='/foo/bar'))
     session.add(risk)
     return risk
Example #41
0
 def setUp(self):
     super(TestRiskImageDownloadUpload, self).setUp()
     self.loginAsPortalOwner()
     self.account = addAccount(password="******")
     addSurvey(self.portal, BASIC_SURVEY)
     survey_session = model.SurveySession(
         title="Dummy session",
         zodb_path="nl/ict/software-development",
         account=self.account,
     )
     self.risk = survey_session.addChild(
         model.Risk(title="risk 1",
                    zodb_path="1")).__of__(survey_session.traversed_session)
     model.Session.add(survey_session)
Example #42
0
 def test_put_too_much_data(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     from euphorie.content.survey import Survey
     account = addAccount(password='******')
     survey_session = SurveySession(title=u'Dummy session',
                                    zodb_path='nl/ict/software-development',
                                    account=account)
     view = self.View(survey_session, None)
     view.input = {'5': True}
     survey = Survey(id='survey')
     view.survey = mock.Mock(return_value=survey)
     response = view.do_PUT()
     self.assertEqual(response['type'], 'error')
Example #43
0
 def test_getitem_removed_session(self):
     # Corner case: admin removed survey, but survey session still exists
     import mock
     from sqlalchemy.orm import object_session
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     account = addAccount()
     survey_session = SurveySession(title=u'Dummy',
             zodb_path='does/not/exist', account=account)
     object_session(account).add(survey_session)
     sessions = self.Sessions('sessions', None, account)
     with mock.patch('euphorie.client.api.sessions.get_survey') \
             as mock_get:
         mock_get.return_value = None
         self.assertRaises(KeyError, sessions.__getitem__, '1')
Example #44
0
 def testEmail(self):
     from euphorie.client.tests.utils import MockMailFixture
     from euphorie.client.tests.utils import addAccount
     self.addDummySurvey()
     addAccount()
     mail_fixture = MockMailFixture()
     self.portal.email_from_address = "*****@*****.**"
     self.portal.email_from_name = "Euphorie website"
     browser = Browser()
     browser.open(self.portal.client.nl.absolute_url())
     browser.getLink('Login').click()
     browser.getLink("I forgot my password").click()
     browser.getControl(name="loginname").value = "*****@*****.**"
     browser.getControl(name="next").click()
     self.assertEqual(len(mail_fixture.storage), 1)
     (args, kw) = mail_fixture.storage[0]
     (mail, mto, mfrom) = args[:3]
     self.assertEqual(mfrom, "*****@*****.**")
     self.assertEqual(mto, "*****@*****.**")
     self.assertEqual(unicode(mail["Subject"]),
                      u"OiRA registration reminder")
     body = mail.get_payload(0).get_payload(decode=True)\
             .decode(mail.get_content_charset("utf-8"))
     self.failUnless(u"Øle" in body)
Example #45
0
 def test_put_too_much_data(self):
     import mock
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     from euphorie.content.survey import Survey
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             zodb_path='nl/ict/software-development',
             account=account)
     view = self.View(survey_session, None)
     view.input = {'5': True}
     survey = Survey(id='survey')
     view.survey = mock.Mock(return_value=survey)
     response = view.do_PUT()
     self.assertEqual(response['type'], 'error')
Example #46
0
 def test_getitem_removed_session(self):
     # Corner case: admin removed survey, but survey session still exists
     import mock
     from sqlalchemy.orm import object_session
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     account = addAccount()
     survey_session = SurveySession(title=u'Dummy',
                                    zodb_path='does/not/exist',
                                    account=account)
     object_session(account).add(survey_session)
     sessions = self.Sessions('sessions', None, account)
     with mock.patch('euphorie.client.api.sessions.get_survey') \
             as mock_get:
         mock_get.return_value = None
         self.assertRaises(KeyError, sessions.__getitem__, '1')
Example #47
0
 def _make_risk(self, login):
     from sqlalchemy.orm import object_session
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import Risk
     from euphorie.client.model import SurveySession
     account = addAccount(login=login)
     session = object_session(account)
     risk = Risk(
             risk_id='15',
             path='01',
             zodb_path='/foo/bar/1',
             session=SurveySession(
                 account=account,
                 zodb_path='/foo/bar'))
     session.add(risk)
     return risk
Example #48
0
 def setUp(self):
     super(TestArchivingViews, self).setUp()
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     self.account = addAccount(password="******")
     survey_session = model.SurveySession(
         title="Dummy session 1",
         zodb_path="nl/ict/software-development",
         account=self.account,
     )
     model.Session.add(survey_session)
     survey_session = model.SurveySession(
         title="Dummy session 2",
         zodb_path="nl/ict/software-development",
         account=self.account,
     )
     model.Session.add(survey_session)
Example #49
0
 def test_put_not_all_questions_answered(self):
     import mock
     from euphorie.content.survey import Survey
     from euphorie.content.profilequestion import ProfileQuestion
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             zodb_path='nl/ict/software-development',
             account=account)
     view = self.View(survey_session, None)
     view.input = {}
     self.portal.survey = Survey(id='survey')
     survey = self.portal.survey
     survey['5'] = ProfileQuestion(id='5', question=u'Locations')
     view.survey = mock.Mock(return_value=survey)
     response = view.do_PUT()
     self.assertEqual(response['type'], 'error')
Example #50
0
 def test_put_no_profile(self):
     import mock
     from z3c.saconfig import Session
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     from euphorie.content.survey import Survey
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             zodb_path='nl/ict/software-development',
             account=account)
     view = self.View(survey_session, None)
     view.input = {}
     Session.add(survey_session)
     survey = Survey(id='survey')
     view.survey = mock.Mock(return_value=survey)
     with mock.patch('euphorie.client.api.profile.extractProfile') \
             as mock_extractProfile:
         mock_extractProfile.return_value = {}
         response = view.do_PUT()
         self.assertEqual(response['profile'], [])
Example #51
0
 def test_getitem_valid_session(self):
     import mock
     from sqlalchemy.orm import object_session
     from Acquisition import aq_base
     from Acquisition import aq_parent
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.model import SurveySession
     account = addAccount()
     survey_session = SurveySession(title=u'Dummy',
             zodb_path='survey/path', account=account)
     object_session(account).add(survey_session)
     request = mock.Mock()
     request.language = None
     sessions = self.Sessions('sessions', request, account)
     with mock.patch('euphorie.client.api.sessions.get_survey') \
             as mock_get:
         mock_survey = mock_get(request, 'survey/path')
         mock_survey.language = None
         result = sessions['1']
         self.assertTrue(aq_base(result) is survey_session)
         self.assertTrue(aq_parent(result) is sessions)
         self.assertTrue(request.survey is mock_survey)
Example #52
0
 def test_do_POST_survey_with_profile(self):
     from z3c.saconfig import Session
     from AccessControl.SecurityManagement import newSecurityManager
     from zope.publisher.browser import TestRequest
     from euphorie.content.tests.utils import PROFILE_SURVEY
     from euphorie.client.model import SurveySession
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     self.loginAsPortalOwner()
     addSurvey(self.portal, PROFILE_SURVEY)
     request = TestRequest()
     request.client = self.portal.client
     survey = self.portal.client['nl']['ict']['software-development']
     view = self.View(survey, request)
     view.input = {'survey': 'nl/ict/software-development'}
     newSecurityManager(None, account)
     response = view.do_POST()
     self.assertTrue(
             response['next-step'].endswith('profile'))
     survey_session = Session.query(SurveySession).first()
     self.assertTrue(not survey_session.hasTree())
Example #53
0
 def test_get(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.client.api.authentication import generate_token
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open('http://nohost/plone/client/api/users/1/sessions/1')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(
             set(response),
             set(['id', 'survey', 'type', 'created', 'modified',
                  'title', 'next-step']))
     self.assertEqual(response['id'], 1)
     self.assertEqual(response['survey'], 'nl/ict/software-development')
     self.assertEqual(response['type'], 'session')
     self.assertEqual(response['title'], 'Dummy session')
     self.assertEqual(response['created'], '2012-04-22T23:05:12')
     self.assertEqual(response['modified'], '2012-04-23T11:50:30')
     self.assertEqual(
             response['next-step'],
             'http://nohost/plone/client/api/users/1/sessions/1/'
             'identification')
Example #54
0
 def test_do_POST_survey_specify_title(self):
     from z3c.saconfig import Session
     from AccessControl.SecurityManagement import newSecurityManager
     from zope.publisher.browser import TestRequest
     from euphorie.content.tests.utils import BASIC_SURVEY
     from euphorie.client.model import SurveySession
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     self.loginAsPortalOwner()
     addSurvey(self.portal, BASIC_SURVEY)
     request = TestRequest()
     request.client = self.portal.client
     survey = self.portal.client['nl']['ict']['software-development']
     view = self.View(survey, request)
     view.input = {'survey': 'nl/ict/software-development',
                   'title': u'Alternative title'}
     newSecurityManager(None, account)
     response = view.do_POST()
     self.assertTrue(
             response['next-step'].endswith('identification'))
     survey_session = Session.query(SurveySession).first()
     self.assertEqual(survey_session.title, u'Alternative title')
Example #55
0
 def test_get_empty_profile(self):
     import datetime
     import json
     from z3c.saconfig import Session
     from euphorie.client.model import SurveySession
     from euphorie.content.tests.utils import PROFILE_SURVEY
     from euphorie.client.tests.utils import addAccount
     from euphorie.client.tests.utils import addSurvey
     from euphorie.client.api.authentication import generate_token
     self.loginAsPortalOwner()
     addSurvey(self.portal, PROFILE_SURVEY)
     account = addAccount(password='******')
     survey_session = SurveySession(
             title=u'Dummy session',
             created=datetime.datetime(2012, 4, 22, 23, 5, 12),
             modified=datetime.datetime(2012, 4, 23, 11, 50, 30),
             zodb_path='nl/ict/software-development',
             account=account)
     Session.add(survey_session)
     browser = Browser()
     browser.addHeader('X-Euphorie-Token', generate_token(account))
     browser.open(
             'http://nohost/plone/client/api/users/1/sessions/1/profile')
     self.assertEqual(browser.headers['Content-Type'], 'application/json')
     response = json.loads(browser.contents)
     self.assertEqual(
             set(response),
             set(['id', 'type', 'title', 'profile']))
     self.assertEqual(response['id'], 1)
     self.assertEqual(response['type'], 'profile')
     self.assertEqual(response['title'], u'Dummy session')
     self.assertEqual(
             response['profile'],
             [{'id': u'1',
               'question': u'List all your departments:',
               'value': []}])
Example #56
0
 def test_getitem_unknown_session(self):
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     sessions = self.Sessions('sessions', None, account)
     self.assertRaises(KeyError, sessions.__getitem__, '15')
Example #57
0
 def test_getitem_invalid_key(self):
     from euphorie.client.tests.utils import addAccount
     account = addAccount()
     sessions = self.Sessions('sessions', None, account)
     self.assertRaises(KeyError, sessions.__getitem__, 'ABC')