Example #1
0
 def test_passwords(self):
     p = make_password('testing')
     self.assertTrue(check_password('testing', p))
     self.assertFalse(check_password('testing ', p))
     self.assertFalse(check_password('Testing', p))
     self.assertFalse(check_password('', p))
     
     p2 = make_password('Testing')
     self.assertFalse(p == p2)
Example #2
0
 def test_create(self):
     self.create_users()
     
     new_pass = make_password('test')
     
     user_data = {'username': '******', 'password': new_pass}
     serialized = json.dumps(user_data)
     
     # authorized as an admin
     resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('admin', 'admin'))
     self.assertEqual(resp.status_code, 200)
     
     new_user = User.get(username='******')
     self.assertTrue(check_password('test', new_user.password))
     
     resp_json = self.response_json(resp)
     self.assertAPIUser(resp_json, new_user)
Example #3
0
 def check_password(self, password):
     return check_password(password, self.password)
Example #4
0
 def test_model_admin_add(self):
     self.create_users()
     self.assertEqual(User.select().count(), 3)
     
     with self.flask_app.test_client() as c:
         self.login(c)
         
         # the add url returns a 200
         resp = c.get('/admin/user/add/')
         self.assertEqual(resp.status_code, 200)
         
         # ensure the user, model_admin and form are correct in the context
         self.assertContext('user', self.admin)
         self.assertContext('model_admin', admin._registry['user'])
         
         self.assertTrue('form' in self.flask_app._template_context)
         frm = self.flask_app._template_context['form']
         self.assertEqual(sorted(frm._fields.keys()), [
             'active',
             'admin',
             'email',
             'join_date',
             'password',
             'username',
         ])
         
         # make an incomplete post and get a 200 with errors
         resp = c.post('/admin/user/add/', data={
             'username': '',
             'password': '******',
             'active': '1',
             'email': '',
             'join_date': '2011-01-01 00:00:00',
         })
         self.assertEqual(resp.status_code, 200)
         
         # no new user created
         self.assertEqual(User.select().count(), 3)
         
         # check the form for errors
         frm = self.get_context('form')
         self.assertEqual(frm.errors, {
             'username': ['This field is required.'],
             'email': ['This field is required.'],
         })
         
         # make a complete post and get a 302 to the edit page
         resp = c.post('/admin/user/add/', data={
             'username': '******',
             'password': '******',
             'active': '1',
             'email': '*****@*****.**',
             'join_date': '2011-01-01 00:00:00',
         })
         self.assertEqual(resp.status_code, 302)
         
         # new user was created
         self.assertEqual(User.select().count(), 4)
         
         # check they have the correct data on the new instance
         user = User.get(username='******')
         self.assertEqual(user.active, True)
         self.assertEqual(user.admin, False)
         self.assertEqual(user.email, '*****@*****.**')
         self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
         self.assertTrue(check_password('new', user.password))
         
         # check the redirect was correct
         self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
Example #5
0
 def test_model_admin_edit(self):
     users = self.create_users()
     self.assertEqual(User.select().count(), 3)
     
     # grab an id so we can test a 404 on non-existent user
     unused_id = [x for x in range(1, 5) if not User.filter(id=x).exists()][0]
     
     with self.flask_app.test_client() as c:
         self.login(c)
         
         # nonexistant user 404s
         resp = c.get('/admin/user/%d/' % unused_id)
         self.assertEqual(resp.status_code, 404)
         
         # edit page returns a 200
         resp = c.get('/admin/user/%d/' % self.normal.id)
         self.assertEqual(resp.status_code, 200)
         
         # check the user, model_admin and form are correct in the context
         self.assertContext('user', self.admin)
         self.assertContext('model_admin', admin._registry['user'])
         
         self.assertTrue('form' in self.flask_app._template_context)
         frm = self.flask_app._template_context['form']
         self.assertEqual(sorted(frm._fields.keys()), [
             'active',
             'admin',
             'email',
             'join_date',
             'password',
             'username',
         ])
         
         # check the form pulled the right data off the model
         self.assertEqual(frm.data, {
             'username': '******',
             'password': frm.password.data, # skip this
             'email': '',
             'admin': False,
             'active': True,
             'join_date': frm.join_date.data, # microseconds...bleh
         })
         
         # make an incomplete post to update the user and get a 200 w/errors
         resp = c.post('/admin/user/%d/' % self.normal.id, data={
             'username': '',
             'password': '',
             'active': '1',
             'email': '*****@*****.**',
             'join_date': '2011-01-01 00:00:00',
         })
         self.assertEqual(resp.status_code, 200)
         
         # no new user created
         self.assertEqual(User.select().count(), 3)
         
         # refresh database content
         normal = User.get(id=self.normal.id)
         self.assertEqual(normal.username, 'normal') # was not saved
         
         # check the form for errors
         frm = self.get_context('form')
         self.assertEqual(frm.errors, {
             'username': ['This field is required.'],
             'password': ['This field is required.'],
         })
         
         # make a complete post
         resp = c.post('/admin/user/%d/' % self.normal.id, data={
             'username': '******',
             'password': '******',
             'active': '1',
             'email': '[email protected]',
             'join_date': '2011-01-01 00:00:00',
         })
         self.assertEqual(resp.status_code, 302)
         
         # no new user was created
         self.assertEqual(User.select().count(), 3)
         
         # grab from the database
         user = User.get(username='******')
         self.assertEqual(user.id, self.normal.id) # it is the same user
         
         self.assertTrue(check_password('edited', user.password))
         self.assertEqual(user.active, True)
         self.assertEqual(user.admin, False)
         self.assertEqual(user.email, '[email protected]')
         self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
         
         self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
         
         # make another post without modifying the password, should stay same
         resp = c.post('/admin/user/%d/' % user.id, data={
             'username': '******',
             'password': user.password,
             'active': '1',
             'email': '[email protected]',
             'join_date': '2011-01-01 00:00:00',
         })
         self.assertEqual(resp.status_code, 302)
         
         # no new user was created
         self.assertEqual(User.select().count(), 3)
         
         # grab from the database
         user = User.get(username='******')
         self.assertEqual(user.id, self.normal.id) # it is the same user
         
         # the password has not changed
         self.assertTrue(check_password('edited', user.password))