def test_ask_for_event_mail(client_session): client, session = client_session with client.application.app_context(): with mail.record_messages() as outbox: with login_scope(client, 'test_user', 'test') as client: rv = client.get('problems/iris/ask_for_event') assert rv.status_code == 200 data = { 'suffix': 'test_2', 'title': 'whatever title', 'n_students': 200, 'min_duration_between_submissions_hour': 1, 'min_duration_between_submissions_minute': 2, 'min_duration_between_submissions_second': 3, 'opening_date': '2019-01-01', 'closing_date': '2020-01-01' } rv = client.post('problems/iris/ask_for_event', data=data) assert rv.status_code == 302 # check that the email has been sent assert len(outbox) == 1 assert ('User test_user asked to add a new event' in outbox[0].body)
def test_reset_token_error(client_session): client, session = client_session # POST method new_password = '******' rv = client.post('/reset/xxx', data={'password': new_password}) assert rv.status_code == 404 # Get get the link to a real token but remove the user in between user = get_user_by_name(session, 'test_user') with client.application.app_context(): with mail.record_messages() as outbox: rv = client.post('/reset_password', data={'email': user.email}) assert len(outbox) == 1 assert 'click on the link to reset your password' in outbox[0].body # get the link to reset the password reg_exp = re.search("http://localhost/reset/.*", outbox[0].body) reset_password_link = reg_exp.group() # remove the part with 'localhost' for the next query reset_password_link = reset_password_link[reset_password_link. find('/reset'):] user = get_user_by_name(session, 'test_user') session.delete(user) session.commit() new_password = '******' rv = client.post(reset_password_link, data={'password': new_password}) assert rv.status_code == 404
def test_reset_password(client_session): client, session = client_session # GET method rv = client.get('/reset_password') assert rv.status_code == 200 assert b'If you are a registered user, we are going to send' in rv.data # POST method # check that we raise an error if the email does not exist rv = client.post('/reset_password', data={'email': '*****@*****.**'}) assert rv.status_code == 200 assert b'You can sign-up instead.' in rv.data # set a user to "asked" access level user = get_user_by_name(session, 'test_user') user.access_level = 'asked' session.commit() rv = client.post('/reset_password', data={'email': user.email}) assert rv.status_code == 200 assert b'Your account has not been yet approved.' in rv.data # set back the account to 'user' access level user.access_level = 'user' session.commit() rv = client.post('/reset_password', data={'email': user.email}) with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert flash_message['message'] == ('An email to reset your password has ' 'been sent') assert rv.status_code == 302 assert rv.location == 'http://localhost/login' with client.application.app_context(): with mail.record_messages() as outbox: rv = client.post('/reset_password', data={'email': user.email}) assert len(outbox) == 1 assert 'click on the link to reset your password' in outbox[0].body # get the link to reset the password reg_exp = re.search("http://localhost/reset/.*", outbox[0].body) reset_password_link = reg_exp.group() # remove the part with 'localhost' for the next query reset_password_link = reset_password_link[reset_password_link. find('/reset'):] # check that we can reset the password using the previous link # GET method rv = client.get(reset_password_link) assert rv.status_code == 200 assert b'Change my password' in rv.data # POST method new_password = '******' rv = client.post(reset_password_link, data={'password': new_password}) assert rv.status_code == 302 assert rv.location == 'http://localhost/login' # make a commit to be sure that the update has been done session.commit() user = get_user_by_name(session, 'test_user') assert check_password(new_password, user.hashed_password)
def test_send_mail(client_session): client, _ = client_session with client.application.app_context(): with mail.record_messages() as outbox: send_mail('*****@*****.**', 'subject', 'body') assert len(outbox) == 1 assert outbox[0].subject == 'subject' assert outbox[0].body == 'body' assert outbox[0].recipients == ['*****@*****.**']
def test_sign_up_for_event_mail(client_session): client, session = client_session # GET: sign-up to a new controlled event with client.application.app_context(): with mail.record_messages() as outbox: add_user(session, 'zz', 'zz', 'zz', 'zz', 'zz@gmail', access_level='user') with login_scope(client, 'zz', 'zz') as client: rv = client.get('/events/iris_test/sign_up') assert rv.status_code == 302 session.commit() # check that the email has been sent assert len(outbox) == 1 assert ('Click on this link to approve the sign-up request' in outbox[0].body)
def test_sign_up_with_approval(client_session): # check the sign-up and email confirmation framework client, session = client_session with client.application.app_context(): with mail.record_messages() as outbox: user_profile = { 'user_name': 'new_user_1', 'password': '******', 'firstname': 'xx', 'lastname': 'xx', 'email': '*****@*****.**' } rv = client.post('/sign_up', data=user_profile) # check the flash box to inform the user about the mail with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert 'We sent a confirmation email.' in flash_message['message'] # check that the email has been sent assert len(outbox) == 1 assert ('click on the following link to confirm your email' in outbox[0].body) # get the link to reset the password reg_exp = re.search("http://localhost/confirm_email/.*", outbox[0].body) confirm_email_link = reg_exp.group() # remove the part with 'localhost' for the next query confirm_email_link = confirm_email_link[confirm_email_link. find('/confirm_email'):] # check the redirection assert rv.status_code == 200 user = get_user_by_name(session, 'new_user_1') assert user is not None assert user.access_level == 'not_confirmed' # POST method of the email confirmation with client.application.app_context(): with mail.record_messages() as outbox: rv = client.post(confirm_email_link) # check the flash box to inform the user to wait for admin's # approval with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert ('An email has been sent to the RAMP administrator' in flash_message['message']) # check that we send an email to the administrator assert len(outbox) == 1 assert "Approve registration of new_user_1" in outbox[0].subject # ensure that we have the last changes session.commit() user = get_user_by_name(session, 'new_user_1') assert user.access_level == 'asked' assert rv.status_code == 302 assert rv.location == 'http://localhost/login' # POST to check that we raise the right errors # resend the confirmation for a user which already confirmed rv = client.post(confirm_email_link) with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert ('Your email address already has been confirmed' in flash_message['error']) assert rv.status_code == 302 assert rv.location == 'http://localhost/' # check when the user was already approved for status in ('user', 'admin'): user = get_user_by_name(session, 'new_user_1') user.access_level = status session.commit() rv = client.post(confirm_email_link) with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert 'Your account is already approved.' in flash_message['error'] assert rv.status_code == 302 assert rv.location == 'http://localhost/login' # delete the user in the middle session.delete(user) session.commit() rv = client.post(confirm_email_link) with client.session_transaction() as cs: flash_message = dict(cs['_flashes']) assert 'You did not sign-up yet to RAMP.' in flash_message['error'] assert rv.status_code == 302 assert rv.location == 'http://localhost/sign_up' # access a token which does not exist rv = client.post('/confirm_email/xxx') assert rv.status_code == 404