def confirmPersonCandidate(ticket):
'Move changes from the PersonCandidate table into the Person table'
# Load
candidate = Session.query(model.PersonCandidate).filter(
model.PersonCandidate.ticket == ticket).filter(
model.PersonCandidate.when_expired >= datetime.datetime.utcnow()
).first()
# If the ticket exists,
if candidate:
# If the person exists,
if candidate.person_id:
# Update
person = Session.query(model.Person).get(candidate.person_id)
person.username = candidate.username
person.password_hash = candidate.password_hash
person.nickname = candidate.nickname
person.email = candidate.email
# Reset
person.rejection_count = 0
# If the person does not exist,
else:
# Add person
Session.add(
model.Person(candidate.username, candidate.password_hash,
candidate.nickname, candidate.email))
# Commit
Session.commit()
# Return
return candidate
def test_reset(self):
"""
Make sure that resetting the password works
Trying to reset an email that does not exist should return an error
Make sure that resetting the password does not immediately change the password
Make sure that reset confirmation works
"""
# Initialize
urlName = 'person_reset'
# Reset an unfamiliar email
self.assertEqualJSON(self.app.post(url(urlName), dict(email=email)), 0)
# Add person
Session.add(
model.Person(username, model.hashString(password), nickname,
email))
Session.commit()
# Reset password
self.assertEqualJSON(self.app.post(url(urlName), dict(email=email)), 1)
# Make sure the candidate exists
self.assertEqual(
Session.query(
model.PersonCandidate).filter_by(email=email).count(), 1)
# Activate candidate
self.app.get(
url('person_confirm',
ticket=Session.query(model.PersonCandidate.ticket).filter_by(
email=email).first()[0]))
# Make sure the password has changed
self.assertEqual(
Session.query(model.Person).filter_by(
password_hash=model.hashString(password)).count(), 0)
def test_logout(self):
"""
Make sure that logging out works
If the person is logged in, make sure the person gets logged out
and is redirected properly. If the person is already logged out,
return the user to the page before the user tried to log out.
"""
# Initialize
urlName = 'person_logout'
exampleURL = url('person_index')
# Add person
Session.add(
model.Person(username, model.hashString(password), nickname,
email))
Session.commit()
# Logging out should redirect back
self.assert_(exampleURL in self.app.get(url(urlName, url=exampleURL)))
# Log in
self.assert_(
'Login' in self.app.get(url('person_login', url=exampleURL)))
self.assertEqualJSON(
self.app.post(url('person_login'),
dict(username=username, password=password)), 1)
# Logging out should redirect back
self.assert_(exampleURL in self.app.get(url(urlName, url=exampleURL)))
def test_login(self):
"""
Make sure that logging in works
Ensure that the login page shows
Ensure that bad credentials result in an error message
Ensure that good credentials result in a proper redirect
"""
# Initialize
urlName = 'person_login'
exampleURL = url('person_update')
# Assert that the login page shows and stores url
self.assert_('Login' in self.app.get(url(urlName, url=exampleURL)))
# Add person
Session.add(
model.Person(username, model.hashString(password), nickname,
email))
Session.commit()
# Log in using bad credentials
self.assertEqualJSON(
self.app.post(url(urlName),
dict(username=username, password=password + 'x')), 0)
# Log in using good credentials
self.assertEqualJSON(
self.app.post(url(urlName),
dict(username=username, password=password)), 1)
def test_index(self):
'Assert that the index page shows how many accounts are on file'
# Initialize
urlName = 'person_index'
# Make sure that we begin with 0 people
self.assert_('0 people' in self.app.get(url(urlName)))
# Add person
Session.add(
model.Person(username, model.hashString(password), nickname,
email))
Session.commit()
# Make sure that we now have 1 person
self.assert_('1 people' in self.app.get(url(urlName)))
def setUp(self):
'Prepare database'
# Prepare people
people = []
personPacks = [
('test_person1', model.hashString('test_person1'), u'test_person1', '*****@*****.**'),
('test_person2', model.hashString('test_person2'), u'test_person2', '*****@*****.**'),
]
for personPack in personPacks:
person = Session.query(model.Person).filter_by(username=personPack[0]).first()
if not person:
person = model.Person(*personPack)
Session.add(person)
people.append(person)
Session.commit()
self.person1Key, self.person2Key = [x.key for x in people]
# Prepare tags
tags = []
self.tagTexts = [
u'tag with features that are public',
u'tag with features that are private to person1',
u'tag with features that are private to person2',
]
for tagText in self.tagTexts:
tag = Session.query(model.Tag).filter_by(text=tagText).first()
if not tag:
tag = model.Tag(tagText)
Session.add(tag)
tags.append(tag)
Session.commit()
tag1Public, tag1Private, tag2Private = tags
# Prepare features
features = []
featurePacks = [
(people[0].id, geoalchemy.WKTSpatialElement('POINT(6 10)'), model.scopePublic),
(people[0].id, geoalchemy.WKTSpatialElement('LINESTRING(3 4,10 50,20 25)'), model.scopePrivate),
(people[1].id, geoalchemy.WKTSpatialElement('POLYGON((1 1,5 1,5 5,1 5,1 1),(2 2,2 3,3 3,3 2,2 2))'), model.scopePrivate),
]
for featurePack in featurePacks:
feature = model.Feature()
feature.owner_id, feature.geometry, feature.scope = featurePack
Session.add(feature)
features.append(feature)
feature1Public, feature1Private, feature2Private = features
feature1Public.tags = [tag1Public]
feature1Private.tags = [tag1Private]
feature2Private.tags = [tag2Private]
Session.commit()
def setup_app(command, conf, vars):
"""Place any commands to setup georegistry here"""
# If we are not in a testing environment,
if not pylons.test.pylonsapp:
load_environment(conf.global_conf, conf.local_conf)
# Create the tables if they don't already exist
Base.metadata.create_all(bind=Session.bind)
# If we are not in a testing environment and users do not exist,
if not pylons.test.pylonsapp and not Session.query(model.Person).all():
# Show feedback
print 'Please create an administrator account.'
# Prepare
passwordDefault = store.makeRandomString(parameter.PASSWORD_LENGTH_AVERAGE)
# Create
person = model.Person(raw_input('Username (administrator): ') or 'administrator', model.hashString(getpass.getpass('Password (%s): ' % passwordDefault) or passwordDefault), raw_input('Nickname (Administrator): ') or u'Administrator', raw_input('Email ([email protected]): ') or '*****@*****.**')
person.is_super = True
Session.add(person)
Session.commit()
def setUp(self):
'Prepare database'
# Prepare people
people = []
personPacks = [
('test_person1', model.hashString('test_person1'), u'test_person1',
'*****@*****.**'),
('test_person2', model.hashString('test_person2'), u'test_person2',
'*****@*****.**'),
]
for personPack in personPacks:
person = Session.query(
model.Person).filter_by(username=personPack[0]).first()
if not person:
person = model.Person(*personPack)
Session.add(person)
people.append(person)
Session.commit()
self.person1Key, self.person2Key = [x.key for x in people]
# Prepare features
features = []
featurePacks = [
(people[0].id,
geoalchemy.WKTSpatialElement('LINESTRING(3 4,10 50,20 25)')),
(people[1].id,
geoalchemy.WKTSpatialElement(
'POLYGON((1 1,5 1,5 5,1 5,1 1),(2 2,2 3,3 3,3 2,2 2))')),
]
for featurePack in featurePacks:
feature = model.Feature()
feature.owner_id = featurePack[0]
feature.geometry = featurePack[1]
Session.add(feature)
features.append(feature)
Session.commit()
self.feature1ID, self.feature2ID = [x.id for x in features]
def setUp(self):
'Prepare database'
# Prepare people
people = []
personPacks = [
('test_person1', model.hashString('test_person1'), u'test_person1',
'*****@*****.**'),
('test_person2', model.hashString('test_person2'), u'test_person2',
'*****@*****.**'),
]
for personPack in personPacks:
person = Session.query(
model.Person).filter_by(username=personPack[0]).first()
if not person:
person = model.Person(*personPack)
Session.add(person)
people.append(person)
Session.commit()
self.person1Key, self.person2Key = [x.key for x in people]
# Prepare tags
tags = []
self.tagTexts = [
u'tag with features that are public',
u'tag with features that are private to person1',
u'tag with features that are private to person2',
]
for tagText in self.tagTexts:
tag = Session.query(model.Tag).filter_by(text=tagText).first()
if not tag:
tag = model.Tag(tagText)
Session.add(tag)
tags.append(tag)
Session.commit()
tag1Public, tag1Private, tag2Private = tags
# Prepare features
features = []
featurePacks = [
(people[0].id,
geoalchemy.WKTSpatialElement(
'MULTIPOINT (-90.2307590000000062 15.7834710000000005, 126.9779692000000040 37.5665350000000018, -0.1963060000000000 5.5557169999999996, -91.5219589999999954 14.8361560000000008)'
), model.scopePublic, {
'description': 'Santa Eulalia; Seoul; Accra; Xela'
}),
(people[0].id,
geoalchemy.WKTSpatialElement(
'LINESTRING (-87.6297981999999962 41.8781135999999989, -84.3879823999999985 33.7489953999999983, -122.4194154999999995 37.7749294999999989)'
), model.scopePrivate, {
'description': 'Chicago; Atlanta; San Francisco'
}),
(people[1].id,
geoalchemy.WKTSpatialElement(
'LINESTRING (-74.0059731 40.7143528, -90.5352778 14.6133333)'
), model.scopePrivate, {
'passenger': u'Hélène'
}),
]
for featurePack in featurePacks:
feature = model.Feature()
feature.owner_id, feature.geometry, feature.scope, feature.properties = featurePack
Session.add(feature)
features.append(feature)
feature1Public, feature1Private, feature2Private = features
feature1Public.tags = [tag1Public]
feature1Private.tags = [tag1Private]
feature2Private.tags = [tag2Private]
Session.commit()
self.feature1ID = feature1Public.id
def test_update(self):
"""
Make sure that updating credentials works
Make sure the update page only appears when the user is logged in
Make sure the update form is filled with the user's credentials
Make sure that update_ only works when the user is logged in
Make sure that update confirmation works
Make sure that update_ for SMS only works when the user is the owner
"""
# Initialize
urlName = 'person_update'
# Assert that we are redirected to the login page if the person is not logged in
self.assert_(
url('person_login', url=url(urlName)) in self.app.get(url(
urlName)))
# Assert that we get rejected if we try to post without logging in
self.assertEqualJSON(self.app.post(url(urlName)), 0)
# Add people
Session.add(
model.Person(username, model.hashString(password), nickname,
email))
Session.add(
model.Person(username + 'x', model.hashString(password),
nickname + 'x', email + 'x'))
Session.commit()
# Log in
self.app.post(url('person_login'),
dict(username=username, password=password))
# Assert that the update form is filled with the user's credentials
responseBody = self.app.get(url(urlName)).body
self.assert_(username in responseBody)
self.assert_(nickname in responseBody)
self.assert_(email in responseBody)
# Update credentials
username_ = store.makeRandomString(parameter.USERNAME_LENGTH_MAXIMUM)
password_ = store.makeRandomAlphaNumericString(
parameter.PASSWORD_LENGTH_AVERAGE)
nickname_ = unicode(
store.makeRandomString(parameter.NICKNAME_LENGTH_MAXIMUM))
email_ = re.sub(r'.*@', store.makeRandomString(16) + '@', email)
self.assertEqualJSON(
self.app.post(
url(urlName),
dict(username=username_,
password=password_,
nickname=nickname_,
email=email_)), 1)
# Make sure the credentials have not changed yet
self.assertEqual(
Session.query(model.Person).filter_by(
username=username_,
password_hash=model.hashString(password_),
nickname=nickname_,
email=email_).count(), 0)
# Activate candidate
self.app.get(
url('person_confirm',
ticket=Session.query(model.PersonCandidate.ticket).filter_by(
email=email_).first()[0]))
# Make sure the credentials have changed
self.assertEqual(
Session.query(model.Person).filter_by(
username=username_,
password_hash=model.hashString(password_),
nickname=nickname_,
email=email_).count(), 1)
# Load people
person1 = Session.query(model.Person).filter_by(
username=username_,
password_hash=model.hashString(password_),
nickname=nickname_,
email=email_).first()
person2 = Session.query(model.Person).filter_by(username=username +
'x').first()
# Add SMSAddress
smsAddress = model.SMSAddress(emailSMS, person2.id)
Session.add(smsAddress)
Session.commit()
smsAddressID = smsAddress.id
# Make sure that only the owner can update SMS information
self.app.post(url('person_login'),
dict(username=username, password=password))
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID, action='activate')),
0)
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID,
action='deactivate')), 0)
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID, action='remove')), 0)
self.app.post(url('person_login'),
dict(username=username + 'x', password=password))
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID, action='activate')),
1)
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID,
action='deactivate')), 1)
self.assertEqualJSON(
self.app.post(url(urlName),
dict(smsAddressID=smsAddressID, action='remove')), 1)