def test_profile_changing_email_with_valid_data_updates_email(): user = FakeUser(email=None, password=None) request = DummyRequest(post={'__formid__': 'email'}, authenticated_user=user) controller = ProfileController(request) controller.forms['email'] = form_validating_to({'email': '*****@*****.**'}) controller.profile() assert user.email == '*****@*****.**'
def test_profile_changing_password_with_invalid_data_returns_form(): user = FakeUser(email=None, password=None) request = DummyRequest(post={'__formid__': 'password'}, authenticated_user=user) controller = ProfileController(request) controller.forms['password'] = invalid_form() result = controller.profile() assert 'password_form' in result
def test_profile_changing_password_with_valid_data_updates_password(): user = FakeUser(email=None, password=None) request = DummyRequest(post={'__formid__': 'password'}, authenticated_user=user) controller = ProfileController(request) controller.forms['password'] = form_validating_to({'new_password': '******'}) controller.profile() assert user.password == 'secrets!'
def test_profile_changing_password_with_invalid_data_does_not_update_password(): user = FakeUser(email=None, password=None) request = DummyRequest(post={'__formid__': 'password'}, authenticated_user=user) controller = ProfileController(request) controller.forms['password'] = invalid_form() controller.profile() assert user.password is None
def test_profile_changing_password_with_valid_data_redirects(): user = FakeUser(email=None, password=None) request = DummyRequest(post={'__formid__': 'password'}, authenticated_user=user) controller = ProfileController(request) controller.forms['password'] = form_validating_to({'new_password': '******'}) result = controller.profile() assert isinstance(result, httpexceptions.HTTPFound)
def test_edit_profile_with_validation_failure(authn_policy, form_validator): """If form validation fails, return the error object.""" authn_policy.authenticated_userid.return_value = "johndoe" form_validator.return_value = ({"errors": "BOOM!"}, None) request = DummyRequest(method='POST') profile = ProfileController(request) result = profile.edit_profile() assert result == {"errors": "BOOM!"}
def test_subscription_update(self, config, dummy_db_session): """Make sure that the new status is written into the DB.""" request = _get_fake_request('acct:john@doe', 'smith', True, True) configure(config) with patch('h.accounts.views.Subscriptions') as mock_subs: mock_subs.get_by_id = MagicMock() mock_subs.get_by_id.return_value = Mock(active=True) profile = ProfileController(request) profile.edit_profile() assert dummy_db_session.added
def test_edit_profile_successfully(authn_policy, form_validator, user_model): """edit_profile() returns a dict with key "form" when successful.""" authn_policy.authenticated_userid.return_value = "johndoe" form_validator.return_value = (None, {"username": "******", "pwd": "password", "subscriptions": ""}) user_model.validate_user.return_value = True user_model.get_by_id.return_value = FakeUser(email="*****@*****.**") request = DummyRequest(method="POST") profile = ProfileController(request) result = profile.edit_profile() assert result == {"model": {"email": "*****@*****.**"}}
def test_disable_user_sets_random_password(form_validator, user_model): """Check if the user is disabled.""" request = DummyRequest(method='POST') form_validator.return_value = (None, {"username": "******", "pwd": "doe"}) user = FakeUser(password='******') user_model.get_user.return_value = user profile = ProfileController(request) profile.disable_user() assert user.password == user_model.generate_random_password.return_value
def test_subscription_update(config, dummy_db_session): """ Make sure that the new status is written into the DB """ request = _get_fake_request('acct:john@doe', 'smith', True, True) configure(config) with patch('h.accounts.views.Subscriptions') as mock_subs: mock_subs.get_by_id = MagicMock() mock_subs.get_by_id.return_value = Mock(active=True) profile = ProfileController(request) profile.edit_profile() assert dummy_db_session.added
def test_disable_user_with_invalid_password(form_validator, user_model): """Make sure our disable_user call validates the user password.""" request = Mock(method='POST', authenticated_userid='john') form_validator.return_value = (None, {"username": "******", "pwd": "doe"}) # With an invalid password, validate_user() returns False. user_model.validate_user.return_value = False profile = ProfileController(request) result = profile.disable_user() assert result['code'] == 401 assert any('pwd' in err for err in result['errors'])
def test_profile_invalid_password(self, config, user_model): """Make sure our edit_profile call validates the user password.""" request = _get_fake_request('john', 'doe') configure(config) # With an invalid password, get_user returns None user_model.get_user.return_value = None profile = ProfileController(request) result = profile.edit_profile() assert result['code'] == 401 assert any('pwd' in err for err in result['errors'])
def test_disable_user_with_invalid_password(form_validator, user_model): """Make sure our disable_user call validates the user password.""" request = DummyRequest(method='POST') form_validator.return_value = (None, {"username": "******", "pwd": "doe"}) # With an invalid password, get_user returns None user_model.get_user.return_value = None profile = ProfileController(request) result = profile.disable_user() assert result['code'] == 401 assert any('pwd' in err for err in result['errors'])
def test_profile_invalid_password(config, user_model): """Make sure our edit_profile call validates the user password""" request = _get_fake_request('john', 'doe') configure(config) # With an invalid password, get_user returns None user_model.get_user.return_value = None profile = ProfileController(request) result = profile.edit_profile() assert result['code'] == 401 assert any('pwd' in err for err in result['errors'])
def test_user_disabled(config, user_model): """ Check if the user is disabled """ request = _get_fake_request('john', 'doe') configure(config) user = FakeUser(password='******') user_model.get_user.return_value = user profile = ProfileController(request) profile.disable_user() assert user.password == user_model.generate_random_password.return_value
def test_edit_profile_invalid_password(authn_policy, form_validator, user_model): """Make sure our edit_profile call validates the user password.""" authn_policy.authenticated_userid.return_value = "johndoe" form_validator.return_value = (None, {"username": "******", "pwd": "blah", "subscriptions": ""}) # Mock an invalid password user_model.validate_user.return_value = False request = DummyRequest(method="POST") profile = ProfileController(request) result = profile.edit_profile() assert result["code"] == 401 assert any("pwd" in err for err in result["errors"])
def test_profile_invalid_password(): """ Make sure our edit_profile call validates the user password """ request = _get_fake_request('john', 'doe') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.lib.FlashMessage') as mock_flash: mock_user.get_user = MagicMock(side_effect=_bad_password) profile = ProfileController(request) profile.User = mock_user profile.edit_profile() assert mock_flash.called_with(request, _('Invalid password.'), kind='error')
def test_subscription_update(): """Make sure that the new status is written into the DB """ request = _get_fake_request('acct:john@doe', 'smith', True, True) print "request", request.POST with testConfig() as config: configure(config) with patch('h.accounts.views.Subscriptions') as mock_subs: mock_subs.get_by_id = MagicMock() mock_subs.get_by_id.return_value = Mock(active=True) profile = ProfileController(request) profile.db = Mock() profile.db.add = MagicMock(name='add') profile.edit_profile() assert profile.db.add.called
def test_profile_calls_super(): """Make sure our method calls the superclasses edit_profile if the validations are successful """ request = _get_fake_request('john', 'smith') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.views.ProfileController.edit_profile') as mock_super_profile: mock_user.get_user = MagicMock(side_effect=_good_password_simple) profile = ProfileController(request) profile.User = mock_user profile.edit_profile() assert profile.request.context is True assert mock_super_profile.called
def test_edit_profile_successfully(self, config, user_model): """edit_profile() returns a dict with key "form" when successful.""" configure(config) profile = ProfileController(DummyRequest()) with patch( "h.accounts.views._validate_edit_profile_request") as validate: validate.return_value = { "username": "******", "pwd": "password", "subscriptions": [] } result = profile.edit_profile() assert "form" in result assert "errors" not in result
def test_profile_400s_with_bogus_formid(): user = FakeUser() request = DummyRequest(post={'__formid__': 'hax0rs'}, authenticated_user=user) with pytest.raises(httpexceptions.HTTPBadRequest): ProfileController(request).profile()
def test_disable_invalid_password(): """ Make sure our disable_user call validates the user password """ request = _get_fake_request('john', 'doe') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.lib.FlashMessage') as mock_flash: with patch('h.accounts.schemas.EditProfileSchema') as mock_schema: mock_schema.validator = MagicMock(name='validator') mock_user.get_user = MagicMock(side_effect=_bad_password) profile = ProfileController(request) profile.User = mock_user profile.disable_user() assert mock_flash.called_with(request, _('Invalid password.'), kind='error')
def test_edit_profile_successfully(authn_policy, form_validator, user_model): """edit_profile() returns a dict with key "form" when successful.""" authn_policy.authenticated_userid.return_value = "johndoe" form_validator.return_value = (None, { "username": "******", "pwd": "password", "subscriptions": "", }) user_model.validate_user.return_value = True user_model.get_by_id.return_value = FakeUser(email="*****@*****.**") request = DummyRequest(method='POST') profile = ProfileController(request) result = profile.edit_profile() assert result == {"model": {"email": "*****@*****.**"}}
def test_subscription_update(authn_policy, form_validator, subscriptions_model, user_model): """Make sure that the new status is written into the DB.""" authn_policy.authenticated_userid.return_value = "acct:john@doe" form_validator.return_value = ( None, {"username": "******", "pwd": "smith", "subscriptions": '{"active":true,"uri":"acct:john@doe","id":1}'}, ) mock_sub = Mock(active=False, uri="acct:john@doe") subscriptions_model.get_by_id.return_value = mock_sub user_model.get_by_id.return_value = FakeUser(email="john@doe") request = DummyRequest(method="POST") profile = ProfileController(request) result = profile.edit_profile() assert mock_sub.active is True assert result == {"model": {"email": "john@doe"}}
def test_profile_calls_super(): """Make sure our method calls the superclasses edit_profile if the validations are successful """ request = _get_fake_request('john', 'smith') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.views.ProfileController.edit_profile' ) as mock_super_profile: mock_user.get_user = MagicMock( side_effect=_good_password_simple) profile = ProfileController(request) profile.User = mock_user profile.edit_profile() assert profile.request.context is True assert mock_super_profile.called
def test_user_disabled(): """Check if the disabled user flag is set """ request = _get_fake_request('john', 'doe') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.lib.FlashMessage') as mock_flash: with patch('h.accounts.schemas.EditProfileSchema') as mock_schema: mock_schema.validator = MagicMock(name='validator') mock_user.get_user = MagicMock(side_effect=_good_password) profile = ProfileController(request) profile.User = mock_user profile.db = FakeDB() profile.db.add = MagicMock(name='add') profile.disable_user() assert profile.db.add.called
def test_profile_returns_email(authn_policy, user_model): """The profile should include the user's email.""" request = DummyRequest() authn_policy.authenticated_userid.return_value = "acct:[email protected]" user_model.get_by_id.return_value = FakeUser(email="*****@*****.**") result = ProfileController(request).profile() assert result["model"]["email"] == "*****@*****.**"
def test_edit_profile_invalid_password(authn_policy, form_validator, user_model): """Make sure our edit_profile call validates the user password.""" authn_policy.authenticated_userid.return_value = "johndoe" form_validator.return_value = (None, { "username": "******", "pwd": "blah", "subscriptions": "", }) # Mock an invalid password user_model.validate_user.return_value = False request = DummyRequest(method='POST') profile = ProfileController(request) result = profile.edit_profile() assert result['code'] == 401 assert any('pwd' in err for err in result['errors'])
def test_profile_returns_subscriptions(authn_policy, subscriptions_model): """The profile should include the user's subscriptions.""" request = DummyRequest() authn_policy.authenticated_userid.return_value = "acct:[email protected]" subscriptions_model.get_subscriptions_for_uri.return_value = \ {"some": "data"} result = ProfileController(request).profile() assert result["model"]["subscriptions"] == {"some": "data"}
def test_subscription_update(authn_policy, form_validator, subscriptions_model, user_model): """Make sure that the new status is written into the DB.""" authn_policy.authenticated_userid.return_value = "acct:john@doe" form_validator.return_value = (None, { "username": "******", "pwd": "smith", "subscriptions": '{"active":true,"uri":"acct:john@doe","id":1}', }) mock_sub = Mock(active=False, uri="acct:john@doe") subscriptions_model.get_by_id.return_value = mock_sub user_model.get_by_userid.return_value = FakeUser(email="john@doe") request = DummyRequest(method='POST') profile = ProfileController(request) result = profile.edit_profile() assert mock_sub.active is True assert result == {"model": {"email": "john@doe"}}
def test_disable_invalid_password(): """ Make sure our disable_user call validates the user password """ request = _get_fake_request('john', 'doe') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.lib.FlashMessage') as mock_flash: with patch( 'h.accounts.schemas.EditProfileSchema') as mock_schema: mock_schema.validator = MagicMock(name='validator') mock_user.get_user = MagicMock(side_effect=_bad_password) profile = ProfileController(request) profile.User = mock_user profile.disable_user() assert mock_flash.called_with(request, _('Invalid password.'), kind='error')
def test_profile_looks_up_by_logged_in_user(authn_policy, user_model): """ When fetching the profile, look up email for the logged in user. (And don't, for example, use a 'username' passed to us in params.) """ request = DummyRequest() authn_policy.authenticated_userid.return_value = "acct:[email protected]" ProfileController(request).profile() user_model.get_by_id.assert_called_with(request, "acct:[email protected]")
def test_unsubscribe_sets_active_to_False(Subscriptions): """It sets the active field of the subscription to False.""" Subscriptions.get_by_id.return_value = Mock( uri='acct:[email protected]', active=True) request = MagicMock( authenticated_userid='acct:[email protected]', GET={'subscription_id': 'subscription_id'} ) ProfileController(request).unsubscribe() assert Subscriptions.get_by_id.return_value.active is False
def test_unsubscribe_not_authorized(Subscriptions): """If you try to unsubscribe someone else's subscription you get a 401.""" Subscriptions.get_by_id.return_value = Mock( uri='acct:[email protected]', active=True) request = MagicMock( authenticated_userid='acct:[email protected]', GET={'subscription_id': 'subscription_id'} ) with pytest.raises(httpexceptions.HTTPUnauthorized): ProfileController(request).unsubscribe() assert Subscriptions.get_by_id.return_value.active is True
def test_edit_profile_with_validation_failure(self, config, user_model): """If validation raises edit_profile() should return an error. If _validate_edit_profile_request() raises an exception then edit_profile() should return a dict with an "errors" list containing a list of the error(s) from the exception's .errors property. """ configure(config) profile = ProfileController(DummyRequest()) errors = [ ("email", ["That email is invalid", "That email is taken"]), ("emailAgain", "The emails must match."), ("password", ["That password is wrong"]) ] with patch( "h.accounts.views._validate_edit_profile_request") as validate: validate.side_effect = ( views._InvalidEditProfileRequestError(errors=errors)) result = profile.edit_profile() assert result["errors"] == errors
def test_user_disabled(): """Check if the disabled user flag is set """ request = _get_fake_request('john', 'doe') with testConfig() as config: configure(config) with patch('horus.models.UserMixin') as mock_user: with patch('horus.lib.FlashMessage') as mock_flash: with patch( 'h.accounts.schemas.EditProfileSchema') as mock_schema: mock_schema.validator = MagicMock(name='validator') mock_user.get_user = MagicMock(side_effect=_good_password) profile = ProfileController(request) profile.User = mock_user profile.db = FakeDB() profile.db.add = MagicMock(name='add') profile.disable_user() assert profile.db.add.called
def test_disable_user_with_no_authenticated_user(): exc = ProfileController(Mock(authenticated_userid=None)).disable_user() assert isinstance(exc, httpexceptions.HTTPUnauthorized)
def test_profile_404s_if_not_logged_in(): request = DummyRequest(authenticated_user=None) with pytest.raises(httpexceptions.HTTPNotFound): ProfileController(request).profile()