def test_activate_invalid_user(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
bad_act = Activation()
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user2 = User(username='******', email='*****@*****.**')
user2.activation = bad_act
user2.password = '******'
self.session.add(user)
self.session.add(user2)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(val, ret):
if val == 'code':
return bad_act.code
elif val == 'user_id':
return user.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
new_user1 = User.get_by_username(request, 'sontek')
new_user2 = User.get_by_username(request, 'jessie')
assert not new_user1.is_activated
assert not new_user2.is_activated
assert response.status_int == 404
def test_activate_invalid_user(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
bad_act = Activation()
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user2 = User(username='******', email='*****@*****.**')
user2.activation = bad_act
user2.password = '******'
self.session.add(user)
self.session.add(user2)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(val, ret):
if val == 'code':
return bad_act.code
elif val == 'user_id':
return user.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
new_user1 = User.get_by_username(request, 'sontek')
new_user2 = User.get_by_username(request, 'jessie')
assert not new_user1.is_activated
assert not new_user2.is_activated
assert response.status_int == 404
def test_activate_invalid(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek')
assert not user.is_activated
assert response.status_int == 404
def test_inactive_login(self):
"""Make sure inactive users can't sign in."""
from horus.tests.models import User
from horus.tests.models import Activation
admin = User(username='******', email='*****@*****.**')
admin.activation = Activation()
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'), {
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
})
assert b'Your account is not active, please check your e-mail.' \
in res.body
def test_inactive_login_fails(self):
""" Make sure we can't login with an inactive user """
from horus.tests.models import User
from horus.interfaces import IHorusUserClass
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
user = User(username='******', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
}, request_method='POST')
flash = Mock()
request.session.flash = flash
view = AuthController(request)
view.login()
flash.assert_called_with(u'Your account is not active, please check your e-mail.',
'error')
def test_inactive_login(self):
"""Make sure inactive users can't sign in."""
from horus.tests.models import User
from horus.tests.models import Activation
admin = User(username='******', email='*****@*****.**')
admin.activation = Activation()
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'),
{
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
}
)
assert b'Your account is not active, please check your e-mail.' \
in res.body
def test_activate_invalid(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek')
assert not user.is_activated
assert response.status_int == 404
def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='danger')
def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='error')
def test_activate_multiple_users(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user1 = User(username='******', email='*****@*****.**')
user1.activation = Activation()
user1.password = '******'
self.session.add(user)
self.session.add(user1)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user1.activation.code
else:
return user1.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek1')
activations = Activation.get_all(request)
assert len(activations.all()) == 1
assert user.is_activated
assert response.status_int == 302
def test_activate_multiple_users(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user1 = User(username='******', email='*****@*****.**')
user1.activation = Activation()
user1.password = '******'
self.session.add(user)
self.session.add(user1)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user1.activation.code
else:
return user1.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek1')
activations = Activation.get_all(request)
assert len(activations.all()) == 1
assert user.is_activated
assert response.status_int == 302
def test_reset_password_valid_user(self):
from horus.views import ForgotPasswordController
from hem.interfaces import IDBSession
from horus.events import PasswordResetEvent
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.models import crypt
from horus.interfaces import IHorusUserClass
from horus.interfaces import IHorusActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IHorusUserClass)
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 'test123',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
def handle_password_reset(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_password_reset, PasswordResetEvent)
view = ForgotPasswordController(request)
response = view.reset_password()
assert not crypt.check(user.password, 'temp' + user.salt)
assert response.status_int == 302
def test_reset_password_valid_user(self):
from horus.views import ForgotPasswordController
from hem.interfaces import IDBSession
from horus.events import PasswordResetEvent
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.models import crypt
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'password': {
'password': '******',
'password-confirm': 'test123',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
def handle_password_reset(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_password_reset, PasswordResetEvent)
view = ForgotPasswordController(request)
response = view.reset_password()
assert not crypt.check(user.password, 'temp' + user.salt)
assert response.status_int == 302
def test_get_user_by_activation(self):
from horus.tests.models import User
from horus.tests.models import Activation
user = User(username='******', email='*****@*****.**')
user.password = '******'
activation = Activation()
user.activation = activation
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user
def test_get_user_by_activation(self):
from horus.tests.models import User
from horus.tests.models import Activation
user = User(username='******', email='*****@*****.**')
user.password = '******'
activation = Activation()
user.activation = activation
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user
def test_reset_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 't',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
view = ForgotPasswordController(request)
response = view.reset_password()
assert len(response['errors']) == 1
def test_reset_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 't',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert len(response['errors']) == 1
def test_get_user_by_activation_with_multiple_users(self):
from horus.tests.models import User
from horus.tests.models import Activation
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.password = '******'
user2.password = '******'
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user2
def test_get_user_by_activation_with_multiple_users(self):
from horus.tests.models import User
from horus.tests.models import Activation
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.password = '******'
user2.password = '******'
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user2
def test_activate(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IHorusUserClass
from horus.tests.models import User
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(user_name='sontek', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user.activation.code
else:
return user.pk
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_user_name(request, 'sontek')
assert user.is_activated
assert response.status_int == 302
def test_reset_password_loads(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.tests.models import Activation
from horus.interfaces import IActivationClass
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert response.get('form', None)
assert 'sontek' in response['form']
def test_reset_password_loads(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.tests.models import Activation
from horus.interfaces import IActivationClass
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert response.get('form', None)
assert 'sontek' in response['form']
def test_get_user_activation(self):
from horus.tests.models import Activation
from horus.tests.models import User
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.password = '******'
user2.password = '******'
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_username(request, 'sontek2')
new_activation = Activation.get_by_code(request, activation.code)
assert activation == new_activation
assert new_user.activation == new_activation
def test_get_user_activation(self):
from horus.tests.models import Activation
from horus.tests.models import User
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.set_password('password')
user2.set_password('password')
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_username(request, 'sontek2')
new_activation = Activation.get_by_code(request, activation.code)
assert activation == new_activation
assert new_user.activation == new_activation
def test_inactive_login(self):
""" Make sure inactive users can't sign in"""
from horus.tests.models import User
from horus.tests.models import Activation
admin = User(username='******', email='*****@*****.**')
admin.activation = Activation()
admin.set_password('temp')
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
res = self.app.post('/login',
{
'submit': True,
'Username': '******',
'Password': '******',
'csrf_token': csrf
}
)
assert 'Your account is not active, please check your e-mail.' in res.body