def test_GIVEN_user_and_short_password_WHEN_password_set_THEN_error(self):
        user = self.login()
        user_service = UserService()
        password = "******"

        with self.assertRaises(ServiceException, msg="Should have thrown a ServiceException exception"):
            user_service.reset_password(user.id, password, password)
Exemple #2
0
    def login(self,
              username="******",
              access_level=constants.USER_ACCESS_LEVEL_EXTERNAL,
              workbench_username=None):
        """
        Setup the request as if the user has already logged in as a non admin user

        :param username: the username for the user to log in, stored in self.login_username, default "test"
        :param access_level: the access level of the user
        :param workbench_username: the workbench username for this user
        :return the details for the logged in user
        """
        self.login_username = username
        user_service = UserService()
        user = user_service.get_user_by_username(self.login_username)
        if user is None:
            user_service.create(
                self.login_username,
                'test',
                'testerson',
                '*****@*****.**',
                access_level,
                workbench_username=workbench_username)
            user = user_service.get_user_by_username(self.login_username)

        self.app.extra_environ['REMOTE_USER'] = str(user.username)
        return user
    def test_create_user(self):

        # Important - don't instantiate the mock class,
        # as the session creation function in the service
        # will do that for us

        sample_user = User()
        sample_user.username = '******'
        sample_user.name = 'Test User'
        sample_user.email = '*****@*****.**'
        sample_user.access_level = 'External'
        sample_user.first_name = "first_name"
        sample_user.last_name = "last_name"
        sample_user.storage_quota_in_gb = 89

        self._mock_session.add = MagicMock()
        self._mock_session.commit = MagicMock()

        user_service = UserService(self._mock_session)
        user_service.create(sample_user.username,
                            sample_user.first_name,
                            sample_user.last_name,
                            sample_user.email,
                            sample_user.access_level)

        self._mock_session.add.assert_called_once_with(ANY)
        self._mock_session.commit.assert_called_once_with()
    def test_GIVEN_no_user_and_matching_password_WHEN_password_set_THEN_error(self):

        user_service = UserService()
        password = "******"

        with self.assertRaises(ServiceException, msg="Should have thrown a ServiceException exception"):
            user_service.reset_password(-90, password, password)
    def test_GIVEN_user_and_non_matching_password_WHEN_password_set_THEN_error(self):

        user = self.login()
        user_service = UserService()

        with self.assertRaises(ServiceException, msg="Should have thrown a ServiceException exception"):
            user_service.reset_password(user.id, "password", "not password")
    def test_GIVEN_id_but_no_uuid_WHEN_password_THEN_page_with_error(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)

        response = self.app.get(
            url=url(controller='home', action='password', id=user.id)
        )
        assert_that(response.normal_body, contains_string("Invalid Password Request"), "Correct page")
    def test_GIVEN_no_model_created_and_user_action_set_WHEN_navigate_to_create_or_redirect_THEN_create_page_shown(self):

        user = self.login()
        user_service = UserService()
        user_service.set_current_model_run_creation_action(user, "driving_data")

        response = self.app.get(
            url(controller='model_run', action='pre_create'))

        assert_that(response.status_code, is_(302), "Response is redirect")
        assert_that(urlparse(response.response.location).path, is_(url(controller='model_run', action='create')), "url")
    def test_get_all_users(self):

        mock_query = MagicMock()

        self._mock_session.query = MagicMock()
        self._mock_session.query.return_value = mock_query

        user_service = UserService(self._mock_session)
        user_service.get_all_users()

        self._mock_session.query.assert_called_once_with(User)
    def test_GIVEN_model_created_and_user_action_set_WHEN_navigate_to_create_or_redirect_THEN_user_action_page_shown(self):

        user = self.login()
        user_service = UserService()
        user_service.set_current_model_run_creation_action(user, "driving_data")
        self.create_run_model(storage_in_mb=0, name="big_run", user=user, status=constants.MODEL_RUN_STATUS_CREATED)

        response = self.app.get(
            url(controller='model_run', action='pre_create'))

        assert_that(response.status_code, is_(302), "Response is redirect")
        assert_that(urlparse(response.response.location).path, is_(url(controller='model_run', action='driving_data')), "url")
    def test_GIVEN_user_WHEN_forget_password_THEN_password_forgotten_set(self):

        user = self.login()
        email_service = Mock(EmailService)
        user_service = UserService(email_service=email_service)

        link = user_service.set_forgot_password(user.id)

        with session_scope() as session:
            user = session.query(User).get(user.id)
            assert_that(user.forgotten_password_uuid, is_not(None), "forgotten password uuid set")
            assert_that(user.forgotten_password_expiry_date, is_not(None), "forgotten password expiry date set")
            assert_that(link, contains_string(user.forgotten_password_uuid), "UUID is in link")
            assert_that(email_service.send_email.called, is_(False), "email sent")
    def test_get_user_by_username(self):

        mock_query_result = MagicMock()
        mock_query_result.one = MagicMock()

        mock_query = MagicMock()
        mock_query.filter = MagicMock()
        mock_query.filter.return_value = mock_query_result

        self._mock_session.query = MagicMock()
        self._mock_session.query.return_value = mock_query

        username = '******'

        user_service = UserService(self._mock_session)
        user_service.get_user_by_username(username)

        self._mock_session.query.assert_called_once_with(User)
        mock_query.filter.assert_called_once_with(ANY)
        mock_query_result.one.assert_called_once_with()
    def test_GIVEN_invalid_id_and_valid_uuid_WHEN_post_password_THEN_page_with_error(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)
        user_service.set_forgot_password(user.id)

        response = self.app.post(
            url=url(controller='home', action='password', id=user.id + 1),
            params={'uuid': user.forgotten_password_uuid}
        )

        assert_that(response.normal_body, contains_string("Invalid Password Request"), "Invalid password page")
    def test_GIVEN_valid_id_and_valid_uuid_which_has_expired_WHEN_password_THEN_reset_forgotten_password(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)
        user_service.set_forgot_password(user.id)
        with session_scope() as session:
            user = user_service.get_user_by_id(user.id)
            user.forgotten_password_expiry_date = datetime.datetime.now() - datetime.timedelta(minutes=1)
            session.add(user)
        original_uuid = user.forgotten_password_uuid

        response = self.app.get(
            url=url(controller='home', action='password', id=user.id, uuid=original_uuid)
        )

        assert_that(response.normal_body, contains_string("Expired Password Request"), "Expired password page")
        with session_scope() as session:
            user = user_service.get_user_by_id(user.id)
            assert_that(user.forgotten_password_uuid, is_not(original_uuid), "uuid reset")
    def test_GIVEN_valid_id_and_uuid_WHEN_password_THEN_page_with_no_error(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)
        user_service.set_forgot_password(user.id)
        user = user_service.get_user_by_username(username)

        response = self.app.get(
            url=url(controller='home', action='password', id=user.id, uuid=user.forgotten_password_uuid)
        )

        assert_that(response.normal_body, contains_string("Password Request"), "Correct page")
        assert_that(response.normal_body, is_not(contains_string("Your new password")), "tooltip is rewriten")
        assert_that(response.normal_body, contains_string('title="Username"'), "Username tooltip")
        assert_that(response.normal_body, contains_string('title="New password"'), "Username tooltip")
        assert_that(response.normal_body, contains_string('title="Retype your new password"'), "Username tooltip")
    def test_GIVEN_valid_id_and_uuid_non_matching_password_WHEN_post_new_password_THEN_error_message(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)
        user_service.set_forgot_password(user.id)
        user = user_service.get_user_by_username(username)
        new_password = '******'

        response = self.app.post(
            url=url(controller='home', action='password', id=user.id),
            params={
                'uuid': user.forgotten_password_uuid,
                'password_one': new_password,
                'password_two': "not new password"}
        )

        assert_that(response.normal_body, contains_string("passwords are not the same"))
    def test_GIVEN_valid_id_and_uuid_WHEN_post_new_password_THEN_login_page_with_message(self):
        user_service = UserService()
        username = "******"
        user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
        user = user_service.get_user_by_username(username)
        user_service.set_forgot_password(user.id)
        user = user_service.get_user_by_username(username)
        new_password = '******'

        response = self.app.post(
            url=url(controller='home', action='password', id=user.id),
            params={
                'uuid': user.forgotten_password_uuid,
                'password_one': new_password,
                'password_two': new_password}
        )

        assert_that(response.status_code, is_(302), "Response is redirect")
        assert_that(urlparse(response.response.location).path, is_(url(controller='account', action='login')), "url")
        with session_scope() as session:
            user = user_service.get_user_by_id(user.id)
            assert_that(user.forgotten_password_uuid, is_(None), "uuid blanked")
    def test_GIVEN_user_and_password_WHEN_password_set_THEN_password_call_made_to_crowd_and_forgotten_password_blanked(self):
        user = self.login()
        crowd_client = Mock(CrowdClient)
        crowd_client_factory = CrowdClientFactory()
        crowd_client_factory.get_client = Mock(return_value=crowd_client)
        user_service = UserService(crowd_client_factory=crowd_client_factory)
        user_service.set_forgot_password(user.id)
        password = "******"

        user_service.reset_password(user.id, password, password)

        assert_that(crowd_client.update_users_password.called, is_(True), "Crowd called to update user")
        user = user_service.get_user_by_id(user.id)
        assert_that(user.forgotten_password_uuid, is_(None), "uuid")
        assert_that(user.forgotten_password_expiry_date, is_(None), "expiry date")
    def test_GIVEN_user_and_password_WHEN_password_set_and_crowd_client_raises_THEN_forgotten_password_not_blanked_error(self):
        user = self.login()
        crowd_client = Mock(CrowdClient)
        crowd_client.update_users_password = Mock(side_effect=ClientException())
        crowd_client_factory = CrowdClientFactory()
        crowd_client_factory.get_client = Mock(return_value=crowd_client)
        user_service = UserService(crowd_client_factory=crowd_client_factory)
        user_service.set_forgot_password(user.id)
        password = "******"

        with self.assertRaises(ServiceException, msg="Service exception not raise"):
            user_service.reset_password(user.id, password, password)

        user = user_service.get_user_by_id(user.id)
        assert_that(user.forgotten_password_uuid, is_not(None), "uuid")
        assert_that(user.forgotten_password_expiry_date, is_not(None), "expiry date")