def test_GIVEN_valid_id_and_valid_uuid_which_has_expired_WHEN_password_THEN_reset_forgotten_password(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
user.forgotten_password_expiry_date = datetime.datetime.now() - datetime.timedelta(minutes=1)
session.add(user)
original_uuid = user.forgotten_password_uuid
response = self.app.get(
url=url(controller='home', action='password', id=user.id, uuid=original_uuid)
)
assert_that(response.normal_body, contains_string("Expired Password Request"), "Expired password page")
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_not(original_uuid), "uuid reset")
def test_GIVEN_user_and_password_WHEN_password_set_THEN_password_call_made_to_crowd_and_forgotten_password_blanked(self):
user = self.login()
crowd_client = Mock(CrowdClient)
crowd_client_factory = CrowdClientFactory()
crowd_client_factory.get_client = Mock(return_value=crowd_client)
user_service = UserService(crowd_client_factory=crowd_client_factory)
user_service.set_forgot_password(user.id)
password = "******"
user_service.reset_password(user.id, password, password)
assert_that(crowd_client.update_users_password.called, is_(True), "Crowd called to update user")
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_(None), "uuid")
assert_that(user.forgotten_password_expiry_date, is_(None), "expiry date")
def test_GIVEN_user_and_password_WHEN_password_set_and_crowd_client_raises_THEN_forgotten_password_not_blanked_error(self):
user = self.login()
crowd_client = Mock(CrowdClient)
crowd_client.update_users_password = Mock(side_effect=ClientException())
crowd_client_factory = CrowdClientFactory()
crowd_client_factory.get_client = Mock(return_value=crowd_client)
user_service = UserService(crowd_client_factory=crowd_client_factory)
user_service.set_forgot_password(user.id)
password = "******"
with self.assertRaises(ServiceException, msg="Service exception not raise"):
user_service.reset_password(user.id, password, password)
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_not(None), "uuid")
assert_that(user.forgotten_password_expiry_date, is_not(None), "expiry date")
def test_GIVEN_valid_id_and_uuid_WHEN_post_new_password_THEN_login_page_with_message(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
user = user_service.get_user_by_username(username)
new_password = '******'
response = self.app.post(
url=url(controller='home', action='password', id=user.id),
params={
'uuid': user.forgotten_password_uuid,
'password_one': new_password,
'password_two': new_password}
)
assert_that(response.status_code, is_(302), "Response is redirect")
assert_that(urlparse(response.response.location).path, is_(url(controller='account', action='login')), "url")
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_(None), "uuid blanked")
