def test_update_password(self): test_user = self.http_req.user # make sure user who is shooting the request has proper permission to # update an user's attributes, whatever itself or others. user_should_have_perm(test_user, 'auth.change_user') user_new_attrs = self.user_new_attrs.copy() new_password = '******' user_new_attrs['password'] = new_password try: XUser.update(self.http_req, user_new_attrs, test_user.pk) except Fault as e: self.assertEqual( e.faultCode, 403, 'Old password was not provided, ' + 'PermissionDenied should be catched.') user_new_attrs['old_password'] = '******' try: XUser.update(self.http_req, user_new_attrs, test_user.pk) except Fault as e: self.assertEqual( e.faultCode, 403, 'Invalid old password was provided. ' + 'PermissionDenied should be catched.') user_new_attrs['old_password'] = test_user.username data = XUser.update(self.http_req, user_new_attrs, test_user.pk) self.assert_('password' not in data) self.assertEqual(data['first_name'], user_new_attrs['first_name']) self.assertEqual(data['last_name'], user_new_attrs['last_name']) self.assertEqual(data['email'], user_new_attrs['email']) user = User.objects.get(pk=test_user.pk) self.assert_(user.check_password(new_password))
def test_update_password(self): test_user = self.http_req.user # make sure user who is shooting the request has proper permission to # update an user's attributes, whatever itself or others. user_should_have_perm(test_user, 'auth.change_user') user_new_attrs = self.user_new_attrs.copy() new_password = '******' user_new_attrs['password'] = new_password try: XUser.update(self.http_req, user_new_attrs, test_user.pk) except Fault as e: self.assertEqual(e.faultCode, 403, 'Old password was not provided, ' + 'PermissionDenied should be catched.') user_new_attrs['old_password'] = '******' try: XUser.update(self.http_req, user_new_attrs, test_user.pk) except Fault as e: self.assertEqual(e.faultCode, 403, 'Invalid old password was provided. ' + 'PermissionDenied should be catched.') user_new_attrs['old_password'] = test_user.username data = XUser.update(self.http_req, user_new_attrs, test_user.pk) self.assert_('password' not in data) self.assertEqual(data['first_name'], user_new_attrs['first_name']) self.assertEqual(data['last_name'], user_new_attrs['last_name']) self.assertEqual(data['email'], user_new_attrs['email']) user = User.objects.get(pk=test_user.pk) self.assert_(user.check_password(new_password))
def test_update_other_with_proper_permission(self): user_should_have_perm(self.http_req.user, 'auth.change_user') data = XUser.update(self.http_req, self.user_new_attrs, self.user.pk) updated_user = User.objects.get(pk=self.user.pk) self.assertEqual(data['first_name'], updated_user.first_name) self.assertEqual(data['last_name'], updated_user.last_name) self.assertEqual(data['email'], updated_user.email)
def setUp(self): self.http_req = make_http_request() user_should_have_perm(self.http_req.user, 'testplans.add_testplantag') self.plans = TestPlan.objects.all()[:2] self.tag1 = TestTag.objects.create(name='xmlrpc_test_tag_1') self.tag2 = TestTag.objects.create(name='xmlrpc_test_tag_2') self.tag_name = 'xmlrpc_tag_name_1'
def setUp(self): self.http_req = make_http_request() perm_name = 'testplans.add_testplancomponent' user_should_have_perm(self.http_req.user, perm_name) self.product = Product.objects.all()[0] self.plans = TestPlan.objects.all()[:2] self.component1 = Component.objects.create( name='xmlrpc test component 1', description='xmlrpc test description', product=self.product) self.component2 = Component.objects.create( name='xmlrpc test component 2', description='xmlrpc test description', product=self.product)