def test_invite_user_new(self):
"""Test for inviting a new user."""
project_setup = self.create_project_and_owner(username_is_email=True)
new_email = uuid4().hex + "@stacktask-tempest.com"
new_password = uuid4().hex
auth = {
"name": project_setup['owner']['username'],
"password": project_setup['owner']['password'],
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
}
api.user_invite(
auth,
{"username": new_email, "email": new_email, "roles": ["Member"]}
)
tasks = api.get_tasks(auth, {}).json()
auth['user_token'] = self.identity_utils.identity_client.token
tokens = api.get_tokens(
auth,
{},
{'task_id': {"exact": tasks['tasks'][0]['uuid']}}
).json()
token = tokens['tokens'][0]['token']
api.token_submit(auth, token, {"password": new_password}).json()
# confirm user has been created
user = identity.get_user_by_username(
self.identity_utils.identity_client,
project_setup['project']['id'], new_email
)
self.add_clean_up_user(user['id'])
# and has member role:
roles = self.identity_utils.identity_client.list_user_roles(
project_setup['project']['id'], user['id'])
has_member = False
for role in roles['roles']:
if role['name'] == "Member":
has_member = True
self.assertTrue(has_member)
def test_invite_user_existing(self):
"""Test for inviting an existing user."""
project_setup = self.create_project_and_owner(username_is_email=True)
project2_setup = self.create_project_and_owner(username_is_email=True)
auth = {
"name": project_setup['owner']['username'],
"password": project_setup['owner']['password'],
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
}
api.user_invite(
auth,
{
"username": project2_setup['owner']['username'],
"email": project2_setup['owner']['email'],
"roles": ["Member"]}
)
tasks = api.get_tasks(auth, {}).json()
auth['user_token'] = self.identity_utils.identity_client.token
tokens = api.get_tokens(
auth,
{},
{'task_id': {"exact": tasks['tasks'][0]['uuid']}}
).json()
token = tokens['tokens'][0]['token']
api.token_submit(auth, token, {"confirm": True})
# confirm user has member role in first project
roles = self.identity_utils.identity_client.list_user_roles(
project_setup['project']['id'], project2_setup['owner']['id'])
has_member = False
for role in roles['roles']:
if role['name'] == "Member":
has_member = True
self.assertTrue(has_member)
def test_cancel_user_invite(self):
"""Test canceling of a user invite."""
project_setup = self.create_project_and_owner(username_is_email=True)
new_email = "*****@*****.**"
new_password = uuid4().hex
auth = {
"name": project_setup['owner']['username'],
"password": project_setup['owner']['password'],
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
}
api.user_invite(
auth,
{"username": new_email, "email": new_email, "roles": ["Member"]}
)
tasks = api.get_tasks(auth, {}).json()
api.user_revoke(
auth,
tasks['tasks'][0]['uuid']
)
auth['user_token'] = self.identity_utils.identity_client.token
tokens = api.get_tokens(
auth,
{},
{'task_id': {"exact": tasks['tasks'][0]['uuid']}}
).json()
token = tokens['tokens'][0]['token']
response = api.token_submit(auth, token, {"password": new_password})
self.assertEqual(response.status_code, 400)
self.assertEqual(
response.json(), {u'errors': [u'This task has been cancelled.']})
def test_password_reset(self):
"""
Test password reset.
Invites a new user, submits them, and then uses their token to fetch
tasks. Resets password, then confirms they can still fetch tasks with
new password.
"""
project_setup = self.create_project_and_owner(username_is_email=True)
auth = {
"name": project_setup['owner']['username'],
"password": project_setup['owner']['password'],
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
"user_token": self.identity_utils.identity_client.token
}
# ask for password reset token
now = datetime.datetime.utcnow()
api.password_reset(auth, project_setup['owner']['email'])
# filter tasks to get only the most recent one:
tasks = api.get_tasks(
auth, {},
{'task_type': {"exact": 'reset_password'},
'created_on': {"gte": str(now)}
}
).json()
self.assertTrue(len(tasks['tasks']) >= 1)
# if more than one, we need to be careful to only
# grab the tempest user reset_password.
# Just in case a user asks for a reset at the same time.
tempest_task = {}
if len(tasks['tasks']) >= 1:
for task in tasks['tasks']:
# assumes only 1 action
email = task['actions'][0]['data']['email']
if email == project_setup['owner']['email']:
tempest_task = task
break
else:
tempest_task = tasks['tasks'][0]
tokens = api.get_tokens(
auth,
{},
{'task_id': {"exact": tempest_task['uuid']}}
).json()
token = tokens['tokens'][0]['token']
# submit new password
new_password = uuid4().hex
api.token_submit(auth, token, {"password": new_password})
# update auth and check if new password works
auth = {
"name": project_setup['owner']['email'],
"password": new_password,
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
}
response = api.get_tasks(auth, {})
self.assertEqual(response.status_code, 200)