Exemple #1
0
def test_last_login_ip(web_server, browser, dbsession, init):
    """Record last log in IP correctly."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    with transaction.manager:
        user = get_user(dbsession)
        assert not user.last_login_ip

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert b.is_element_present_by_css("#msg-you-are-logged-in")

    with transaction.manager:
        user = get_user(dbsession)
        assert user.last_login_ip in [
            ipaddress.IPv4Address("127.0.0.1"),
            ipaddress.IPv6Address("::1")
        ]
Exemple #2
0
def test_delete_user_confirm(browser, web_server, init, dbsession):
    """Delete a user."""

    b = browser

    create_logged_in_user(dbsession,
                          init.config.registry,
                          web_server,
                          browser,
                          admin=True)

    # Create another user who we are going to delete
    with transaction.manager:
        create_user(dbsession,
                    init.config.registry,
                    email="*****@*****.**")

    b.find_by_css("#nav-admin").click()
    b.find_by_css("#latest-user-shortcut").click()
    b.find_by_css("#btn-crud-delete").click()
    b.find_by_css("#btn-delete-yes").click()
    assert b.is_element_present_by_css("#msg-item-deleted")

    with transaction.manager:
        assert dbsession.query(User).count() == 1
Exemple #3
0
def test_add_user_existing_email(browser, web_server, init, dbsession):
    """Add a user but there already exists one with the same email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry, email="*****@*****.**")

    b = browser

    create_logged_in_user(dbsession,
                          init.config.registry,
                          web_server,
                          browser,
                          admin=True)

    b.find_by_css("#nav-admin").click()

    b.find_by_css("#btn-panel-add-user").click()

    # b.fill("username", "test2")
    b.fill("email", "*****@*****.**")
    b.fill("password", "secret")
    b.fill("password-confirm", "secret")
    b.find_by_name("add").click()

    assert b.is_element_present_by_css(
        "#error-deformField1")  # Email address already taken
Exemple #4
0
def test_delete_user_cancel(browser, web_server, init, dbsession):
    """Delete a user, but back off on the confirmation screen."""

    b = browser

    create_logged_in_user(dbsession,
                          init.config.registry,
                          web_server,
                          browser,
                          admin=True)

    # Create another user who we are going to delete
    with transaction.manager:
        create_user(dbsession,
                    init.config.registry,
                    email="*****@*****.**")

    b.find_by_css("#nav-admin").click()
    b.find_by_css("#latest-user-shortcut").click()
    b.find_by_css("#btn-crud-delete").click()
    b.find_by_css("#btn-delete-no").click()

    # Back to the show page
    assert b.is_element_present_by_css("#crud-show")

    with transaction.manager:
        assert dbsession.query(User).count() == 2
Exemple #5
0
def test_login_forget_password_email_send(web_server, browser, dbsession,
                                          init):
    """Send out the reset password by email, but do not answer to it, instead directly login."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.find_by_css("#nav-sign-in").click()

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    b.visit("{}/login".format(web_server))

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()
    assert b.is_element_present_by_css("#msg-you-are-logged-in")
Exemple #6
0
def test_last_login_ip(web_server, browser, dbsession, init):
    """Record last log in IP correctly."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    with transaction.manager:
        user = get_user(dbsession)
        assert not user.last_login_ip

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert b.is_element_present_by_css("#msg-you-are-logged-in")

    with transaction.manager:
        user = get_user(dbsession)
        assert user.last_login_ip == "127.0.0.1"
Exemple #7
0
def test_login(web_server: str, browser: DriverAPI, dbsession: Session,
               init: Initializer):
    """Login as a user to the site..

    This is a functional test. Prepare the test by creating one user in the database. Then try to login as this user by using Splinter test browser.

    :param web_server: Functional web server py.test fixture - this string points to a started web server with test.ini configuration.

    :param browser: A Splinter web browser used to execute the tests. By default ``splinter.driver.webdriver.firefox.WebDriver``, but can be altered with py.test command line options for pytest-splinter.

    :param dbsession: Active SQLAlchemy database session for the test run.
    """
    with transaction.manager:
        # Create a dummy [email protected] user we test
        create_user(dbsession,
                    init.config.registry,
                    email=EMAIL,
                    password=PASSWORD)

    # Direct Splinter browser to the website
    b = browser
    b.visit(web_server)

    # This link should be in the top navigation
    b.find_by_css("#nav-sign-in").click()

    # Link gives us the login form
    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    # After login we see a profile link to our profile
    assert b.is_element_present_by_css("#nav-logout")
Exemple #8
0
def test_login(web_server:str, browser:DriverAPI, dbsession:Session, init:Initializer):
    """Login as a user to the site.

    This is a functional test. Prepare the test by creating one user in the database. Then try to login as this user by using Splinter test browser.

    :param web_server: Functional web server py.test fixture - this string points to a started web server with test.ini configuration.

    :param browser: A Splinter web browser used to execute the tests. By default ``splinter.driver.webdriver.firefox.WebDriver``, but can be altered with py.test command line options for pytest-splinter.

    :param dbsession: Active SQLAlchemy database session for the test run.

    :param init: Websauna Initializer which ramps up the environment with the default ``test.ini`` and exposes the test config.
    """

    with transaction.manager:
        # Create a dummy [email protected] user we test
        create_user(dbsession, init.config.registry, email=EMAIL, password=PASSWORD)

    # Direct Splinter browser to the website
    b = browser
    b.visit(web_server)

    # This link should be in the top navigation
    b.find_by_css("#nav-sign-in").click()

    # Link gives us the login form
    assert b.is_element_visible_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    # After login we see a profile link to our profile
    assert b.is_element_visible_by_css("#nav-logout")
Exemple #9
0
def test_logged_in_has_authenticated_permission(web_server, dbsession: Session, browser, permission_app):
    """Logged in users can access views behind authenticated permission."""

    b = browser

    with transaction.manager:
        create_user(dbsession, permission_app.init.config.registry)

    b.visit(web_server)
    login(web_server, b)

    # Logged in user can access
    b.visit("{}/test_authenticated".format(web_server))
    assert b.is_element_present_by_css("#ok")
def test_setup_user_account(dbsession, registry, eth_service, testnet_service, eth_network_id):
    """See that we create primary and testnet address."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user)
        assert user.owned_crypto_addresses.count() == 2  # 2 addresses
        assert user.owned_crypto_operations.count() == 2  # 2 account creations

    def _create_address(web3, dbsession, opid):
        with transaction.manager:
            op = dbsession.query(CryptoOperation).get(opid)
            assert isinstance(op.address, CryptoAddress)
            op.address.address = eth_address_to_bin(TEST_ADDRESS)
            op.mark_performed()
            op.mark_complete()

    with mock.patch("websauna.wallet.ethereum.ops.create_address", new=_create_address):

        # Create address on main net
        success_op_count, failed_op_count = eth_service.run_waiting_operations()
        assert success_op_count == 1
        assert failed_op_count == 0

        # Create address on test net
        success_op_count, failed_op_count = testnet_service.run_waiting_operations()
        assert success_op_count == 1
        assert failed_op_count == 0

    # Make sure more addresses is not get created when we are called again
    with transaction.manager:
        user = dbsession.query(User).first()
        setup_user_account(user)
        assert user.owned_crypto_addresses.count() == 2  # 2 addresses
        assert user.owned_crypto_operations.count() == 2  # 2 account creations
Exemple #11
0
def test_get_user_account_assets(dbsession, registry, mock_eth_service,
                                 eth_network_id, eth_asset_id):
    """get_user_assets() gives sane results."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user, do_mainnet=True)

    mock_create_addresses(mock_eth_service, dbsession)

    # Play around with user accounts
    with transaction.manager:

        # No accounts yet
        assert UserCryptoAddress.get_user_asset_accounts(user) == []

        # User gets a deposit, an account gets created
        user = dbsession.query(User).first()
        network = dbsession.query(AssetNetwork).get(eth_network_id)
        asset = dbsession.query(Asset).get(eth_asset_id)
        address = UserCryptoAddress.get_default(user, network)
        account = address.address.get_or_create_account(asset)
        account.account.do_withdraw_or_deposit(Decimal("+10"), "Top up")

        current_accounts = UserCryptoAddress.get_user_asset_accounts(user)
        assert len(current_accounts) == 1
        current_address, current_account = current_accounts[0]
        assert current_account == account
        assert current_address == address
def test_get_user_account_assets(dbsession, registry, mock_eth_service, eth_network_id, eth_asset_id):
    """get_user_assets() gives sane results."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user)

    mock_create_addresses(mock_eth_service, dbsession)

    # Play around with user accounts
    with transaction.manager:

        # No accounts yet
        assert UserCryptoAddress.get_user_asset_accounts(user) == []

        # User gets a deposit, an account gets created
        user = dbsession.query(User).first()
        network = dbsession.query(AssetNetwork).get(eth_network_id)
        asset = dbsession.query(Asset).get(eth_asset_id)
        address = UserCryptoAddress.get_default(user, network)
        account = address.address.get_or_create_account(asset)
        account.account.do_withdraw_or_deposit(Decimal("+10"), "Top up")

        current_accounts = UserCryptoAddress.get_user_asset_accounts(user)
        assert len(current_accounts) == 1
        current_address, current_account = current_accounts[0]
        assert current_account == account
        assert current_address == address
Exemple #13
0
def test_forget_password_bad_user(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server + "/login")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", "*****@*****.**")
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css(".errorMsg")
Exemple #14
0
def test_forget_password_bad_user(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server + "/login")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", "*****@*****.**")
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css(".error-msg-detail")
def test_starter_token(dbsession, registry, eth_network_id, web3: Web3, eth_service: EthereumService, house_address, toybox):
    """See that a fresh user account is supplied with some play assets."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user)

    # Let all the events completed
    success, fail = eth_service.run_event_cycle()
    assert success == 1
    assert fail == 0

    # We need another event cycle to process the initial asset transfers
    with transaction.manager:
        user = dbsession.query(User).first()
        opid = user.user_data["starter_asset_txs"][0]["toybox"]
        assert opid

    wait_for_op_confirmations(eth_service, opid)

    # Let the transfer come through
    eth_service.run_event_cycle()

    # Make sure we confirm the deposit
    with transaction.manager:
        user = dbsession.query(User).first()
        user_depo = user.owned_crypto_operations.join(CryptoOperation).filter_by(operation_type=CryptoOperationType.deposit).first()
        opid = user_depo.crypto_operation.id

    wait_for_op_confirmations(eth_service, opid)

    with transaction.manager:

        # Sanity check our token contract posts us logs
        user = dbsession.query(User).first()
        client = get_rpc_client(web3)
        asset = dbsession.query(Asset).get(toybox)
        address = bin_to_eth_address(asset.external_id)
        network = dbsession.query(AssetNetwork).get(eth_network_id)
        user_address = UserCryptoAddress.get_default(user, network).address
        house_address = dbsession.query(CryptoAddress).get(house_address)
        house = bin_to_eth_address(house_address.address)
        token = Token.get(web3, address)

        # Check we correctly resolved low level logs
        token_logs = client.get_logs(from_block=0, address=[address])
        wallet_logs = client.get_logs(from_block=0, address=[house])
        assert len(token_logs) > 0
        assert len(wallet_logs) > 0

        # Check contract state matches
        assert token.contract.call().balanceOf(house) == 9990
        assert token.contract.call().balanceOf(bin_to_eth_address(user_address.address)) == 10

        # Check our internal book keeping matches
        assert house_address.get_account(asset).account.get_balance() == 9990
        assert user_address.get_account(asset).account.get_balance() == 10
Exemple #16
0
def test_delete_user_confirm(browser, web_server, init, dbsession):
    """Delete a user."""

    b = browser

    create_logged_in_user(dbsession, init.config.registry, web_server, browser, admin=True)

    # Create another user who we are going to delete
    with transaction.manager:
        create_user(dbsession, init.config.registry, email="*****@*****.**")

    b.find_by_css("#nav-admin").click()
    b.find_by_css("#latest-user-shortcut").click()
    b.find_by_css("#btn-crud-delete").click()
    b.find_by_css("#btn-delete-yes").click()
    assert b.is_element_present_by_css("#msg-item-deleted")

    with transaction.manager:
        assert dbsession.query(User).count() == 1
Exemple #17
0
def test_login(web_server, browser, dbsession, init):
    """Login an user."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    # After login we see a profile link to our profile
    assert b.is_element_present_by_css("#nav-logout")
Exemple #18
0
def test_login(web_server, browser, dbsession, init):
    """Login an user."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    # After login we see a profile link to our profile
    assert b.is_element_present_by_css("#nav-logout")
Exemple #19
0
def test_pending_jsonb_dict_new_key(dbsession, registry):
    """Check that new keys added to JSONB that is not committed yet are persistent."""

    with transaction.manager:
        u = create_user(dbsession, registry)
        assert isinstance(u.user_data, NestedMutationDict)
        u.user_data["phone_number"] = "xxx"

    with transaction.manager:
        u = dbsession.query(User).first()
        assert u.user_data.get("phone_number") == "xxx"
Exemple #20
0
def test_pending_jsonb_dict_new_key(dbsession, registry):
    """Check that new keys added to JSONB that is not committed yet are persistent."""

    with transaction.manager:
        u = create_user(dbsession, registry)
        assert isinstance(u.user_data, NestedMutationDict)
        u.user_data["phone_number"] = "xxx"

    with transaction.manager:
        u = dbsession.query(User).first()
        assert u.user_data.get("phone_number") == "xxx"
Exemple #21
0
def test_starter_eth(dbsession, registry, eth_network_id, web3: Web3,
                     eth_service: EthereumService, house_address, starter_eth):
    """Test the user gets some starter ETH when signing up."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user, do_mainnet=True)

    # Let all the events completed
    success, fail = eth_service.run_event_cycle()
    assert success >= 1
    assert fail == 0

    # When op is confirmed, the user account is correctly credited
    with transaction.manager:
        user = dbsession.query(User).first()
        txid = user.user_data["starter_asset_txs"][0]["eth"]

    confirm_transaction(web3, txid)

    # Let the transfer come through
    eth_service.run_event_cycle()

    with transaction.manager:
        user = dbsession.query(User).first()
        client = get_rpc_client(web3)
        asset = get_ether_asset(dbsession)
        ua = user.owned_crypto_addresses.first()
        address = bin_to_eth_address(ua.address.address)

        # Sanity check we get events from starter deposit
        logs = client.get_logs(from_block=0, address=[address])

        ops = list(user.owned_crypto_operations)

        # The event was processed on log level
        assert len(logs) == 1

        # The last user operation is deposit
        depo = ops[-1]
        assert isinstance(depo.crypto_operation, CryptoAddressDeposit)
        opid = depo.crypto_operation.id

    # Wait deposit to confirm
    wait_for_op_confirmations(eth_service, opid)

    with transaction.manager:
        # User ETH balance is expected
        asset = get_ether_asset(dbsession)
        user = dbsession.query(User).first()
        ua = user.owned_crypto_addresses.first()
        caccout = ua.address.get_account(asset)
        assert caccout.account.get_balance() == Decimal("0.1")
Exemple #22
0
def test_non_admin_user_denied(web_server, browser, dbsession, init):
    """The second user should not see admin link nor get to the admin page."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry, admin=True)
        assert u.is_admin()

        u = create_user(dbsession, init.config.registry, email="*****@*****.**")
        assert not u.is_admin()

    b = browser
    b.visit(web_server + "/login")

    b.fill("username", "*****@*****.**")
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert not b.is_element_visible_by_css("#nav-admin")

    b.visit(web_server + "/admin/")
    assert b.is_element_visible_by_css("#forbidden")
Exemple #23
0
def test_non_admin_user_denied(web_server, browser, dbsession, init):
    """The second user should not see admin link nor get to the admin page."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry, admin=True)
        assert u.is_admin()

        u = create_user(dbsession, init.config.registry, email="*****@*****.**")
        assert not u.is_admin()

    b = browser
    b.visit(web_server + "/login")

    b.fill("username", "*****@*****.**")
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert not b.is_element_visible_by_css("#nav-admin")

    b.visit(web_server + "/admin/")
    assert b.is_element_visible_by_css("#forbidden")
Exemple #24
0
def test_delete_user_cancel(browser, web_server, init, dbsession):
    """Delete a user, but back off on the confirmation screen."""

    b = browser

    create_logged_in_user(dbsession, init.config.registry, web_server, browser, admin=True)

    # Create another user who we are going to delete
    with transaction.manager:
        create_user(dbsession, init.config.registry, email="*****@*****.**")

    b.find_by_css("#nav-admin").click()
    b.find_by_css("#latest-user-shortcut").click()
    b.find_by_css("#btn-crud-delete").click()
    b.find_by_css("#btn-delete-no").click()

    # Back to the show page
    assert b.is_element_present_by_css("#crud-show")

    with transaction.manager:
        assert dbsession.query(User).count() == 2
Exemple #25
0
def test_add_user_existing_email(browser, web_server, init, dbsession):
    """Add a user but there already exists one with the same email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry, email="*****@*****.**")

    b = browser

    create_logged_in_user(dbsession, init.config.registry, web_server, browser, admin=True)

    b.find_by_css("#nav-admin").click()

    b.find_by_css("#btn-panel-add-user").click()

    # b.fill("username", "test2")
    b.fill("email", "*****@*****.**")
    b.fill("password", "secret")
    b.fill("password-confirm", "secret")
    b.find_by_name("add").click()

    assert b.is_element_present_by_css("#error-deformField1")  # Email address already taken
Exemple #26
0
def test_forget_password(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-check-email")

    with transaction.manager:
        user = get_user(dbsession)
        activation_code = user.activation.code

    b.visit("{}/reset-password/{}".format(web_server, activation_code))
    assert b.is_element_present_by_css("#reset-password-form")

    # Friendly name should be visible
    assert b.is_text_present("*****@*****.**")
    b.fill("password", "yyy")
    b.fill("password-confirm", "yyy")
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-password-reset-complete")

    b.fill("username", EMAIL)
    b.fill("password", "yyy")
    b.find_by_name("login_email").click()

    assert b.is_element_present_by_css("#nav-logout")
Exemple #27
0
def test_forget_password(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-check-email")

    with transaction.manager:
        user = get_user(dbsession)
        activation_code = user.activation.code

    b.visit("{}/reset-password/{}".format(web_server, activation_code))
    assert b.is_element_present_by_css("#reset-password-form")

    # Friendly name should be visible
    assert b.is_text_present("*****@*****.**")
    b.fill("password", "yyy")
    b.fill("password-confirm", "yyy")
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-password-reset-complete")

    b.fill("username", EMAIL)
    b.fill("password", "yyy")
    b.find_by_name("login_email").click()

    assert b.is_element_present_by_css("#nav-logout")
def test_starter_eth(dbsession, registry, eth_network_id, web3: Web3, eth_service: EthereumService, house_address, starter_eth):
    """Test the user gets some starter ETH when signing up."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user)

    # Let all the events completed
    success, fail = eth_service.run_event_cycle()
    assert success >= 1
    assert fail == 0

    # When op is confirmed, the user account is correctly credited
    with transaction.manager:
        user = dbsession.query(User).first()
        txid = user.user_data["starter_asset_txs"][0]["eth"]

    confirm_transaction(web3, txid)

    # Let the transfer come through
    eth_service.run_event_cycle()

    with transaction.manager:
        user = dbsession.query(User).first()
        client = get_rpc_client(web3)
        asset = get_ether_asset(dbsession)
        ua = user.owned_crypto_addresses.first()
        address = bin_to_eth_address(ua.address.address)

        # Sanity check we get events from starter deposit
        logs = client.get_logs(from_block=0, address=[address])

        ops = list(user.owned_crypto_operations)

        # The event was processed on log level
        assert len(logs) == 1

        # The last user operation is deposit
        depo = ops[-1]
        assert isinstance(depo.crypto_operation, CryptoAddressDeposit)
        opid = depo.crypto_operation.id

    # Wait deposit to confirm
    wait_for_op_confirmations(eth_service, opid)

    with transaction.manager:
        # User ETH balance is expected
        asset = get_ether_asset(dbsession)
        user = dbsession.query(User).first()
        ua = user.owned_crypto_addresses.first()
        caccout = ua.address.get_account(asset)
        assert caccout.account.get_balance() == Decimal("0.1")
Exemple #29
0
def test_logout(web_server, browser, dbsession, init):
    """Log out."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit("{}/{}".format(web_server, "login"))

    assert b.is_element_visible_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    b.find_by_css("#nav-logout").click()

    # Anonynous again
    assert not b.is_element_visible_by_css("#nav-logout")

    # We should see the log in form
    assert b.is_element_visible_by_css("#login-form")
Exemple #30
0
def test_forget_password_expired_token(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server + "/forgot-password")

    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-check-email")

    with transaction.manager:
        user = get_user(dbsession)
        activation = user.activation
        activation.expires_at = now() - timedelta(days=365)
        activation_code = activation.code

    b.visit("{}/reset-password/{}".format(web_server, activation_code))
    assert b.is_element_present_by_css("#not-found")
Exemple #31
0
def test_forget_password_expired_token(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server + "/forgot-password")

    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-check-email")
    
    with transaction.manager:
        user = get_user(dbsession)
        activation = user.activation
        activation.expires_at = now() - timedelta(days=365)
        activation_code = activation.code

    b.visit("{}/reset-password/{}".format(web_server, activation_code))
    assert b.is_element_present_by_css("#not-found")
Exemple #32
0
def test_login_forget_password_email_send(web_server, browser, dbsession, init):
    """Send out the reset password by email, but do not answer to it, instead directly login."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit(web_server)

    b.find_by_css("#nav-sign-in").click()

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    b.visit("{}/login".format(web_server))

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()
    assert b.is_element_present_by_css("#msg-you-are-logged-in")
Exemple #33
0
def test_logout(web_server, browser, dbsession, init):
    """Log out."""

    with transaction.manager:
        create_user(dbsession, init.config.registry)

    b = browser
    b.visit("{}/{}".format(web_server, "login"))

    assert b.is_element_present_by_css("#login-form")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert b.is_element_present_by_css("#msg-you-are-logged-in")
    b.find_by_css("#nav-logout").click()

    # Anonynous again
    assert b.is_element_present_by_css("#msg-logged-out")
    assert not b.is_element_present_by_css("#nav-logout")

    # We should see the log in form
    assert b.is_element_present_by_css("#login-form")
Exemple #34
0
def test_forget_password_disabled_user(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry)
        u.enabled = False

    b = browser
    b.visit(web_server + "/login")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-cannot-reset-password")
Exemple #35
0
def test_forget_password_disabled_user(web_server, browser, dbsession, init):
    """Reset password by email."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry)
        u.enabled = False

    b = browser
    b.visit(web_server + "/login")

    assert b.is_element_present_by_css("#login-form")

    b.click_link_by_text("Forgot your password?")
    assert b.is_element_present_by_css("#forgot-password-form")
    b.fill("email", EMAIL)
    b.find_by_name("submit").click()

    assert b.is_element_present_by_css("#msg-cannot-reset-password")
Exemple #36
0
def test_pagination(web_server, browser, dbsession, init):
    with transaction.manager:
        create_logged_in_user(dbsession,
                              init.config.registry,
                              web_server,
                              browser,
                              admin=True)

        for index in range(1, 101):
            u = create_user(dbsession,
                            init.config.registry,
                            email="example{}@example.com".format(index))
            dbsession.add(u)

    # quick check total users
    assert dbsession.query(User).count() == 101

    b = browser
    b.visit(web_server + "/admin/models/user/listing")

    # pagination should show correct number of total
    assert b.is_text_present("Total 101 items")
    assert b.is_text_present("Page #1 (1-20 of 101)")

    # page should show 20 rows (default size)
    assert len(b.find_by_css("tr.crud-row")) == 20

    # first email should be last created
    assert b.find_by_css(
        "td.crud-column-email").first.text == "*****@*****.**"

    # pager should show 2 buttons, first 2 are disabled
    assert len(b.find_by_css(".pager li")) == 4
    assert len(b.find_by_css(".pager li.disabled")) == 2

    # click to next and repeat the above tests
    b.find_by_css(".pager li")[2].click()
    assert b.is_text_present("Total 101 items")
    assert b.is_text_present("Page #2 (21-40 of 101)")
    assert len(b.find_by_css("tr.crud-row")) == 20
    assert b.find_by_css(
        "td.crud-column-email").first.text == "*****@*****.**"
    assert len(b.find_by_css(".pager li")) == 4
    assert len(b.find_by_css(".pager li.disabled")) == 0
def test_facebook_login_disabled_user(web_server, browser, dbsession, init):
    """Logged in user which is not enabled should give an error.."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry, email=os.environ["FACEBOOK_USER"])
        u.enabled = False

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_visible_by_css("#login-form")

    b.find_by_css(".btn-login-facebook").click()

    do_facebook_login_if_facebook_didnt_log_us_already(browser)

    assert b.is_element_present_by_css("#msg-cannot-login-social-media-user")
Exemple #38
0
def wallet_user(dbsession, registry, mock_eth_service) -> dict:
    """Create a user having a wallet in place with some faux tokens."""

    details = {
        "email": "*****@*****.**",
        "password": "******"
    }

    with transaction.manager:
        user = create_user(dbsession, registry, email=details["email"], password=details["password"])
        setup_user_account(user, do_mainnet=True)
        details["user_id"] = user.id

    success_op_count, failed_op_count = mock_create_addresses(mock_eth_service, dbsession)

    assert success_op_count == 1
    assert failed_op_count == 0

    return details
Exemple #39
0
def test_get_user_account_operations(dbsession, registry, eth_network_id):
    """get_active_operations() gives sane results."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user, do_mainnet=True)
        operations = UserCryptoOperation.get_active_operations(user)
        assert operations.count() == 2

        # Ticking operation off shortens the lsit
        op = operations.first()
        op.mark_complete()

        operations = UserCryptoOperation.get_active_operations(user)
        assert operations.count() == 1

        op = operations.first()
        op.mark_complete()
        assert operations.count() == 0
def test_user_account_top_up(dbsession, registry):

    with transaction.manager:

        network = AssetNetwork(name="Foo Bank")
        dbsession.add(network)
        dbsession.flush()

        asset = Asset(name="US Dollar", symbol="USD", asset_class=AssetClass.fiat)
        network.assets.append(asset)
        dbsession.flush()
        assert asset.id

        user = create_user(dbsession, registry)
        dbsession.flush()
        oa = UserOwnedAccount.create_for_user(user=user, asset=asset)
        dbsession.flush()

        oa.account.do_withdraw_or_deposit(Decimal("+100"), "Topping up")
Exemple #41
0
def test_facebook_login_disabled_user(web_server, browser, dbsession, init):
    """Logged in user which is not enabled should give an error.."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry, email=os.environ["FACEBOOK_USER"])
        u.enabled = False

    b = browser
    b.visit(web_server)

    b.click_link_by_text("Sign in")

    assert b.is_element_visible_by_css("#login-form")

    b.find_by_css(".btn-login-facebook").click()

    do_facebook_login_if_facebook_didnt_log_us_already(browser)

    assert b.is_element_present_by_css("#msg-cannot-login-social-media-user")
def test_get_user_account_operations(dbsession, registry, eth_network_id):
    """get_active_operations() gives sane results."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user)
        operations = UserCryptoOperation.get_active_operations(user)
        assert operations.count() == 2

        # Ticking operation off shortens the lsit
        op = operations.first()
        op.mark_complete()

        operations = UserCryptoOperation.get_active_operations(user)
        assert operations.count() == 1

        op = operations.first()
        op.mark_complete()
        assert operations.count() == 0
Exemple #43
0
def wallet_user(dbsession, registry, mock_eth_service) -> dict:
    """Create a user having a wallet in place with some faux tokens."""

    details = {
        "email": "*****@*****.**",
        "password": "******"
    }

    with transaction.manager:
        user = create_user(dbsession, registry, email=details["email"], password=details["password"])
        setup_user_account(user)
        details["user_id"] = user.id

    success_op_count, failed_op_count = mock_create_addresses(mock_eth_service, dbsession)

    assert success_op_count == 1
    assert failed_op_count == 0

    return details
Exemple #44
0
def test_enter_admin(web_server, browser, dbsession, init):
    """The first user can open the admin page."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry)
        site_creator = get_site_creator(init.config.registry)
        site_creator.init_empty_site(dbsession, u)
        assert u.is_admin()

    b = browser
    b.visit(web_server + "/login")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert b.is_element_visible_by_css("#nav-admin")
    b.find_by_css("#nav-admin").click()

    assert b.is_element_present_by_css("#admin-main")
Exemple #45
0
def test_enter_admin(web_server, browser, dbsession, init):
    """The first user can open the admin page."""

    with transaction.manager:
        u = create_user(dbsession, init.config.registry)
        site_creator = get_site_creator(init.config.registry)
        site_creator.init_empty_site(dbsession, u)
        assert u.is_admin()

    b = browser
    b.visit(web_server + "/login")

    b.fill("username", EMAIL)
    b.fill("password", PASSWORD)
    b.find_by_name("login_email").click()

    assert b.is_element_visible_by_css("#nav-admin")
    b.find_by_css("#nav-admin").click()

    assert b.is_element_present_by_css("#admin-main")
Exemple #46
0
def test_setup_user_account(dbsession, registry, eth_service, testnet_service,
                            eth_network_id):
    """See that we create primary and testnet address."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        assert user.owned_crypto_addresses.count() == 0  # 2 addresses
        setup_user_account(user, do_mainnet=True)
        assert user.owned_crypto_addresses.count() == 2  # 2 addresses
        assert user.owned_crypto_operations.count() == 2  # 2 account creations

    def _create_address(web3, dbsession, opid):
        with transaction.manager:
            op = dbsession.query(CryptoOperation).get(opid)
            assert isinstance(op.address, CryptoAddress)
            op.address.address = eth_address_to_bin(TEST_ADDRESS)
            op.mark_performed()
            op.mark_complete()

    with mock.patch("websauna.wallet.ethereum.ops.create_address",
                    new=_create_address):

        # Create address on main net
        success_op_count, failed_op_count = eth_service.run_waiting_operations(
        )
        assert success_op_count == 1
        assert failed_op_count == 0

        # Create address on test net
        success_op_count, failed_op_count = testnet_service.run_waiting_operations(
        )
        assert success_op_count == 1
        assert failed_op_count == 0

    # Make sure more addresses is not get created when we are called again
    with transaction.manager:
        user = dbsession.query(User).first()
        setup_user_account(user, do_mainnet=True)
        assert user.owned_crypto_addresses.count() == 2  # 2 addresses
        assert user.owned_crypto_operations.count() == 2  # 2 account creations
Exemple #47
0
def populated_mailing_list(mailgun, dbsession, registry, mailing_list):
    with transaction.manager:
        create_user(dbsession, registry)

    import_all_users(mailgun, dbsession, mailing_list)
    return mailing_list
def user_id(dbsession, registry):
    with transaction.manager:
        user = create_user(dbsession, registry)
        return user.id
Exemple #49
0
def test_starter_token(dbsession, registry, eth_network_id, web3: Web3,
                       eth_service: EthereumService, house_address, toybox):
    """See that a fresh user account is supplied with some play assets."""

    with transaction.manager:
        user = create_user(dbsession, registry)
        setup_user_account(user, do_mainnet=True)

    # Let all the events completed
    success, fail = eth_service.run_event_cycle()
    assert success == 1
    assert fail == 0

    # We need another event cycle to process the initial asset transfers
    with transaction.manager:
        user = dbsession.query(User).first()
        opid = user.user_data["starter_asset_txs"][0]["toybox"]
        assert opid

    wait_for_op_confirmations(eth_service, opid)

    # Let the transfer come through
    eth_service.run_event_cycle()

    # Make sure we confirm the deposit
    with transaction.manager:
        user = dbsession.query(User).first()
        user_depo = user.owned_crypto_operations.join(
            CryptoOperation).filter_by(
                operation_type=CryptoOperationType.deposit).first()
        opid = user_depo.crypto_operation.id

    wait_for_op_confirmations(eth_service, opid)

    with transaction.manager:

        # Sanity check our token contract posts us logs
        user = dbsession.query(User).first()
        client = get_rpc_client(web3)
        asset = dbsession.query(Asset).get(toybox)
        address = bin_to_eth_address(asset.external_id)
        network = dbsession.query(AssetNetwork).get(eth_network_id)
        user_address = UserCryptoAddress.get_default(user, network).address
        house_address = dbsession.query(CryptoAddress).get(house_address)
        house = bin_to_eth_address(house_address.address)
        token = Token.get(web3, address)

        # Check we correctly resolved low level logs
        token_logs = client.get_logs(from_block=0, address=[address])
        wallet_logs = client.get_logs(from_block=0, address=[house])
        assert len(token_logs) > 0
        assert len(wallet_logs) > 0

        # Check contract state matches
        assert token.contract.call().balanceOf(house) == 9990
        assert token.contract.call().balanceOf(
            bin_to_eth_address(user_address.address)) == 10

        # Check our internal book keeping matches
        assert house_address.get_account(asset).account.get_balance() == 9990
        assert user_address.get_account(asset).account.get_balance() == 10
def user_id(dbsession, registry):
    """Create a sample user."""
    with transaction.manager:
        user = create_user(dbsession, registry)
        user.user_data["phone_number"] = "+15551231234"
        return user.id
Exemple #51
0
def user_id(dbsession, registry):
    """Create a sample user."""
    with transaction.manager:
        user = create_user(dbsession, registry)
        return user.id
Exemple #52
0
def user_id(dbsession, registry):
    """Create a sample user."""
    with transaction.manager:
        user = create_user(dbsession, registry)
        return user.id