def test_get_accounts_multiple_providers(self):
user = User(email='*****@*****.**', email_verified=True)
identity1 = ExternalIdentity(user=user,
provider='twitter',
external_id='1234')
identity2 = ExternalIdentity(user=user,
provider='google',
external_id='4321')
password = Password(user=user, secret='secret')
Session.add(user)
Session.add(identity1)
Session.add(identity2)
Session.add(password)
Session.flush()
self.assertEqual(user.get_accounts('google'), [{
'id':
user.id,
'is_current':
True,
'is_verified':
True,
'passwords':
1,
'providers': [{
'name': 'twitter',
'is_current': False,
}, {
'name': 'google',
'is_current': True,
}]
}])
def test_get_accounts_multiple_providers(self):
user = User(email='*****@*****.**', email_verified=True)
identity1 = ExternalIdentity(user=user, provider='twitter',
external_id='1234')
identity2 = ExternalIdentity(user=user, provider='google',
external_id='4321')
password = Password(user=user, secret='secret')
Session.add(user)
Session.add(identity1)
Session.add(identity2)
Session.add(password)
Session.flush()
self.assertEqual(user.get_accounts('google'), [
{'id': user.id,
'is_current': True,
'is_verified': True,
'passwords': 1,
'providers': [{
'name': 'twitter',
'is_current': False,
}, {
'name': 'google',
'is_current': True,
}]}
])
def test_show_in_user(self):
request = DummyRequest()
ga = GoogleAnalytics(request)
self.assertFalse(ga.show_in_user(User(allow_google_analytics=False)))
self.assertTrue(ga.show_in_user(User(allow_google_analytics=True)))
def test_get_all_users(self):
d = datetime.datetime
with transaction.manager:
user1 = User(first_name='John1',
last_name='Doe',
creation=d(2012, 12, 12, 9, 10, 0),
email='*****@*****.**',
email_verified=False,
send_passwords_periodically=False)
Session.add(user1)
self.add_passwords(user1, 10)
user2 = User(first_name='John2',
last_name='Doe',
creation=d(2013, 1, 2, 13, 10, 0),
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=True)
Session.add(user2)
self.add_passwords(user2, 10)
user3 = User(first_name='John3',
last_name='Doe',
creation=d(2014, 6, 20, 10, 58, 10),
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=True)
Session.add(user3)
self.add_passwords(user3, 10)
when = datetime.datetime(2012, 10, 12, 10, 0, 0)
users = tuple(get_all_users(when))
self.assertEqual(len(users), 1)
self.assertEqual(users[0].first_name, 'John3')
def test_revoke_application_app(self):
administrator = User(screen_name='Alice doe',
first_name='Alice',
last_name='Doe',
email='*****@*****.**')
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
main_url='http://example.com',
callback_url='http://example.com/callback',
user=administrator)
auth_app = AuthorizedApplication(
scope=['read-passwords'],
response_type='code',
redirect_uri='http://example.com/callback',
application=app,
user=user,
)
with transaction.manager:
Session.add(user)
Session.add(app)
Session.add(auth_app)
Session.flush()
user_id = user.id
app_id = app.id
self.testapp.get('/__login/' + str(user_id))
self.assertEqual(Session.query(Application).count(), 1)
self.assertEqual(Session.query(AuthorizedApplication).count(), 1)
res = self.testapp.get('/oauth2/applications/%s/revoke' % str(app_id))
self.assertEqual(res.status, '200 OK')
res.mustcontain('Revoke authorization to application <span>Test Application</span>')
res = self.testapp.post('/oauth2/applications/%s/revoke' % str(app_id), {
'submit': 'Yes, I am sure',
})
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/oauth2/authorized-applications')
try:
auth_app = Session.query(AuthorizedApplication).filter(
AuthorizedApplication.application_id == app_id,
AuthorizedApplication.user_id == user_id,
).one()
except NoResultFound:
auth_app = None
self.assertEqual(auth_app, None)
# the application should not be removed on cascade
self.assertEqual(Session.query(Application).count(), 1)
def test_authorized_applications(self):
administrator = User(screen_name='Alice doe',
first_name='Alice',
last_name='Doe',
email='*****@*****.**')
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app1 = Application(name='Test Application 1',
main_url='http://example.com/1',
callback_url='http://example.com/1/callback',
image_url='http://example.com/1/image.png',
description='Test description 1',
user=administrator)
auth_app1 = AuthorizedApplication(
scope=['scope1'],
response_type='code',
redirect_uri='http://example.com/1/callback',
application=app1,
user=user,
)
app2 = Application(name='Test Application 2',
main_url='http://example.com/2',
callback_url='http://example.com/2/callback',
image_url='http://example.com/2/image.png',
description='Test description 2',
user=administrator)
auth_app2 = AuthorizedApplication(
scope=['scope1'],
response_type='code',
redirect_uri='http://example.com/2/callback',
application=app2,
user=user,
)
with transaction.manager:
Session.add(user)
Session.add(app1)
Session.add(auth_app1)
Session.add(app2)
Session.add(auth_app2)
Session.flush()
user_id = user.id
self.testapp.get('/__login/' + str(user_id))
res = self.testapp.get('/oauth2/authorized-applications')
self.assertEqual(res.status, '200 OK')
res.mustcontain('Authorized Applications')
res.mustcontain('Test Application 1')
res.mustcontain('Test Application 2')
def test_get_accounts_no_provider(self):
user = User(email='*****@*****.**')
Session.add(user)
Session.flush()
self.assertEqual(user.get_accounts(''), [{
'id': user.id,
'is_current': False,
'is_verified': False,
'passwords': 0,
'providers': []
}])
def test_get_accounts_no_provider(self):
user = User(email='*****@*****.**')
Session.add(user)
Session.flush()
self.assertEqual(user.get_accounts(''), [
{'id': user.id,
'is_current': False,
'is_verified': False,
'passwords': 0,
'providers': []}
])
def test_merge_valid_users(self):
master_user = User()
Session.add(master_user)
other_user = User()
Session.add(other_user)
Session.flush()
self.assertEqual(2, Session.query(User).count())
self.assertEqual(1, merge_accounts(master_user, [other_user.id]))
self.assertEqual(1, Session.query(User).count())
def test_announce_send_email(self):
with transaction.manager:
user1 = User(first_name='John0',
last_name='Doe',
email='',
email_verified=False,
send_passwords_periodically=False)
Session.add(user1)
self.add_passwords(user1, 10)
user2 = User(first_name='John1',
last_name='Doe',
email='',
email_verified=True,
send_passwords_periodically=False)
Session.add(user2)
self.add_passwords(user2, 10)
user3 = User(first_name='John2',
last_name='Doe',
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=True)
Session.add(user3)
self.add_passwords(user3, 10)
user4 = User(first_name='John3',
last_name='Doe',
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=True)
Session.add(user4)
self.add_passwords(user4, 10)
user5 = User(first_name='John4',
last_name='Doe',
email='*****@*****.**',
email_verified=False,
send_passwords_periodically=True)
Session.add(user5)
self.add_passwords(user5, 10)
sys.argv = ['notused', self.conf_file_path, 'new_feature_send_passwords_via_email']
sys.stdout = StringIO()
result = announce()
self.assertEqual(result, None)
stdout = sys.stdout.getvalue()
expected_output = """Sending email to John2 Doe <*****@*****.**>
Sending email to John3 Doe <*****@*****.**>
"""
self.assertEqual(stdout, expected_output)
def test_clients_two_apps(self):
administrator = User(screen_name='Alice doe',
first_name='Alice',
last_name='Doe',
email='*****@*****.**')
app1 = Application(name='Example app 1',
main_url='https://example.com',
callback_url='https://example.com/callback',
image_url='https://example.com/image.png',
description='example description',
production_ready=True,
user=administrator)
app2 = Application(name='Example app 2',
main_url='https://2.example.com',
callback_url='https://2.example.com/callback',
production_ready=False,
user=administrator)
with transaction.manager:
Session.add(app1)
Session.add(app2)
Session.flush()
res = self.testapp.get('/oauth2/clients')
self.assertEqual(res.status, '200 OK')
res.mustcontain(
'Available Clients', 'Example app 1', 'https://example.com',
'https://example.com/image.png', 'example description',
no=('Example app 2', 'https://2.example.com'),
)
def test_register_or_update_existing_user(self):
user = User(screen_name='JohnDoe',
first_name='John',
last_name='')
identity = ExternalIdentity(provider='twitter',
external_id='1',
user=user)
Session.add(user)
Session.add(identity)
Session.flush()
user_id = user.id
request = testing.DummyRequest()
request.session = {USER_ATTR: True}
request.google_analytics = GoogleAnalytics(request)
response = register_or_update(request, 'twitter', '1', {
'screen_name': 'JohnDoe',
'first_name': 'John',
'last_name': 'Doe',
'email': '*****@*****.**',
}, '/next')
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.location, '/next')
user = Session.query(User).filter(User.id == user_id).one()
self.assertEqual(user.email, '*****@*****.**')
self.assertEqual(user.last_name, 'Doe')
self.assertEqual(user.allow_google_analytics, True)
def test_cors_headers_app_origins(self):
cm = CORSManager('')
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
authorized_origins=['http://localhost'])
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.add(app)
Session.flush()
app_id = app.id
request = DummyRequest(headers={'Origin': 'http://localhost'},
params={'client_id': app_id})
response = request.response
cm.add_cors_header(request, response)
self.assertEqual(
response.headers, {
'Content-Type': 'text/html; charset=UTF-8',
'Content-Length': '0',
'Access-Control-Allow-Origin': 'http://localhost',
})
def test_applications_list_apps_one_app(self):
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
main_url='https://example.com',
callback_url='https://example.com/callback',
production_ready=False)
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.flush()
app_id = app.id
user_id = user.id
self.testapp.get('/__login/' + str(user_id))
res = self.testapp.get('/oauth2/applications')
self.assertEqual(res.status, '200 OK')
res.mustcontain('John')
res.mustcontain('Log out')
res.mustcontain('Developer Applications')
res.mustcontain('Register new application')
res.mustcontain(app_id)
res.mustcontain('Test Application')
res.mustcontain('https://example.com')
def create_user(email='',
email_verified=False,
provider='twitter',
external_id='twitter1',
**kwargs):
date = datetime.datetime(2012, 12, 12, 12, 12)
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email=email,
email_verified=email_verified,
creation=date,
last_login=date,
**kwargs)
identity = ExternalIdentity(provider=provider,
external_id=external_id,
user=user)
with transaction.manager:
Session.add(user)
Session.add(identity)
Session.flush()
user_id = user.id
return user_id
def test_application_edit_invalid_change(self):
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
main_url='http://example.com',
callback_url='http://example.com/callback',
authorized_origins=['http://example.com',
'https://example.com'],
production_ready=False,
image_url='http://example.com/image.png',
description='example description')
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.flush()
app_id = app.id
user_id = user.id
self.testapp.get('/__login/' + str(user_id))
res = self.testapp.post('/oauth2/applications/%s/edit' % str(app_id), {
'submit': 'Save changes',
})
self.assertEqual(res.status, '200 OK')
res.mustcontain('There was a problem with your submission')
res.mustcontain('Required')
def test_application_edit_unauthorized(self):
create_and_login_user(self.testapp)
app = Application(name='Test Application',
main_url='http://example.com',
callback_url='http://example.com/callback',
authorized_origins=['http://example.com',
'https://example.com'],
production_ready=False,
image_url='http://example.com/image.png',
description='example description')
other_user = User(screen_name='Alice doe',
first_name='Alice',
last_name='Doe',
email='*****@*****.**')
other_user.applications.append(app)
with transaction.manager:
Session.add(other_user)
Session.flush()
app_id = app.id
res = self.testapp.get('/oauth2/applications/%s/edit' % str(app_id),
status=401)
self.assertEqual(res.status, '401 Unauthorized')
def test_application_edit_cancel(self):
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
main_url='http://example.com',
callback_url='http://example.com/callback',
authorized_origins=['http://example.com',
'https://example.com'],
production_ready=False,
image_url='http://example.com/image.png',
description='example description')
user.applications.append(app)
with transaction.manager:
Session.add(user)
Session.flush()
app_id = app.id
user_id = user.id
self.testapp.get('/__login/' + str(user_id))
res = self.testapp.post('/oauth2/applications/%s/edit' % str(app_id), {
'cancel': 'Cancel',
})
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/oauth2/applications')
def test_get_image_url_with_size(self):
request = DummyRequest()
request.user = User(email='*****@*****.**')
gravatar = Gravatar(request, 'http://localhost/default_gravatar.png')
self.assertURLEqual(
gravatar.get_image_url(100),
'https://www.gravatar.com/avatar/d4c74594d841139328695756648b6bd6?s=100&d=http%3A%2F%2Flocalhost%2Fdefault_gravatar.png')
def test_merge_with_itself(self):
user = User()
Session.add(user)
Session.flush()
self.assertEqual(1, Session.query(User).count())
self.assertEqual(0, merge_accounts(user, [user.id]))
self.assertEqual(1, Session.query(User).count())
def test_get_accounts_one_provider_email_verified(self):
user = User(email='*****@*****.**', email_verified=True)
identity = ExternalIdentity(user=user, provider='twitter',
external_id='1234')
Session.add(user)
Session.add(identity)
Session.flush()
self.assertEqual(user.get_accounts(''), [
{'id': user.id,
'is_current': False,
'is_verified': True,
'passwords': 0,
'providers': [{
'name': 'twitter',
'is_current': False,
}]}
])
def test_merge_users(self):
with transaction.manager:
user1 = User(email='*****@*****.**')
identity1 = ExternalIdentity(provider='twitter', external_id='1234',
user=user1)
password1 = Password(secret='s3cr3t1', user=user1)
password2 = Password(secret='s3cr3t2', user=user1)
user2 = User(email='*****@*****.**')
identity2 = ExternalIdentity(provider='google', external_id='4321',
user=user2)
password3 = Password(secret='s3cr3t3', user=user2)
password4 = Password(secret='s3cr3t4', user=user2)
Session.add(user1)
Session.add(identity1)
Session.add(password1)
Session.add(password2)
Session.add(user2)
Session.add(identity2)
Session.add(password3)
Session.add(password4)
Session.flush()
user1_id = user1.id
user2_id = user2.id
user1 = Session.query(User).filter(User.id == user1_id).one()
user2 = Session.query(User).filter(User.id == user2_id).one()
self.assertEqual(1, len(user1.identities))
self.assertEqual(4, Session.query(Password).count())
with transaction.manager:
merge_users(user1, user2)
self.assertEqual(4, Session.query(Password).count())
self.assertEqual(0, Session.query(Password).filter(
Password.user_id == user2_id).count())
try:
user2_refreshed = Session.query(User).filter(User.id == user2_id).one()
except NoResultFound:
user2_refreshed = None
self.assertEqual(user2_refreshed, None)
user1 = Session.query(User).filter(User.id == user1_id).one()
self.assertEqual(2, len(user1.identities))
def test_unicode(self):
data = {'_id': '1234'}
self.assertEqual(text_type(User(data)), '1234')
data['email'] = '*****@*****.**'
self.assertEqual(text_type(User(data)), '*****@*****.**')
data['last_name'] = 'Doe'
self.assertEqual(text_type(User(data)), 'Doe')
data['first_name'] = 'John'
self.assertEqual(text_type(User(data)), 'John Doe')
data['screen_name'] = 'Johnny'
self.assertEqual(text_type(User(data)), 'Johnny')
u = User(data)
self.assertEqual(u.__unicode__(), u.__str__())
def test_merge_with_invented_users(self):
user = User()
Session.add(user)
Session.flush()
fake_id = '00000000-0000-0000-0000-000000000000'
self.assertEqual(1, Session.query(User).count())
self.assertEqual(0, merge_accounts(user, [fake_id]))
self.assertEqual(1, Session.query(User).count())
def test_application_delete(self):
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
app = Application(name='Test Application',
callback_url='https://example.com/callback',
production_ready=False)
user.applications.append(app)
auth_app = AuthorizedApplication(
scope=['scope1'],
response_type='code',
redirect_uri='http://example.com/callback',
application=app,
user=user,
)
with transaction.manager:
Session.add(user)
Session.add(auth_app)
Session.flush()
app_id = app.id
user_id = user.id
self.testapp.get('/__login/' + str(user_id))
self.assertEqual(Session.query(Application).count(), 1)
self.assertEqual(Session.query(AuthorizedApplication).count(), 1)
res = self.testapp.get('/oauth2/applications/%s/delete' % str(app_id))
self.assertEqual(res.status, '200 OK')
res.mustcontain('Delete Application <span>Test Application</span>')
res.mustcontain('Are you sure you want to remove the application')
res.mustcontain('Yes, I am sure')
res.mustcontain('No, take me back to the application list')
# now delete it
res = self.testapp.post('/oauth2/applications/%s/delete' % str(app_id),
{'submit': 'Yes, I am sure'})
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/oauth2/applications')
try:
app = Session.query(Application).filter(
Application.id == app_id).one()
except NoResultFound:
app = None
self.assertEqual(app, None)
self.assertEqual(Session.query(User).count(), 1)
self.assertEqual(Session.query(Application).count(), 0)
# Related authorizations should be deleted on cascade
self.assertEqual(Session.query(AuthorizedApplication).count(), 0)
def test_assert_authenticated_user_is_registered_existing_user(self):
user = User(screen_name='John Doe')
Session.add(user)
Session.flush()
user_id = user.id
self.config.testing_securitypolicy(userid=user_id)
request = testing.DummyRequest()
res = assert_authenticated_user_is_registered(request)
self.assertEqual(res.id, user_id)
self.assertEqual(res.screen_name, 'John Doe')
def test_get_accounts_one_provider_email_verified(self):
user = User(email='*****@*****.**', email_verified=True)
identity = ExternalIdentity(user=user,
provider='twitter',
external_id='1234')
Session.add(user)
Session.add(identity)
Session.flush()
self.assertEqual(
user.get_accounts(''),
[{
'id': user.id,
'is_current': False,
'is_verified': True,
'passwords': 0,
'providers': [{
'name': 'twitter',
'is_current': False,
}]
}])
def test_get_user_existing_user(self):
user = User(screen_name='John Doe')
Session.add(user)
Session.flush()
user_id = user.id
self.config.testing_securitypolicy(userid=user_id)
request = testing.DummyRequest()
new_user = get_user(request)
self.assertEqual(new_user.id, user.id)
self.assertEqual(new_user.screen_name, 'John Doe')
def test_get_user_passwords_no_passwords(self):
user = User(first_name='John', last_name='Doe')
with transaction.manager:
Session.add(user)
Session.flush()
user_id = user.id
user = Session.query(User).filter(User.id == user_id).one()
self.assertEqual(get_user_passwords(user), [])
def create_user():
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
with transaction.manager:
Session.add(user)
Session.flush()
user_id = user.id
return user, user_id
def test_several_users_first_of_month(self):
d = datetime.datetime
# Add some users
with transaction.manager:
user1 = User(first_name='John1',
last_name='Doe',
creation=d(2012, 12, 12, 9, 10, 0),
email='*****@*****.**',
email_verified=False,
send_passwords_periodically=False)
Session.add(user1)
self.add_passwords(user1, 10)
user2 = User(first_name='John2',
last_name='Doe',
creation=d(2013, 1, 2, 13, 10, 0),
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=False)
Session.add(user2)
self.add_passwords(user2, 10)
user3 = User(first_name='John3',
last_name='Doe',
creation=d(2014, 6, 20, 10, 58, 10),
email='*****@*****.**',
email_verified=True,
send_passwords_periodically=True)
Session.add(user3)
self.add_passwords(user3, 10)
sys.argv = ['notused', self.conf_file_path]
sys.stdout = StringIO()
result = send_backups_via_email()
self.assertEqual(result, None)
stdout = sys.stdout.getvalue()
expected_output = """Passwords sent to John3 Doe <*****@*****.**>
"""
self.assertEqual(stdout, expected_output)
def test_email_verification_code_verify_negative(self):
evc = EmailVerificationCode()
self.assertNotEqual(evc.code, None)
user = User(first_name='John',
last_name='Doe',
email='*****@*****.**')
Session.add(user)
Session.flush()
evc2 = EmailVerificationCode(evc.code)
result = evc2.verify('*****@*****.**')
self.assertEqual(result, None)
def create_and_login_user(testapp):
user = User(screen_name='John Doe',
first_name='John',
last_name='Doe',
email='*****@*****.**')
with transaction.manager:
Session.add(user)
Session.flush()
user_id = user.id
testapp.get('/__login/' + str(user_id))
return user, user_id
def test_twitter_callback_existing_user(self, post_mock, get_mock):
# good request, twitter is happy now. Existing user
user = User(screen_name='Johnny')
identity = ExternalIdentity(user=user,
provider='twitter',
external_id='user1')
with transaction.manager:
Session.add(user)
Session.add(identity)
Session.flush()
user_id = user.id
mock0 = mock.Mock()
mock0.status_code = 200
mock0.text = 'oauth_callback_confirmed=true&oauth_token=123456789'
mock1 = mock.Mock()
mock1.status_code = 200
mock1.text = 'oauth_token=xyz&user_id=user1&screen_name=JohnDoe'
mock2 = mock.Mock()
mock2.ok = True
mock2.json = lambda: {
'token_type': 'bearer',
'access_token': '1234567890',
}
post_mock.side_effect = [mock0, mock1, mock2]
get_response = get_mock.return_value
get_response.ok = True
get_response.json = lambda: {
'name': 'John Doe',
}
self.testapp.get('/twitter/login')
good_url = '/twitter/callback?oauth_token=123456789&oauth_verifier=abc'
res = self.testapp.get(good_url, status=302)
self.assertEqual(res.status, '302 Found')
self.assertEqual(res.location, 'http://localhost/')
self.assertTrue('Set-Cookie' in res.headers)
# even if the response from twitter included a different
# screen_name, our user will not be updated
new_user = Session.query(User).filter(User.id == user_id).one()
self.assertEqual(new_user.screen_name, 'Johnny')
class UpdatePreferencesTests(unittest.TestCase):
def setUp(self):
self.user = User(allow_google_analytics=False,
send_passwords_periodically=True)
def test_empty_preferences(self):
self.user.update_preferences({})
self.assertEqual(self.user.allow_google_analytics, False)
self.assertEqual(self.user.send_passwords_periodically, True)
def test_fake_preferences(self):
self.user.update_preferences({'foo': 'bar'})
self.assertEqual(self.user.allow_google_analytics, False)
self.assertEqual(self.user.send_passwords_periodically, True)
def test_real_preferences(self):
self.user.update_preferences({
'allow_google_analytics': True,
'send_passwords_periodically': False,
})
self.assertEqual(self.user.allow_google_analytics, True)
self.assertEqual(self.user.send_passwords_periodically, False)
def test_unicode_is_str(self):
u = User()
Session.add(u)
Session.flush()
self.assertEqual(u.__unicode__(), u.__str__())
def setUp(self):
self.user = User(screen_name='', first_name='', last_name='',
email='', email_verified=False)
class UpdateUserInfo(unittest.TestCase):
def setUp(self):
self.user = User(screen_name='', first_name='', last_name='',
email='', email_verified=False)
def test_update_user_info_empty(self):
self.user.update_user_info({})
self.assertEqual(self.user.screen_name, '')
self.assertEqual(self.user.first_name, '')
self.assertEqual(self.user.last_name, '')
self.assertEqual(self.user.email, '')
self.assertEqual(self.user.email_verified, False)
def test_update_user_info_names(self):
self.user.update_user_info({
'screen_name': 'John Doe',
'first_name': 'John',
'last_name': 'Doe',
})
self.assertEqual(self.user.screen_name, 'John Doe')
self.assertEqual(self.user.first_name, 'John')
self.assertEqual(self.user.last_name, 'Doe')
self.assertEqual(self.user.email, '')
self.assertEqual(self.user.email_verified, False)
def test_update_user_info_names_dont_update_empty_ones(self):
self.user.screen_name = 'John Doe'
self.user.first_name = 'John'
self.user.last_name = 'Doe'
self.user.update_user_info({
'screen_name': '',
'first_name': '',
'last_name': '',
})
self.assertEqual(self.user.screen_name, 'John Doe')
self.assertEqual(self.user.first_name, 'John')
self.assertEqual(self.user.last_name, 'Doe')
self.assertEqual(self.user.email, '')
self.assertEqual(self.user.email_verified, False)
def test_update_user_info_email(self):
self.user.update_user_info({'email': '*****@*****.**'})
self.assertEqual(self.user.email, '*****@*****.**')
self.assertEqual(self.user.email_verified, False)
def test_update_user_info_email_force_verified(self):
self.user.update_user_info({
'email': '*****@*****.**',
'email_verified': True,
})
self.assertEqual(self.user.email, '*****@*****.**')
self.assertEqual(self.user.email_verified, False)
def test_update_user_info_email_previously_verified(self):
self.user.email = '*****@*****.**'
self.user.email_verified = True
self.user.update_user_info({'email': '*****@*****.**'})
self.assertEqual(self.user.email, '*****@*****.**')
self.assertEqual(self.user.email_verified, False)
def setUp(self):
self.user = User(allow_google_analytics=False,
send_passwords_periodically=True)
def register_new_user(request):
try:
user_info = request.session['user_info']
except KeyError:
return HTTPBadRequest('Missing user info in the session')
try:
next_url = request.session['next_url']
except KeyError:
next_url = request.route_url('oauth2_clients')
schema = NewUserSchema()
button1 = Button('submit', _('Register into Yith Library'))
button1.css_class = 'btn-primary'
button2 = Button('cancel', _('Cancel'))
button2.css_class = 'btn-default logout'
form = Form(schema, buttons=(button1, button2))
if 'submit' in request.POST:
controls = request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure as e:
return {
'form': e.render(),
'provider': user_info.get('provider', ''),
'email': user_info.get('email', ''),
'next_url': next_url,
}
email = appstruct['email']
if email != '' and email == user_info['email']:
email_verified = True
else:
email_verified = False
user_attrs = {
'screen_name': appstruct['screen_name'],
'first_name': appstruct['first_name'],
'last_name': appstruct['last_name'],
'email': email,
'email_verified': email_verified,
}
if request.google_analytics.is_in_session():
allow_analytics = request.google_analytics.show_in_session()
user_attrs[analytics.USER_ATTR] = allow_analytics
request.google_analytics.clean_session()
user = User(**user_attrs)
provider = user_info['provider']
external_id = user_info['external_id']
user.add_identity(provider, external_id)
Session.add(user)
if not email_verified and email != '':
evc = EmailVerificationCode()
user.email_verification_code = evc.code
link = request.route_url('user_verify_email')
evc.send(request, user, link)
del request.session['user_info']
if 'next_url' in request.session:
del request.session['next_url']
Session.flush()
request.session['current_provider'] = provider
return HTTPFound(location=next_url,
headers=remember(request, str(user.id)))
elif 'cancel' in request.POST:
del request.session['user_info']
if 'next_url' in request.session:
del request.session['next_url']
return HTTPFound(location=next_url)
return {
'form': form.render({
'first_name': user_info.get('first_name', ''),
'last_name': user_info.get('last_name', ''),
'screen_name': user_info.get('screen_name', ''),
'email': user_info.get('email', ''),
}),
'provider': user_info.get('provider', ''),
'email': user_info.get('email', ''),
'next_url': next_url,
}
