def show(request):
"""Shows the profile of a user."""
# TODO workshop: write a test
# TODO workshop: not found
session = DBSession()
user = session.query(User).get(request.matchdict['user_id'])
return {'user': user}
def login(request):
username = request.params.get('username', None)
password = request.params.get('password', None)
session = DBSession()
user = session.query(User).filter(User.username==username).first()
if user is not None and user.password == password:
response = HTTPFound('/')
# totally insecure, TODO in workshop: use auth token or something
response.set_cookie('user_id', str(user.id), max_age=timedelta(30))
return response
return {'username': username}
def add_user_to_request(event):
"""Event subscriber to add the user to the request if any.
If user not logged in, request.user is None.
"""
# totally insecure TODO workshop: use auth token or something
try:
user_id = int(event.request.cookies['user_id'])
except (ValueError, KeyError):
event.request.user = None
return
session = DBSession()
event.request.user = session.query(User).get(user_id)
def test_returns_list_of_all_users(self):
from cody.views.users import index
from cody.models import DBSession, User
session = DBSession()
session.add(User())
session.add(User())
session.add(User())
request = testing.DummyRequest()
response = index(request)
self.assertEqual(type(response), dict)
self.assertTrue('users' in response)
self.assertEqual(response['users'].count(), 3)
def create(request):
"""Receives data to register a user."""
# TODO workshop: validation
# TODO workshop: encrypt password
username = request.params['username']
password = request.params['password']
name = request.params['name']
email = request.params['email']
location = request.params['location']
user = User(username, password, name, email, location)
session = DBSession()
session.add(user)
session.flush()
# TODO workshop: test email by mocking
send_welcome_email(request.registry.settings, name, email)
response = HTTPFound(route_url('user_single', request, user_id=user.id))
# totally insecure, TODO in workshop: use auth token or something
response.set_cookie('user_id', str(user.id), max_age=timedelta(30))
return response
def test_creates_user_when_valid(self):
from cody.views.users import create
from cody.models import User
from pyramid.httpexceptions import HTTPFound
from cody.models import DBSession
request = testing.DummyRequest()
request.params['username'] = u'john55'
request.params['password'] = u'password'
request.params['name'] = u'John Doe'
request.params['email'] = u'*****@*****.**'
request.params['location'] = u'Quebec'
response = create(request)
session = DBSession()
user = DBSession.query(User).one()
self.assertEqual(user.username, u'john55')
self.assertGreater(len(user.password), 0)
self.assertEqual(user.name, u'John Doe')
self.assertEqual(user.email, u'*****@*****.**')
self.assertEqual(user.location, u'Quebec')
def tearDown(self):
DBSession.remove()
testing.tearDown()
def index(request):
"""List all the users."""
session = DBSession()
users = session.query(User).order_by(User.username)
return {'users': users}