def test_profile_update_profile_invalid(self):
from horus.views import ProfileController
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.interfaces import IProfileSchema
from horus.tests.models import User
from horus.tests.models import Activation
from horus.tests.schemas import ProfileSchema
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(ProfileSchema,
IProfileSchema)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(request_method='POST')
request.context = user
request.matchdict = Mock()
get = Mock()
get.return_value = user.id
request.matchdict.get = get
view = ProfileController(request)
response = view.edit_profile()
assert len(response['errors']) == 3
def test_profile_bad_id(self):
from horus.views import ProfileController
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.user = Mock()
request.matchdict = Mock()
get = Mock()
get.return_value = 99
request.matchdict.get = get
view = ProfileController(request)
response = view.profile()
assert response.status_int == 404
def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='error')
def test_forgot_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'email': 'sontek'
}, request_method='POST')
request.user = None
view = ForgotPasswordController(request)
response = view.forgot_password()
assert len(response['errors']) == 1
def test_forgot_password_valid_user(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'email': '*****@*****.**'
}, request_method='POST')
request.user = None
flash = Mock()
request.session.flash = flash
view = ForgotPasswordController(request)
response = view.forgot_password()
flash.assert_called_with(
'Please check your e-mail to reset your password.', 'success')
assert response.status_int == 302
def test_login_succeeds(self):
"""Make sure we can log in."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_register_existing_user(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
view = RegisterController(request)
adict = view.register()
assert isinstance(adict, dict)
assert adict['errors']
def test_inactive_login(self):
"""Make sure inactive users can't sign in."""
from horus.tests.models import User
from horus.tests.models import Activation
admin = User(username='******', email='*****@*****.**')
admin.activation = Activation()
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'),
{
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
}
)
assert b'Your account is not active, please check your e-mail.' \
in res.body
def test_inactive_login(self):
"""Make sure inactive users can't sign in."""
from horus.tests.models import User
from horus.tests.models import Activation
admin = User(username='******', email='*****@*****.**')
admin.activation = Activation()
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'), {
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
})
assert b'Your account is not active, please check your e-mail.' \
in res.body
def test_profile_bad_id(self):
from horus.views import ProfileController
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.user = Mock()
request.matchdict = Mock()
get = Mock()
get.return_value = 99
request.matchdict.get = get
view = ProfileController(request)
response = view.profile()
assert response.status_int == 404
def test_login_succeeds(self):
"""Make sure we can log in."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_forgot_password_valid_user(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'email': '*****@*****.**'
}, request_method='POST')
request.user = None
view = ForgotPasswordController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
response = view.forgot_password()
FlashMessage.assert_called_with(request,
view.Str.reset_password_email_sent, kind="success")
assert response.status_int == 302
def test_forgot_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'email': 'sontek'
}, request_method='POST')
request.user = None
view = ForgotPasswordController(request)
response = view.forgot_password()
assert len(response['errors']) == 1
def test_activate_invalid(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek')
assert not user.is_activated
assert response.status_int == 404
def test_inactive_login_fails(self):
""" Make sure we can't login with an inactive user """
from horus.tests.models import User
from horus.interfaces import IHorusUserClass
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
user = User(username='******', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
}, request_method='POST')
flash = Mock()
request.session.flash = flash
view = AuthController(request)
view.login()
flash.assert_called_with(u'Your account is not active, please check your e-mail.',
'error')
def test_profile_update_profile_invalid(self):
from horus.views import ProfileController
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.interfaces import IProfileSchema
from horus.tests.models import User
from horus.tests.models import Activation
from horus.tests.schemas import ProfileSchema
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(ProfileSchema,
IProfileSchema)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(request_method='POST')
request.context = user
request.matchdict = Mock()
get = Mock()
get.return_value = user.id
request.matchdict.get = get
view = ProfileController(request)
response = view.edit_profile()
assert len(response['errors']) == 3
def test_register_existing_user(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
view = RegisterController(request)
adict = view.register()
assert isinstance(adict, dict)
assert adict['errors']
def test_valid_login(self):
""" Call the login view, make sure routes are working """
from horus.tests.models import User
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'),
{
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
}
)
assert res.status_int == 302
def test_forgot_password_valid_user(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'email': '*****@*****.**'
}, request_method='POST')
request.user = None
view = ForgotPasswordController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
response = view.forgot_password()
FlashMessage.assert_called_with(request,
view.Str.reset_password_email_sent, kind="success")
assert response.status_int == 302
def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='danger')
def test_activate_invalid(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek')
assert not user.is_activated
assert response.status_int == 404
def test_password_hashing(self):
from horus.tests.models import User
user1 = User(username='******', email='*****@*****.**')
user1.password = '******'
self.session.add(user1)
self.session.flush()
assert user1.password != 'password'
assert user1.salt is not None
def test_password_hashing(self):
from horus.tests.models import User
user1 = User(username='******', email='*****@*****.**')
user1.password = '******'
self.session.add(user1)
self.session.flush()
assert user1.password != 'password'
assert user1.salt is not None
def test_reset_password_valid_user(self):
from horus.views import ForgotPasswordController
from hem.interfaces import IDBSession
from horus.events import PasswordResetEvent
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.models import crypt
from horus.interfaces import IHorusUserClass
from horus.interfaces import IHorusActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IHorusUserClass)
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 'test123',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
def handle_password_reset(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_password_reset, PasswordResetEvent)
view = ForgotPasswordController(request)
response = view.reset_password()
assert not crypt.check(user.password, 'temp' + user.salt)
assert response.status_int == 302
def test_profile_update_password(self):
from horus.views import ProfileController
from hem.interfaces import IDBSession
from horus.events import ProfileUpdatedEvent
from horus.models import crypt
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
def handle_profile_updated(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_profile_updated,
ProfileUpdatedEvent)
request = self.get_csrf_request(post={
'email': '*****@*****.**',
'password': {
'password': '******',
'password-confirm': 'test123',
},
}, request_method='POST')
request.context = user
request.matchdict = Mock()
get = Mock()
get.return_value = user.id
request.matchdict.get = get
flash = Mock()
request.session.flash = flash
view = ProfileController(request)
view.edit_profile()
new_user = User.get_by_id(request, user.id)
assert new_user.email == '*****@*****.**'
assert not crypt.check(user.password, 'temp' + user.salt)
def test_acl(self):
from horus.tests.models import User
from pyramid.security import Allow
user1 = User(username='******', email='*****@*****.**')
user1.password = '******'
self.session.add(user1)
self.session.flush()
assert user1.__acl__ == [(Allow, 'user:%s' % user1.id, 'access_user')]
def test_acl(self):
from horus.tests.models import User
from pyramid.security import Allow
user1 = User(username='******', email='*****@*****.**')
user1.password = '******'
self.session.add(user1)
self.session.flush()
assert user1.__acl__ == [(Allow, 'user:%s' % user1.id, 'access_user')]
def test_profile_update_password(self):
from horus.views import ProfileController
from hem.interfaces import IDBSession
from horus.events import ProfileUpdatedEvent
from horus.models import crypt
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.flush()
def handle_profile_updated(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_profile_updated,
ProfileUpdatedEvent)
request = self.get_csrf_request(post={
'email': '*****@*****.**',
'password': {
'password': '******',
'password-confirm': 'test123',
},
}, request_method='POST')
request.context = user
request.matchdict = Mock()
get = Mock()
get.return_value = user.id
request.matchdict.get = get
view = ProfileController(request)
view.edit_profile()
new_user = User.get_by_id(request, user.id)
assert new_user.email == '*****@*****.**'
assert not crypt.check(user.password, 'temp' + user.salt)
def test_reset_password_valid_user(self):
from horus.views import ForgotPasswordController
from hem.interfaces import IDBSession
from horus.events import PasswordResetEvent
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.models import crypt
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'password': {
'password': '******',
'password-confirm': 'test123',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
def handle_password_reset(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_password_reset, PasswordResetEvent)
view = ForgotPasswordController(request)
response = view.reset_password()
assert not crypt.check(user.password, 'temp' + user.salt)
assert response.status_int == 302
def test_get_user_by_invalid_email(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_email(request, '*****@*****.**')
assert new_user == None
def test_get_user_by_id(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_id(request, user.id)
assert new_user == user
def test_get_user_by_invalid_email(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_email(request, '*****@*****.**')
assert new_user == None
def test_get_valid_user_by_security_code(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_security_code(request, user.security_code)
assert user == new_user
def test_get_user_by_id(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_id(request, user.id)
assert new_user == user
def test_get_valid_user_by_security_code(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_security_code(request, user.security_code)
assert user == new_user
def test_activate_invalid_user(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
bad_act = Activation()
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user2 = User(username='******', email='*****@*****.**')
user2.activation = bad_act
user2.password = '******'
self.session.add(user)
self.session.add(user2)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(val, ret):
if val == 'code':
return bad_act.code
elif val == 'user_id':
return user.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
new_user1 = User.get_by_username(request, 'sontek')
new_user2 = User.get_by_username(request, 'jessie')
assert not new_user1.is_activated
assert not new_user2.is_activated
assert response.status_int == 404
def test_activate_invalid_user(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IHorusUserClass
from horus.tests.models import User
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
bad_act = Activation()
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.set_password('foo')
user2 = User(username='******', email='*****@*****.**')
user2.activation = bad_act
user2.set_password('foo2')
self.session.add(user)
self.session.add(user2)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(val, ret):
if val == 'code':
return bad_act.code
elif val == 'user_pk':
return user.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
new_user1 = User.get_by_username(request, 'sontek')
new_user2 = User.get_by_username(request, 'jessie')
assert not new_user1.is_activated
assert not new_user2.is_activated
assert response.status_int == 404
def test_register_creates_user(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
request.user = Mock()
controller = RegisterController(request)
response = controller.register()
assert response.status_int == 302
user = User.get_by_username(request, 'admin')
assert user != None
def test_get_all_users(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
user2 = User(username='******', email='*****@*****.**')
user2.password = '******'
self.session.add(user)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
users = User.get_all(request)
assert len(users.all()) == 2
def test_register_creates_user(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
request.user = Mock()
controller = RegisterController(request)
response = controller.register()
assert response.status_int == 302
user = User.get_by_username(request, 'admin')
assert user != None
def test_get_user_by_activation(self):
from horus.tests.models import User
from horus.tests.models import Activation
user = User(username='******', email='*****@*****.**')
user.password = '******'
activation = Activation()
user.activation = activation
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user
def test_get_user_by_activation(self):
from horus.tests.models import User
from horus.tests.models import Activation
user = User(username='******', email='*****@*****.**')
user.password = '******'
activation = Activation()
user.activation = activation
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user
def test_reset_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 't',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
view = ForgotPasswordController(request)
response = view.reset_password()
assert len(response['errors']) == 1
def test_user_factory(self):
from horus.resources import UserFactory
from horus.tests.models import User
from horus.interfaces import IUserClass
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
factory = UserFactory(request)
fact_user = factory[user.id]
assert factory.request == request
assert user == fact_user
def test_get_all(self):
from horus.tests.models import Group
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
group = Group(name='admin', description='group for admins')
group.users.append(user)
self.session.add(group)
self.session.commit()
request = testing.DummyRequest()
groups = Group.get_all(request)
assert len(groups.all()) == 1
def test_get_all(self):
from horus.tests.models import Group
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
self.session.add(user)
group = Group(name='admin', description='group for admins')
group.users.append(user)
self.session.add(group)
self.session.commit()
request = testing.DummyRequest()
groups = Group.get_all(request)
assert len(groups.all()) == 1
def test_user_factory(self):
from horus.resources import UserFactory
from horus.tests.models import User
from horus.interfaces import IHorusUserClass
self.config.registry.registerUtility(User, IHorusUserClass)
user = User(user_name='sontek', email='*****@*****.**')
user.set_password('foo')
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
factory = UserFactory(request)
fact_user = factory[user.pk]
assert factory.request == request
assert user == fact_user
def test_activate_multiple_users(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IHorusUserClass
from horus.tests.models import User
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.set_password('foo')
user1 = User(username='******', email='*****@*****.**')
user1.activation = Activation()
user1.set_password('foo2')
self.session.add(user)
self.session.add(user1)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user1.activation.code
else:
return user1.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek1')
activations = Activation.get_all(request)
assert len(activations.all()) == 1
assert user.is_activated
assert response.status_int == 302
def test_activate_multiple_users(self):
from horus.views import RegisterController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', email='*****@*****.**')
user.activation = Activation()
user.password = '******'
user1 = User(username='******', email='*****@*****.**')
user1.activation = Activation()
user1.password = '******'
self.session.add(user)
self.session.add(user1)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user1.activation.code
else:
return user1.id
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
user = User.get_by_username(request, 'sontek1')
activations = Activation.get_all(request)
assert len(activations.all()) == 1
assert user.is_activated
assert response.status_int == 302
def test_reset_password_invalid_password(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import User
from horus.tests.models import Activation
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'Password': '******',
'Password-confirm': 't',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert len(response['errors']) == 1
def test_group_finder(self):
from horus import groupfinder
from horus.tests.models import User
from horus.tests.models import Group
group = Group(name='foo', description='bar')
user1 = User(username='******', email='*****@*****.**')
user1.password = '******'
group.users.append(user1)
self.session.add(group)
self.session.add(user1)
self.session.flush()
request = Mock()
request.user = user1
results = groupfinder(1, request)
assert 'group:foo' in results
assert 'user:%s' % (user1.id) in results
assert len(results) == 2
def test_group_finder(self):
from horus import groupfinder
from horus.tests.models import User
from horus.tests.models import Group
group = Group(name='foo', description='bar')
user1 = User(username='******', email='*****@*****.**')
user1.set_password('foo')
group.users.append(user1)
self.session.add(group)
self.session.add(user1)
self.session.flush()
request = Mock()
request.user = user1
results = groupfinder(1, request)
assert 'group:foo' in results
assert 'user:%s' % (user1.id) in results
assert len(results) == 2
def test_valid_login(self):
""" Call the login view, make sure routes are working """
from horus.tests.models import User
admin = User(user_name='sontek', email='*****@*****.**')
admin.set_password('temp')
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
res = self.app.post('/login',
{
'submit': True,
'User_name': 'sontek',
'Password': '******',
'csrf_token': csrf
}
)
assert res.status_int == 302
def test_register_no_email_validation(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from hem.interfaces import IDBSession
from horus.events import NewRegistrationEvent
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
self.config.registry.settings['horus.require_activation'] = False
def handle_registration(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_registration, NewRegistrationEvent)
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
flash = Mock()
request.session.flash = flash
request.user = Mock()
controller = RegisterController(request)
response = controller.register()
assert response.status_int == 302
user = User.get_by_username(request, 'admin')
assert user.is_activated == True
flash.assert_called_with(
'You have been registered, you may log in now!', 'success')
def test_reset_password_loads(self):
from horus.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.tests.models import Activation
from horus.interfaces import IActivationClass
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******',
email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert response.get('form', None)
assert 'sontek' in response['form']
def test_valid_login(self):
""" Call the login view, make sure routes are working """
from horus.tests.models import User
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
if six.PY3:
csrf = clean_byte_string(csrf)
res = self.app.post(
str('/login'), {
'submit': True,
'username': '******',
'password': '******',
'csrf_token': csrf
})
assert res.status_int == 302
def test_register_no_email_validation(self):
from horus.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from hem.interfaces import IDBSession
from horus.events import NewRegistrationEvent
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.include('horus')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
self.config.registry.settings['horus.require_activation'] = False
def handle_registration(event):
request = event.request
session = request.registry.getUtility(IDBSession)
session.commit()
self.config.add_subscriber(handle_registration, NewRegistrationEvent)
request = self.get_csrf_request(post={
'username': '******',
'password': {
'password': '******',
'password-confirm': 'test123',
},
'email': '*****@*****.**'
}, request_method='POST')
request.user = Mock()
view = RegisterController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
response = view.register()
FlashMessage.assert_called_with(request,
view.Str.registration_done, kind="success")
assert response.status_int == 302
user = User.get_by_username(request, 'admin')
assert user.is_activated == True
def test_get_all_users(self):
from horus.tests.models import User
user = User(username='******', email='*****@*****.**')
user.password = '******'
user2 = User(username='******', email='*****@*****.**')
user2.password = '******'
self.session.add(user)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
users = User.get_all(request)
assert len(users.all()) == 2
def test_get_user_by_activation_with_multiple_users(self):
from horus.tests.models import User
from horus.tests.models import Activation
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.password = '******'
user2.password = '******'
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_activation(request, activation)
assert new_user == user2
def test_get_user_activation(self):
from horus.tests.models import Activation
from horus.tests.models import User
user1 = User(username='******', email='*****@*****.**')
user2 = User(username='******', email='*****@*****.**')
user1.password = '******'
user2.password = '******'
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
new_user = User.get_by_username(request, 'sontek2')
new_activation = Activation.get_by_code(request, activation.code)
assert activation == new_activation
assert new_user.activation == new_activation