def test_registration_success(self):
# Click 'Register Now'
self.driver.find_element_by_id("btnRegister").click()
time.sleep(loadWait)
# Assert that browser redirects to register page
assert url_for('.register') in self.driver.current_url
# New user data
username = '******'
password = '******'
# Fill in registration form
count = len(User.by_filter(''))
self.driver.find_element_by_id("username").send_keys(username)
self.driver.find_element_by_id("password").send_keys(password)
self.driver.find_element_by_id("submit").click()
time.sleep(loadWait)
# Assert that browser redirects to login page
assert url_for('.login') in self.driver.current_url
# Assert success message is shown
msg = self.driver.find_element_by_class_name("alert").text
assert "Registration successful!" in msg
# Assert that there are now 3 employees in the database
self.assertEqual(len(User.by_filter('')), count + 1)
def register():
form = RegisterForm()
if request.method == 'POST' and form.validate_on_submit():
User.new(form.username.data, form.password.data)
flash('Registration successful!', 'success')
return redirect(url_for(".login"))
return render_template("register.html", form=form)
def login():
form = LoginForm()
if request.method == 'POST' and form.validate_on_submit():
u = User.by_name(form.username.data)
if u:
login_user(u)
flash("Logged in successfully.", "success")
return redirect(request.args.get('next') or url_for(".index"))
return render_template("login.html", form=form)
def users(filter):
if not current_user.is_admin():
flash(
"Access Denied - This infraction has been reported to the cyber police.",
"failure")
return redirect(url_for(".index"))
users = User.by_filter(filter)
data = [u.__dict__ for u in users]
return jsonify(data)
def admin():
if not current_user.is_admin():
flash(
"Access Denied - This infraction has been reported to the cyber police.",
"failure")
return redirect(url_for(".index"))
users = User.by_filter('')
accts = Acct.by_filter('')
for a in accts:
u = User.by_id(a.user)
a.user_name = u.name
xacts = Xact.by_acct_id(a.id)
a.count = len(xacts)
return render_template("admin.html",
user=current_user,
users=users,
accts=accts)
def test_register_user(self):
# create new user
user_id = User.new('username', 'password')
# validate user receives one account
accts = Acct.by_user_id(user_id)
self.assertEqual(len(accts), 1)
# validate user's account starts with 2 transactions
# 1. Starting Balance 0.00
# 2. New Account Offer 1337.00
xacts = Xact.by_acct_id(accts[0].id)
self.assertEqual(len(xacts), 2)
def validate(self):
check_validate = super(RegisterForm, self).validate()
# Check validation passes (both fields provided)
if not check_validate:
print(self.errors)
return False
# Check the user does not exist
u = User.by_name(self.username.data)
if u:
self.username.errors.append('Username already in use')
return False
return True
def index():
acct = None
xacts = None
u = User.by_id(current_user.get_id())
if u is not None:
acct = Acct.by_user_id(u.id)[0]
xacts = Xact.by_acct_id(acct.id)
# calculate running balance
balance = acct.balance
for i, x in enumerate(xacts):
x.balance = balance
balance -= x.amount
return render_template("index.html", acct=acct, xacts=xacts)
def validate(self):
check_validate = super(LoginForm, self).validate()
# Check validation passes (both fields provided)
if not check_validate:
print(self.errors)
return False
# Check the user exists
u = User.by_name(self.username.data)
if not u:
self.username.errors.append('Invalid username or password')
return False
# Check the password matches
if not u.check_password(self.password.data):
self.username.errors.append('Invalid username or password')
return False
return True
def test_admin_edit_other_user(self):
self.login(adminName, adminPass)
# Click 'Admin'
self.driver.find_element_by_id("btnAdmin").click()
time.sleep(loadWait)
# Click on user row
uid = 4
self.driver.find_element_by_id("user_" + str(uid)).click()
time.sleep(loadWait)
# Perform edit
u = User.by_id(uid)
u.fullname = 'Badmin'
self.edit_details(u)
# Validate change by checking user row
assert 'Badmin' in self.driver.find_element_by_id("user_" +
str(uid)).text
def test_edit_details_success(self):
self.login(userName, userPass)
# Click 'Edit Details'
self.driver.find_element_by_id("btnEditDetails").click()
time.sleep(loadWait)
# Updated details
newEmail = '*****@*****.**'
newPassword = '******'
# Submit edit form
u = User.by_name(userName)
u.email = newEmail
self.edit_details(u, newPassword)
# Validate updated email
assert self.driver.find_element_by_id("user_email").text == newEmail
# Validate new password
self.logout()
self.login(userName, newPassword)
def edit(username):
# fetch user model to edit
u = User.by_name(username)
if u is not None:
user = u
else:
user = current_user
# only admin's can edit other user account details
if user.id != current_user.id and not current_user.is_admin():
flash(
"Access Denied - This infractions has been reported to the cyber police.",
"failure")
return redirect(url_for(".index"))
form = EditForm(role=user.role,
username=user.name,
fullname=user.fullname,
phone=user.phone,
email=user.email)
if request.method == 'POST' and form.validate_on_submit():
if form.password.data != "":
u.set_password(form.password.data)
u.role = form.role.data
u.fullname = form.fullname.data
u.phone = form.phone.data
u.email = form.email.data
# commit updates
u.update()
flash("Successfully updated details.", "success")
return redirect(request.args.get('next') or url_for(".index"))
return render_template("edit.html", user=user, form=form)
def load_user(id):
return User.by_id(id)
def test_user_model(self):
# new users can be added
count = len(User.by_filter(''))
user_id = User.new('username', 'password')
self.assertEqual(user_id, count + 1)