def test_allow_password_reuse(self): """ If the company doesn't enforce password expiration, allow dup passwords """ self.company.password_expiration = False self.company.save() self.user = User.objects.get(pk=self.user.pk) password = '******' self.user.set_password(password) self.user.save() form = ChangePasswordForm(user=self.user, data={ 'password': password, 'new_password1': password, 'new_password2': password, }) self.assertTrue(form.is_valid())
def test_prevent_password_reuse(self): """ Prevent password reuse if any of the users' companies require it. """ self.company.password_expiration = True self.company.save() self.user = User.objects.get(pk=self.user.pk) limit = settings.PASSWORD_HISTORY_ENTRIES def password(i): return 'password-enTry-%d' % i for i in range(0, limit + 1): entry = password(i) self.user.set_password(entry) self.user.save() last_pw = entry for i in range(1, limit + 1): entry = password(i) form = ChangePasswordForm( user=self.user, data={ 'password': last_pw, 'new_password1': entry, 'new_password2': entry, }) self.assertFalse(form.is_valid()) self.assertRegexpMatches( form.errors['new_password1'][0], r'different from the previous') entry = password(0) form = ChangePasswordForm( user=self.user, data={ 'password': last_pw, 'new_password1': entry, 'new_password2': entry, }) self.assertTrue(form.is_valid())
def test_allow_password_reuse(self): """ If the company doesn't enforce password expiration, allow dup passwords """ self.company.password_expiration = False self.company.save() self.user = User.objects.get(pk=self.user.pk) password = '******' self.user.set_password(password) self.user.save() form = ChangePasswordForm( user=self.user, data={ 'password': password, 'new_password1': password, 'new_password2': password, }) self.assertTrue(form.is_valid())
def test_password_form(self): invalid_data = [ { 'data': {'password': '******', 'new_password1': '7dY=Ybtk', 'new_password2': '7dY=Ybtk'}, u'errors': [['password', [u"Wrong password."]]]}, { 'data': {'password': '******', 'new_password1': '7dY=Ybtk', 'new_password2': 'notnewpassword'}, u'errors': [[u'new_password2', [u'The new password fields did not match.']], [u'new_password1', [u'The new password fields did not match.']]], }, ] for item in invalid_data: form = ChangePasswordForm(user=self.user, data=item['data']) self.failIf(form.is_valid()) self.assertEqual(form.errors[item[u'errors'][0][0]], item[u'errors'][0][1]) form = ChangePasswordForm(user=self.user,data={'password': '******', 'new_password1': '7dY=Ybtk', 'new_password2': '7dY=Ybtk'}) self.failUnless(form.is_valid()) form.save() self.failUnless(self.user.check_password('7dY=Ybtk'))
def test_password_form(self): invalid_data = [ { "data": {"password": "******", "new_password1": "newpassword", "new_password2": "newpassword"}, u"errors": [["password", [u"Wrong password."]]], }, { "data": {"password": "******", "new_password1": "newpassword", "new_password2": "notnewpassword"}, u"errors": [ [u"new_password2", [u"The new password fields did not match."]], [u"new_password1", [u"The new password fields did not match."]], ], }, ] for item in invalid_data: form = ChangePasswordForm(user=self.user, data=item["data"]) self.failIf(form.is_valid()) self.assertEqual(form.errors[item[u"errors"][0][0]], item[u"errors"][0][1]) form = ChangePasswordForm( user=self.user, data={"password": "******", "new_password1": "anothersecret", "new_password2": "anothersecret"}, ) self.failUnless(form.is_valid()) form.save() self.failUnless(self.user.check_password("anothersecret"))
def test_password_form(self): invalid_data = [ { 'data': { 'password': '******', 'new_password1': 'newpassword', 'new_password2': 'newpassword' }, u'errors': [['password', [u"Wrong password."]]] }, { 'data': { 'password': '******', 'new_password1': 'newpassword', 'new_password2': 'notnewpassword' }, u'errors': [[ u'new_password2', [u'The new password fields did not match.'] ], [ u'new_password1', [u'The new password fields did not match.'] ]], }, ] for item in invalid_data: form = ChangePasswordForm(user=self.user, data=item['data']) self.failIf(form.is_valid()) self.assertEqual(form.errors[item[u'errors'][0][0]], item[u'errors'][0][1]) form = ChangePasswordForm(user=self.user, data={ 'password': '******', 'new_password1': 'anothersecret', 'new_password2': 'anothersecret' }) self.failUnless(form.is_valid()) form.save() self.failUnless(self.user.check_password('anothersecret'))
def test_prevent_password_reuse(self): """ Prevent password reuse if any of the users' companies require it. """ self.company.password_expiration = True self.company.save() self.user = User.objects.get(pk=self.user.pk) limit = settings.PASSWORD_HISTORY_ENTRIES def password(i): return 'password-enTry-%d' % i for i in range(0, limit + 1): entry = password(i) self.user.set_password(entry) self.user.save() last_pw = entry for i in range(1, limit + 1): entry = password(i) form = ChangePasswordForm(user=self.user, data={ 'password': last_pw, 'new_password1': entry, 'new_password2': entry, }) self.assertFalse(form.is_valid()) self.assertRegexpMatches(form.errors['new_password1'][0], r'different from the previous') entry = password(0) form = ChangePasswordForm(user=self.user, data={ 'password': last_pw, 'new_password1': entry, 'new_password2': entry, }) self.assertTrue(form.is_valid())
def edit_account(request): user = request.user obj = User.objects.get(id=user.id) change_password = False if user.is_verified: communication_form = EditCommunicationForm(user=user, instance=obj) else: communication_form = None password_form = ChangePasswordForm(user=user) if request.user.password_change: change_password = True ctx = { 'user': user, 'communication_form': communication_form, 'password_form': password_form, 'change_password': change_password, } if request.method == "POST": obj = User.objects.get(id=request.user.id) if 'communication' in request.REQUEST: form = EditCommunicationForm(user=request.user, instance=obj, data=request.POST) if form.is_valid(): form.save() ctx['communication_form'] = form ctx['message_body'] = ('Communication Settings have been ' 'updated successfully.') ctx['messagetype'] = 'success' template = '%s/edit-account.html' % settings.PROJECT return render_to_response(template, ctx, RequestContext(request)) else: ctx['communication_form'] = form template = '%s/edit-account.html' % settings.PROJECT return render_to_response(template, ctx, RequestContext(request)) elif 'password' in request.REQUEST: form = ChangePasswordForm(user=request.user, data=request.POST) if form.is_valid(): request.user.password_change = False request.user.save() form.save() ctx['password_form'] = form ctx['message_body'] = ('Password Settings have been ' 'updated successfully.') ctx['messagetype'] = 'success' template = '%s/edit-account.html' % settings.PROJECT return render_to_response(template, ctx, RequestContext(request)) else: ctx['password_form'] = form template = '%s/edit-account.html' % settings.PROJECT return render_to_response(template, ctx, RequestContext(request)) else: raise Http404("myjobs.views.edit_account: request is not POST") return render_to_response('%s/edit-account.html' % settings.PROJECT, ctx, RequestContext(request))