def test_bootstrap_error(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.save()
response = self.client.get('/bootstrap/')
# since we have a user now, bootstrap should fail
response = self.client.get('/user/create/')
logging.info("response status: %s" % response.status_code)
assert response.status_code == 302
def test_bootstrap_error(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.save()
response = self.client.get('/bootstrap/')
# since we have a user now, bootstrap should fail
response = self.client.get('/user/create/')
logging.info("response status: %s" % response.status_code)
assert response.status_code == 302
def test_passwords(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
assert PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "wrong")
def test_change_password(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
response = self.client.get('/user/[email protected]/change_password/')
assert response.status_code == 200
pw_data = {"password": "******", "confirm": "newpassword"}
response = self.client.post('/user/[email protected]/change_password/',
data=pw_data,
follow_redirects=True)
assert response.status_code == 200
assert PortalUser.check_login("*****@*****.**", "newpassword")
assert not PortalUser.check_login("*****@*****.**", "password")
self.client.get("/logout")
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
def test_passwords(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.set_password("password")
user.save()
assert PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "wrong")
def bootstrap():
if PortalUser.no_users():
session['logged_in'] = True
flash('Logged in without a real user -- be sure and create one soon.')
return redirect('/users/all/')
else:
flash('Bootstrap login not available after first user created.')
return redirect(url_for('index'))
def test_create_user(self):
response = self.client.get('/bootstrap/')
response = self.client.get('/user/create/')
assert response.status_code == 200
test_data = {
"email": '*****@*****.**',
"first_name": "create",
"last_name": "test",
"password": "******",
"confirm": "password",
"needs_password": True,
}
response = self.client.post('/user/save/',
data=test_data,
follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email(test_data['email'])
assert user
assert user.first_name == test_data['first_name']
assert user.last_name == test_data['last_name']
# save with a new name, test false "needs_password" path
test_data = {
"email": '*****@*****.**',
"first_name": "changed",
"last_name": "test",
}
response = self.client.post('/user/save/',
data=test_data,
follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email("*****@*****.**")
assert user.first_name == "changed"
# test error case -- first_name can't be blank
test_data = {
"email": '*****@*****.**',
"first_name": "",
"last_name": "test",
}
response = self.client.post('/user/save/',
data=test_data,
follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email("*****@*****.**")
assert user.first_name is not ""
def login():
error = None
if request.method == 'POST':
if PortalUser.check_login(request.form['email'], request.form['password']):
session['logged_in'] = True
flash('You were logged in')
return redirect(url_for('users.list_users'))
error = "Invalid email or password"
form = LoginForm()
return render_template('login.html', form=form, error=error)
def change_password(email):
if request.method == 'POST':
form = PasswordForm(request.form)
if form.validate():
user = PortalUser.find_by_email(email)
user.set_password(form.password.data)
user.save()
flash('Password changed')
return redirect('/user/%s/' % email)
else:
form = PasswordForm()
return render_template('change_password.html', form=form, email=email)
def change_password(email):
if request.method == 'POST':
form = PasswordForm(request.form)
if form.validate():
user = PortalUser.find_by_email(email)
user.set_password(form.password.data)
user.save()
flash('Password changed')
return redirect('/user/%s/' % email)
else:
form = PasswordForm()
return render_template('change_password.html', form=form, email=email)
def test_login(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
response = self.client.get('/login')
assert response.status_code == 200
# bogus logins cause errors
# TODO -- test that session is not set
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
# now we can get
response = self.client.get('/user/all/')
assert response.status_code == 200
def test_user_model(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.save()
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.find_by_key(ObjectId()) == None
def test_create_user(self):
response = self.client.get('/bootstrap/')
response = self.client.get('/user/create/')
assert response.status_code == 200
test_data = { "email": '*****@*****.**',
"first_name": "create",
"last_name": "test",
"password": "******",
"confirm": "password",
"needs_password": True,
}
response = self.client.post('/user/save/', data=test_data, follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email(test_data['email'])
assert user
assert user.first_name == test_data['first_name']
assert user.last_name == test_data['last_name']
# save with a new name, test false "needs_password" path
test_data = { "email": '*****@*****.**',
"first_name": "changed",
"last_name": "test",
}
response = self.client.post('/user/save/', data=test_data, follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email("*****@*****.**")
assert user.first_name == "changed"
# test error case -- first_name can't be blank
test_data = { "email": '*****@*****.**',
"first_name": "",
"last_name": "test",
}
response = self.client.post('/user/save/', data=test_data, follow_redirects=True)
assert response.status_code == 200
user = PortalUser.find_by_email("*****@*****.**")
assert user.first_name is not ""
def test_login(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.set_password("password")
user.save()
response = self.client.get('/login')
assert response.status_code == 200
# bogus logins cause errors
# TODO -- test that session is not set
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data, follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
# now we can get
response = self.client.get('/user/all/')
assert response.status_code == 200
def test_change_email(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.set_password("password")
user.save()
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data, follow_redirects=True)
test_data = { "email": '*****@*****.**',
"first_name": "Test",
"last_name": "User",
"id": str(user.id),
}
response = self.client.post('/user/save/', data=test_data, follow_redirects=False)
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.check_login("*****@*****.**", "password")
def test_change_email(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
test_data = {
"email": '*****@*****.**',
"first_name": "Test",
"last_name": "User",
"id": str(user.id),
}
response = self.client.post('/user/save/',
data=test_data,
follow_redirects=False)
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.check_login("*****@*****.**", "password")
def save_user():
needs_password = '******' in request.form
if needs_password:
form = NewUserForm(request.form)
else:
form = UserForm(request.form)
if form.validate():
email = form.email.data
if form.id.data:
user = PortalUser.find_by_key(form.id.data)
else:
user = PortalUser.find_by_email(email)
if not user:
user = PortalUser(email=email)
form.populate_obj(user)
if 'password' in request.form:
user.set_password(form.password.data)
user.save()
return redirect(url_for('list_users'))
else:
return render_template('user_detail.html',
form=form,
needs_password=needs_password)
def test_change_password(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.set_password("password")
user.save()
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data, follow_redirects=True)
response = self.client.get('/user/[email protected]/change_password/')
assert response.status_code == 200
pw_data = {"password": "******", "confirm": "newpassword"}
response = self.client.post('/user/[email protected]/change_password/', data=pw_data, follow_redirects=True)
assert response.status_code == 200
assert PortalUser.check_login("*****@*****.**", "newpassword")
assert not PortalUser.check_login("*****@*****.**", "password")
self.client.get("/logout")
login_data = { "email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data, follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
def save_user():
needs_password = '******' in request.form
if needs_password:
form = NewUserForm(request.form)
else:
form = UserForm(request.form)
if form.validate():
email = form.email.data
if form.id.data:
user = PortalUser.find_by_key(form.id.data)
else:
user = PortalUser.find_by_email(email)
if not user:
user = PortalUser(email=email)
form.populate_obj(user)
if 'password' in request.form:
user.set_password(form.password.data)
user.save()
return redirect(url_for('list_users'))
else:
return render_template('user_detail.html', form=form, needs_password=needs_password)
def test_user_model(self):
user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User")
user.save()
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.find_by_key(ObjectId()) == None
def edit_user(email):
user = PortalUser.find_by_email(email)
form = UserForm(request.args, user)
return render_template('user_detail.html', form=form)
def list_users():
users = PortalUser.all()
return render_template('user_list.html', users=users)
def edit_user(email):
user = PortalUser.find_by_email(email)
form = UserForm(request.args, user)
return render_template('user_detail.html', form=form)
def list_users():
users = PortalUser.all()
return render_template('user_list.html', users=users)
