def test_profile_changepassword_route(cl_user):
"""user profile change password"""
cur_password = PWS.generate()
new_password = PWS.generate()
user = User.query.filter(User.username == 'pytest_user').one()
user.password = cur_password
db.session.commit()
form = cl_user.get(url_for('auth.profile_changepassword_route')).form
form['current_password'] = cur_password
form['password1'] = 'AlongPassword1'
form['password2'] = 'AlongPassword2'
response = form.submit()
assert response.status_code == HTTPStatus.OK
assert response.lxml.xpath(
'//div[@class="invalid-feedback" and text()="Passwords does not match."]'
)
form = cl_user.get(url_for('auth.profile_changepassword_route')).form
form['current_password'] = cur_password
form['password1'] = 'weak'
form['password2'] = 'weak'
response = form.submit()
assert response.status_code == HTTPStatus.OK
assert response.lxml.xpath(
'//div[@class="invalid-feedback" and contains(text(), "Password too short.")]'
)
form = cl_user.get(url_for('auth.profile_changepassword_route')).form
form['current_password'] = '******'
form['password1'] = new_password
form['password2'] = new_password
response = form.submit()
assert response.status_code == HTTPStatus.OK
assert response.lxml.xpath(
'//script[contains(text(), "toastr[\'error\'](\'Invalid current password.\');")]'
)
form = cl_user.get(url_for('auth.profile_changepassword_route')).form
form['current_password'] = cur_password
form['password1'] = new_password
form['password2'] = new_password
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
user = User.query.filter(User.username == 'pytest_user').one()
assert PWS.compare(PWS.hash(new_password, PWS.get_salt(user.password)),
user.password)
def test_login_totp(client, user_factory):
"""test login totp"""
password = PWS.generate()
secret = TOTPImpl.random_base32()
user = user_factory(password=password, totp=secret)
response = client.get(url_for('auth.login_totp_route'))
assert response.status_code == HTTPStatus.FOUND
assert url_for('auth.login_route') in response.headers['Location']
form = client.get(url_for('auth.login_route')).form
form['username'] = user.username
form['password'] = password
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
form = response.follow().form
form['code'] = 'invalid'
response = form.submit()
assert response.status_code == HTTPStatus.OK
assert response.lxml.xpath(
'//div[@class="invalid-feedback" and text()="Invalid code"]')
form = response.form
form['code'] = TOTPImpl(secret).current_code()
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
response = client.get(url_for('index_route'))
assert response.lxml.xpath('//a[text()="Logout"]')
class UserFactory(BaseModelFactory): # pylint: disable=too-few-public-methods
"""test user model factory"""
class Meta: # pylint: disable=too-few-public-methods
"""test user model factory"""
model = User
username = '******'
password = LazyAttribute(lambda x: PWS.generate())
active = True
roles = ['user']
def reset_password(username):
"""reset password for username"""
user = User.query.filter(User.username == username).one_or_none()
if not user:
current_app.logger.error('no such user')
sys.exit(1)
tmp_password = PWS.generate()
user.password = tmp_password
db.session.commit()
print(f'new password "{user.username}:{tmp_password}"')
def client_in_roles(clnt, roles):
"""create user role and login client to role(s)"""
password = PWS.generate()
user = User(username='******', password=PWS.hash(password), active=True, roles=roles)
db.session.add(user)
db.session.commit()
form = clnt.get(url_for('auth.login_route')).form
form['username'] = user.username
form['password'] = password
form.submit()
return clnt
def selenium_in_roles(sclnt, roles):
"""create user role and login selenium to role(s)"""
tmp_password = PWS.generate()
tmp_user = User(username='******', password=PWS.hash(tmp_password), active=True, roles=roles)
db.session.add(tmp_user)
db.session.commit()
sclnt.get(url_for('auth.login_route', _external=True))
sclnt.find_element_by_xpath('//form//input[@name="username"]').send_keys(tmp_user.username)
sclnt.find_element_by_xpath('//form//input[@name="password"]').send_keys(tmp_password)
sclnt.find_element_by_xpath('//form//input[@type="submit"]').click()
webdriver_waituntil(sclnt, EC.presence_of_element_located((By.XPATH, '//a[text()="Logout"]')))
return sclnt
def test_unauthorized(client, user_factory):
"""test for not logged in, redirect and final login"""
password = PWS.generate()
user = user_factory.create(password=password)
response = client.get(url_for('auth.profile_route'))
assert response.status_code == HTTPStatus.FOUND
assert '/auth/login?next=' in response.headers['Location']
form = response.follow().form
form['username'] = user.username
form['password'] = password
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
assert url_for('auth.profile_route') in response.headers['Location']
def test_user_edit_route(cl_admin, user):
"""user edit route test"""
password = PWS.generate()
form = cl_admin.get(url_for('auth.user_edit_route', user_id=user.id)).form
form['username'] = f'{form["username"].value}_edited'
form['new_password'] = password
form['roles'] = []
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
tuser = User.query.filter(User.username == form['username'].value).one()
assert tuser.username == form['username'].value
assert PWS.compare(PWS.hash(password, PWS.get_salt(tuser.password)), tuser.password)
assert not user.roles
def test_user_add_route(cl_admin, user_factory):
"""user add route test"""
password = PWS.generate()
auser = user_factory.build()
form = cl_admin.get(url_for('auth.user_add_route')).form
form['username'] = auser.username
form['roles'] = auser.roles
form['active'] = auser.active
form['new_password'] = password
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
tuser = User.query.filter(User.username == auser.username).one()
assert tuser.username == auser.username
assert PWS.compare(PWS.hash(password, PWS.get_salt(tuser.password)), tuser.password)
assert tuser.active == auser.active
assert tuser.roles == auser.roles
def test_login(client, user_factory):
"""test login"""
password = PWS.generate()
user = user_factory.create(password=password)
form = client.get(url_for('auth.login_route')).form
form['username'] = user.username
form['password'] = '******'
response = form.submit()
assert response.status_code == HTTPStatus.OK
assert response.lxml.xpath(
'//script[contains(text(), "toastr[\'error\'](\'Invalid credentials.\');")]'
)
form = client.get(url_for('auth.login_route')).form
form['username'] = user.username
form['password'] = password
response = form.submit()
assert response.status_code == HTTPStatus.FOUND
response = client.get(url_for('index_route'))
assert response.lxml.xpath('//a[text()="Logout"]')