def _new(self): # Do we allow account creation? if lca_info['account_creation']: """Create a new person submit. """ # Remove fields not in class results = self.form_result['person'] del results['password_confirm'] del results['email_address2'] c.person = Person(**results) c.person.email_address = c.person.email_address.lower() meta.Session.add(c.person) #for sn in self.form_result['social_network']: # network = SocialNetwork.find_by_name(sn['name']) # if sn['account_name']: # c.person.social_networks[network] = sn['account_name'] meta.Session.commit() if lca_rego['confirm_email_address'] == 'no': redirect_to(controller='person', action='confirm', confirm_hash=c.person.url_hash) else: email(c.person.email_address, render('/person/new_person_email.mako')) return render('/person/thankyou.mako') else: return render('/not_allowed.mako')
def test_create_duplicate_person(self): Dummy_smtplib.install() # create a fake user p = Person(email_address='*****@*****.**') p.activated = True self.dbsession.save(p) self.dbsession.flush() pid = p.id resp = self.app.get('/person/new') f = resp.form f['person.email_address'] = '*****@*****.**' f['person.firstname'] = 'Testguy' f['person.lastname'] = 'McTest' f['person.password'] = '******' f['person.password_confirm'] = 'test' f['person.phone'] = '1234' f['person.mobile'] = '1234' f['person.address1'] = 'Moo St' f['person.city'] = 'Tassie' f['person.country'] = 'Australia' f['person.postcode'] = '2000' resp = f.submit() resp.mustcontain('A person with this email already exists.') resp.click('recover your password') self.dbsession.delete(self.dbsession.query(Person).get(pid)) self.dbsession.flush()
def test_registration_confirmation(self): # insert registration model object timestamp = datetime.datetime.now() email_address = '*****@*****.**' password = '******' handle = 'testguy' r = Person(creation_timestamp=timestamp, email_address=email_address, password=password, handle=handle, activated=False) url_hash = r.url_hash print url_hash self.dbsession.save(r) self.dbsession.flush() rid = r.id print r # clear so that we reload the object later self.dbsession.clear() # visit the link response = self.app.get('/person/confirm/' + url_hash) response.mustcontain('Thanks for confirming your account') # test that it's activated r = self.dbsession.get(Person, rid) self.assertEqual(True, r.activated, "registration was not activated") # clean up self.dbsession.delete(self.dbsession.query(Person).get(rid)) self.dbsession.flush()
def test_confirm(self): """Test confirmation of a password reset that should succeed""" # create a confirmation record email = '*****@*****.**' p = Person(email_address=email) self.dbsession.save(p) c = PasswordResetConfirmation(email_address=email) # set the timestamp to just under 24 hours ago c.timestamp = datetime.datetime.now() - datetime.timedelta(23, 59, 59) self.dbsession.save(c) self.dbsession.flush() pid = p.id cid = c.id resp = self.app.get( url_for(controller='person', action='reset_password', url_hash=c.url_hash)) # showing the email on the page resp.mustcontain(email) f = resp.form f['password'] = '******' f['password_confirm'] = 'test' resp = f.submit() # check for success resp.mustcontain("Your password has been updated") self.dbsession.clear() # conf rec should be gone c = self.dbsession.get(PasswordResetConfirmation, cid) self.assertEqual(None, c) # password should be set to 'test' p_hash = md5.new('test').hexdigest() p = self.dbsession.get(Person, pid) self.assertEqual(p_hash, p.password_hash) self.dbsession.delete(p) self.dbsession.flush()
def test_duplicate_password_reset(self): """Try to reset a password twice. """ c = Person(email_address='*****@*****.**') self.dbsession.save(c) self.dbsession.flush() cid = c.id # email = '*****@*****.**' # trap smtp Dummy_smtplib.install() resp = self.app.get(url_for(controller='person', action='signin')) resp = resp.click('Forgotten your password?') f = resp.forms[0] f['email_address'] = email f.submit() crec = self.dbsession.query(PasswordResetConfirmation).filter_by( email_address=email).one() self.failIfEqual(None, crec) crecid = crec.id # submit a second time resp = f.submit() resp.mustcontain("password recovery process is already in progress") # clean up Dummy_smtplib.existing.reset() self.dbsession.delete( self.dbsession.query(PasswordResetConfirmation).get(crecid)) self.dbsession.delete(self.dbsession.query(Person).get(cid)) self.dbsession.flush()