def manage_user():
error = None
user = getUser(session["username"])
if request.method == 'POST':
username, email, name, newPassword = (None, ) * 4
if hashPassword(request.form['currentPassword'],
user.salt) != user.password_hash:
error = 'Password is incorrect.'
if not request.form['username'] is None and request.form[
'username'] != '' and request.form['username'] != user.username:
if getUser(request.form['username']) is not None:
error = 'Username already taken.'
username = request.form['username']
if request.form['email'] != '' and request.form['email'] != user.email:
email = request.form['email']
if request.form['name'] != '' and request.form['name'] != user.name:
name = request.form['name']
if request.form['newPassword'] != '':
if len(request.form['newPassword']) < 4:
error = "Password must be at least 4 charactors"
newPassword = request.form['newPassword']
if error is None:
user = editUser(user,
username=username,
password=newPassword,
name=name,
email=email)
session['username'] = user.username
return render_template(
'manage_user.html', error=error, user=user, username=user.username
) #Redudent username is required for template to know user is logged in
def test_removeEventFromPage(self):
pages = event.getPagesByOwner(user.getUser("username"))
self.assertEqual(len(pages[0].events), 1)
event.removeEventFromPage(pages[0].events[0])
pages = event.getPagesByOwner(user.getUser("username"))
self.assertEqual(len(pages[0].events), 0)
self.assertEqual(len(event.getEventsByOwner(user.getUser("username"))),
2)
def test_getUser(self):
person = user.getUser("username")
self.assertEqual(person.salt, "salt") #Retreive by username works
testPerson = user.User.query.filter_by(username="******").first()
person = user.getUser(testPerson.id)
self.assertEqual(person.name, "jeff bob") #Retreive by id works
self.assertRaises(TypeError, lambda : user.getUser(user.User())) #Does not accept User objects
self.assertRaises(TypeError, lambda : user.getUser(3.4)) #Does not accept floats
def test_checkRemember(self):
cookie = user.addRemember(user.getUser("test"))
self.assertEqual(user.checkRemember(cookie), user.getUser("test"))
self.assertIsNone(user.checkRemember("Not a cookie"))
remember = user.RememberUser.query.filter_by(cookie=cookie).first()
remember.timestamp = datetime.datetime.utcnow() - datetime.timedelta(
days=31)
db.session.commit()
self.assertIsNone(user.checkRemember(cookie))
def test_deletePage(self):
pages = event.getPagesByOwner(user.getUser("test"))
event.deletePage(pages[0])
self.assertIsNone(event.getPageById(pages[0].id))
self.assertEqual(len(event.getPagesByOwner(user.getUser("test"))), 1)
pages = event.getPagesByOwner(user.getUser("username"))
eventid = pages[0].events[0].id
self.assertIsNotNone(event.getEventById(eventid))
event.deletePage(pages[0])
self.assertIsNone(event.getEventById(eventid))
def test_editUser(self):
user1 = user.getUser("username")
user1new = user.editUser(user1, username="******")
self.assertEqual(user1.id, user1new.id)
self.assertEqual(user1new.username, "farquad")
user1 = user.addUser("Test1", "Test1", "Test1")
self.assertRaises(ValueError,
lambda: user.editUser(user1, "Test2", "ah"))
user1new = user.getUser(user1.id)
self.assertEqual(user1.username, user1new.username) #Test rollback
user1new = user.editUser(user1, password="******")
self.assertTrue(user.authenticateUser(user1new.username,
"newPassword"))
def test_editPage(self):
pages = event.getPagesByOwner(user.getUser("test"))
pageId = pages[0].id
oldName = pages[0].name
pageNew = event.editPage(pageId, name="A new name")
self.assertNotEqual(pageNew.name, oldName)
self.assertEqual(pageNew.name, event.getPageById(pageId).name)
jeffsPages = len(user.getUser("Jeff").pages)
pageNew = event.editPage(pageId,
name="A newer name",
owner=user.getUser("Jeff"))
self.assertEqual(jeffsPages + 1, len(user.getUser("Jeff").pages))
pageNew = event.editPage(pageId, discription="an indecisive page")
self.assertEqual(pageNew.discription, "an indecisive page")
def test_addUser(self):
newUser = user.addUser("dust", "goodPassword")
self.assertEqual(newUser, user.getUser("dust")) #Add user
self.assertRaises(
ValueError,
lambda: user.addUser("", "goodPassword")) #Min length username
self.assertRaises(ValueError, lambda: user.addUser(
"f" * 31, "goodPassword")) #Max length username
self.assertRaises(
TypeError,
lambda: user.addUser(None, "goodPassword")) #Username type
self.assertRaises(
ValueError,
lambda: user.addUser("another", "123")) #Min length password
self.assertRaises(TypeError,
lambda: user.addUser("one", None)) #Password type
self.assertRaises(ValueError, lambda: user.addUser(
"bytes", "goodPassword", name="F" * 61)) #Max length name
self.assertRaises(ValueError, lambda: user.addUser(
"the", "goodPassword", email="F" * 61)) #Min length email
self.assertRaises(
ValueError,
lambda: user.addUser("dust", "goodPassword")) #Duplicate username
otherUser = user.addUser("jimbo", "goodPassword")
self.assertNotEqual(newUser.salt,
otherUser.salt) #Check for proper salting
self.assertNotEqual(newUser.password_hash,
otherUser.password_hash) #Check for proper hashing
def create_or_edit():
"""Create or update an event. If id is passed as a a query parameter then update
the event corresponding to that query parameter.
"""
error = None
if request.method == 'POST':
id = request.form.get('id')
id = int(id) if id else None
# Edit or create the event based on whether we have an id and also
# the type of event that we have.
name = request.form.get('name')
owner = getUser(current_username()).id
event_type = EventType(int(request.form.get('event_type')))
description = request.form['description']
startTime = momentToPyDatetime(
request.form['start_time']
) if event_type == EventType.EVENT or event_type == EventType.REMINDER else None
endTime = momentToPyDatetime(
request.form['end_time']
) if event_type == EventType.EVENT else None
password = request.form[
'event_password'] if event_type == event_type.ENCRYPTED else None
if id:
editEvent(id,
name=name,
owner=owner,
event_type=event_type,
description=description,
start_time=startTime,
end_time=endTime,
password=password)
else:
createEvent(name=name,
owner=owner,
event_type=event_type,
description=description,
start_time=startTime,
end_time=endTime,
password=password)
return redirect(url_for('events.index'))
# Get an event if we are editing an event
id = request.args.get('id')
event = None
if id:
event = getEventById(int(id))
if event.event_type == EventType.ENCRYPTED and not checkCachedEncrypted(
event):
#If this encrypted event hasn't had its password entered already, then send back to event page
return redirect(url_for('events.index'))
return render_template('events_create.html',
event=event,
username=current_username(),
EventType=EventType,
error=error,
checkCachedEncrypted=checkCachedEncrypted)
def getPagesByOwner(owner):
"""Gets a list of pages by owner
Args:
owner (User | Int): owner User object or id
Returns:
([Page]): the pages
"""
if type(owner) == int:
owner = user.getUser(owner)
return owner.pages
def generatePopulateDB():
generateDB()
user.addUser(username="******",
password="******",
name="name",
email="*****@*****.**")
user.addUser(username="******", password="******", name="testname")
user.addUser(username="******",
password="******",
name="Jeff jeff",
email="*****@*****.**")
user.addUser(username="******", password="******")
event.createEvent(name="Wake up",
owner=user.getUser("test").id,
event_type=event.EventType.REMINDER,
start_time=datetime.datetime.now())
event.createEvent(name="Rocks",
owner=user.getUser("Jeff").id,
description="Granit, Bassalt, Quartz",
event_type=event.EventType.NOTE)
event.createEvent(name="Short party",
owner=user.getUser("username").id,
event_type=event.EventType.EVENT,
start_time=datetime.datetime.now(),
end_time=datetime.datetime.now() +
datetime.timedelta(hours=3))
event.createEvent(
name="Secrets",
owner=user.getUser("test").id,
event_type=event.EventType.ENCRYPTED,
password="******",
description=
"Some passwords, SSNs, creditcard numbers, and otherthings you shouldn't trust this app with"
)
event.createPage(name="test page",
owner=user.getUser("test"),
description="This is a test page")
event.createPage(name="test page 2", owner=user.getUser("test"))
event.createPage(name="Jeffs stuff", owner=user.getUser("Jeff"))
page1 = event.createPage(name="more thigns",
owner=user.getUser("username"))
event.createEvent(name="its on a page",
owner=user.getUser("username").id,
event_type=event.EventType.NOTE,
page=page1)
def index():
user = getUser(current_username())
search = request.args.get('q')
search = search if search else ''
event_type = request.args.get('event_type')
event_type = EventType(int(event_type)) if event_type else None
return render_template('events.html',
events=getEventsByOwner(user,
search=search,
event_type=event_type),
username=current_username,
search=search,
EventType=EventType,
pyDatetimeToMoment=pyDatetimeToMoment,
checkCachedEncrypted=checkCachedEncrypted)
def createEvent(name,
owner,
event_type,
discrption=None,
start_time=None,
end_time=None,
parent=None):
if name is None or 60 < len(name) or len(name) <= 0:
raise ValueError("Name length out of range")
if owner is None or user.getUser(owner) is None:
raise ValueError("Must have a valid owner")
if not type(event_type) is EventType:
raise ValueError("Must have a valid event type")
if not parent is None and Event.query.filter_by(id=parent).first() is None:
raise ValueError("Parent, if used, must be a valid event")
if event_type == EventType.NOTE and (not start_time is None
or not end_time is None):
raise ValueError("Note types do not have start or end times")
elif event_type == EventType.REMINDER and (start_time is None
or not end_time is None):
raise ValueError("Reminder types have a start time and no end times")
elif event_type == EventType.EVENT and (start_time is None
or end_time is None):
raise ValueError("Event types have start and end times")
elif event_type == EventType.ALL_DAY and (start_time is None
or end_time is None):
raise ValueError("All day types have start and end times")
db.session.add(
Event(owner_id=owner,
name=name,
event_type=event_type,
discrption=discrption,
start_time=start_time,
end_time=end_time,
parent_id=parent))
db.session.commit()
return Event.query.filter_by(owner_id=owner,
name=name,
event_type=event_type,
discrption=discrption,
start_time=start_time,
end_time=end_time,
parent_id=parent).first()
def signup():
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
email = request.form['email']
name = request.form['name']
# Need to check if username is already taken here
check = getUser(username) is not None
if check:
error = 'Username already taken.'
else:
try:
addUser(username=username,
password=password,
name=name,
email=email)
session['username'] = username
return redirect('/')
except (ValueError, TypeError) as e:
error = str(e)
return render_template('signup.html', error=error)
def test_addRemember(self):
cookie = user.addRemember(user.getUser("test"))
self.assertEqual(
len(
user.RememberUser.query.filter_by(
user_id=user.getUser("test").id).all()), 1)
def test_add(self):
page1 = event.createPage("pagepage", user.getUser("test"))
self.assertIsNotNone(page1)
self.assertRaises(
ValueError, lambda: event.createPage("",
user.getUser("test").id))
def test_findByUser(self):
event0 = event.createEvent("quick Note", 2, event.EventType.NOTE)
self.assertEqual(len(event.getEventByOwner(2)), 1)
self.assertEqual(len(event.getEventByOwner(user.getUser(1))), 2)
def test_getPagesByOwner(self):
pages = event.getPagesByOwner(user.getUser("test"))
self.assertEqual(len(pages), 2)
def test_getPage(self):
pages = event.getPagesByOwner(user.getUser("test"))
self.assertEqual(pages[0], event.getPageById(pages[0].id))
self.assertEqual(pages[1], event.getPageById(pages[1].id))
self.assertIsNone(event.getPageById(2000))
