def _user_from_ldap(self, entity, password=None):
is_new = False
try:
user = User.objects.get(username=entity["uid"][0])
except User.DoesNotExist:
is_new = True
user = User(username=entity["uid"][0])
user.is_staff = True
user.is_superuser = False
user.save()
if password and user.check_password(password) is False:
user.set_password(password)
user.is_staff = True
for k, kmap in (
("first_name", "givenName"),
("last_name", "sn"),
("email", "mail"),
("gid", "gidnumber"),
("uid", "uidnumber"),
("date_joined", "whencreated"),
("country", "co"),
("department", "department"),
("photo", "thumbnailphoto"),
):
if k == "date_joined":
val = datetime.strptime(entity.get(kmap)[0][:-3], "%Y%m%d%H%M%S")
elif k == "photo" and is_new == True:
photo_data = entity.get(kmap)[0]
photo_io_origin = StringIO(photo_data)
photo_img = Image.open(photo_io_origin)
photo_side = min(photo_img.size)
photo_croped = photo_img.crop((0, 0, photo_side, photo_side))
photo_croped.thumbnail(settings.THUMBNAIL_SIZE_HEAD, Image.ANTIALIAS)
photo_io_processed = StringIO()
photo_croped.save(photo_io_processed, 'png')
photo_io_origin.close()
photo_io_processed.seek(0)
val = InMemoryUploadedFile(
photo_io_processed,
None,
"{0}_{1}.png".format(user.first_name.lower(), user.last_name.lower()),
"image/png",
len(photo_data),
None
)
else:
val = entity.get(kmap)[0]
if not val:
continue
setattr(user, k, val)
user.save()
return user
def _user_from_ldap(self, entity, password=None):
is_new = False
try:
user = User.objects.get(username=entity["uid"][0])
except User.DoesNotExist:
is_new = True
user = User(username=entity["uid"][0])
user.is_staff = True
user.is_superuser = False
user.save()
if password and user.check_password(password) is False:
user.set_password(password)
user.is_staff = True
for k, kmap in (
("first_name", "givenName"),
("last_name", "sn"),
("email", "mail"),
("gid", "gidnumber"),
("uid", "uidnumber"),
("date_joined", "whencreated"),
("country", "co"),
("department", "department"),
("photo", "thumbnailphoto"),
):
if k == "date_joined":
val = datetime.strptime(
entity.get(kmap)[0][:-3], "%Y%m%d%H%M%S")
elif k == "photo" and is_new == True:
photo_data = entity.get(kmap)[0]
photo_io_origin = StringIO(photo_data)
photo_img = Image.open(photo_io_origin)
photo_side = min(photo_img.size)
photo_croped = photo_img.crop((0, 0, photo_side, photo_side))
photo_croped.thumbnail(settings.THUMBNAIL_SIZE_HEAD,
Image.ANTIALIAS)
photo_io_processed = StringIO()
photo_croped.save(photo_io_processed, 'png')
photo_io_origin.close()
photo_io_processed.seek(0)
val = InMemoryUploadedFile(
photo_io_processed, None,
"{0}_{1}.png".format(user.first_name.lower(),
user.last_name.lower()), "image/png",
len(photo_data), None)
else:
val = entity.get(kmap)[0]
if not val:
continue
setattr(user, k, val)
user.save()
return user
def change_password(self, user: accounts_models.User,
data: dict) -> accounts_models.User:
"""
change the password user, this method receives the user's previous password and the new password.
this function generates an exception when the user's previous password does not match the current
one or the new password it does not have characters and numbers
:param user: user weedmatch.
:type user: Model User.
:param data: user data.
:type data: dict.
:return: Model User
:raises: ValueError
"""
if user is None or user.is_active is False:
raise ValueError('{"detail":"' + str(
_("In order to perform this operation, your account must be active"
)) + '"}')
if not data.get('old_password'):
raise ValueError(
'{"detail":"' +
str(_("The old password field can not be empty")) + '"}')
if not data.get('new_password'):
raise ValueError(
'{"detail":"' +
str(_("The new password field can not be empty")) + '"}')
if not user.check_password(data.get('old_password')):
raise ValueError('{"detail":"' + str(
_("The password entered does not match your current password"))
+ '"}')
if not re.match(r'(?=.*[A-Za-z]+)(?=.*\d+)', data.get('new_password')):
raise ValueError(
'{"detail":"' +
str(_("The password must have characters and numbers")) + '"}')
user.password = make_password(data.get('new_password'))
user.save()
return user
class RecoverPasswordConfirmViewTest(BaseTestCase):
def setUp(self):
self.s = get_signer()
self.data = {
'email': u'*****@*****.**',
'recover-password': True
}
self.token = self.s.dumps(self.data)
self.data['email'] = u'*****@*****.**'
self.token2 = self.s.dumps(self.data)
self.token3 = self.token + 'a'
self.user = User(
username='******',
email='*****@*****.**',
password='******'
).save()
self.url = url_for('accounts_app.recover_password_confirm', token=self.token)
self.url2 = url_for('accounts_app.recover_password_confirm', token=self.token2)
self.url3 = url_for('accounts_app.recover_password_confirm', token=self.token3)
self.redirect_invalid = url_for('pages_app.index')
self.redirect_to = url_for('accounts_app.login')
def tearDown(self):
User.drop_collection()
def test_render(self):
# test render with invalid token
resp = self.client.get(self.url3)
self.assertRedirects(resp, self.redirect_invalid)
resp = self.client.get(self.url3, follow_redirects=True)
self.assertTrue('Invalid Link.' in resp.data)
# test render with registered email
resp = self.client.get(self.url2)
self.assertRedirects(resp, self.redirect_invalid)
resp = self.client.get(self.url2, follow_redirects=True)
self.assertTrue('E-mail not found.' in resp.data)
# test render with valid token
resp = self.client.get(self.url)
self.assertStatus(resp, 200)
def test_form(self):
# test empty form
with self.captured_templates(self.app) as templates:
resp = self.client.post(self.url)
self.assertStatus(resp, 200)
template, context = templates[0]
form = context['form']
self.assertTrue(
u'This field is required.' in form.errors['password']
)
self.assertTrue(
u'This field is required.' in form.errors['password_confirm']
)
# test validate password_confirm
with self.captured_templates(self.app) as templates:
resp = self.client.post(
self.url,
data=dict(password='******', password_confirm='1234567')
)
self.assertStatus(resp, 200)
template, context = templates[0]
form = context['form']
self.assertTrue(
u'Incorrect password.' in form.errors['password_confirm']
)
# test valid form
resp = self.client.post(
self.url,
data=dict(
password='******',
password_confirm='1234567'
)
)
self.assertRedirects(resp, self.redirect_to)
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.check_password('1234567'))
# test valid form after redirect
resp = self.client.post(
self.url,
data=dict(
password='******',
password_confirm='12345678'
),
follow_redirects=True
)
self.assertStatus(resp, 200)
self.assertTrue(
'Password set successfully.' in resp.data
)
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.check_password('12345678'))
class RecoverPasswordConfirmViewTest(BaseTestCase):
def setUp(self):
self.s = get_signer()
self.data = {'email': u'*****@*****.**', 'recover-password': True}
self.token = self.s.dumps(self.data)
self.data['email'] = u'*****@*****.**'
self.token2 = self.s.dumps(self.data)
self.token3 = self.token + 'a'
self.user = User(username='******',
email='*****@*****.**',
password='******').save()
self.url = url_for('accounts_app.recover_password_confirm',
token=self.token)
self.url2 = url_for('accounts_app.recover_password_confirm',
token=self.token2)
self.url3 = url_for('accounts_app.recover_password_confirm',
token=self.token3)
self.redirect_invalid = url_for('pages_app.index')
self.redirect_to = url_for('accounts_app.login')
def tearDown(self):
User.drop_collection()
def test_render(self):
# test render with invalid token
resp = self.client.get(self.url3)
self.assertRedirects(resp, self.redirect_invalid)
resp = self.client.get(self.url3, follow_redirects=True)
self.assertTrue('Invalid Link.' in resp.data)
# test render with registered email
resp = self.client.get(self.url2)
self.assertRedirects(resp, self.redirect_invalid)
resp = self.client.get(self.url2, follow_redirects=True)
self.assertTrue('E-mail not found.' in resp.data)
# test render with valid token
resp = self.client.get(self.url)
self.assertStatus(resp, 200)
def test_form(self):
# test empty form
with self.captured_templates(self.app) as templates:
resp = self.client.post(self.url)
self.assertStatus(resp, 200)
template, context = templates[0]
form = context['form']
self.assertTrue(
u'This field is required.' in form.errors['password'])
self.assertTrue(
u'This field is required.' in form.errors['password_confirm'])
# test validate password_confirm
with self.captured_templates(self.app) as templates:
resp = self.client.post(self.url,
data=dict(password='******',
password_confirm='1234567'))
self.assertStatus(resp, 200)
template, context = templates[0]
form = context['form']
self.assertTrue(
u'Incorrect password.' in form.errors['password_confirm'])
# test valid form
resp = self.client.post(self.url,
data=dict(password='******',
password_confirm='1234567'))
self.assertRedirects(resp, self.redirect_to)
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.check_password('1234567'))
# test valid form after redirect
resp = self.client.post(self.url,
data=dict(password='******',
password_confirm='12345678'),
follow_redirects=True)
self.assertStatus(resp, 200)
self.assertTrue('Password set successfully.' in resp.data)
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.check_password('12345678'))
