コード例 #1
0
ファイル: password_reset_test.py プロジェクト: BMeu/Aerarium 
    def test_reset_password_post_failure_invalid_input(self):
        """
            Test posting to the password reset form with an anonymous user, a valid token, and an invalid form.

            Expected result: The password is not updated and the user is shown the reset password form.
        """
        email = '*****@*****.**'
        password = '******'
        name = 'John Doe'
        user_id = 1
        user = User(email, name)
        user.set_password(password)

        db.session.add(user)
        db.session.commit()
        self.assertEqual(user_id, user.id)

        token_obj = ResetPasswordToken()
        token_obj.user_id = user_id
        token = token_obj.create()

        new_password = '******'
        response = self.client.post(f'/user/reset-password/{token}', follow_redirects=True, data=dict(
            password=new_password,
            password_confirmation=new_password + 'ghi'
        ))
        data = response.get_data(as_text=True)

        self.assertIn('Reset Your Password', data)
        self.assertNotIn('The token is invalid.', data)
        self.assertNotIn('Your password has successfully been changed.', data)
        self.assertFalse(user.check_password(new_password))
        self.assertTrue(user.check_password(password))
コード例 #2
0
ファイル: password_reset_test.py プロジェクト: BMeu/Aerarium 
    def test_reset_password_post_failure_invalid_token(self):
        """
            Test posting to the password reset form with an anonymous user, an invalid token, and a valid form.

            Expected result: The password is not updated and the user is shown a 404 error page.
        """
        email = '*****@*****.**'
        password = '******'
        name = 'John Doe'
        user_id = 1
        user = User(email, name)
        user.set_password(password)

        db.session.add(user)
        db.session.commit()
        self.assertEqual(user_id, user.id)

        new_password = '******'
        response = self.client.post('/user/reset-password/just-some-token', follow_redirects=True, data=dict(
            password=new_password,
            password_confirmation=new_password
        ))
        data = response.get_data(as_text=True)

        self.assertEqual(404, response.status_code)
        self.assertNotIn('Your password has successfully been changed.', data)
        self.assertFalse(user.check_password(new_password))
        self.assertTrue(user.check_password(password))
コード例 #3
0
ファイル: profile_test.py プロジェクト: BMeu/Aerarium 
    def test_user_profile_post_name_and_password_and_email(self):
        """
            Test posting to the user profile page with the name, the password, and the email changed.

            Expected result: The form is shown with the new data. The user's name and password are changed, the email
                             is not, but a mail has been sent to the new address.
        """
        email = '*****@*****.**'
        name = 'John Doe'
        password = '******'
        user = User(email, name)
        user.set_password(password + '!')
        with mail.record_messages() as outgoing:
            user.set_password(password)
            self.assertEqual(1, len(outgoing))
            self.assertIn('Your Password Has Been Changed', outgoing[0].subject)
        db.session.add(user)
        db.session.commit()

        user_id = user.id

        self.client.post('/user/login', follow_redirects=True, data=dict(
            email=email,
            password=password
        ))

        new_name = 'Jane Doe'
        new_password = '******'
        new_email = '*****@*****.**'
        with mail.record_messages() as outgoing:
            response = self.client.post('/user/profile', follow_redirects=True, data=dict(
                name=new_name,
                email=new_email,
                password=new_password,
                password_confirmation=new_password
            ))
            data = response.get_data(as_text=True)

            self.assertEqual(2, len(outgoing))
            self.assertIn('Change Your Email Address', outgoing[1].subject)
            self.assertEqual([new_email], outgoing[1].recipients)

            self.assertIn('User Profile', data)
            self.assertIn(f'value="{new_name}"', data)
            self.assertIn(f'value="{email}"', data)
            self.assertIn('Your changes have been saved.', data)
            self.assertIn('An email has been sent to the new address', data)

            user = User.load_from_id(user_id)
            self.assertEqual(new_name, user.name)
            self.assertEqual(email, user.get_email())
            self.assertTrue(user.check_password(new_password))
コード例 #4
0
ファイル: profile_test.py プロジェクト: BMeu/Aerarium 
    def test_user_profile_post_only_name(self):
        """
            Test posting to the user profile page with only the name changed.

            Expected result: The form is shown with the new data. The user's name is changed, everything else is not.
        """
        email = '*****@*****.**'
        name = 'John Doe'
        password = '******'
        user = User(email, name)
        user.set_password(password)
        db.session.add(user)
        db.session.commit()

        user_id = user.id

        self.client.post('/user/login', follow_redirects=True, data=dict(
            email=email,
            password=password
        ))

        new_name = 'Jane Doe'
        with mail.record_messages() as outgoing:
            response = self.client.post('/user/profile', follow_redirects=True, data=dict(
                name=new_name,
                email=email
            ))
            data = response.get_data(as_text=True)

            self.assertEqual(0, len(outgoing))

            self.assertIn('User Profile', data)
            self.assertIn(f'value="{new_name}"', data)
            self.assertIn(f'value="{email}"', data)
            self.assertIn('Your changes have been saved.', data)
            self.assertNotIn('An email has been sent to the new address', data)

            user = User.load_from_id(user_id)
            self.assertEqual(new_name, user.name)
            self.assertEqual(email, user.get_email())
            self.assertTrue(user.check_password(password))
コード例 #5
0
ファイル: password_reset_test.py プロジェクト: BMeu/Aerarium 
    def test_reset_password_post_logged_in(self):
        """
            Test posting to the password reset form with a user who is logged in, and a valid token.

            Expected result: The user is redirected to the home page without changing the password.
        """
        email = '*****@*****.**'
        password = '******'
        name = 'John Doe'
        user_id = 1
        user = User(email, name)
        user.set_password(password)

        db.session.add(user)
        db.session.commit()
        self.assertEqual(user_id, user.id)

        self.client.post('/user/login', follow_redirects=True, data=dict(
            email=email,
            password=password
        ))

        token_obj = ResetPasswordToken()
        token_obj.user_id = user_id
        token = token_obj.create()

        new_password = '******'
        response = self.client.post(f'/user/reset-password/{token}', follow_redirects=True, data=dict(
            password=new_password,
            password_confirmation=new_password
        ))
        data = response.get_data(as_text=True)

        self.assertIn('Dashboard', data)
        self.assertNotIn('The token is invalid.', data)
        self.assertNotIn('Reset Your Password', data)
        self.assertNotIn('Your password has successfully been changed.', data)
        self.assertTrue(user.check_password(password))