def test_try_to_register_whilst_logged_in(self): '''Login as user A and then (try to) register user B (without logout). #1799.''' # create user A password = u'letmein' CreateTestData.create_user(name=u'user_a_', password=password) userA = model.User.by_name(u'user_a_') # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = '******' fv['password'] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # try to register offset = url_for(controller='user', action='register') res = self.app.get(offset) assert not res.forms.has_key('Password') # i.e. no registration form assert 'To register or log in as another user' in res.body, res.body assert 'logout' in res.body, res.body
def test_request_reset_user_password_using_search(self): CreateTestData.create_user(name='larry1', email='*****@*****.**') offset = url_for(controller='user', action='request_reset') res = self.app.get(offset) fv = res.forms['user-password-reset'] fv['user'] = '******' res = fv.submit() assert_equal(res.status, 302) assert_equal(res.header_dict['Location'], 'http://localhost/') CreateTestData.create_user(name='larry2', fullname='kittens') res = self.app.get(offset) fv = res.forms['user-password-reset'] fv['user'] = '******' res = fv.submit() assert '"kittens" matched several users' in res, res assert 'larry1' not in res, res assert 'larry2' not in res, res res = self.app.get(offset) fv = res.forms['user-password-reset'] fv['user'] = '' res = fv.submit() assert 'No such user:'******'user-password-reset'] fv['user'] = '******' res = fv.submit() assert 'No such user:' in res, res
def test_login_wrong_password(self): # create test user username = u'testloginwrong' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = username fv['password'] = '******' res = fv.submit() # first get redirected to logged_in assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/logged_in') or \ res.header('Location').startswith('/user/logged_in') # then get redirected to login res = res.follow() assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/login') or \ res.header('Location').startswith('/user/login') res = res.follow() assert_equal(res.status, 200) assert 'Login failed. Bad username or password.' in res.body assert 'Login:' in res.body
def test_perform_reset_user_password_link_key_missing(self): CreateTestData.create_user(name='jack', password='******') user = model.User.by_name(u'jack') offset = url_for(controller='user', action='perform_reset', id=user.id) # not, no key specified res = self.app.get(offset, status=403) # error
def test_reset_user_password_link(self): # Set password CreateTestData.create_user(name='bob', email='*****@*****.**', password='******') # Set password to something new model.User.by_name(u'bob').password = '******' model.repo.commit_and_remove() test2_encoded = model.User.by_name(u'bob').password assert test2_encoded != 'test2' assert model.User.by_name(u'bob').password == test2_encoded # Click link from reset password email create_reset_key(model.User.by_name(u'bob')) reset_password_link = get_reset_link(model.User.by_name(u'bob')) offset = reset_password_link.replace('http://test.ckan.net', '') print offset res = self.app.get(offset) # Reset password form fv = res.forms['user-reset'] fv['password1'] = 'test1' fv['password2'] = 'test1' res = fv.submit('save', status=302) # Check a new password is stored assert model.User.by_name(u'bob').password != test2_encoded
def test_login_remembered(self): # create test user username = u'testlogin2' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) fv['remember'] = True res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies # check cookie is remembered via Max-Age and Expires # (both needed for cross-browser compatibility) for cookie in cookies: assert 'Max-Age=63072000;' in cookie, cookie assert 'Expires=' in cookie, cookie
def test_login_remembered(self): # create test user username = u'testlogin2' password = u'letmein' CreateTestData.create_user(name=username, password=password) identifiers = self._get_repoze_identifiers() # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) fv['remember'] = True res = fv.submit() if 'auth_tkt' in identifiers: # check cookies set cookies = self._get_cookie_headers(res) assert cookies # check cookie is remembered via Max-Age and Expires # (both needed for cross-browser compatibility) for cookie in cookies: assert 'Max-Age=63072000;' in cookie, cookie assert 'Expires=' in cookie, cookie elif 'use_beaker' in identifiers: # remember check box ignored when using beaker pass else: raise Exception('Unknown cookie identification type')
def test_try_to_register_whilst_logged_in(self): """Login as user A and then (try to) register user B (without logout). #1799.""" # create user A password = u"letmein" CreateTestData.create_user(name=u"user_a_", password=password) userA = model.User.by_name(u"user_a_") # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = "******" fv["password"] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # try to register offset = url_for(controller="user", action="register") res = self.app.get(offset) assert not res.forms.has_key("Password") # i.e. no registration form assert "To register or log in as another user" in res.body, res.body assert "logout" in res.body, res.body
def test_relogin(self): """Login as user A and then (try to) login as user B (without logout). #1799.""" # create test users A & B password = u"letmein" CreateTestData.create_user(name=u"user_a", password=password) CreateTestData.create_user(name=u"user_b", password=password) userA = model.User.by_name(u"user_a") userB = model.User.by_name(u"user_b") # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = "******" fv["password"] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # login as userB offset = url_for(controller="user", action="login") res = self.app.get(offset) assert not res.forms.has_key("login") # i.e. no login box is presented assert "To register or log in as another user" in res.body, res.body assert "logout" in res.body, res.body
def test_register_whilst_logged_in(self): """Start registration form as user B then in another window login as user A, and then try and then submit form for user B. #1799.""" # create user A password = u"letmein" CreateTestData.create_user(name=u"user_a__", password=password) userA = model.User.by_name(u"user_a__") # make him a sysadmin, to ensure he is allowed to create a user model.add_user_to_role(userA, model.Role.ADMIN, model.System()) model.repo.commit_and_remove() userA = model.User.by_name(u"user_a__") # start to register user B offset = url_for(controller="user", action="register") res = self.app.get(offset) fvA = res.forms["user-edit"] fvA["name"] = "user_b_" fvA["fullname"] = "User B" fvA["email"] = "*****@*****.**" fvA["password1"] = password fvA["password2"] = password # login user A offset = url_for(controller="user", action="login") res = self.app.get(offset) fvB = res.forms["login"] fvB["login"] = "******" fvB["password"] = str(password) res = fvB.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # finish registration of user B res = fvA.submit("save") assert_equal(res.status, 200) assert "user_a__</a> is currently logged in" in res.body, res.body assert ( 'User "user_b_" is now registered but you are still logged in as "user_a__" from before'.replace( '"', """ ) in res.body ), res.body assert "logout" in res.body, res.body # logout and login as user B res = self.app.get("/user/logout") res2 = res.follow() res2 = res2.follow() assert "You have logged out successfully." in res2, res2 offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = "******" fv["password"] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) assert "User B is now logged in" in res.body, res.body
def test_reset_user_password_link(self): # Set password CreateTestData.create_user(name="bob", email="*****@*****.**", password="******") # Set password to something new model.User.by_name(u"bob").password = "******" model.repo.commit_and_remove() test2_encoded = model.User.by_name(u"bob").password assert test2_encoded != "test2" assert model.User.by_name(u"bob").password == test2_encoded # Click link from reset password email create_reset_key(model.User.by_name(u"bob")) reset_password_link = get_reset_link(model.User.by_name(u"bob")) offset = reset_password_link.replace("http://test.ckan.net", "") res = self.app.get(offset) # Reset password form fv = res.forms["user-reset"] fv["password1"] = "test1" fv["password2"] = "test1" res = fv.submit("save", status=302) # Check a new password is stored assert model.User.by_name(u"bob").password != test2_encoded
def test_request_reset_user_password_using_search(self): CreateTestData.create_user(name="larry1", email="*****@*****.**") offset = url_for(controller="user", action="request_reset") res = self.app.get(offset) fv = res.forms["user-password-reset"] fv["user"] = "******" res = fv.submit() assert_equal(res.status, 302) assert_equal(res.header_dict["Location"], "http://localhost/?__no_cache__=True") CreateTestData.create_user(name="larry2", fullname="kittens") res = self.app.get(offset) fv = res.forms["user-password-reset"] fv["user"] = "******" res = fv.submit() assert ""kittens" matched several users" in res, res assert "larry1" not in res, res assert "larry2" not in res, res res = self.app.get(offset) fv = res.forms["user-password-reset"] fv["user"] = "" res = fv.submit() assert "No such user:"******"user-password-reset"] fv["user"] = "******" res = fv.submit() assert "No such user:" in res, res
def test_relogin(self): '''Login as user A and then (try to) login as user B (without logout). #1799.''' # create test users A & B password = u'letmein' CreateTestData.create_user(name=u'user_a', password=password) CreateTestData.create_user(name=u'user_b', password=password) userA = model.User.by_name(u'user_a') userB = model.User.by_name(u'user_b') # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = '******' fv['password'] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # login as userB offset = url_for(controller='user', action='login') res = self.app.get(offset) assert not res.forms.has_key('login') # i.e. no login box is presented assert 'To register or log in as another user' in res.body, res.body assert 'logout' in res.body, res.body
def test_login_wrong_password(self): # create test user username = u'testloginwrong' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = username fv['password'] = '******' res = fv.submit() # first get redirected to logged_in assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/logged_in') # then get redirected to login res = res.follow() assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/login') res = res.follow() assert_equal(res.status, 200) assert 'Login failed. Bad username or password.' in res.body assert 'Login:' in res.body
def test_login_wrong_password(self): # create test user username = u"testloginwrong" password = u"letmein" CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = username fv["password"] = "******" res = fv.submit() # first get redirected to logged_in assert_equal(res.status, 302) assert res.header("Location").startswith("http://localhost/user/logged_in") or res.header( "Location" ).startswith("/user/logged_in") # then get redirected to login res = res.follow() assert_equal(res.status, 302) assert res.header("Location").startswith("http://localhost/user/login") or res.header("Location").startswith( "/user/login" ) res = res.follow() assert_equal(res.status, 200) assert "Login failed. Bad username or password." in res.body assert "Login:" in res.body
def test_register_whilst_logged_in(self): '''Start registration form as user B then in another window login as user A, and then try and then submit form for user B. #1799.''' # create user A password = u'letmein' CreateTestData.create_user(name=u'user_a__', password=password) userA = model.User.by_name(u'user_a__') # make him a sysadmin, to ensure he is allowed to create a user model.add_user_to_role(userA, model.Role.ADMIN, model.System()) model.repo.commit_and_remove() userA = model.User.by_name(u'user_a__') # start to register user B offset = url_for(controller='user', action='register') res = self.app.get(offset) fvA = res.forms['user-edit'] fvA['name'] = 'user_b_' fvA['fullname'] = 'User B' fvA['email'] = '*****@*****.**' fvA['password1'] = password fvA['password2'] = password # login user A offset = url_for(controller='user', action='login') res = self.app.get(offset) fvB = res.forms['login'] fvB['login'] = '******' fvB['password'] = str(password) res = fvB.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # finish registration of user B res = fvA.submit('save') assert_equal(res.status, 200) assert 'user_a__</a> is currently logged in' in res.body, res.body assert 'User "user_b_" is now registered but you are still logged in as "user_a__" from before'.replace('"', '"') in res.body, res.body assert 'logout' in res.body, res.body # logout and login as user B res = self.app.get('/user/_logout') res2 = res.follow() while res2.status == 302: res2 = res2.follow() assert 'You have logged out successfully.' in res2, res2 offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = '******' fv['password'] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) assert 'User B is now logged in' in res.body, res.body
def create_packages(cls): CreateTestData.create_user('tester', about='A tester', password='******') for dtype, packages in cls.packages.items(): for source_lang, langs, name, pkg in packages: ctx = make_api_context('tester') pkg_result = create_action(ctx, pkg) pkg['id'] = pkg_result['id'] pkg[dtype]['identifier'] = pkg_result[dtype].identifier return
def test_register_whilst_logged_in(self): '''Start registration form as user B then in another window login as user A, and then try and then submit form for user B. #1799.''' # create user A password = u'letmein' CreateTestData.create_user(name=u'user_a__', password=password) userA = model.User.by_name(u'user_a__') # make him a sysadmin, to ensure he is allowed to create a user model.add_user_to_role(userA, model.Role.ADMIN, model.System()) model.repo.commit_and_remove() userA = model.User.by_name(u'user_a__') # start to register user B offset = url_for(controller='user', action='register') res = self.app.get(offset) fvA = res.forms['user-edit'] fvA['name'] = 'user_b_' fvA['fullname'] = 'User B' fvA['email'] = '*****@*****.**' fvA['password1'] = password fvA['password2'] = password # login user A offset = url_for(controller='user', action='login') res = self.app.get(offset) fvB = res.forms['login'] fvB['login'] = '******' fvB['password'] = str(password) res = fvB.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) # finish registration of user B res = fvA.submit('save') assert_equal(res.status, 200) assert 'user_a__</a> is currently logged in' in res.body, res.body assert 'User "user_b_" is now registered but you are still logged in as "user_a__" from before'.replace( '"', '"') in res.body, res.body assert 'logout' in res.body, res.body # logout and login as user B res = self.app.get('/user/_logout') res2 = res.follow() while res2.status == 302: res2 = res2.follow() assert 'You have logged out successfully.' in res2, res2 offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = '******' fv['password'] = str(password) res = fv.submit() while res.status == 302: res = res.follow() assert_equal(res.status, 200) assert 'User B is now logged in' in res.body, res.body
def test_perform_reset_user_password_link_key_incorrect(self): CreateTestData.create_user(name='jack', password='******') # Make up a key - i.e. trying to hack this user = model.User.by_name(u'jack') offset = url_for(controller='user', action='perform_reset', id=user.id, key='randomness') # i.e. incorrect res = self.app.get(offset, status=403) # error
def test_login(self): # create test user username = u'testlogin' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) fv['remember'] = False res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies for cookie in cookies: assert not 'max-age' in cookie.lower(), cookie # first get redirected to user/logged_in assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/logged_in') or \ res.header('Location').startswith('/user/logged_in') # then get redirected to user page res = res.follow() assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/testlogin') or \ res.header('Location').startswith('/user/testlogin') res = res.follow() assert_equal(res.status, 200) assert 'testlogin is now logged in' in res.body assert 'checkpoint:is-myself' in res.body # check user object created user = model.User.by_name(username) assert user assert_equal(user.name, username) assert len(user.apikey) == 36 # check cookie created cookie = res.request.environ['HTTP_COOKIE'] assert 'auth_tkt=' in cookie, cookie assert 'testlogin!userid_type:unicode' in cookie, cookie # navigate to another page and check username still displayed print res.body res = res.click('Search') print res assert 'testlogin' in res.body, res.body
def setup_class(cls): # Note Testing package-scoped translation requires some existing datasets CreateTestData.create_user('tester', about='A tester', password='******') for pkg_name, pkg in cls.packages.items(): ctx = make_api_context('tester') pkg_result = create_action(ctx, pkg) pkg.update({'id': pkg_result['id']}) return
def test_login(self): # create test user username = u"testlogin" password = u"letmein" CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = str(username) fv["password"] = str(password) fv["remember"] = False res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies for cookie in cookies: assert not "max-age" in cookie.lower(), cookie # first get redirected to user/logged_in assert_equal(res.status, 302) assert res.header("Location").startswith("http://localhost/user/logged_in") or res.header( "Location" ).startswith("/user/logged_in") # then get redirected to user's dashboard res = res.follow() assert_equal(res.status, 302) assert res.header("Location").startswith("http://localhost/dashboard") or res.header("Location").startswith( "/dashboard" ) res = res.follow() assert_equal(res.status, 200) assert "testlogin is now logged in" in res.body assert "checkpoint:my-dashboard" in res.body # check user object created user = model.User.by_name(username) assert user assert_equal(user.name, username) assert len(user.apikey) == 36 # check cookie created cookie = res.request.environ["HTTP_COOKIE"] assert "auth_tkt=" in cookie, cookie assert "testlogin!userid_type:unicode" in cookie, cookie # navigate to another page and check username still displayed res = res.click("Search") assert "testlogin" in res.body, res.body
def test_login(self): # create test user username = u'testlogin' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies # first get redirected to user/logged_in assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/logged_in') or \ res.header('Location').startswith('/user/logged_in') # then get redirected to user page res = res.follow() assert_equal(res.status, 302) assert res.header('Location') in ('http://localhost/user/testlogin', '/user/testlogin') res = res.follow() assert_equal(res.status, 200) assert 'testlogin is now logged in' in res.body assert 'My Account' in res.body # check user object created user = model.User.by_name(username) assert user assert_equal(user.name, username) assert len(user.apikey) == 36 # check cookie created cookie = res.request.environ['HTTP_COOKIE'] # I think some versions of webob do not produce quotes, hence the 'or' assert 'ckan_display_name="testlogin"' in cookie or \ 'ckan_display_name=testlogin' in cookie, cookie assert 'auth_tkt=' in cookie, cookie assert 'testlogin!userid_type:unicode' in cookie, cookie # navigate to another page and check username still displayed res = res.click('Search') assert 'testlogin' in res.body, res.body
def test_login(self): # create test user username = u'testlogin' password = u'letmein' CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies # first get redirected to user/logged_in assert_equal(res.status, 302) assert res.header('Location').startswith('http://localhost/user/logged_in') # then get redirected to user page res = res.follow() assert_equal(res.status, 302) assert_equal(res.header('Location'), 'http://localhost/user/testlogin') res = res.follow() assert_equal(res.status, 200) assert 'testlogin is now logged in' in res.body assert 'My Account' in res.body # check user object created user = model.User.by_name(username) assert user assert_equal(user.name, username) assert len(user.apikey) == 36 # check cookie created cookie = res.request.environ['HTTP_COOKIE'] # I think some versions of webob do not produce quotes, hence the 'or' assert 'ckan_display_name="testlogin"' in cookie or \ 'ckan_display_name=testlogin' in cookie, cookie assert 'auth_tkt=' in cookie, cookie assert 'testlogin!userid_type:unicode' in cookie, cookie # navigate to another page and check username still displayed res = res.click('Search') assert 'testlogin' in res.body, res.body
def setup_class(cls): smtp_server = config.get('test_smtp_server') if smtp_server: host, port = smtp_server.split(':') port = int(port) + int( str(hashlib.md5(cls.__name__).hexdigest())[0], 16) config['test_smtp_server'] = '%s:%s' % (host, port) PylonsTestCase.setup_class() SmtpServerHarness.setup_class() CreateTestData.create() # make 3 changes, authored by annafan for i in range(3): rev = model.repo.new_revision() pkg = model.Package.by_name(u'annakarenina') pkg.notes = u'Changed notes %i' % i rev.author = u'annafan' model.repo.commit_and_remove() CreateTestData.create_user('unfinisher', about='<a href="http://unfinished.tag') CreateTestData.create_user('uncloser', about='<a href="http://unclosed.tag">') CreateTestData.create_user( 'spammer', about= u'<a href="http://mysite">mysite</a> <a href=\u201dhttp://test2\u201d>test2</a>' ) CreateTestData.create_user( 'spammer2', about= u'<a href="http://spamsite1.com\u201d>spamsite1</a>\r\n<a href="http://www.spamsite2.com\u201d>spamsite2</a>\r\n' )
def setup_class(self): CreateTestData.create() # make 3 changes, authored by annafan for i in range(3): rev = model.repo.new_revision() pkg = model.Package.by_name(u'annakarenina') pkg.notes = u'Changed notes %i' % i rev.author = u'annafan' model.repo.commit_and_remove() CreateTestData.create_user('unfinisher', about='<a href="http://unfinished.tag') CreateTestData.create_user('uncloser', about='<a href="http://unclosed.tag">') CreateTestData.create_user( 'spammer', about= u'<a href="http://mysite">mysite</a> <a href=\u201dhttp://test2\u201d>test2</a>' ) CreateTestData.create_user( 'spammer2', about= u'<a href="http://spamsite1.com\u201d>spamsite1</a>\r\n<a href="http://www.spamsite2.com\u201d>spamsite2</a>\r\n' )
def setup_class(self): username = u'testlogin2' password = u'letmein' CreateTestData.create_user(name=username, password=password) # do the login offset = url_for(controller='user', action='login') res = self.app.get(offset) fv = res.forms['login'] fv['login'] = str(username) fv['password'] = str(password) fv['remember'] = True res = fv.submit() setup()
def setup_class(cls): smtp_server = config.get("test_smtp_server") if smtp_server: host, port = smtp_server.split(":") port = int(port) + int(str(hashlib.md5(cls.__name__).hexdigest())[0], 16) config["test_smtp_server"] = "%s:%s" % (host, port) PylonsTestCase.setup_class() SmtpServerHarness.setup_class() CreateTestData.create() # make 3 changes, authored by annafan for i in range(3): rev = model.repo.new_revision() pkg = model.Package.by_name(u"annakarenina") pkg.notes = u"Changed notes %i" % i rev.author = u"annafan" model.repo.commit_and_remove() CreateTestData.create_user("unfinisher", about='<a href="http://unfinished.tag') CreateTestData.create_user("uncloser", about='<a href="http://unclosed.tag">') CreateTestData.create_user( "spammer", about=u'<a href="http://mysite">mysite</a> <a href=\u201dhttp://test2\u201d>test2</a>' ) CreateTestData.create_user( "spammer2", about=u'<a href="http://spamsite1.com\u201d>spamsite1</a>\r\n<a href="http://www.spamsite2.com\u201d>spamsite2</a>\r\n', )
def test_login(self): # create test user username = u"testlogin" password = u"letmein" CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = str(username) fv["password"] = str(password) res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies # first get redirected to user/logged_in assert_equal(res.status, 302) assert res.header("Location").startswith("http://localhost/user/logged_in") or res.header( "Location" ).startswith("/user/logged_in") # then get redirected to user page res = res.follow() assert_equal(res.status, 302) assert res.header("Location") in ("http://localhost/user/testlogin", "/user/testlogin") res = res.follow() assert_equal(res.status, 200) assert "testlogin is now logged in" in res.body assert "My Account" in res.body # check user object created user = model.User.by_name(username) assert user assert_equal(user.name, username) assert len(user.apikey) == 36 # check cookie created cookie = res.request.environ["HTTP_COOKIE"] # I think some versions of webob do not produce quotes, hence the 'or' assert 'ckan_display_name="testlogin"' in cookie or "ckan_display_name=testlogin" in cookie, cookie assert "auth_tkt=" in cookie, cookie assert "testlogin!userid_type:unicode" in cookie, cookie # navigate to another page and check username still displayed res = res.click("Search") assert "testlogin" in res.body, res.body
def setup_class(cls): logging.basicConfig(level=logging.INFO) CreateTestData.create_user('tester', about='A tester', password='******') CreateTestData.create_groups([ { 'name': cls.owner_org['name'], 'title': cls.owner_org['title'], 'description': cls.owner_org['description'], 'type': 'organization', 'is_organization': True, }], admin_user_name='tester') cls.extra_environ = {'REMOTE_USER': '******'} return
def setup_class(cls): CreateTestData.create_user('tester', about='A tester', password='******') CreateTestData.create_groups([{ 'name': 'acme', 'title': u'Acme', 'description': u'A fictional organization', 'type': 'organization', 'is_organization': True, }], admin_user_name='tester') cls.find_translatable_fields() cls.default_lang = pylons.config['ckan.locale_default']
def test_user_delete_redirects_to_user_index(self): user = CreateTestData.create_user("a_user") url = url_for(controller="user", action="delete", id=user.id) extra_environ = {"REMOTE_USER": "******"} redirect_url = url_for(controller="user", action="index", qualified=True) res = self.app.get(url, status=302, extra_environ=extra_environ) assert user.is_deleted(), user assert res.header("Location").startswith(redirect_url), res.header("Location")
def test_user_delete_redirects_to_user_index(self): user = CreateTestData.create_user('a_user') url = url_for(controller='user', action='delete', id=user.id) extra_environ = {'REMOTE_USER': '******'} redirect_url = url_for(controller='user', action='index', qualified=True) res = self.app.get(url, status=302, extra_environ=extra_environ) assert user.is_deleted(), user assert res.header('Location').startswith(redirect_url), res.header('Location')
def setup_class(cls): logging.basicConfig(level=logging.INFO) CreateTestData.create_user('tester', about='A tester', password='******') CreateTestData.create_groups( [{ 'name': cls.owner_org['name'], 'title': cls.owner_org['title'], 'description': cls.owner_org['description'], 'type': 'organization', 'is_organization': True, }], admin_user_name='tester') cls.extra_environ = {'REMOTE_USER': '******'} return
def test_perform_reset_doesnt_activate_deleted_user(self): password = "******" params = {"password1": password, "password2": password} user = CreateTestData.create_user(name="deleted_user", email="*****@*****.**") user.delete() create_reset_key(user) assert user.is_deleted(), user.state offset = url_for(controller="user", action="perform_reset", id=user.id, key=user.reset_key) res = self.app.post(offset, params=params, status=302) user = model.User.get(user.id) assert user.is_deleted(), user
def setup_class(self): CreateTestData.create() # make 3 changes, authored by annafan for i in range(3): rev = model.repo.new_revision() pkg = model.Package.by_name(u'annakarenina') pkg.notes = u'Changed notes %i' % i rev.author = u'annafan' model.repo.commit_and_remove() CreateTestData.create_user('unfinisher', about='<a href="http://unfinished.tag') CreateTestData.create_user('uncloser', about='<a href="http://unclosed.tag">') CreateTestData.create_user('spammer', about=u'<a href="http://mysite">mysite</a> <a href=\u201dhttp://test2\u201d>test2</a>') CreateTestData.create_user('spammer2', about=u'<a href="http://spamsite1.com\u201d>spamsite1</a>\r\n<a href="http://www.spamsite2.com\u201d>spamsite2</a>\r\n')
def test_request_reset_user_password_using_search(self): offset = url_for(controller="user", action="request_reset") CreateTestData.create_user(name="larry1", fullname="kittens") CreateTestData.create_user(name="larry2", fullname="kittens") res = self.app.get(offset) fv = res.forms["user-password-reset"] fv["user"] = "******" res = fv.submit() assert ""kittens" matched several users" in res, res assert "larry1" not in res, res assert "larry2" not in res, res res = self.app.get(offset) fv = res.forms["user-password-reset"] fv["user"] = "" res = fv.submit() assert "No such user:"******"user-password-reset"] fv["user"] = "******" res = fv.submit() assert "No such user:" in res, res
def test_request_reset_user_password_using_search(self): offset = url_for(controller='user', action='request_reset') CreateTestData.create_user(name='larry1', fullname='kittens') CreateTestData.create_user(name='larry2', fullname='kittens') res = self.app.get(offset) fv = res.forms['user-password-reset'] fv['user'] = '******' res = fv.submit() assert '"kittens" matched several users' in res, res assert 'larry1' not in res, res assert 'larry2' not in res, res res = self.app.get(offset) fv = res.forms['user-password-reset'] fv['user'] = '' res = fv.submit() assert 'No such user:'******'user-password-reset'] fv['user'] = '******' res = fv.submit() assert 'No such user:' in res, res
def test_login_remembered(self): # create test user username = u"testlogin2" password = u"letmein" CreateTestData.create_user(name=username, password=password) user = model.User.by_name(username) # do the login offset = url_for(controller="user", action="login") res = self.app.get(offset) fv = res.forms["login"] fv["login"] = str(username) fv["password"] = str(password) fv["remember"] = True res = fv.submit() # check cookies set cookies = self._get_cookie_headers(res) assert cookies # check cookie is remembered via Max-Age and Expires # (both needed for cross-browser compatibility) for cookie in cookies: assert "Max-Age=63072000;" in cookie, cookie assert "Expires=" in cookie, cookie
def test_perform_reset_doesnt_activate_deleted_user(self): password = '******' params = {'password1': password, 'password2': password} user = CreateTestData.create_user(name='deleted_user', email='*****@*****.**') user.delete() create_reset_key(user) assert user.is_deleted(), user.state offset = url_for(controller='user', action='perform_reset', id=user.id, key=user.reset_key) res = self.app.post(offset, params=params, status=302) user = model.User.get(user.id) assert user.is_deleted(), user
def setup_class(cls): CreateTestData.create_user('tester', about='A tester', password='******') return