def test_user_listing_serialization(database): """Test serialization of user listings.""" schema = validator('UserListing') view = UserSerializer() with database.session() as session: manager = UserManager(session) manager.register_user('alice', 'mypwd') manager.register_user('bob', 'mypwd') doc = view.user_listing(manager.list_users()) schema.validate(doc) assert len(doc[labels.USER_LIST]) == 2
def test_activate_user(database): """Test creating inactive users and activating them.""" # -- Test creating an inactive user --------------------------------------- username = '******' password = '******' with database.session() as session: users = UserManager(session) user = users.register_user(username, password, verify=True) user_id = user.user_id # Attempt to login will raise error with pytest.raises(err.UnknownUserError): users.login_user(username, password) # -- Test activate user --------------------------------------------------- with database.session() as session: # After activating the user login should succeed. users = UserManager(session) auth = OpenAccessAuth(session) active_user = users.activate_user(user_id) assert active_user.user_id == user_id assert active_user.name == username assert active_user.api_key is None user = users.login_user(username, password) assert user.name == username assert user.api_key is not None assert auth.authenticate(user.api_key.value).user_id == user_id # Activate the same user twice should not raise an error active_user = users.activate_user(user_id) assert active_user.user_id == user_id assert active_user.name == username assert active_user.api_key is not None
def test_list_users(database): """Test listing and searching for users.""" # -- Setup ---------------------------------------------------------------- # # Create a database with four active and one inactive user. with database.session() as session: users = UserManager(session) users.register_user('*****@*****.**', 'pwd1', verify=False) users.register_user('*****@*****.**', 'pwd1', verify=False) users.register_user('*****@*****.**', 'pwd1', verify=False) users.register_user('*****@*****.**', 'pwd1', verify=False) u = users.register_user('*****@*****.**', 'pwd1', verify=True) inactive_user_id = u.user_id # -- Test user listing ---------------------------------------------------- with database.session() as session: # There should be four users in the returned list. users = UserManager(session) assert len(users.list_users()) == 4 with database.session() as session: # After activating the inactive user, the listing contains five users. users = UserManager(session) users.activate_user(inactive_user_id) assert len(users.list_users()) == 5 # -- Test query prefixes -------------------------------------------------- with database.session() as session: # Query users by name prefix. users = UserManager(session) assert len(users.list_users(prefix='a')) == 3 assert len(users.list_users(prefix='ab')) == 2 assert len(users.list_users(prefix='ade')) == 1
def test_reset_password(database): """Test resetting a user password.""" # -- Setup ---------------------------------------------------------------- # # Create one active user. username = '******' password = '******' with database.session() as session: # After a reset request has been send the previous password should # still be valid. users = UserManager(session) auth = OpenAccessAuth(session) user_id = users.register_user(username, password).user_id # -- Test reset password -------------------------------------------------- with database.session() as session: users = UserManager(session) auth = OpenAccessAuth(session) # Ensure login works prior to reset request. token = users.login_user(username, password).api_key.value assert auth.authenticate(token).user_id == user_id request_id = users.request_password_reset(username) password = '******' user = users.reset_password(request_id=request_id, password=password) assert user.user_id == user_id # After resetting the password the previous API key for the user is # invalid with pytest.raises(err.UnauthenticatedAccessError): auth.authenticate(token) token = users.login_user('*****@*****.**', 'mypwd').api_key.value assert auth.authenticate(token).user_id == user_id # -- Test login after request --------------------------------------------- with database.session() as session: # After a reset request has been send the previous password should # still be valid. users = UserManager(session) auth = OpenAccessAuth(session) users.request_password_reset(username) token = users.login_user(username, password).api_key.value assert auth.authenticate(token).user_id == user_id # -- Test request reset for unknown user ---------------------------------- with database.session() as session: users = UserManager(session) assert users.request_password_reset('*****@*****.**') is not None # --Error cases ----------------------------------------------------------- with database.session() as session: # An error is raised when (i) trying to use a request for an unknown # user, (ii) a previously completed reset request, or (iii) an unknown # request identifier to reset a user password users = UserManager(session) with pytest.raises(err.UnknownRequestError): users.reset_password(request_id=request_id, password=password) with pytest.raises(err.UnknownRequestError): users.reset_password(request_id='UNKNOWN', password=password) with pytest.raises(err.UnknownRequestError): users.reset_password(request_id='unknown', password=password)
def test_reset_request_timeout(database): """Test resetting a user password using a request identifier that has timed out. """ # -- Setup ---------------------------------------------------------------- # # Create database with single active user. username = '******' with database.session() as session: users = UserManager(session) users.register_user(username, 'pwd1') # -- Test password reset after timed-out ---------------------------------- with database.session() as session: # Request a password reset and then sleep for a period of time that is # lonker than the token timeout period. users = UserManager(session, token_timeout=1) request_id = users.request_password_reset(username) time.sleep(2) with pytest.raises(err.UnknownRequestError): users.reset_password(request_id=request_id, password='******')
def test_user_handle_serialization(database): """Test serialization of user handles.""" schema = validator('User') view = UserSerializer() with database.session() as session: manager = UserManager(session) user = manager.register_user('alice', 'mypwd') doc = view.user(user) schema.validate(doc) assert doc[labels.USER_NAME] == 'alice' assert labels.USER_TOKEN not in doc user = manager.login_user('alice', 'mypwd') doc = view.user(user, include_token=True) schema.validate(doc) assert doc[labels.USER_NAME] == 'alice' assert labels.USER_TOKEN in doc
def test_register_user(database): """Test registering a new user.""" # -- Test creating an active user ----------------------------------------- with database.session() as session: users = UserManager(session) auth = OpenAccessAuth(session) reg_user = users.register_user('*****@*****.**', 'pwd1') assert reg_user.api_key is None user_1 = users.login_user('*****@*****.**', 'pwd1') assert user_1.name == '*****@*****.**' user_id_1 = auth.authenticate(user_1.api_key.value).user_id assert user_1.user_id == user_id_1 # -- Error cases ---------------------------------------------------------- with database.session() as session: users = UserManager(session) # Register user with existing email address raises error with pytest.raises(err.DuplicateUserError): users.register_user('*****@*****.**', 'pwd1') # Providing invalid email or password will raise error with pytest.raises(err.ConstraintViolationError): users.register_user(None, 'pwd1') with pytest.raises(err.ConstraintViolationError): users.register_user(' \t', 'pwd1') with pytest.raises(err.ConstraintViolationError): users.register_user('a' * 513, 'pwd1') with pytest.raises(err.ConstraintViolationError): users.register_user('*****@*****.**', ' ')