def test_activate_invalid(self):
from pyramid_signup.views import RegisterController
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from pyramid_signup.managers import UserManager
self.config.include('pyramid_signup')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
mgr = UserManager(request)
user = mgr.get_by_username('sontek')
assert not user.activated
assert response.status_int == 404
def test_activate_invalid(self):
from pyramid_signup.views import RegisterController
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from pyramid_signup.managers import UserManager
self.config.include('pyramid_signup')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'invalid'
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
mgr = UserManager(request)
user = mgr.get_by_username('sontek')
assert not user.activated
assert response.status_int == 404
def test_get_user_activation(self):
from pyramid_signup.models import Activation
from pyramid_signup.managers import ActivationManager
from pyramid_signup.managers import UserManager
from pyramid_signup.models import User
user1 = User(username="******", password="******", email="*****@*****.**")
user2 = User(username="******", password="******", email="*****@*****.**")
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
mgr = ActivationManager(request)
user_mgr = UserManager(request)
new_user = user_mgr.get_by_username("sontek2")
new_activation = mgr.get_by_code(activation.code)
assert activation == new_activation
assert new_user.activation == new_activation
def test_get_user_by_activation_with_multiple_users(self):
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_signup.managers import UserManager
user1 = User(username='******',
password='******',
email='*****@*****.**')
user2 = User(username='******',
password='******',
email='*****@*****.**')
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
mgr = UserManager(request)
new_user = mgr.get_by_activation(activation)
assert new_user == user2
def test_get_user_activation(self):
from pyramid_signup.models import Activation
from pyramid_signup.managers import ActivationManager
from pyramid_signup.managers import UserManager
from pyramid_signup.models import User
user1 = User(username='******',
password='******',
email='*****@*****.**')
user2 = User(username='******',
password='******',
email='*****@*****.**')
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
mgr = ActivationManager(request)
user_mgr = UserManager(request)
new_user = user_mgr.get_by_username('sontek2')
new_activation = mgr.get_by_code(activation.code)
assert activation == new_activation
assert new_user.activation == new_activation
def test_login_succeeds(self):
""" Make sure we can login """
from pyramid_signup.models import User
admin = User(username='******', password='******')
admin.activated = True
self.session.add(admin)
self.session.flush()
from pyramid_signup.views import AuthController
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
},
request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_reset_password_empty_password(self):
from pyramid_signup.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
self.config.registry.registerUtility(DummyMailer(), IMailer)
from pyramid_signup.models import User
from pyramid_signup.models import Activation
user = User(username='******', password='******', email='*****@*****.**')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
view = ForgotPasswordController(request)
response = view.reset_password()
assert len(response['errors']) == 1
def test_invalid_reset_gets_404(self):
from pyramid_signup.views import ForgotPasswordController
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
self.config.registry.registerUtility(DummyMailer(), IMailer)
from pyramid_signup.models import User
from pyramid_signup.models import Activation
user = User(username='******', password='******', email='*****@*****.**')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
get = Mock()
get.return_value = 'b'
request.matchdict.get = get
request.user = None
view = ForgotPasswordController(request)
response = view.reset_password()
assert response.status_int == 404
def post(self):
if self.request.method == 'POST':
try:
controls = self.request.POST.items()
captured = self.form.validate(controls)
except deform.ValidationFailure, e:
return {'form': e.render(), 'errors': e.error.children}
email = captured['Email']
username = captured['Username']
password = captured['Password']
mgr = UserManager(self.request)
user = mgr.get_by_username(username)
if user:
self.request.session.flash(_('That username is already used.'), 'error')
return {'form': self.form.render(self.request.POST)}
activation = None
try:
user = User(username=username, password=password, email=email)
if self.require_activation:
activation = Activation()
self.db.add(activation)
user.activation = activation
body = pystache.render(_("Please activate your e-mail address by visiting {{ link }}"),
{
'link': route_url('activate', self.request, code=user.activation.code)
}
)
subject = _("Please active your e-mail address!")
message = Message(subject=subject, recipients=[user.email], body=body)
self.mailer.send(message)
self.request.session.flash(_('Please check your E-mail for an activation link'), 'success')
else:
user.activated = True
self.db.add(user)
self.db.flush()
except Exception as exc:
self.request.session.flash(exc.message, 'error')
return {'form': self.form.render()}
self.request.registry.notify(
NewRegistrationEvent(self.request, user, activation, controls)
)
return HTTPFound(location=self.register_redirect_view)
def test_reset_password_valid_user(self):
from pyramid_signup.views import ForgotPasswordController
from pyramid_signup.interfaces import ISUSession
from pyramid_signup.events import PasswordResetEvent
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_signup.models import crypt
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******', email='*****@*****.**')
user.activation = Activation()
self.session.add(user)
self.session.flush()
request = self.get_csrf_request(post={
'Password': {
'value': 'test123',
'confirm': 'test123',
},
}, request_method='POST')
request.matchdict = Mock()
get = Mock()
get.return_value = user.activation.code
request.matchdict.get = get
request.user = None
flash = Mock()
request.session.flash = flash
def handle_password_reset(event):
request = event.request
session = request.registry.getUtility(ISUSession)
session.commit()
self.config.add_subscriber(handle_password_reset, PasswordResetEvent)
view = ForgotPasswordController(request)
response = view.reset_password()
assert not crypt.check(user.password, 'temp' + user.salt)
assert response.status_int == 302
def test_register_existing_user(self):
from pyramid_signup.views import RegisterController
from pyramid_mailer.mailer import DummyMailer
from pyramid_mailer.interfaces import IMailer
from pyramid_signup.models import User
self.config.include('pyramid_signup')
self.config.registry.registerUtility(DummyMailer(), IMailer)
self.config.add_route('index', '/')
admin = User(username='******', password='******')
self.session.add(admin)
self.session.flush()
request = self.get_csrf_request(post={
'Username': '******',
'Password': {
'value': 'test123',
'confirm': 'test123',
},
'Email': '*****@*****.**'
},
request_method='POST')
flash = Mock()
request.session.flash = flash
controller = RegisterController(request)
controller.post()
flash.assert_called_with(u'That username is already used.', 'error')
def test_inactive_login_fails(self):
""" Make sure we can't login with an inactive user """
from pyramid_signup.models import User
user = User(username='******', password='******')
self.session.add(user)
self.session.flush()
from pyramid_signup.views import AuthController
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
},
request_method='POST')
flash = Mock()
request.session.flash = flash
view = AuthController(request)
view.login()
flash.assert_called_with(
u'Your account is not active, please check your e-mail.', 'error')
def test_display_name_only_username(self):
from pyramid_signup.models import User
user1 = User(username='******')
self.session.add(user1)
self.session.flush()
assert user1.display_name == 'sontek'
def test_get_user_by_activation(self):
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_signup.managers import UserManager
user = User(username="******", password="******", email="*****@*****.**")
activation = Activation()
user.activation = activation
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
mgr = UserManager(request)
new_user = mgr.get_by_activation(activation)
assert new_user == user
def test_activate_invalid_user(self):
from pyramid_signup.views import RegisterController
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from pyramid_signup.managers import UserManager
self.config.include('pyramid_signup')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
bad_act = Activation()
user = User(username='******', password='******')
user.activation = Activation()
user2 = User(username='******', password='******')
user2.activation = bad_act
self.session.add(user)
self.session.add(user2)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(val, ret):
if val == 'code':
return bad_act.code
elif val == 'user_pk':
return user.pk
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
mgr = UserManager(request)
new_user1 = mgr.get_by_username('sontek')
new_user2 = mgr.get_by_username('jessie')
assert not new_user1.activated
assert not new_user2.activated
assert response.status_int == 404
def test_activate_multiple_users(self):
from pyramid_signup.views import RegisterController
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_mailer.interfaces import IMailer
from pyramid_mailer.mailer import DummyMailer
from pyramid_signup.managers import UserManager
from pyramid_signup.managers import ActivationManager
self.config.include('pyramid_signup')
self.config.add_route('index', '/')
self.config.registry.registerUtility(DummyMailer(), IMailer)
user = User(username='******', password='******')
user.activation = Activation()
user1 = User(username='******', password='******')
user1.activation = Activation()
self.session.add(user)
self.session.add(user1)
self.session.flush()
request = testing.DummyRequest()
request.matchdict = Mock()
def get(key, default):
if key == 'code':
return user1.activation.code
else:
return user1.pk
request.matchdict.get = get
controller = RegisterController(request)
response = controller.activate()
mgr = UserManager(request)
user = mgr.get_by_username('sontek1')
act_mgr = ActivationManager(request)
activations = act_mgr.get_all()
assert len(activations) == 1
assert user.activated
assert response.status_int == 302
def test_display_name_full(self):
from pyramid_signup.models import User
user1 = User(username='******',
first_name='john',
last_name='anderson',
password='******')
self.session.add(user1)
self.session.flush()
assert user1.display_name == 'john anderson'
def test_password_hashing(self):
from pyramid_signup.models import User
user1 = User(username='******',
first_name='john',
last_name='anderson',
password='******')
self.session.add(user1)
self.session.flush()
assert user1.password != 'password'
assert user1.salt != None
def test_valid_login(self):
""" Call the login view, make sure routes are working """
from pyramid_signup.models import User
admin = User(username='******', password='******')
admin.activated = True
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
res = self.app.post('/login',
{
'submit': True,
'Username': '******',
'Password': '******',
'csrf_token': csrf
}
)
assert res.status_int == 302
def test_get_user_by_activation_with_multiple_users(self):
from pyramid_signup.models import User
from pyramid_signup.models import Activation
from pyramid_signup.managers import UserManager
user1 = User(username='******', password='******', email='*****@*****.**')
user2 = User(username='******', password='******', email='*****@*****.**')
activation = Activation()
user2.activation = activation
self.session.add(user1)
self.session.add(user2)
self.session.commit()
request = testing.DummyRequest()
mgr = UserManager(request)
new_user = mgr.get_by_activation(activation)
assert new_user == user2
def test_create_organization(self):
from pyramid_signup.models import Organization
from pyramid_signup.models import User
owner = User()
self.session.add(owner)
self.session.flush()
organization = Organization('foo', owner)
self.session.add(organization)
self.session.flush()
assert organization.name == 'foo'
assert organization.create_date != None
def test_get_user_by_invalid_username(self):
from pyramid_signup.models import User
from pyramid_signup.managers import UserManager
user = User(username='******', password='******')
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
mgr = UserManager(request)
new_user = mgr.get_by_username('sontek1')
assert new_user == None
def test_login_succeeds(self):
""" Make sure we can login """
from pyramid_signup.models import User
admin = User(username='******', password='******')
admin.activated = True
self.session.add(admin)
self.session.flush()
from pyramid_signup.views import AuthController
self.config.add_route('index', '/')
self.config.include('pyramid_signup')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
}, request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_get_user_by_email(self):
from pyramid_signup.models import User
from pyramid_signup.managers import UserManager
user = User(username='******',
password='******',
email='*****@*****.**')
self.session.add(user)
self.session.commit()
request = testing.DummyRequest()
mgr = UserManager(request)
new_user = mgr.get_by_email(user.email)
assert new_user == user
def main(argv=sys.argv): # pragma: no cover
if len(argv) != 2:
usage(argv)
config_uri = argv[1]
setup_logging(config_uri)
settings = get_appsettings(config_uri)
config = Configurator(settings=settings)
config.include('pyvore.models')
engine = engine_from_config(settings, 'sqlalchemy.')
session = DBSession(bind=engine)
Entity.metadata.bind = engine
SUEntity.metadata.bind = engine
Entity.metadata.drop_all(engine)
SUEntity.metadata.drop_all(engine)
SUEntity.metadata.create_all(engine)
Entity.metadata.create_all(engine)
f = open(os.path.join(here, 'pycon.json')).read()
data = json.loads(f)
for d in data:
title = d['title']
start = d['start']
start = datetime.datetime(start[0], start[1], start[2], start[3])
new_session = Session(title=title, start=start)
session.add(new_session)
username = raw_input("What is your username?: ").decode('utf-8')
email = raw_input("What is your email?: ").decode('utf-8')
password = getpass("What is your password?: ").decode('utf-8')
admin = User(username=username,
password=password,
email=email,
activated=True)
session.add(admin)
transaction.commit()
def test_organization_acl(self):
from pyramid_signup.models import Organization
from pyramid_signup.models import User
from pyramid.security import Allow
owner = User()
self.session.add(owner)
self.session.flush()
organization = Organization('foo', owner)
self.session.add(organization)
self.session.flush()
ace = organization.__acl__
assert len(ace) == 1
assert ace[0][0] == Allow
assert ace[0][1] == 'organization:1'
assert ace[0][2] == 'access_organization'
def test_request_factory(self):
from pyramid_signup import SignUpRequestFactory
user1 = User(username='******', first_name='john')
self.session.add(user1)
self.session.flush()
with patch('pyramid_signup.unauthenticated_userid') as unauth:
unauth.return_value = 1
request = SignUpRequestFactory({})
request.registry = Mock()
getUtility = Mock()
getUtility.return_value = self.session
request.registry.getUtility = getUtility
user = request.user
assert user == user1
def test_inactive_login(self):
""" Make sure inactive users can't sign in"""
from pyramid_signup.models import User
admin = User(username='******', password='******')
self.session.add(admin)
self.session.flush()
res = self.app.get('/login')
csrf = res.form.fields['csrf_token'][0].value
res = self.app.post('/login',
{
'submit': True,
'Username': '******',
'Password': '******',
'csrf_token': csrf
}
)
assert 'Your account is not active, please check your e-mail.' in res.body
def post(self):
if self.request.method == 'POST':
try:
controls = self.request.POST.items()
captured = self.form.validate(controls)
except deform.ValidationFailure, e:
return {'form': e.render(), 'errors': e.error.children}
email = captured['Email']
username = captured['Username']
password = captured['Password']
mgr = UserManager(self.request)
user = mgr.get_by_username(username)
if user:
self.request.session.flash(_('That username is already used.'),
'error')
return {'form': self.form.render(self.request.POST)}
activation = None
try:
user = User(username=username, password=password, email=email)
if self.require_activation:
activation = Activation()
self.db.add(activation)
user.activation = activation
body = pystache.render(
_("Please activate your e-mail address by visiting {{ link }}"
), {
'link':
route_url('activate',
self.request,
code=user.activation.code)
})
subject = _("Please active your e-mail address!")
message = Message(subject=subject,
recipients=[user.email],
body=body)
self.mailer.send(message)
self.request.session.flash(
_('Please check your E-mail for an activation link'),
'success')
else:
user.activated = True
self.db.add(user)
self.db.flush()
except Exception as exc:
self.request.session.flash(exc.message, 'error')
return {'form': self.form.render()}
self.request.registry.notify(
NewRegistrationEvent(self.request, user, activation, controls))
return HTTPFound(location=self.register_redirect_view)