def test_handle_submit_key_expired(self): reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template('templates/reset_failed.pt') request = self.request request.params['key'] = '0' * 40 self._setupUsers() context = self.context context['profiles'] = testing.DummyModel() profile = context['profiles']['me'] = testing.DummyModel() profile.password_reset_key = '0' * 40 controller = self._makeOne(context, request) converted = {'login': '******'} # first w/ no profile reset time response = controller.handle_submit(converted) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset Confirmation Key Expired') # now w/ expired key renderer = config.testing_add_template('templates/reset_failed.pt') from karl.views.resetpassword import max_reset_timedelta import datetime keytime = datetime.datetime.now() - max_reset_timedelta profile.password_reset_time = keytime response = controller.handle_submit(converted) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset Confirmation Key Expired')
def test_handle_submit_wrong_key(self): reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template('templates/reset_failed.pt') request = self.request request.params['key'] = '0' * 40 self._setupUsers() context = self.context context['profiles'] = testing.DummyModel() context['profiles']['me'] = testing.DummyModel() controller = self._makeOne(context, request) converted = {'login': '******'} # first w/ no profile reset key response = controller.handle_submit(converted) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset Confirmation Problem') # now w/ wrong profile reset key renderer = config.testing_add_template('templates/reset_failed.pt') context['profiles']['me'].password_reset_key = '1' * 40 response = controller.handle_submit(converted) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset Confirmation Problem')
def test___call__bad_key(self): # register dummy renderer for the email template reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template('templates/reset_failed.pt') request = self.request # no key controller = self._makeOne(self.context, request) response = controller() from webob.response import Response self.assertEqual(response.__class__, Response) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset URL Problem') # reset renderer.api value so we know the test is useful renderer = config.testing_add_template('templates/reset_failed.pt') # key of wrong length request.params['key'] = 'foofoofoo' controller = self._makeOne(self.context, request) response = controller() from webob.response import Response self.assertEqual(response.__class__, Response) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset URL Problem')
def test_handle_submit_utf8_password(self): password = u'password\xe1' reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template('templates/reset_complete.pt') request = self.request request.params['key'] = '0' * 40 self._setupUsers() context = self.context context['profiles'] = testing.DummyModel() profile = context['profiles']['me'] = testing.DummyModel() profile.password_reset_key = '0' * 40 controller = self._makeOne(context, request) converted = {'login': '******', 'password': password} import datetime keytime = datetime.datetime.now() profile.password_reset_time = keytime response = controller.handle_submit(converted) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset Complete') renderer.assert_(login='******', password=password) self.failUnless(profile.password_reset_key is None) self.failUnless(profile.password_reset_time is None) user = self.context.users.get(login='******') from repoze.who.plugins.zodb.users import get_sha_password self.assertEqual(user['password'], get_sha_password(password.encode('utf8')))
def test_handle_submit_bad_key(self): reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template('templates/reset_failed.pt') request = self.request request.params['key'] = 'foofoofoo' controller = self._makeOne(self.context, request) response = controller.handle_submit({}) self.failUnless(hasattr(renderer, 'api')) self.assertEqual(renderer.api.page_title, 'Password Reset URL Problem')
def test_handle_submit(self): context = self.context request = self.request # fake the mailer from repoze.sendmail.interfaces import IMailDelivery from karl.testing import DummyMailer mailer = DummyMailer() testing.registerUtility(mailer, IMailDelivery) # fake catalog search from karl.models.interfaces import ICatalogSearch from zope.interface import Interface testing.registerAdapter( DummyProfileSearch, (Interface,), ICatalogSearch) # fake a staff user from karl.testing import DummyUsers context.users = DummyUsers() context.users.add('me', 'me', 'password', ['group.KarlStaff']) # register dummy renderer for email template reg = get_current_registry() config = Configurator(reg) renderer = config.testing_add_template( 'templates/email_reset_password.pt') # test w/ staff user controller = self._makeOne(context, request) converted = {'email': '*****@*****.**'} response = controller.handle_submit(converted) self.failIf(len(mailer)) self.assertEqual(response.location, 'http://login.example.com/resetpassword?email=me%40example.com' '&came_from=http%3A%2F%2Fexample.com%2Flogin.html') # register dummy profile search profile_search = DummyProfileSearch(context) def search_adapter(context): return profile_search testing.registerAdapter(search_adapter, (Interface,), ICatalogSearch) # convert to non-staff user and test again, email should # go out this time context.users._by_id['me']['groups'] = [] response = controller.handle_submit(converted) self.assertEqual(response.location, 'http://example.com/reset_sent.html?email=me%40example.com') profile = profile_search.profile self.failUnless(profile.password_reset_key) self.failUnless(profile.password_reset_time) self.assertEqual(len(mailer), 1) msg = mailer.pop() self.assertEqual(len(msg.mto), 1) self.assertEqual(msg.mto[0], '*****@*****.**') self.assertEqual(dict(msg.msg._headers)['Subject'], 'karl3test Password Reset Request') renderer.assert_(login='******', system_name='karl3test') self.failUnless(hasattr(renderer, 'reset_url')) self.failUnless(renderer.reset_url.startswith( 'http://example.com/reset_confirm.html?key='), renderer.reset_url)