def generate_users(nr_users, nr_projects):
"""
The generate_users method will create a clean state db with
:param nr_users: number of users to be generated (with random roles between
CLINICIAN and RESEARCHER and random validated state)
:param nr_projects: maximum number of projects to be generated for each user
"""
users = []
for i in range(nr_users):
coin_flip = random.randint(0, 1)
role = 'CLINICIAN' if coin_flip == 1 else 'RESEARCHER'
password = md5("test").hexdigest()
new_user = model.User("gen" + str(i), password, "*****@*****.**", True, role)
dao.store_entity(new_user)
new_user = dao.get_user_by_name("gen" + str(i))
ExtremeTestFactory.VALIDATION_DICT[new_user.id] = 0
users.append(new_user)
for i in range(nr_users):
current_user = dao.get_user_by_name("gen" + str(i))
projects_for_user = random.randint(0, nr_projects)
for j in range(projects_for_user):
data = dict(name='GeneratedProject' + str(i) + '_' + str(j),
description='test_desc',
users=ExtremeTestFactory.get_users_ids(random.randint(0, nr_users - 3),
nr_users, current_user.id, users))
ProjectService().store_project(current_user, True, None, **data)
ExtremeTestFactory.VALIDATION_DICT[current_user.id] += 1
def generate_users(nr_users, nr_projects):
"""
The generate_users method will create a clean state db with
:param nr_users: number of users to be generated (with random roles between
CLINICIAN and RESEARCHER and random validated state)
:param nr_projects: maximum number of projects to be generated for each user
"""
config.EVENTS_FOLDER = ''
users = []
for i in range(nr_users):
coin_flip = random.randint(0, 1)
role = 'CLINICIAN' if coin_flip == 1 else 'RESEARCHER'
password = md5("test").hexdigest()
new_user = model.User("gen" + str(i), password, "*****@*****.**", True, role)
dao.store_entity(new_user)
new_user = dao.get_user_by_name("gen" + str(i))
ExtremeTestFactory.VALIDATION_DICT[new_user.id] = 0
users.append(new_user)
for i in range(nr_users):
current_user = dao.get_user_by_name("gen" + str(i))
projects_for_user = random.randint(0, nr_projects)
for j in range(projects_for_user):
data = dict(name='GeneratedProject' + str(i) + '_' + str(j),
description='test_desc',
users=ExtremeTestFactory.get_users_ids(random.randint(0, nr_users - 3),
nr_users, current_user.id, users))
ProjectService().store_project(current_user, True, None, **data)
ExtremeTestFactory.VALIDATION_DICT[current_user.id] += 1
def test_get_users_for_project(self):
"""
Get all members of a project except the current user.
"""
user_1 = model.User("test_user1", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_1)
user_2 = model.User("test_user2", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_2)
user_3 = model.User("test_user3", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_3)
user_4 = model.User("test_user4", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_4)
user_5 = model.User("test_user5", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_5)
admin = dao.get_user_by_name("test_user1")
member1 = dao.get_user_by_name("test_user2")
member2 = dao.get_user_by_name("test_user5")
data = dict(name="test_proj", description="test_desc", users=[member1.id, member2.id])
project = ProjectService().store_project(admin, True, None, **data)
all_users, members, pag = self.user_service.get_users_for_project(admin.username, project.id)
self.assertEquals(len(members), 2, "More members than there should be.")
self.assertEquals(len(all_users), 5, "Admin should not be viewed as member. "
"Neither should users that were not part of the project's users list.")
self.assertEqual(pag, 1, "Invalid total pages number.")
for user in all_users:
self.assertNotEqual(user.username, admin.username, "Admin is in members!")
def test_usermanagement_post_valid(self):
"""
Create a valid post and check that user is created.
"""
self.test_user.role = "ADMINISTRATOR"
self.test_user = dao.store_entity(self.test_user)
cherrypy.session[common.KEY_USER] = self.test_user
TestFactory.create_user(username="******")
TestFactory.create_user(username="******", validated=False)
user_before_delete = dao.get_user_by_name("to_be_deleted")
self.assertTrue(user_before_delete is not None)
user_before_validation = dao.get_user_by_name("to_validate")
self.assertFalse(user_before_validation.validated)
data = {
"delete_%i" % user_before_delete.id: True,
"role_%i" % user_before_validation.id: "ADMINISTRATOR",
"validate_%i" % user_before_validation.id: True
}
self.user_c.usermanagement(do_persist=True, **data)
user_after_delete = dao.get_user_by_id(user_before_delete.id)
self.assertTrue(user_after_delete is None, "User should be deleted.")
user_after_validation = dao.get_user_by_id(user_before_validation.id)
self.assertTrue(user_after_validation.validated,
"User should be validated now.")
self.assertTrue(user_after_validation.role == "ADMINISTRATOR",
"Role has not changed.")
def test_get_users_for_project(self):
"""
Get all members of a project except the current user.
"""
user_ids = []
for i in range(5):
user = model_project.User("test_user" + str(i),
"test_user_no" + str(i), "pass",
"*****@*****.**")
user = dao.store_entity(user)
user_ids.append(user.id)
admin = dao.get_user_by_name("test_user1")
member1 = dao.get_user_by_name("test_user2")
member2 = dao.get_user_by_name("test_user4")
data = dict(name="test_proj",
description="test_desc",
users=[member1.id, member2.id])
project = ProjectService().store_project(admin, True, None, **data)
all_users, members, pag = self.user_service.get_users_for_project(
admin.username, project.id)
assert len(members) == 3, "More members than there should be."
assert len(all_users) == 5
assert pag == 1, "Invalid total pages number."
admin_found_member = False
for user in members:
if user.username == admin.username:
admin_found_member = True
assert admin_found_member, "Admin is expected to be a project member"
admin_found_editable = False
for user in all_users:
if user.username == admin.username:
admin_found_editable = True
assert not admin_found_editable, "Admin membership should not be editable"
def test_get_users_for_project(self):
"""
Get all members of a project except the current user.
"""
user_1 = model.User("test_user1", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_1)
user_2 = model.User("test_user2", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_2)
user_3 = model.User("test_user3", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_3)
user_4 = model.User("test_user4", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_4)
user_5 = model.User("test_user5", "test_pass", "*****@*****.**", False, "user")
dao.store_entity(user_5)
admin = dao.get_user_by_name("test_user1")
member1 = dao.get_user_by_name("test_user2")
member2 = dao.get_user_by_name("test_user5")
data = dict(name="test_proj", description="test_desc", users=[member1.id, member2.id])
project = ProjectService().store_project(admin, True, None, **data)
all_users, members, pag = self.user_service.get_users_for_project(admin.username, project.id)
assert len(members) == 2, "More members than there should be."
assert len(all_users) == 5, "Admin should not be viewed as member. " \
"Neither should users that were not part of the project's users list."
assert pag == 1, "Invalid total pages number."
for user in all_users:
assert user.username != admin.username, "Admin is in members!"
def test_reset_password_happy_flow(self):
"""
Test method for the reset password method. Happy flow.
"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
self.assertEqual(inserted_user.password, md5("test_password").hexdigest(), "Incorrect password")
reset_pass_data = dict(username="******", email="*****@*****.**")
self.user_service.reset_password(**reset_pass_data)
inserted_user = dao.get_user_by_name("test_user")
self.assertNotEqual(inserted_user.password, md5("test_password"), "Password not reset for some reason!")
def test_reset_password_happy_flow(self):
"""
Test method for the reset password method. Happy flow.
"""
data = dict(username="******", display_name="test_name", password=hash_password("test_password"),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == hash_password("test_password"), "Incorrect password"
reset_pass_data = dict(username="******", email="*****@*****.**")
self.user_service.reset_password(**reset_pass_data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password != hash_password("test_password"), "Password not reset for some reason!"
def test_reset_password_happy_flow(self):
"""
Test method for the reset password method. Happy flow.
"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == md5("test_password").hexdigest(), "Incorrect password"
reset_pass_data = dict(username="******", email="*****@*****.**")
self.user_service.reset_password(**reset_pass_data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password != md5("test_password"), "Password not reset for some reason!"
def test_edit_user_happy_flow(self):
"""
Test the method of editing a user.
"""
data = dict(username="******", display_name="test_name", password=hash_password("test_password"),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == hash_password("test_password"), "Incorrect password"
inserted_user.role = "new_role"
inserted_user.validated = 1
self.user_service.edit_user(inserted_user)
changed_user = dao.get_user_by_name("test_user")
assert changed_user.role == "new_role", "role unchanged"
assert changed_user.validated == 1, "user not validated"
def test_edit_user_happy_flow(self):
"""
Test the method of editing a user.
"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == md5("test_password").hexdigest(), "Incorrect password"
inserted_user.role = "new_role"
inserted_user.validated = 1
self.user_service.edit_user(inserted_user)
changed_user = dao.get_user_by_name("test_user")
assert changed_user.role == "new_role", "role unchanged"
assert changed_user.validated == 1, "user not validated"
def test_edit_user_happy_flow(self):
"""
Test the method of editing a user.
"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
self.assertEqual(inserted_user.password, md5("test_password").hexdigest(), "Incorrect password")
inserted_user.role = "new_role"
inserted_user.validated = 1
self.user_service.edit_user(inserted_user)
changed_user = dao.get_user_by_name("test_user")
self.assertEqual(changed_user.role, "new_role", "role unchanged")
self.assertEqual(changed_user.validated, 1, "user not validated")
def validate_user(self, name='', user_id=None):
"""
Service layer for editing a user and validating the account.
"""
try:
if user_id:
user = dao.get_user_by_id(user_id)
else:
user = dao.get_user_by_name(name)
if user is None or user.validated:
self.logger.debug("UserName not found or already validated:" +
name)
return False
user.validated = True
user = dao.store_entity(user)
self.logger.debug("Sending validation email for userName="******" to address=" + user.email)
email_sender.send(
FROM_ADDRESS, user.email, SUBJECT_VALIDATE, "Hello " + name +
TEXT_VALIDATED + TvbProfile.current.web.BASE_URL + "user/")
self.logger.info("User:"******" was validated successfully" +
" and notification email sent!")
return True
except Exception as excep:
self.logger.warning('Could not validate user:'******'WARNING : ' + str(excep))
return False
def test_retrieve_projects_random(self):
"""
Generate a large number of users/projects, and validate the results.
"""
ExtremeTestFactory.generate_users(NR_USERS, MAX_PROJ_PER_USER)
for i in range(NR_USERS):
current_user = dao.get_user_by_name("gen" + str(i))
expected_projects = ExtremeTestFactory.VALIDATION_DICT[
current_user.id]
if expected_projects % PROJECTS_PAGE_SIZE == 0:
expected_pages = expected_projects / PROJECTS_PAGE_SIZE
exp_proj_per_page = PROJECTS_PAGE_SIZE
else:
expected_pages = expected_projects // PROJECTS_PAGE_SIZE + 1
exp_proj_per_page = expected_projects % PROJECTS_PAGE_SIZE
if expected_projects == 0:
expected_pages = 0
exp_proj_per_page = 0
projects, pages = self.project_service.retrieve_projects_for_user(
current_user.id, expected_pages)
assert len(projects) == exp_proj_per_page, "Projects not retrieved properly! Expected:" + \
str(exp_proj_per_page) + "but got:" + str(len(projects))
assert pages == expected_pages, "Pages not retrieved properly!"
for folder in os.listdir(TvbProfile.current.TVB_STORAGE):
full_path = os.path.join(TvbProfile.current.TVB_STORAGE, folder)
if os.path.isdir(full_path) and folder.startswith('Generated'):
shutil.rmtree(full_path)
def test_retrieve_projects_random(self):
"""
Generate a large number of users/projects, and validate the results.
"""
ExtremeTestFactory.generate_users(NR_USERS, MAX_PROJ_PER_USER)
for i in range(NR_USERS):
current_user = dao.get_user_by_name("gen" + str(i))
expected_projects = ExtremeTestFactory.VALIDATION_DICT[current_user.id]
if expected_projects % PROJECTS_PAGE_SIZE == 0:
expected_pages = expected_projects / PROJECTS_PAGE_SIZE
exp_proj_per_page = PROJECTS_PAGE_SIZE
else:
expected_pages = expected_projects / PROJECTS_PAGE_SIZE + 1
exp_proj_per_page = expected_projects % PROJECTS_PAGE_SIZE
if expected_projects == 0:
expected_pages = 0
exp_proj_per_page = 0
projects, pages = self.project_service.retrieve_projects_for_user(current_user.id, expected_pages)
self.assertEqual(len(projects), exp_proj_per_page, "Projects not retrieved properly! Expected:" +
str(exp_proj_per_page) + "but got:" + str(len(projects)))
self.assertEqual(pages, expected_pages, "Pages not retrieved properly!")
for folder in os.listdir(TvbProfile.current.TVB_STORAGE):
full_path = os.path.join(TvbProfile.current.TVB_STORAGE, folder)
if os.path.isdir(full_path) and folder.startswith('Generated'):
shutil.rmtree(full_path)
def test_get_users_second_page(self):
"""
Try to get the second page of users for a given project
"""
for i in range(USERS_PAGE_SIZE + 3):
exec 'user_' + str(i) + '= model.User("test_user' + str(
i) + '", "test_pass", "*****@*****.**", False, "user")'
exec "dao.store_entity(user_" + str(i) + ")"
for i in range(USERS_PAGE_SIZE + 3):
exec 'member' + str(i) + '=dao.get_user_by_name("test_user' + str(
i) + '")'
admin = dao.get_user_by_name("test_user1")
data = dict(name='test_proj',
description='test_desc',
users=[
eval('member' + str(i) + '.id')
for i in range(USERS_PAGE_SIZE + 3)
])
project = ProjectService().store_project(admin, True, None, **data)
page_users, all_users, pag = self.user_service.get_users_for_project(
admin.username, project.id, 2)
self.assertEqual(len(page_users),
(USERS_PAGE_SIZE + 3) % USERS_PAGE_SIZE)
self.assertEqual(len(all_users), USERS_PAGE_SIZE + 3,
'Not all members returned')
self.assertEqual(pag, 2, 'Invalid page number returned')
def test_create_user_happy_flow(self):
"""
Standard flow for creating a user.
"""
initial_user_count = dao.get_all_users()
data = dict(username="******",
password=md5("test_password").hexdigest(),
email="*****@*****.**",
role="user",
comment="")
self.user_service.create_user(**data)
final_user_count = dao.get_all_users()
self.assertEqual(len(initial_user_count),
len(final_user_count) - 1,
"User count was not increased after create.")
inserted_user = dao.get_user_by_name("test_user")
self.assertEqual(inserted_user.password,
md5("test_password").hexdigest(),
"Incorrect password")
self.assertEqual(inserted_user.email, "*****@*****.**",
"The email inserted is not correct.")
self.assertEqual(inserted_user.role, "user",
"The role inserted is not correct.")
self.assertFalse(inserted_user.validated,
"User validation is not correct.")
def test_get_users_second_page_del(self):
"""
Try to get the second page of users for a given project where only one user on last page.
Then delete that user.
"""
for i in range(USERS_PAGE_SIZE + 1):
exec 'user_' + str(i) + '= model.User("test_user' + str(i) + \
'", "test_pass", "*****@*****.**", False, "user")'
exec "dao.store_entity(user_" + str(i) + ")"
for i in range(USERS_PAGE_SIZE + 1):
exec 'member' + str(i) + '=dao.get_user_by_name("test_user' + str(i) + '")'
admin = dao.get_user_by_name("test_user1")
data = dict(name='test_proj', description='test_desc',
users=[eval('member' + str(i) + '.id') for i in range(USERS_PAGE_SIZE + 1)])
project = ProjectService().store_project(admin, True, None, **data)
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 2)
self.assertEqual(len(page_users), 1, 'Paging not working properly')
self.assertEqual(len(all_users), USERS_PAGE_SIZE + 1, 'Not all members returned')
self.assertEqual(pag, 2, 'Invalid page number returned')
self.user_service.delete_user(member2.id)
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 2)
self.assertEqual(len(page_users), 0, 'Paging not working properly')
self.assertEqual(len(all_users), USERS_PAGE_SIZE, 'Not all members returned')
self.assertEqual(pag, 1, 'Invalid page number returned')
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 1)
self.assertEqual(len(page_users), USERS_PAGE_SIZE, 'Paging not working properly')
self.assertEqual(len(all_users), USERS_PAGE_SIZE, 'Not all members returned')
self.assertEqual(pag, 1, 'Invalid page number returned')
def test_get_users_second_page_del(self):
"""
Try to get the second page of users for a given project where only one user on last page.
Then delete that user.
"""
for i in range(USERS_PAGE_SIZE + 1):
exec 'user_' + str(i) + '= model.User("test_user' + str(i) + \
'", "test_pass", "*****@*****.**", False, "user")'
exec "dao.store_entity(user_" + str(i) + ")"
for i in range(USERS_PAGE_SIZE + 1):
exec 'member' + str(i) + '=dao.get_user_by_name("test_user' + str(i) + '")'
admin = dao.get_user_by_name("test_user1")
data = dict(name='test_proj', description='test_desc',
users=[eval('member' + str(i) + '.id') for i in range(USERS_PAGE_SIZE + 1)])
project = ProjectService().store_project(admin, True, None, **data)
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 2)
assert len(page_users) == 1, 'Paging not working properly'
assert len(all_users) == USERS_PAGE_SIZE + 1, 'Not all members returned'
assert pag == 2, 'Invalid page number returned'
self.user_service.delete_user(member2.id)
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 2)
assert len(page_users) == 0, 'Paging not working properly'
assert len(all_users) == USERS_PAGE_SIZE, 'Not all members returned'
assert pag == 1, 'Invalid page number returned'
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 1)
assert len(page_users) == USERS_PAGE_SIZE, 'Paging not working properly'
assert len(all_users) == USERS_PAGE_SIZE, 'Not all members returned'
assert pag == 1, 'Invalid page number returned'
def test_validate_invalid(self):
"""
Pass a valid user and test that it is actually validate.
"""
unexisting = dao.get_user_by_name("should-not-exist")
self.assertTrue(unexisting is None, "This user should not exist")
self._expect_redirect('/tvb', self.user_c.validate, "should-not-exist")
self.assertTrue(cherrypy.session[b_c.KEY_MESSAGE_TYPE] == b_c.TYPE_ERROR)
def test_change_password_happy_flow(self):
"""
Test method for the change password method. Happy flow.
"""
inserted_user = self._prepare_user_for_change_pwd()
self.user_service.edit_user(inserted_user, md5("test_password").hexdigest())
changed_user = dao.get_user_by_name("test_user")
assert changed_user.password == md5("new_test_password").hexdigest(), "The password did not change."
def test_validate_invalid(self):
"""
Pass a valid user and test that it is actually validate.
"""
unexisting = dao.get_user_by_name("should-not-exist")
self.assertTrue(unexisting is None, "This user should not exist")
self._expect_redirect('/tvb', self.user_c.validate, "should-not-exist")
self.assertTrue(cherrypy.session[common.KEY_MESSAGE_TYPE] == common.TYPE_ERROR)
def test_change_password_happy_flow(self):
"""
Test method for the change password method. Happy flow.
"""
inserted_user = self._prepare_user_for_change_pwd()
self.user_service.edit_user(inserted_user, hash_password("test_password"))
changed_user = dao.get_user_by_name("test_user")
assert changed_user.password == hash_password("new_test_password"), "The password did not change."
def check_login(username, password):
"""
Service layer to check if given UserName and Password are according to DB.
"""
user = dao.get_user_by_name(username)
if user is not None and user.password == hash_password(password) and user.validated:
return user
else:
return None
def test_change_password_happy_flow(self):
"""
Test method for the change password method. Happy flow.
"""
inserted_user = self._prepare_user_for_change_pwd()
self.user_service.edit_user(inserted_user, md5("test_password").hexdigest())
changed_user = dao.get_user_by_name("test_user")
self.assertEqual(changed_user.password, md5("new_test_password").hexdigest(),
"The password did not change.")
def check_login(username, password):
"""
Service layer to check if given UserName and Password are according to DB.
"""
user = dao.get_user_by_name(username)
if user is not None and user.password == md5(password).hexdigest() and user.validated:
return user
else:
return None
def test_change_password_wrong_old(self):
"""
Test method for the change password method. Old password is wrong, should return false.
"""
inserted_user = self._prepare_user_for_change_pwd()
params = dict(edited_user=inserted_user, old_password=md5("wrong_old_pwd").hexdigest())
self.assertRaises(UsernameException, self.user_service.edit_user, **params)
user = dao.get_user_by_name("test_user")
self.assertEqual(user.password, md5("test_password").hexdigest(),
"The password should have not been changed!")
def test_change_password_wrong_old(self):
"""
Test method for the change password method. Old password is wrong, should return false.
"""
inserted_user = self._prepare_user_for_change_pwd()
params = dict(edited_user=inserted_user, old_password=hash_password("wrong_old_pwd"))
with pytest.raises(UsernameException):
self.user_service.edit_user(**params)
user = dao.get_user_by_name("test_user")
assert user.password == hash_password("test_password"), "The password should have not been changed!"
def _prepare_user_for_change_pwd(self):
"""Private method to prepare password change operation"""
data = dict(username="******", display_name="test_name", password=hash_password("test_password"),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
self.user_service.validate_user("test_user")
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == hash_password("test_password"), "The password inserted is not correct."
inserted_user.password = hash_password("new_test_password")
return inserted_user
def check_login(username, password):
"""
Service layer to check if given UserName and Password are according to DB.
"""
user = dao.get_user_by_name(username)
if user is not None and user.password == md5(
password.encode('utf-8')).hexdigest() and user.validated:
return user
else:
return None
def _prepare_user_for_change_pwd(self):
"""Private method to prepare password change operation"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
self.user_service.validate_user("test_user")
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == md5("test_password").hexdigest(), "The password inserted is not correct."
inserted_user.password = md5('new_test_password').hexdigest()
return inserted_user
def test_change_password_wrong_old(self):
"""
Test method for the change password method. Old password is wrong, should return false.
"""
inserted_user = self._prepare_user_for_change_pwd()
params = dict(edited_user=inserted_user, old_password=md5("wrong_old_pwd").hexdigest())
with pytest.raises(UsernameException):
self.user_service.edit_user(**params)
user = dao.get_user_by_name("test_user")
assert user.password == md5("test_password").hexdigest(), "The password should have not been changed!"
def test_get_members_pages(self):
"""
Create many users (more than one page of members.
Create a project and asign all Users as members.
Test that 2 pages or Project Members are retrieved.
Now remove extra users, to have only one page of members for the project.
"""
user_ids = []
for i in range(MEMBERS_PAGE_SIZE + 3):
user = model_project.User("test_user_no" + str(i),
"test_user_no" + str(i), "pass",
"*****@*****.**")
user = dao.store_entity(user)
user_ids.append(user.id)
admin = dao.get_user_by_name("test_user_no1")
data = dict(name='test_proj', description='test_desc', users=user_ids)
project = ProjectService().store_project(admin, True, None, **data)
page_users, all_users, pag = self.user_service.get_users_for_project(
admin.username, project.id, 2)
assert len(page_users) == (MEMBERS_PAGE_SIZE + 3) % MEMBERS_PAGE_SIZE
assert len(
all_users) == MEMBERS_PAGE_SIZE + 3, 'Not all members returned'
assert pag == 2, 'Invalid page number returned'
for i in range(3):
user = dao.get_user_by_name("test_user_no" + str(i + 2))
self.user_service.delete_user(user.id)
page_users, all_users, pag = self.user_service.get_users_for_project(
"test_user_no1", project.id, 2)
assert len(page_users) == 0, 'Paging not working properly'
assert len(all_users) == MEMBERS_PAGE_SIZE, 'Not all members returned'
assert pag == 1, 'Invalid page number returned'
page_users, all_users, pag = self.user_service.get_users_for_project(
"test_user_no1", project.id, 1)
assert len(
page_users) == MEMBERS_PAGE_SIZE, 'Paging not working properly'
assert len(all_users) == MEMBERS_PAGE_SIZE, 'Not all members returned'
assert pag == 1, 'Invalid page number returned'
def _prepare_user_for_change_pwd(self):
"""Private method to prepare password change operation"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
self.user_service.validate_user("test_user")
inserted_user = dao.get_user_by_name("test_user")
self.assertEqual(inserted_user.password, md5("test_password").hexdigest(),
"The password inserted is not correct.")
inserted_user.password = md5('new_test_password').hexdigest()
return inserted_user
def test_reset_pass_wrong_email(self):
"""
Test method for the reset password method. Email is not valid,
should raise exception
"""
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
self.assertEqual(inserted_user.password, md5("test_password").hexdigest(), "Incorrect password")
reset_pass_data = dict(username="******", email="*****@*****.**")
self.assertRaises(UsernameException, self.user_service.reset_password, **reset_pass_data)
def build(username='******', display_name='test_name', password='******',
mail='*****@*****.**', validated=True, role='test'):
"""
Create persisted User entity.
:returns: User entity after persistence.
"""
existing_user = dao.get_user_by_name(username)
if existing_user is not None:
return existing_user
user = User(username, display_name, password, mail, validated, role)
return dao.store_entity(user)
def test_usermanagement_post_valid(self):
"""
Create a valid post and check that user is created.
"""
self.test_user.role = "ADMINISTRATOR"
self.test_user = dao.store_entity(self.test_user)
cherrypy.session[common.KEY_USER] = self.test_user
TestFactory.create_user(username="******")
TestFactory.create_user(username="******", validated=False)
user_before_delete = dao.get_user_by_name("to_be_deleted")
self.assertTrue(user_before_delete is not None)
user_before_validation = dao.get_user_by_name("to_validate")
self.assertFalse(user_before_validation.validated)
data = {"delete_%i" % user_before_delete.id: True,
"role_%i" % user_before_validation.id: "ADMINISTRATOR",
"validate_%i" % user_before_validation.id: True}
self.user_c.usermanagement(do_persist=True, **data)
user_after_delete = dao.get_user_by_id(user_before_delete.id)
self.assertTrue(user_after_delete is None, "User should be deleted.")
user_after_validation = dao.get_user_by_id(user_before_validation.id)
self.assertTrue(user_after_validation.validated, "User should be validated now.")
self.assertTrue(user_after_validation.role == "ADMINISTRATOR", "Role has not changed.")
def test_reset_pass_wrong_email(self):
"""
Test method for the reset password method. Email is not valid,
should raise exception
"""
data = dict(username="******", display_name="test_name", password=hash_password("test_password"),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == hash_password("test_password"), "Incorrect password"
reset_pass_data = dict(username="******", email="*****@*****.**")
with pytest.raises(UsernameException):
self.user_service.reset_password(**reset_pass_data)
def test_validate_valid(self):
"""
Pass a valid user and test that it is actually validate.
"""
self.test_user.role = "ADMINISTRATOR"
self.test_user = dao.store_entity(self.test_user)
cherrypy.session[b_c.KEY_USER] = self.test_user
TestFactory.create_user(username="******", validated=False)
user_before_validation = dao.get_user_by_name("to_validate")
self.assertFalse(user_before_validation.validated)
self._expect_redirect('/tvb', self.user_c.validate, user_before_validation.username)
user_after_validation = dao.get_user_by_id(user_before_validation.id)
self.assertTrue(user_after_validation.validated, "User should be validated.")
self.assertTrue(cherrypy.session[b_c.KEY_MESSAGE_TYPE] == b_c.TYPE_INFO)
def test_create_new_valid_post(self):
"""
Test that a valid create new post will actually create a new user in database.
"""
data = dict(username = "******",
password = "******",
password2 = "pass",
email = "*****@*****.**",
comment = "This is some dummy comment",
role = "CLINICIAN")
cherrypy.request.method = "POST"
self._expect_redirect('/user/usermanagement', self.user_c.create_new, **data)
created_user = dao.get_user_by_name("registered_user")
self.assertTrue(created_user is not None, "Should have a new user created.")
def test_register_post_valid(self):
"""
Test with valid data and check user is created.
"""
cherrypy.request.method = "POST"
data = dict(username = "******",
password = "******",
password2 = "pass",
email = "*****@*****.**",
comment = "This is some dummy comment",
role = "CLINICIAN")
self._expect_redirect('/user', self.user_c.register, **data)
stored_user = dao.get_user_by_name('registered_user')
self.assertTrue(stored_user is not None, "New user should be saved.")
def test_validate_valid(self):
"""
Pass a valid user and test that it is actually validate.
"""
self.test_user.role = "ADMINISTRATOR"
self.test_user = dao.store_entity(self.test_user)
cherrypy.session[common.KEY_USER] = self.test_user
TestFactory.create_user(username="******", validated=False)
user_before_validation = dao.get_user_by_name("to_validate")
self.assertFalse(user_before_validation.validated)
self._expect_redirect('/tvb', self.user_c.validate, user_before_validation.username)
user_after_validation = dao.get_user_by_id(user_before_validation.id)
self.assertTrue(user_after_validation.validated, "User should be validated.")
self.assertTrue(cherrypy.session[common.KEY_MESSAGE_TYPE] == common.TYPE_INFO)
def test_create_new_valid_post(self):
"""
Test that a valid create new post will actually create a new user in database.
"""
data = dict(username="******",
password="******",
password2="pass",
email="*****@*****.**",
comment="This is some dummy comment",
role="CLINICIAN")
cherrypy.request.method = "POST"
self._expect_redirect('/user/usermanagement', self.user_c.create_new, **data)
created_user = dao.get_user_by_name("registered_user")
self.assertTrue(created_user is not None, "Should have a new user created.")
def test_register_post_valid(self):
"""
Test with valid data and check user is created.
"""
cherrypy.request.method = "POST"
data = dict(username="******",
password="******",
password2="pass",
email="*****@*****.**",
comment="This is some dummy comment",
role="CLINICIAN")
self._expect_redirect('/user', self.user_c.register, **data)
stored_user = dao.get_user_by_name('registered_user')
self.assertTrue(stored_user is not None, "New user should be saved.")
def test_create_user_happy_flow(self):
"""
Standard flow for creating a user.
"""
initial_user_count = dao.get_all_users()
data = dict(username="******", display_name="test_name", password=hash_password("test_password"),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
final_user_count = dao.get_all_users()
assert len(initial_user_count) == len(final_user_count) - 1, "User count was not increased after create."
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == hash_password("test_password"), "Incorrect password"
assert inserted_user.email == "*****@*****.**", "The email inserted is not correct."
assert inserted_user.role == "user", "The role inserted is not correct."
assert not inserted_user.validated, "User validation is not correct."
def test_create_user_happy_flow(self):
"""
Standard flow for creating a user.
"""
initial_user_count = dao.get_all_users()
data = dict(username="******", password=md5("test_password").hexdigest(),
email="*****@*****.**", role="user", comment="")
self.user_service.create_user(**data)
final_user_count = dao.get_all_users()
assert len(initial_user_count) == len(final_user_count) - 1, "User count was not increased after create."
inserted_user = dao.get_user_by_name("test_user")
assert inserted_user.password == md5("test_password").hexdigest(), "Incorrect password"
assert inserted_user.email == "*****@*****.**", "The email inserted is not correct."
assert inserted_user.role == "user", "The role inserted is not correct."
assert not inserted_user.validated, "User validation is not correct."
def test_get_users_second_page(self):
"""
Try to get the second page of users for a given project
"""
for i in range(USERS_PAGE_SIZE + 3):
exec 'user_' + str(i) + '= model.User("test_user' + str(
i) + '", "test_pass", "*****@*****.**", False, "user")'
exec "dao.store_entity(user_" + str(i) + ")"
for i in range(USERS_PAGE_SIZE + 3):
exec 'member' + str(i) + '=dao.get_user_by_name("test_user' + str(i) + '")'
admin = dao.get_user_by_name("test_user1")
data = dict(name='test_proj', description='test_desc',
users=[eval('member' + str(i) + '.id') for i in range(USERS_PAGE_SIZE + 3)])
project = ProjectService().store_project(admin, True, None, **data)
page_users, all_users, pag = self.user_service.get_users_for_project(admin.username, project.id, 2)
assert len(page_users) == (USERS_PAGE_SIZE + 3) % USERS_PAGE_SIZE
assert len(all_users) == USERS_PAGE_SIZE + 3, 'Not all members returned'
assert pag == 2, 'Invalid page number returned'
def validate_user(self, name='', user_id=None):
"""
Service layer for editing a user and validating the account.
"""
try:
if user_id:
user = dao.get_user_by_id(user_id)
else:
user = dao.get_user_by_name(name)
if user is None or user.validated:
self.logger.debug("UserName not found or already validated:" + name)
return False
user.validated = True
user = dao.store_entity(user)
self.logger.debug("Sending validation email for userName="******" to address=" + user.email)
email_sender.send(FROM_ADDRESS, user.email, SUBJECT_VALIDATE,
"Hello " + name + TEXT_VALIDATED + TvbProfile.current.web.BASE_URL + "user/")
self.logger.info("User:"******" was validated successfully" + " and notification email sent!")
return True
except Exception, excep:
self.logger.warning('Could not validate user:'******'WARNING : ' + str(excep))
return False
