def test_deki_only_user(self, get_current): get_current.return_value.domain = "testserver.com" self.assertRaises(User.DoesNotExist, User.objects.get, username="******") if not getattr(settings, "DEKIWIKI_MOCK", False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = "*****@*****.**" user_xml = MINDTOUCH_USER_XML % dict( username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor", ) DekiUserBackend.put_mindtouch_user(deki_user_id="=testaccount", user_xml=user_xml) passwd_url = "%s/@api/deki/users/%s/password?apikey=%s" % ( settings.DEKIWIKI_ENDPOINT, "=testaccount", settings.DEKIWIKI_APIKEY, ) requests.put(passwd_url, data="theplanet") r = self.client.post(reverse("users.pw_reset"), {"email": "*****@*****.**"}) eq_(302, r.status_code) eq_("http://testserver/en-US/users/pwresetsent", r["location"]) eq_(1, len(mail.outbox)) assert mail.outbox[0].subject.find("Password reset") == 0 u = User.objects.get(username="******") assert mail.outbox[0].body.find("pwreset/%s" % int_to_base36(u.id)) > 0
def confirm_change_email(request, activation_key): """Confirm the new email for the user.""" activation_key = activation_key.lower() email_change = get_object_or_404(EmailChange, activation_key=activation_key) u = email_change.user old_email = u.email # Check that this new email isn't a duplicate in the system. new_email = email_change.email duplicate = User.objects.filter(email=new_email).exists() if not duplicate: # Update user's email. u.email = new_email u.save() if settings.DEKIWIKI_ENDPOINT: DekiUserBackend.put_mindtouch_user(u) # Delete the activation profile now, we don't need it anymore. email_change.delete() return render( request, 'users/change_email_complete.html', { 'old_email': old_email, 'new_email': new_email, 'username': u.username, 'duplicate': duplicate })
def confirm_change_email(request, activation_key): """Confirm the new email for the user.""" activation_key = activation_key.lower() email_change = get_object_or_404(EmailChange, activation_key=activation_key) u = email_change.user old_email = u.email # Check that this new email isn't a duplicate in the system. new_email = email_change.email duplicate = User.objects.filter(email=new_email).exists() if not duplicate: # Update user's email. u.email = new_email u.save() if settings.DEKIWIKI_ENDPOINT: DekiUserBackend.put_mindtouch_user(u) # Delete the activation profile now, we don't need it anymore. email_change.delete() return jingo.render( request, "users/change_email_complete.html", {"old_email": old_email, "new_email": new_email, "username": u.username, "duplicate": duplicate}, )
def test_deki_only_user(self, get_current): if not settings.DEKIWIKI_ENDPOINT: # Skip, if MindTouch API unavailable raise SkipTest() get_current.return_value.domain = 'testserver.com' self.assertRaises(User.DoesNotExist, User.objects.get, username='******') if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = '*****@*****.**' user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) passwd_url = '%s/@api/deki/users/%s/password?apikey=%s' % ( settings.DEKIWIKI_ENDPOINT, '=testaccount', settings.DEKIWIKI_APIKEY) requests.put(passwd_url, data='theplanet') r = self.client.post(reverse('users.pw_reset'), {'email': '*****@*****.**'}) eq_(302, r.status_code) eq_('http://testserver/en-US/users/pwresetsent', r['location']) eq_(1, len(mail.outbox)) assert mail.outbox[0].subject.find('Password reset') == 0 u = User.objects.get(username='******') assert mail.outbox[0].body.find('pwreset/%s' % int_to_base36(u.id)) > 0
def save(self, *args, **kwargs): skip_mindtouch_put = kwargs.get("skip_mindtouch_put", False) if "skip_mindtouch_put" in kwargs: del kwargs["skip_mindtouch_put"] super(UserProfile, self).save(*args, **kwargs) if skip_mindtouch_put: return from dekicompat.backends import DekiUserBackend DekiUserBackend.put_mindtouch_user(self.user)
def save(self, *args, **kwargs): skip_mindtouch_put = kwargs.get('skip_mindtouch_put', False) if 'skip_mindtouch_put' in kwargs: del kwargs['skip_mindtouch_put'] super(UserProfile, self).save(*args, **kwargs) if skip_mindtouch_put: return if not settings.DEKIWIKI_ENDPOINT: # Skip if the MindTouch API is unavailable return from dekicompat.backends import DekiUserBackend DekiUserBackend.put_mindtouch_user(self.user)
def save(self, *args, **kwargs): skip_mindtouch_put = kwargs.get('skip_mindtouch_put', False) if 'skip_mindtouch_put' in kwargs: del kwargs['skip_mindtouch_put'] super(UserProfile, self).save(*args, **kwargs) if skip_mindtouch_put: return if not settings.DEKIWIKI_ENDPOINT: # Skip if the MindTouch API is unavailable return from dekicompat.backends import DekiUserBackend DekiUserBackend.put_mindtouch_user(self.user)
def test_mindtouch_creds_create_user_and_profile(self, get_current): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() get_current.return_value.domain = 'dev.mo.org' if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = '*****@*****.**' user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) passwd_url = '%s/@api/deki/users/%s/password?apikey=%s' % ( settings.DEKIWIKI_ENDPOINT, '=testaccount', settings.DEKIWIKI_APIKEY) requests.put(passwd_url, data='theplanet') self.assertRaises(User.DoesNotExist, User.objects.get, username='******') # Try to log in as a MindTouch user response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) # Ensure there are no validation errors page = pq(response.content) eq_(0, page.find('.errorlist').length, "There should be no validation errors in login") # Login should have auto-created django user u = User.objects.get(username='******') eq_(True, u.is_active) ok_(u.get_profile()) # Login page should show welcome back doc = pq(response.content) eq_('testaccount', doc.find('ul.user-state a:first').text())
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() mt_email = '*****@*****.**' _verify_browserid.return_value = {'email': mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def test_mindtouch_creds_create_user_and_profile(self, get_current): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() get_current.return_value.domain = "dev.mo.org" if not getattr(settings, "DEKIWIKI_MOCK", False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = "*****@*****.**" user_xml = MINDTOUCH_USER_XML % dict( username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor", ) DekiUserBackend.put_mindtouch_user(deki_user_id="=testaccount", user_xml=user_xml) passwd_url = "%s/@api/deki/users/%s/password?apikey=%s" % ( settings.DEKIWIKI_ENDPOINT, "=testaccount", settings.DEKIWIKI_APIKEY, ) requests.put(passwd_url, data="theplanet") self.assertRaises(User.DoesNotExist, User.objects.get, username="******") # Try to log in as a MindTouch user response = self.client.post( reverse("users.login"), {"username": "******", "password": "******"}, follow=True ) eq_(200, response.status_code) # Ensure there are no validation errors page = pq(response.content) eq_(0, page.find(".errorlist").length, "There should be no validation errors in login") # Login should have auto-created django user u = User.objects.get(username="******") eq_(True, u.is_active) ok_(u.get_profile()) # Login page should show welcome back doc = pq(response.content) eq_("testaccount", doc.find("ul.user-state a:first").text())
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() mt_email = "*****@*****.**" _verify_browserid.return_value = {"email": mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, "DEKIWIKI_MOCK", False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict( username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor", ) DekiUserBackend.put_mindtouch_user(deki_user_id="=testaccount", user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse("users.browserid_verify", locale="en-US"), {"assertion": "PRETENDTHISISVALID"}) eq_(302, resp.status_code) ok_("SUCCESS" in resp["Location"]) # The session should look logged in, now. ok_("_auth_user_id" in self.client.session.keys()) eq_("django_browserid.auth.BrowserIDBackend", self.client.session.get("_auth_user_backend", "")) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): mt_email = '*****@*****.**' _verify_browserid.return_value = {'email': mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def test_mindtouch_creds_create_user_and_profile(self, get_current): get_current.return_value.domain = 'dev.mo.org' if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = '*****@*****.**' user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) passwd_url = '%s/@api/deki/users/%s/password?apikey=%s' % ( settings.DEKIWIKI_ENDPOINT, '=testaccount', settings.DEKIWIKI_APIKEY) requests.put(passwd_url, data='theplanet') self.assertRaises(User.DoesNotExist, User.objects.get, username='******') # Try to log in as a MindTouch user response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) # Ensure there are no validation errors page = pq(response.content) eq_(0, page.find('.errorlist').length, "There should be no validation errors in login") # Login should have auto-created django user u = User.objects.get(username='******') eq_(True, u.is_active) ok_(u.get_profile()) # Login page should show welcome back doc = pq(response.content) eq_('testaccount', doc.find('ul.user-state a:first').text())
def test_valid_assertion_with_new_account_creation(self, _verify_browserid): new_username = '******' new_email = '*****@*****.**' _verify_browserid.return_value = {'email': new_email} try: user = User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: When not mocking the MindTouch API, ensure that there's no # leftover user with the same name & email as what we want to # register import random rand_num = random.randint(0, 1000000) user_xml = MINDTOUCH_USER_XML % dict(username="******" % (new_username, rand_num), email="%s_%s" % (rand_num, new_email), fullname="", status="inactive", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=%s' % new_username, user_xml=user_xml) # Sign in with a verified email, but with no existing account resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#create_user') eq_(1, form.length) # There should be no error lists on first load eq_(0, page.find('.errorlist').length) # Submit the create_user form, with a chosen username resp = self.client.post(redir_url, { 'username': '******', 'action': 'register' }) # The submission should result in a redirect to the session's redirect # value eq_(302, resp.status_code) redir_url = resp['Location'] ok_('SUCCESS' in redir_url) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) if settings.DEKIWIKI_ENDPOINT: ok_(self.client.cookies.get('authtoken'), 'Should have set ' 'authtoken cookie for ' 'MindTouch') # Ensure that the user was created, and with the submitted username and # verified email address try: user = User.objects.get(email=new_email) eq_(new_username, user.username) eq_(new_email, user.email) except User.DoesNotExist: ok_(False, "New user should have been created")
def test_profile_edit_language_saves_to_mindtouch(self, get_current): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() get_current.return_value.domain = 'dev.mo.org' try: user = User.objects.get(username='******') user.delete() except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = '*****@*****.**' user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) passwd_url = '%s/@api/deki/users/%s/password?apikey=%s' % ( settings.DEKIWIKI_ENDPOINT, '=testaccount', settings.DEKIWIKI_APIKEY) requests.put(passwd_url, data='theplanet') # log in as a MindTouch user to create django user & profile response = self.client.post(reverse('users.login', locale='en-US'), {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) user = User.objects.get(username='******') profile = UserProfile.objects.get(user=user) ok_(profile) # use profile edit to change language url = reverse('devmo.views.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) eq_(200, r.status_code, 'Profile should be found.') doc = pq(r.content) # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'locale', 'timezone', 'irc_nickname', 'bio', 'interests'): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() # Fill out the form with websites. form.update({'locale': 'nl'}) form.update({'timezone': 'Europe/Amsterdam'}) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify locale saved in the profile. eq_('nl', p.locale) # Verify the saved locale appears in the editing form url = reverse('devmo.views.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) ok_('nl', doc.find('#profile-edit select#id_locale option[value="nl"]' '[selected="selected"]')) # TODO: Mock this part out... """
def test_valid_assertion_with_new_account_creation(self, _verify_browserid): new_username = '******' new_email = '*****@*****.**' _verify_browserid.return_value = {'email': new_email} try: user = User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: When not mocking the MindTouch API, ensure that there's no # leftover user with the same name & email as what we want to # register import random rand_num = random.randint(0, 1000000) user_xml = MINDTOUCH_USER_XML % dict( username="******" % (new_username, rand_num), email="%s_%s" % (rand_num, new_email), fullname="", status="inactive", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user( deki_user_id='=%s' % new_username, user_xml=user_xml) # Sign in with a verified email, but with no existing account resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#create_user') eq_(1, form.length) # There should be no error lists on first load eq_(0, page.find('.errorlist').length) # Submit the create_user form, with a chosen username resp = self.client.post(redir_url, {'username': '******', 'action': 'register'}) # The submission should result in a redirect to the session's redirect # value eq_(302, resp.status_code) redir_url = resp['Location'] ok_('SUCCESS' in redir_url) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) if settings.DEKIWIKI_ENDPOINT: ok_(self.client.cookies.get('authtoken'), 'Should have set ' 'authtoken cookie for ' 'MindTouch') # Ensure that the user was created, and with the submitted username and # verified email address try: user = User.objects.get(email=new_email) eq_(new_username, user.username) eq_(new_email, user.email) except User.DoesNotExist: ok_(False, "New user should have been created")
def test_profile_edit_language_saves_to_mindtouch(self, get_current): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() get_current.return_value.domain = 'dev.mo.org' try: user = User.objects.get(username='******') user.delete() except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API mt_email = '*****@*****.**' user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) passwd_url = '%s/@api/deki/users/%s/password?apikey=%s' % ( settings.DEKIWIKI_ENDPOINT, '=testaccount', settings.DEKIWIKI_APIKEY) requests.put(passwd_url, data='theplanet') # log in as a MindTouch user to create django user & profile response = self.client.post(reverse('users.login', locale='en-US'), { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) user = User.objects.get(username='******') profile = UserProfile.objects.get(user=user) ok_(profile) # use profile edit to change language url = reverse('devmo.views.profile_edit', args=(user.username, )) r = self.client.get(url, follow=True) eq_(200, r.status_code, 'Profile should be found.') doc = pq(r.content) # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'locale', 'timezone', 'irc_nickname', 'bio', 'interests'): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() # Fill out the form with websites. form.update({'locale': 'nl'}) form.update({'timezone': 'Europe/Amsterdam'}) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify locale saved in the profile. eq_('nl', p.locale) # Verify the saved locale appears in the editing form url = reverse('devmo.views.profile_edit', args=(user.username, )) r = self.client.get(url, follow=True) doc = pq(r.content) ok_( 'nl', doc.find('#profile-edit select#id_locale option[value="nl"]' '[selected="selected"]')) # TODO: Mock this part out... """
def save(self, *args, **kwargs): super(UserProfile, self).save(*args, **kwargs) from dekicompat.backends import DekiUserBackend DekiUserBackend.put_mindtouch_user(self.user)