def reset(self):
"Reset password"
# Get email
email = request.POST.get("email")
# Try to load the person
person = Session.query(model.Person).filter(model.Person.email == email).first()
# If the email is not in our database,
if not person:
return dict(isOk=0)
# Reset account
c.password = store.makeRandomAlphaNumericString(parameter.PASSWORD_LENGTH_AVERAGE)
return changePerson(
dict(
username=person.username,
password=c.password,
nickname=person.nickname,
email=person.email,
email_sms=person.email_sms,
),
"reset",
"/people/confirm.mako",
person,
)
def test_update(self):
"""
Make sure that updating credentials works
Make sure the update page only appears when the user is logged in
Make sure the update form is filled with the user's credentials
Make sure that update_ only works when the user is logged in
Make sure that update confirmation works
"""
# Assert that we are redirected to the login page if the person is not logged in
response = self.app.get(url('person_update'))
self.assertEqual(urlparse.urlparse(response.response.location).path, url('person_login', targetURL=h.encodeURL('/')))
# Assert that we get rejected if we try to post without logging in
self.assertEqual(simplejson.dumps({'isOk': 0}), self.app.post(url('person_update_')).body)
# Add person
meta.Session.add(model.Person(username, model.hashString(password), nickname, email, email_sms))
meta.Session.commit()
# Log in
self.app.post(url('person_login_'), dict(username=username, password=password))
# Assert that the update form is filled with the user's credentials
responseBody = self.app.get(url('person_update')).body
self.assert_(username in responseBody)
self.assert_(nickname in responseBody)
self.assert_(email in responseBody)
self.assert_(email_sms in responseBody)
# Update credentials
newUsername = store.makeRandomString(16)
newPassword = store.makeRandomAlphaNumericString(parameter.PASSWORD_LENGTH_AVERAGE)
newNickname = unicode(store.makeRandomString(16))
newEmail = re.sub(r'.*@', store.makeRandomString(16) + '@', email)
newEmailSMS = re.sub(r'.*@', store.makeRandomString(16) + '@', email)
self.assertEqual(simplejson.dumps({'isOk': 1}), self.app.post(url('person_update_'), dict(username=newUsername, password=newPassword, nickname=newNickname, email=newEmail, email_sms=newEmailSMS)).body)
# Make sure the credentials have not changed yet
self.assertEqual(meta.Session.query(model.Person).filter_by(username=newUsername, password_hash=model.hashString(newPassword), nickname=newNickname, email=newEmail, email_sms=newEmailSMS).count(), 0)
# Activate candidate
self.app.get(url('person_confirm', ticket=meta.Session.query(model.PersonCandidate.ticket).filter_by(username=newUsername).first()[0]))
# Make sure the credentials have changed
self.assertEqual(meta.Session.query(model.Person).filter_by(username=newUsername, password_hash=model.hashString(newPassword), nickname=newNickname, email=newEmail, email_sms=newEmailSMS).count(), 1)