def test_registration_duplicate_user(self):
resp = self.app.get('/registration')
form = resp.form
form['email_address'] = '*****@*****.**'
form['password_confirm'] = 'p'
form['password'] = '******'
form['user_name'] = 'user1'
resp = form.submit()
resp = resp.follow()
ctx = resp.req.environ['paste.testing_variables']
assert '<strong>An email</strong> has been sent to <strong>[email protected]</strong>' \
' to activate the account' in resp.text
mailer = get_mailer(ctx['req'])
url = find_urls.findall(mailer.outbox[0].body)[0]
# Create user in the mean while
user = app_model.User(email_address='*****@*****.**',
user_name='user1',
password='******')
try:
model.DBSession.add(user)
except AttributeError:
pass
flush_db_changes()
resp = self.app.get(url)
assert 'Username%20already%20activated' in resp.headers[
'Set-Cookie'], resp
def activate(self, code, **kw):
reg = config['registration_dal'].get_inactive(code)
if not reg:
flash(_('Registration not found or already activated'), 'error')
return redirect(self.mount_point)
u = app_model.User(user_name=reg.user_name,
display_name=reg.user_name,
email_address=reg.email_address,
password=reg.password)
hooks.notify('registration.before_activation', (reg, u))
try:
u = config['registration_dal'].out_of_uow_flush(u)
except DalIntegrityError:
flash(_('Username already activated'), 'error')
return redirect(self.mount_point)
reg.user_id = instance_primary_key(u)
reg.password = '******'
reg.activated = datetime.now()
hooks.notify('registration.after_activation', (reg, u))
flash(_('Account succesfully activated'))
return redirect('/')
def test_resetpassword_old_request(self):
user = app_model.User(email_address='*****@*****.**',
user_name='test',
display_name='Test',
password='******')
try:
app_model.DBSession.add(user)
except AttributeError:
# Ming DBSession doesn't have/require .add
pass
old_password = user.password
flush_db_changes()
from datetime import datetime
from dateutil.relativedelta import relativedelta
old_date = datetime.utcnow() - relativedelta(years=3)
import tg
secret = tg.config.get('session.secret',
tg.config.get('beaker.session.secret'))
from itsdangerous import URLSafeSerializer
serializer = URLSafeSerializer(secret)
serialized_data = serializer.dumps(
dict(request_date=old_date.strftime('%m/%d/%Y %H:%M'),
email_address='*****@*****.**',
password_frag='eh',
redirect_to='/'))
new_url = 'http://localhost/resetpassword/change_password/?data=' + serialized_data
resp = self.app.get(new_url)
form = resp.form
form['password'] = '******'
form['password_confirm'] = 'alfa'
resp = form.submit()
assert 'Password%20reset%20request%20timed%20out' in resp.headers[
'Set-Cookie']
def setup(self):
self.app = create_app(self.app_config, False)
self.env = {'REMOTE_USER': '******'}
user = app_model.User()
user.user_name = 'pippo'
user.display_name = 'Pippo Plutonico'
user.email_address = '[email protected]'
user.password = '******'
flush_db_changes(add_all=[user])
def test_resetpassword_reset_request(self):
user = app_model.User(email_address='*****@*****.**',
user_name='test',
display_name='Test',
password='******')
try:
app_model.DBSession.add(user)
except AttributeError:
# Ming DBSession doesn't have/require .add
pass
old_password = user.password
flush_db_changes()
resp = self.app.get('/resetpassword')
form = resp.form
assert form.action == '/resetpassword/reset_request', form.action
form['email_address'] = '*****@*****.**'
resp = form.submit()
ctx = resp.req.environ['paste.testing_variables']
mailer = get_mailer(ctx['req'])
resp = resp.follow()
assert 'Password reset request sent' in resp.text, resp.text
assert len(mailer.outbox) == 1, mailer.outbox
url = URLS_RE.findall(mailer.outbox[0].body)[0]
resp = self.app.get(url)
form = resp.form
form['password'] = '******'
form['password_confirm'] = 'alfa'
resp = form.submit()
assert 'Password%20changed%20successfully' in resp.headers[
'Set-Cookie']
_, users = model.provider.query(app_model.User)
assert old_password != users[0].password
resp = resp.follow()
assert 'HELLO' in resp.text, resp.text