def test_user_registers_and_adds_emails(self):
httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json')
# register
r = self.client.post('/register',
data={'email': '*****@*****.**',
'password': '******'}
)
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/account'))
self.assertEqual(1, User.query.count())
# add more emails
user = User.query.filter_by(email='*****@*****.**').first()
emails = ['*****@*****.**', '*****@*****.**', '*****@*****.**']
for i, addr in enumerate(emails):
self.client.post('/account/add-email', data={'address': addr})
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(link, query_string=qs)
email = Email.query.get([addr, user.id])
self.assertEqual(Email.query.count(), i+1) # do not count [email protected]
self.assertIsNotNone(email)
self.assertEqual(email.owner_id, user.id)
def test_user_registers_and_adds_emails(self):
httpretty.register_uri(httpretty.POST,
'https://api.sendgrid.com/api/mail.send.json')
# register
r = self.client.post('/register',
data={
'email': '*****@*****.**',
'password': '******'
})
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/account'))
self.assertEqual(1, User.query.count())
# add more emails
user = User.query.filter_by(email='*****@*****.**').first()
emails = ['*****@*****.**', '*****@*****.**', '*****@*****.**']
for i, addr in enumerate(emails):
self.client.post('/account/add-email', data={'address': addr})
link, qs = parse_confirmation_link_sent(
httpretty.last_request().body)
self.client.get(link, query_string=qs)
email = Email.query.get([addr, user.id])
self.assertEqual(Email.query.count(),
i + 1) # do not count [email protected]
self.assertIsNotNone(email)
self.assertEqual(email.owner_id, user.id)
def test_forgot_password(self):
httpretty.register_uri(httpretty.POST,
'https://api.sendgrid.com/api/mail.send.json')
# register
r = self.client.post('/register',
data={
'email': '*****@*****.**',
'password': '******'
})
self.assertEqual(1, User.query.count())
initial_password = User.query.all()[0].password
# logout
self.client.get('/logout')
# forget password
r = self.client.post('/login/reset', data={'email': '*****@*****.**'})
self.assertEqual(r.status_code, 200)
# click on the email link
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
r = self.client.get(link, query_string=qs, follow_redirects=True)
self.assertEqual(r.status_code, 200)
# send new passwords (not matching)
r = self.client.post(link,
data={
'password1': 'verdes',
'password2': 'roxas'
})
self.assertEqual(r.status_code, 302)
self.assertEqual(r.location, link)
self.assertEqual(User.query.all()[0].password, initial_password)
# again, now matching
r = self.client.post(link,
data={
'password1': 'amarelas',
'password2': 'amarelas'
})
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/dashboard'))
self.assertNotEqual(User.query.all()[0].password, initial_password)
def test_user_auth(self):
httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json')
# register
r = self.client.post('/register',
data={'email': '*****@*****.**',
'password': '******'}
)
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/account'))
self.assertEqual(1, User.query.count())
# email confirmation
user = User.query.filter_by(email='*****@*****.**').first()
self.assertIsNone(Email.query.get(['*****@*****.**', user.id]))
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(
link,
query_string=qs,
follow_redirects=True
)
email = Email.query.get(['*****@*****.**', user.id])
self.assertEqual(Email.query.count(), 1)
self.assertIsNotNone(email)
self.assertEqual(email.owner_id, user.id)
# logout
r = self.client.get('/logout')
self.assertEqual(r.status_code, 302)
self.assertEqual(1, User.query.count())
# login
r = self.client.post('/login',
data={'email': '*****@*****.**',
'password': '******'}
)
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/dashboard'))
self.assertEqual(1, User.query.count())
def test_forgot_password(self):
httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json')
# register
r = self.client.post('/register',
data={'email': '*****@*****.**',
'password': '******'}
)
self.assertEqual(1, User.query.count())
initial_password = User.query.all()[0].password
# logout
self.client.get('/logout')
# forget password
r = self.client.post('/login/reset',
data={'email': '*****@*****.**'}
)
self.assertEqual(r.status_code, 200)
# click on the email link
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
r = self.client.get(
link,
query_string=qs,
follow_redirects=True
)
self.assertEqual(r.status_code, 200)
# send new passwords (not matching)
r = self.client.post(link, data={'password1': 'verdes', 'password2': 'roxas'})
self.assertEqual(r.status_code, 302)
self.assertEqual(r.location, link)
self.assertEqual(User.query.all()[0].password, initial_password)
# again, now matching
r = self.client.post(link, data={'password1': 'amarelas', 'password2': 'amarelas'})
self.assertEqual(r.status_code, 302)
self.assertTrue(r.location.endswith('/dashboard'))
self.assertNotEqual(User.query.all()[0].password, initial_password)
def test_user_gets_previous_forms_assigned_to_him(self):
httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json')
# verify a form for márkö@example.com
self.client.post(u'/márkö@example.com',
headers = {'Referer': 'tomatoes.com'},
data={'name': 'alice'}
)
f = Form.query.filter_by(host='tomatoes.com', email=u'márkö@example.com').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# register márkö@example.com
r = self.client.post('/register',
data={'email': u'márkö@example.com',
'password': '******'}
)
# confirm that the user account doesn't have access to the form
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(0, len(forms))
# verify user email
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(link, query_string=qs)
# confirm that the user has no access to the form since he is not upgraded
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(0, len(forms))
# upgrade user
user = User.query.filter_by(email=u'márkö@example.com').first()
user.upgraded = True
DB.session.add(user)
DB.session.commit()
# confirm that the user account has access to the form
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(1, len(forms))
self.assertEqual(forms[0]['email'], u'márkö@example.com')
self.assertEqual(forms[0]['host'], 'tomatoes.com')
# verify a form for another address
r = self.client.post('/[email protected]',
headers = {'Referer': 'mark.com'},
data={'name': 'luke'}
)
f = Form.query.filter_by(host='mark.com', email='*****@*****.**').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# confirm that the user account doesn't have access to the form
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(1, len(forms))
# add this other email address to user account
self.client.post('/account/add-email', data={'address': '*****@*****.**'})
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(link, query_string=qs)
# confirm that the user account now has access to the form
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(2, len(forms))
self.assertEqual(forms[0]['email'], '*****@*****.**') # forms are sorted by -id, so the newer comes first
self.assertEqual(forms[0]['host'], 'mark.com')
# create a new form spontaneously with an email already verified
r = self.client.post(u'/márkö@example.com',
headers = {'Referer': 'elsewhere.com'},
data={'name': 'luke'}
)
f = Form.query.filter_by(host='elsewhere.com', email=u'márkö@example.com').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# confirm that the user has already accessto that form
r = self.client.get('/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(3, len(forms))
self.assertEqual(forms[0]['email'], u'márkö@example.com')
self.assertEqual(forms[0]['host'], 'elsewhere.com')
def test_user_gets_previous_forms_assigned_to_him(self):
httpretty.register_uri(httpretty.POST,
'https://api.sendgrid.com/api/mail.send.json')
# verify a form for márkö@example.com
self.client.post(u'/márkö@example.com',
headers={'Referer': 'tomatoes.com'},
data={'name': 'alice'})
f = Form.query.filter_by(host='tomatoes.com',
email=u'márkö@example.com').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# register márkö@example.com
r = self.client.post('/register',
data={
'email': u'márkö@example.com',
'password': '******'
})
# confirm that the user account doesn't have access to the form
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(0, len(forms))
# verify user email
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(link, query_string=qs)
# confirm that the user has no access to the form since he is not upgraded
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(0, len(forms))
# upgrade user
user = User.query.filter_by(email=u'márkö@example.com').first()
user.upgraded = True
DB.session.add(user)
DB.session.commit()
# confirm that the user account has access to the form
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(1, len(forms))
self.assertEqual(forms[0]['email'], u'márkö@example.com')
self.assertEqual(forms[0]['host'], 'tomatoes.com')
# verify a form for another address
r = self.client.post('/[email protected]',
headers={'Referer': 'mark.com'},
data={'name': 'luke'})
f = Form.query.filter_by(host='mark.com',
email='*****@*****.**').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# confirm that the user account doesn't have access to the form
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(1, len(forms))
# add this other email address to user account
self.client.post('/account/add-email',
data={'address': '*****@*****.**'})
link, qs = parse_confirmation_link_sent(httpretty.last_request().body)
self.client.get(link, query_string=qs)
# confirm that the user account now has access to the form
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(2, len(forms))
self.assertEqual(forms[0]['email'], '*****@*****.**'
) # forms are sorted by -id, so the newer comes first
self.assertEqual(forms[0]['host'], 'mark.com')
# create a new form spontaneously with an email already verified
r = self.client.post(u'/márkö@example.com',
headers={'Referer': 'elsewhere.com'},
data={'name': 'luke'})
f = Form.query.filter_by(host='elsewhere.com',
email=u'márkö@example.com').first()
f.confirm_sent = True
f.confirmed = True
DB.session.add(f)
DB.session.commit()
# confirm that the user has already accessto that form
r = self.client.get(
'/forms',
headers={'Accept': 'application/json'},
)
forms = json.loads(r.data)['forms']
self.assertEqual(3, len(forms))
self.assertEqual(forms[0]['email'], u'márkö@example.com')
self.assertEqual(forms[0]['host'], 'elsewhere.com')
