def test_reset_password_by_member(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument """Assert that the password cant be changed by member.""" org = factory_org_model(org_info=TestOrgInfo.org_anonymous) user = factory_user_model() factory_membership_model(user.id, org.id) factory_product_model(org.id, product_code=ProductCode.DIR_SEARCH.value) admin_claims = TestJwtClaims.get_test_real_user(user.keycloak_guid) membership = [TestAnonymousMembership.generate_random_user(USER)] users = UserService.create_user_and_add_membership(membership, org.id, token_info=admin_claims) user_name = users['users'][0]['username'] user_info = {'username': user_name, 'password': '******'} with pytest.raises(HTTPException) as excinfo: UserService.reset_password_for_anon_user(user_info, user_name, token_info=TestJwtClaims.public_user_role) assert excinfo.exception.code == 403
def test_reset_password(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument """Assert that the password can be changed.""" org = factory_org_model(org_info=TestOrgInfo.org_anonymous) user = factory_user_model() factory_membership_model(user.id, org.id) factory_product_model(org.id, product_code=ProductCode.DIR_SEARCH.value) claims = TestJwtClaims.get_test_real_user(user.keycloak_guid) membership = [TestAnonymousMembership.generate_random_user(USER)] users = UserService.create_user_and_add_membership(membership, org.id, token_info=claims) user_name = users['users'][0]['username'] user_info = {'username': user_name, 'password': '******'} kc_user = UserService.reset_password_for_anon_user(user_info, user_name, claims) # cant assert anything else since password wont be gotten back assert kc_user.user_name == user_name.replace(f'{IdpHint.BCROS.value}/', '').lower()