def test_reset_password_by_member(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument
"""Assert that the password cant be changed by member."""
org = factory_org_model(org_info=TestOrgInfo.org_anonymous)
user = factory_user_model()
factory_membership_model(user.id, org.id)
factory_product_model(org.id, product_code=ProductCode.DIR_SEARCH.value)
admin_claims = TestJwtClaims.get_test_real_user(user.keycloak_guid)
membership = [TestAnonymousMembership.generate_random_user(USER)]
users = UserService.create_user_and_add_membership(membership, org.id, token_info=admin_claims)
user_name = users['users'][0]['username']
user_info = {'username': user_name, 'password': '******'}
with pytest.raises(HTTPException) as excinfo:
UserService.reset_password_for_anon_user(user_info, user_name, token_info=TestJwtClaims.public_user_role)
assert excinfo.exception.code == 403
def test_reset_password(session, auth_mock, keycloak_mock): # pylint:disable=unused-argument
"""Assert that the password can be changed."""
org = factory_org_model(org_info=TestOrgInfo.org_anonymous)
user = factory_user_model()
factory_membership_model(user.id, org.id)
factory_product_model(org.id, product_code=ProductCode.DIR_SEARCH.value)
claims = TestJwtClaims.get_test_real_user(user.keycloak_guid)
membership = [TestAnonymousMembership.generate_random_user(USER)]
users = UserService.create_user_and_add_membership(membership, org.id, token_info=claims)
user_name = users['users'][0]['username']
user_info = {'username': user_name, 'password': '******'}
kc_user = UserService.reset_password_for_anon_user(user_info, user_name, claims)
# cant assert anything else since password wont be gotten back
assert kc_user.user_name == user_name.replace(f'{IdpHint.BCROS.value}/', '').lower()
