def test_valid_reset_token(self): u = User(password='******', email='*****@*****.**', name='user') db.session.add(u) db.session.commit() token = u.generate_reset_token() self.assertTrue(u.reset_password(token, 'dog')) self.assertTrue(u.verify_password('dog'))
def test_expired_confirmation_token(self): u = User(password='******', email='*****@*****.**', name='user') db.session.add(u) db.session.commit() token = u.generate_confirmation_token(1) time.sleep(2) self.assertFalse(u.confirm(token))
def test_invalid_confirmation_token(self): u1 = User(password='******', email='*****@*****.**', name='user') u2 = User(password='******', email='*****@*****.**', name='user') db.session.add(u1) db.session.add(u2) db.session.commit() token = u1.generate_confirmation_token() self.assertFalse(u2.confirm(token))
def test_invalid_reset_token(self): u1 = User(password='******', email='*****@*****.**', name='user') u2 = User(password='******', email='*****@*****.**', name='user') db.session.add(u1) db.session.add(u2) db.session.commit() token = u1.generate_reset_token() self.assertFalse(u2.reset_password(token, 'horse')) self.assertTrue(u2.verify_password('dog'))
def _set_student_objective(self, userobjective): student_id = userobjective.user_id tutor_id = userobjective.assessor_id objective_id = userobjective.objective_id if User._is_authorised(student_id, tutor_id): self.find_or_include(objective_id=objective_id, student_id=student_id, tutor_id=student_id, by_user=User.main_admin_user(), common_assessors=False)
def _set_common_assessors(self, userobjective): # Set all other members from the student's institution to have the same assessment. Assessment is therefore an institution wide thing bt stored at the individual member level student_id = userobjective.user_id tutor_id = userobjective.assessor_id objective_id = userobjective.objective_id print User._common_assessors(student_id, tutor_id) for member in User._common_assessors(student_id, tutor_id): userobj = self.find_or_include(objective_id=objective_id, student_id=student_id, tutor_id=member.id, by_user=User.main_admin_user(), common_assessors=False) userobj.completed = userobjective.completed db.session.add(userobj) db.session.commit()
def _create_fixtures(self): # would probably be better that these are created through # the service layer as that mimics what the users of the # ObjectiveService would do. from courseme.models import User, Subject, Topic self.subject = Subject(name='Test Subject') self.user = User(name='Test User', email='*****@*****.**', password='******', subject=self.subject) self.topic = Topic(name='Test Topic', subject=self.subject) db.session.add(self.subject) db.session.add(self.user) db.session.add(self.topic) db.session.commit()
def available_to(self, user, matching_names=None): """List of Objectives available to the given User :param user: User :param matching_names: optional list of Objective names to further restrict availability. TODO: matching should probably match on ID, rather than name. It's based on the name because that's what the form that ultimately uses this query is using, but that could be changed. """ q = Objective.query.filter( and_( Objective.subject_id == user.subject_id, or_( Objective.created_by_id.in_(User.admin_usersQ().options( load_only("id"))), Objective.created_by_id == user.id))) if matching_names: q = q.filter(Objective.name.in_(matching_names)) return q.all()
def test_no_password_getter(self): u = User(password='******') with self.assertRaises(AttributeError): u.password
def test_password_setter(self): u = User(password='******') self.assertTrue(u.password_hash is not None)
def _check_user_id_or_admin(self, user_id, user): if user_id != user.id and user != User.main_admin_user(): raise NotAuthorised
number = Topic(name="Number", time_created=datetime.utcnow(), subject=maths) calculus = Topic(name="Calculus", time_created=datetime.utcnow(), subject=maths) db.session.add(algebra) db.session.add(geometry) db.session.add(number) db.session.add(calculus) db.session.commit() user = User(email="*****@*****.**", password="******", name="CourseMe", time_registered=datetime.utcnow(), last_seen=datetime.utcnow(), role=ROLE_ADMIN) db.session.add(user) me = User(email="*****@*****.**", password="******", name="Dan", forename="Dan", blurb="I built the CourseMe website and now am fabulously rich.", time_registered=datetime.utcnow(), last_seen=datetime.utcnow(), role=ROLE_ADMIN) db.session.add(me) user = User(email="*****@*****.**",
def test_valid_confirmation_token(self): u = User(password='******', email='*****@*****.**', name='user') db.session.add(u) db.session.commit() token = u.generate_confirmation_token() self.assertTrue(u.confirm(token))
def test_password_verification(self): u = User(password='******') self.assertTrue(u.verify_password('cat')) self.assertFalse(u.verify_password('dog'))
role = ROLE_ADMIN) db.session.add(me) head = User(email="*****@*****.**", password="******", name="Head of School", blurb="I have been Headmaster at High School for five years. I'm great.", time_registered=datetime.utcnow(), last_seen=datetime.utcnow(), role = ROLE_USER) db.session.add(head) db.session.commit() courseMe = Institution.create( name = "CourseMe", administrator = User.main_admin_user(), blurb = "This is the main CourseMe institution" ) school = Institution.create( name = "High School", administrator = head, blurb = "This is a great High School. We use CourseMe for everything. We have 100 pupils and they're all doing great." ) for i in range(1, 3): teacher = User(email="teacher" + str(i) + "@server.fake", password="******", name="Mrs. Blogs " + str(i), blurb="I have been a teacher at High School for five years. I'm great.", time_registered=datetime.utcnow(),
def test_password_salts_are_random(self): u = User(password='******') u2 = User(password='******') self.assertTrue(u.password_hash != u2.password_hash)