Exemplo n.º 1
0
    def test_profile_update_profile_invalid(self):
        from horus.views import ProfileController
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.interfaces           import IProfileSchema
        from horus.tests.models         import User
        from horus.tests.models         import Activation
        from horus.tests.schemas        import ProfileSchema

        self.config.registry.registerUtility(Activation, IActivationClass)
        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(ProfileSchema,
            IProfileSchema)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(request_method='POST')
        request.context = user

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.id
        request.matchdict.get = get

        view = ProfileController(request)

        response = view.edit_profile()

        assert len(response['errors']) == 3
Exemplo n.º 2
0
    def test_profile_bad_id(self):
        from horus.views import ProfileController
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.user = Mock()

        request.matchdict = Mock()
        get = Mock()
        get.return_value = 99
        request.matchdict.get = get

        view = ProfileController(request)

        response = view.profile()

        assert response.status_int == 404
Exemplo n.º 3
0
    def test_inactive_login_fails(self):
        """Make sure we can't log in with an inactive user."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        with patch('horus.views.FlashMessage') as FlashMessage:
            view.login()
            FlashMessage.assert_called_with(request,
                'Your account is not active, please check your e-mail.',
                kind='error')
Exemplo n.º 4
0
    def test_forgot_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User

        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'email': 'sontek'
        }, request_method='POST')

        request.user = None

        view = ForgotPasswordController(request)
        response = view.forgot_password()

        assert len(response['errors']) == 1
Exemplo n.º 5
0
    def test_forgot_password_valid_user(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User

        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******', email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = None

        flash = Mock()
        request.session.flash = flash

        view = ForgotPasswordController(request)
        response = view.forgot_password()

        flash.assert_called_with(
            'Please check your e-mail to reset your password.', 'success')
        assert response.status_int == 302
Exemplo n.º 6
0
    def test_login_succeeds(self):
        """Make sure we can log in."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'

        self.session.add(admin)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')

        self.config.include('horus')

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        response = view.login()

        assert response.status_int == 302
Exemplo n.º 7
0
    def test_register_existing_user(self):
        from horus.views                import RegisterController
        from pyramid_mailer.mailer      import DummyMailer
        from pyramid_mailer.interfaces  import IMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')

        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        view = RegisterController(request)
        adict = view.register()
        assert isinstance(adict, dict)
        assert adict['errors']
Exemplo n.º 8
0
    def test_inactive_login(self):
        """Make sure inactive users can't sign in."""
        from horus.tests.models import User
        from horus.tests.models import Activation
        admin = User(username='******', email='*****@*****.**')
        admin.activation = Activation()
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'),
            {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            }
        )

        assert b'Your account is not active, please check your e-mail.' \
            in res.body
Exemplo n.º 9
0
    def test_inactive_login(self):
        """Make sure inactive users can't sign in."""
        from horus.tests.models import User
        from horus.tests.models import Activation
        admin = User(username='******', email='*****@*****.**')
        admin.activation = Activation()
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'), {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            })

        assert b'Your account is not active, please check your e-mail.' \
            in res.body
Exemplo n.º 10
0
    def test_profile_bad_id(self):
        from horus.views import ProfileController
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.user = Mock()

        request.matchdict = Mock()
        get = Mock()
        get.return_value = 99
        request.matchdict.get = get

        view = ProfileController(request)

        response = view.profile()

        assert response.status_int == 404
Exemplo n.º 11
0
    def test_login_succeeds(self):
        """Make sure we can log in."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'

        self.session.add(admin)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')

        self.config.include('horus')

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        response = view.login()

        assert response.status_int == 302
Exemplo n.º 12
0
    def test_forgot_password_valid_user(self):
        from horus.views                import ForgotPasswordController
        from pyramid_mailer.interfaces  import IMailer
        from pyramid_mailer.mailer      import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = None

        view = ForgotPasswordController(request)

        with patch('horus.views.FlashMessage') as FlashMessage:
            response = view.forgot_password()
            FlashMessage.assert_called_with(request,
                view.Str.reset_password_email_sent, kind="success")
        assert response.status_int == 302
Exemplo n.º 13
0
    def test_forgot_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User

        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'email': 'sontek'
        }, request_method='POST')

        request.user = None

        view = ForgotPasswordController(request)
        response = view.forgot_password()

        assert len(response['errors']) == 1
Exemplo n.º 14
0
    def test_activate_invalid(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()
        get = Mock()
        get.return_value = 'invalid'
        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek')

        assert not user.is_activated
        assert response.status_int == 404
Exemplo n.º 15
0
    def test_inactive_login_fails(self):
        """ Make sure we can't login with an inactive user """
        from horus.tests.models import User
        from horus.interfaces     import IHorusUserClass
        from horus.interfaces   import IHorusActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IHorusActivationClass)

        self.config.registry.registerUtility(User, IHorusUserClass)
        user = User(username='******', email='*****@*****.**')
        user.set_password('foo')
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')

        request = self.get_csrf_request(post={
                'submit': True,
                'Username': '******',
                'Password': '******',
            }, request_method='POST')

        flash = Mock()

        request.session.flash = flash

        view = AuthController(request)
        view.login()

        flash.assert_called_with(u'Your account is not active, please check your e-mail.',
            'error')
Exemplo n.º 16
0
    def test_profile_update_profile_invalid(self):
        from horus.views import ProfileController
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.interfaces           import IProfileSchema
        from horus.tests.models         import User
        from horus.tests.models         import Activation
        from horus.tests.schemas        import ProfileSchema

        self.config.registry.registerUtility(Activation, IActivationClass)
        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(ProfileSchema,
            IProfileSchema)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(request_method='POST')
        request.context = user

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.id
        request.matchdict.get = get

        view = ProfileController(request)

        response = view.edit_profile()

        assert len(response['errors']) == 3
Exemplo n.º 17
0
    def test_register_existing_user(self):
        from horus.views                import RegisterController
        from pyramid_mailer.mailer      import DummyMailer
        from pyramid_mailer.interfaces  import IMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')

        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        view = RegisterController(request)
        adict = view.register()
        assert isinstance(adict, dict)
        assert adict['errors']
Exemplo n.º 18
0
    def test_valid_login(self):
        """ Call the login view, make sure routes are working """
        from horus.tests.models import User
        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'),
            {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            }
        )

        assert res.status_int == 302
Exemplo n.º 19
0
    def test_forgot_password_valid_user(self):
        from horus.views                import ForgotPasswordController
        from pyramid_mailer.interfaces  import IMailer
        from pyramid_mailer.mailer      import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = None

        view = ForgotPasswordController(request)

        with patch('horus.views.FlashMessage') as FlashMessage:
            response = view.forgot_password()
            FlashMessage.assert_called_with(request,
                view.Str.reset_password_email_sent, kind="success")
        assert response.status_int == 302
Exemplo n.º 20
0
    def test_inactive_login_fails(self):
        """Make sure we can't log in with an inactive user."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        with patch('horus.views.FlashMessage') as FlashMessage:
            view.login()
            FlashMessage.assert_called_with(request,
                'Your account is not active, please check your e-mail.',
                kind='danger')
Exemplo n.º 21
0
    def test_activate_invalid(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()
        get = Mock()
        get.return_value = 'invalid'
        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek')

        assert not user.is_activated
        assert response.status_int == 404
Exemplo n.º 22
0
    def test_password_hashing(self):
        from horus.tests.models import User
        user1 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        self.session.add(user1)
        self.session.flush()

        assert user1.password != 'password'
        assert user1.salt is not None
Exemplo n.º 23
0
    def test_password_hashing(self):
        from horus.tests.models import User
        user1 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        self.session.add(user1)
        self.session.flush()

        assert user1.password != 'password'
        assert user1.salt is not None
Exemplo n.º 24
0
    def test_reset_password_valid_user(self):
        from horus.views import ForgotPasswordController
        from hem.interfaces import IDBSession
        from horus.events import PasswordResetEvent
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.models import crypt
        from horus.interfaces           import IHorusUserClass
        from horus.interfaces           import IHorusActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IHorusUserClass)
        self.config.registry.registerUtility(Activation, IHorusActivationClass)


        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.set_password('foo')
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 'test123',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        flash = Mock()
        request.session.flash = flash

        def handle_password_reset(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_password_reset, PasswordResetEvent)

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert not crypt.check(user.password, 'temp' + user.salt)
        assert response.status_int == 302
Exemplo n.º 25
0
    def test_profile_update_password(self):
        from horus.views import ProfileController
        from hem.interfaces import IDBSession
        from horus.events import ProfileUpdatedEvent
        from horus.models import crypt
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        def handle_profile_updated(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_profile_updated,
            ProfileUpdatedEvent)

        request = self.get_csrf_request(post={
            'email': '*****@*****.**',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
        }, request_method='POST')

        request.context = user

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.id
        request.matchdict.get = get

        flash = Mock()
        request.session.flash = flash

        view = ProfileController(request)

        view.edit_profile()
        new_user = User.get_by_id(request, user.id)

        assert new_user.email == '*****@*****.**'
        assert not crypt.check(user.password, 'temp' + user.salt)
Exemplo n.º 26
0
    def test_acl(self):
        from horus.tests.models import User
        from pyramid.security import Allow

        user1 = User(username='******', email='*****@*****.**')
        user1.password = '******'

        self.session.add(user1)
        self.session.flush()

        assert user1.__acl__ == [(Allow, 'user:%s' % user1.id, 'access_user')]
Exemplo n.º 27
0
    def test_acl(self):
        from horus.tests.models import User
        from pyramid.security import Allow

        user1 = User(username='******', email='*****@*****.**')
        user1.password = '******'

        self.session.add(user1)
        self.session.flush()

        assert user1.__acl__ == [(Allow, 'user:%s' % user1.id, 'access_user')]
Exemplo n.º 28
0
    def test_profile_update_password(self):
        from horus.views import ProfileController
        from hem.interfaces import IDBSession
        from horus.events import ProfileUpdatedEvent
        from horus.models import crypt
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.add_route('index', '/')
        self.config.include('horus')

        user = User(username='******', email='*****@*****.**')
        user.password = '******'

        self.session.add(user)
        self.session.flush()

        def handle_profile_updated(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_profile_updated,
            ProfileUpdatedEvent)

        request = self.get_csrf_request(post={
            'email': '*****@*****.**',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
        }, request_method='POST')

        request.context = user

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.id
        request.matchdict.get = get

        view = ProfileController(request)

        view.edit_profile()
        new_user = User.get_by_id(request, user.id)

        assert new_user.email == '*****@*****.**'
        assert not crypt.check(user.password, 'temp' + user.salt)
Exemplo n.º 29
0
    def test_reset_password_valid_user(self):
        from horus.views import ForgotPasswordController
        from hem.interfaces import IDBSession
        from horus.events import PasswordResetEvent
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.models import crypt
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        def handle_password_reset(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_password_reset, PasswordResetEvent)

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert not crypt.check(user.password, 'temp' + user.salt)
        assert response.status_int == 302
Exemplo n.º 30
0
    def test_get_user_by_invalid_email(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_email(request, '*****@*****.**')

        assert new_user == None
Exemplo n.º 31
0
    def test_get_user_by_id(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_id(request, user.id)

        assert new_user == user
Exemplo n.º 32
0
    def test_get_user_by_invalid_email(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_email(request, '*****@*****.**')

        assert new_user == None
Exemplo n.º 33
0
    def test_get_valid_user_by_security_code(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_security_code(request, user.security_code)

        assert user == new_user
Exemplo n.º 34
0
    def test_get_user_by_id(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_id(request, user.id)

        assert new_user == user
Exemplo n.º 35
0
    def test_get_valid_user_by_security_code(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_security_code(request, user.security_code)

        assert user == new_user
Exemplo n.º 36
0
    def test_activate_invalid_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        bad_act = Activation()

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'

        user2 = User(username='******', email='*****@*****.**')
        user2.activation = bad_act
        user2.password = '******'

        self.session.add(user)
        self.session.add(user2)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(val, ret):
            if val == 'code':
                return bad_act.code
            elif val == 'user_id':
                return user.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        new_user1 = User.get_by_username(request, 'sontek')
        new_user2 = User.get_by_username(request, 'jessie')

        assert not new_user1.is_activated
        assert not new_user2.is_activated
        assert response.status_int == 404
Exemplo n.º 37
0
    def test_activate_invalid_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IHorusUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IHorusActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IHorusActivationClass)

        self.config.registry.registerUtility(User, IHorusUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        bad_act = Activation()

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.set_password('foo')

        user2 = User(username='******', email='*****@*****.**')
        user2.activation = bad_act
        user2.set_password('foo2')

        self.session.add(user)
        self.session.add(user2)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(val, ret):
            if val == 'code':
                return bad_act.code
            elif val == 'user_pk':
                return user.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        new_user1 = User.get_by_username(request, 'sontek')
        new_user2 = User.get_by_username(request, 'jessie')

        assert not new_user1.is_activated
        assert not new_user2.is_activated
        assert response.status_int == 404
Exemplo n.º 38
0
    def test_register_creates_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.mailer import DummyMailer
        from pyramid_mailer.interfaces import IMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = Mock()
        controller = RegisterController(request)
        response = controller.register()

        assert response.status_int == 302

        user = User.get_by_username(request, 'admin')

        assert user != None
Exemplo n.º 39
0
    def test_get_all_users(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user2 = User(username='******', email='*****@*****.**')
        user2.password = '******'
        self.session.add(user)
        self.session.add(user2)
        self.session.commit()

        request = testing.DummyRequest()

        users = User.get_all(request)

        assert len(users.all()) == 2
Exemplo n.º 40
0
    def test_register_creates_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.mailer import DummyMailer
        from pyramid_mailer.interfaces import IMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = Mock()
        controller = RegisterController(request)
        response = controller.register()

        assert response.status_int == 302

        user = User.get_by_username(request, 'admin')

        assert user != None
Exemplo n.º 41
0
    def test_get_user_by_activation(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        activation = Activation()
        user.activation = activation

        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user
Exemplo n.º 42
0
    def test_get_user_by_activation(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        activation = Activation()
        user.activation = activation

        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user
Exemplo n.º 43
0
    def test_reset_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)


        user = User(username='******', password='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 't',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        flash = Mock()
        request.session.flash = flash

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert len(response['errors']) == 1
Exemplo n.º 44
0
    def test_user_factory(self):
        from horus.resources import UserFactory
        from horus.tests.models import User
        from horus.interfaces import IUserClass
        self.config.registry.registerUtility(User, IUserClass)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()
        factory = UserFactory(request)

        fact_user = factory[user.id]

        assert factory.request == request
        assert user == fact_user
Exemplo n.º 45
0
    def test_get_all(self):
        from horus.tests.models import Group
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)

        group = Group(name='admin', description='group for admins')
        group.users.append(user)
        self.session.add(group)
        self.session.commit()

        request = testing.DummyRequest()

        groups = Group.get_all(request)

        assert len(groups.all()) == 1
Exemplo n.º 46
0
    def test_get_all(self):
        from horus.tests.models import Group
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        self.session.add(user)

        group = Group(name='admin', description='group for admins')
        group.users.append(user)
        self.session.add(group)
        self.session.commit()

        request = testing.DummyRequest()

        groups = Group.get_all(request)

        assert len(groups.all()) == 1
Exemplo n.º 47
0
    def test_user_factory(self):
        from horus.resources import UserFactory
        from horus.tests.models import User
        from horus.interfaces import IHorusUserClass
        self.config.registry.registerUtility(User, IHorusUserClass)

        user = User(user_name='sontek', email='*****@*****.**')
        user.set_password('foo')
        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()
        factory = UserFactory(request)

        fact_user = factory[user.pk]

        assert factory.request == request
        assert user == fact_user
Exemplo n.º 48
0
    def test_activate_multiple_users(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IHorusUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IHorusActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IHorusActivationClass)

        self.config.registry.registerUtility(User, IHorusUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.set_password('foo')
        user1 = User(username='******', email='*****@*****.**')
        user1.activation = Activation()
        user1.set_password('foo2')

        self.session.add(user)
        self.session.add(user1)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(key, default):
            if key == 'code':
                return user1.activation.code
            else:
                return user1.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek1')

        activations = Activation.get_all(request)

        assert len(activations.all()) == 1
        assert user.is_activated
        assert response.status_int == 302
Exemplo n.º 49
0
    def test_activate_multiple_users(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'
        user1 = User(username='******', email='*****@*****.**')
        user1.activation = Activation()
        user1.password = '******'

        self.session.add(user)
        self.session.add(user1)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(key, default):
            if key == 'code':
                return user1.activation.code
            else:
                return user1.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek1')

        activations = Activation.get_all(request)

        assert len(activations.all()) == 1
        assert user.is_activated
        assert response.status_int == 302
Exemplo n.º 50
0
    def test_reset_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 't',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert len(response['errors']) == 1
Exemplo n.º 51
0
    def test_group_finder(self):
        from horus import groupfinder
        from horus.tests.models import User
        from horus.tests.models import Group

        group = Group(name='foo', description='bar')
        user1 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        group.users.append(user1)

        self.session.add(group)
        self.session.add(user1)
        self.session.flush()

        request = Mock()
        request.user = user1

        results = groupfinder(1, request)

        assert 'group:foo' in results
        assert 'user:%s' % (user1.id) in results
        assert len(results) == 2
Exemplo n.º 52
0
    def test_group_finder(self):
        from horus import groupfinder
        from horus.tests.models import User
        from horus.tests.models import Group

        group = Group(name='foo', description='bar')
        user1 = User(username='******', email='*****@*****.**')
        user1.set_password('foo')
        group.users.append(user1)

        self.session.add(group)
        self.session.add(user1)
        self.session.flush()

        request = Mock()
        request.user = user1

        results = groupfinder(1, request)

        assert 'group:foo' in results
        assert 'user:%s' % (user1.id) in results
        assert len(results) == 2
Exemplo n.º 53
0
    def test_valid_login(self): 
        """ Call the login view, make sure routes are working """
        from horus.tests.models import User
        admin = User(user_name='sontek', email='*****@*****.**')
        admin.set_password('temp')
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        res = self.app.post('/login', 
            {
                'submit': True,
                'User_name': 'sontek',
                'Password': '******',
                'csrf_token': csrf
            }
        )

        assert res.status_int == 302
Exemplo n.º 54
0
    def test_register_no_email_validation(self):
        from horus.views import RegisterController
        from pyramid_mailer.mailer import DummyMailer
        from pyramid_mailer.interfaces import IMailer
        from hem.interfaces import IDBSession
        from horus.events import NewRegistrationEvent
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')
        self.config.registry.settings['horus.require_activation'] = False

        def handle_registration(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_registration, NewRegistrationEvent)

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        flash = Mock()
        request.session.flash = flash

        request.user = Mock()

        controller = RegisterController(request)
        response = controller.register()

        assert response.status_int == 302

        user = User.get_by_username(request, 'admin')

        assert user.is_activated == True
        flash.assert_called_with(
            'You have been registered, you may log in now!', 'success')
Exemplo n.º 55
0
    def test_reset_password_loads(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation
        from horus.interfaces           import IActivationClass

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert response.get('form', None)
        assert 'sontek' in response['form']
Exemplo n.º 56
0
    def test_valid_login(self):
        """ Call the login view, make sure routes are working """
        from horus.tests.models import User
        admin = User(username='******', email='*****@*****.**')
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'), {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            })
        assert res.status_int == 302
Exemplo n.º 57
0
    def test_register_no_email_validation(self):
        from horus.views import RegisterController
        from pyramid_mailer.mailer import DummyMailer
        from pyramid_mailer.interfaces import IMailer
        from hem.interfaces import IDBSession
        from horus.events import NewRegistrationEvent
        from horus.interfaces import IUserClass
        from horus.tests.models import User
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)

        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        self.config.add_route('index', '/')
        self.config.registry.settings['horus.require_activation'] = False

        def handle_registration(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_registration, NewRegistrationEvent)

        request = self.get_csrf_request(post={
            'username': '******',
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
            'email': '*****@*****.**'
        }, request_method='POST')

        request.user = Mock()

        view = RegisterController(request)
        with patch('horus.views.FlashMessage') as FlashMessage:
            response = view.register()
            FlashMessage.assert_called_with(request,
                view.Str.registration_done, kind="success")
        assert response.status_int == 302
        user = User.get_by_username(request, 'admin')
        assert user.is_activated == True
Exemplo n.º 58
0
    def test_get_all_users(self):
        from horus.tests.models import User

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user2 = User(username='******', email='*****@*****.**')
        user2.password = '******'
        self.session.add(user)
        self.session.add(user2)
        self.session.commit()

        request = testing.DummyRequest()

        users = User.get_all(request)

        assert len(users.all()) == 2
Exemplo n.º 59
0
    def test_get_user_by_activation_with_multiple_users(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        user2.password = '******'
        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)

        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user2
Exemplo n.º 60
0
    def test_get_user_activation(self):
        from horus.tests.models import Activation
        from horus.tests.models import User

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        user2.password = '******'

        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_username(request, 'sontek2')

        new_activation = Activation.get_by_code(request, activation.code)

        assert activation == new_activation
        assert new_user.activation == new_activation