Exemplo n.º 1
0
    def test_activate_invalid_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        bad_act = Activation()

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'

        user2 = User(username='******', email='*****@*****.**')
        user2.activation = bad_act
        user2.password = '******'

        self.session.add(user)
        self.session.add(user2)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(val, ret):
            if val == 'code':
                return bad_act.code
            elif val == 'user_id':
                return user.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        new_user1 = User.get_by_username(request, 'sontek')
        new_user2 = User.get_by_username(request, 'jessie')

        assert not new_user1.is_activated
        assert not new_user2.is_activated
        assert response.status_int == 404
Exemplo n.º 2
0
    def test_activate_invalid_user(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        bad_act = Activation()

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'

        user2 = User(username='******', email='*****@*****.**')
        user2.activation = bad_act
        user2.password = '******'

        self.session.add(user)
        self.session.add(user2)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(val, ret):
            if val == 'code':
                return bad_act.code
            elif val == 'user_id':
                return user.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        new_user1 = User.get_by_username(request, 'sontek')
        new_user2 = User.get_by_username(request, 'jessie')

        assert not new_user1.is_activated
        assert not new_user2.is_activated
        assert response.status_int == 404
Exemplo n.º 3
0
    def test_activate_invalid(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()
        get = Mock()
        get.return_value = 'invalid'
        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek')

        assert not user.is_activated
        assert response.status_int == 404
Exemplo n.º 4
0
    def test_inactive_login(self):
        """Make sure inactive users can't sign in."""
        from horus.tests.models import User
        from horus.tests.models import Activation
        admin = User(username='******', email='*****@*****.**')
        admin.activation = Activation()
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'), {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            })

        assert b'Your account is not active, please check your e-mail.' \
            in res.body
Exemplo n.º 5
0
    def test_inactive_login_fails(self):
        """ Make sure we can't login with an inactive user """
        from horus.tests.models import User
        from horus.interfaces     import IHorusUserClass
        from horus.interfaces   import IHorusActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IHorusActivationClass)

        self.config.registry.registerUtility(User, IHorusUserClass)
        user = User(username='******', email='*****@*****.**')
        user.set_password('foo')
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')

        request = self.get_csrf_request(post={
                'submit': True,
                'Username': '******',
                'Password': '******',
            }, request_method='POST')

        flash = Mock()

        request.session.flash = flash

        view = AuthController(request)
        view.login()

        flash.assert_called_with(u'Your account is not active, please check your e-mail.',
            'error')
Exemplo n.º 6
0
    def test_inactive_login(self):
        """Make sure inactive users can't sign in."""
        from horus.tests.models import User
        from horus.tests.models import Activation
        admin = User(username='******', email='*****@*****.**')
        admin.activation = Activation()
        admin.password = '******'
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        if six.PY3:
            csrf = clean_byte_string(csrf)

        res = self.app.post(
            str('/login'),
            {
                'submit': True,
                'username': '******',
                'password': '******',
                'csrf_token': csrf
            }
        )

        assert b'Your account is not active, please check your e-mail.' \
            in res.body
Exemplo n.º 7
0
    def test_activate_invalid(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()
        get = Mock()
        get.return_value = 'invalid'
        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek')

        assert not user.is_activated
        assert response.status_int == 404
Exemplo n.º 8
0
    def test_inactive_login_fails(self):
        """Make sure we can't log in with an inactive user."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        with patch('horus.views.FlashMessage') as FlashMessage:
            view.login()
            FlashMessage.assert_called_with(request,
                'Your account is not active, please check your e-mail.',
                kind='danger')
Exemplo n.º 9
0
    def test_inactive_login_fails(self):
        """Make sure we can't log in with an inactive user."""
        from horus.tests.models import User
        from horus.interfaces   import IUserClass
        from horus.interfaces   import IActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()
        self.session.add(user)
        self.session.flush()

        from horus.views import AuthController
        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.settings['horus.login_redirect'] = 'index'
        self.config.registry.settings['horus.logout_redirect'] = 'index'

        request = self.get_csrf_request(post={
                'submit': True,
                'username': '******',
                'password': '******',
            }, request_method='POST')

        view = AuthController(request)
        with patch('horus.views.FlashMessage') as FlashMessage:
            view.login()
            FlashMessage.assert_called_with(request,
                'Your account is not active, please check your e-mail.',
                kind='error')
Exemplo n.º 10
0
    def test_activate_multiple_users(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'
        user1 = User(username='******', email='*****@*****.**')
        user1.activation = Activation()
        user1.password = '******'

        self.session.add(user)
        self.session.add(user1)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(key, default):
            if key == 'code':
                return user1.activation.code
            else:
                return user1.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek1')

        activations = Activation.get_all(request)

        assert len(activations.all()) == 1
        assert user.is_activated
        assert response.status_int == 302
Exemplo n.º 11
0
    def test_activate_multiple_users(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import Activation
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.registry.registerUtility(User, IUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.activation = Activation()
        user.password = '******'
        user1 = User(username='******', email='*****@*****.**')
        user1.activation = Activation()
        user1.password = '******'

        self.session.add(user)
        self.session.add(user1)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(key, default):
            if key == 'code':
                return user1.activation.code
            else:
                return user1.id

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_username(request, 'sontek1')

        activations = Activation.get_all(request)

        assert len(activations.all()) == 1
        assert user.is_activated
        assert response.status_int == 302
Exemplo n.º 12
0
    def test_reset_password_valid_user(self):
        from horus.views import ForgotPasswordController
        from hem.interfaces import IDBSession
        from horus.events import PasswordResetEvent
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.models import crypt
        from horus.interfaces           import IHorusUserClass
        from horus.interfaces           import IHorusActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IHorusUserClass)
        self.config.registry.registerUtility(Activation, IHorusActivationClass)


        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.set_password('foo')
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 'test123',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        flash = Mock()
        request.session.flash = flash

        def handle_password_reset(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_password_reset, PasswordResetEvent)

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert not crypt.check(user.password, 'temp' + user.salt)
        assert response.status_int == 302
Exemplo n.º 13
0
    def test_reset_password_valid_user(self):
        from horus.views import ForgotPasswordController
        from hem.interfaces import IDBSession
        from horus.events import PasswordResetEvent
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.models import crypt
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'password': {
                'password': '******',
                'password-confirm': 'test123',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        def handle_password_reset(event):
            request = event.request
            session = request.registry.getUtility(IDBSession)
            session.commit()

        self.config.add_subscriber(handle_password_reset, PasswordResetEvent)

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert not crypt.check(user.password, 'temp' + user.salt)
        assert response.status_int == 302
Exemplo n.º 14
0
    def test_get_user_by_activation(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        activation = Activation()
        user.activation = activation

        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user
Exemplo n.º 15
0
    def test_get_user_by_activation(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user = User(username='******', email='*****@*****.**')
        user.password = '******'
        activation = Activation()
        user.activation = activation

        self.session.add(user)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user
Exemplo n.º 16
0
    def test_reset_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)


        user = User(username='******', password='******', email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 't',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        flash = Mock()
        request.session.flash = flash

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert len(response['errors']) == 1
Exemplo n.º 17
0
    def test_reset_password_invalid_password(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.interfaces           import IActivationClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = self.get_csrf_request(post={
            'Password': {
                'Password': '******',
                'Password-confirm': 't',
            },
        }, request_method='POST')

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert len(response['errors']) == 1
Exemplo n.º 18
0
    def test_get_user_by_activation_with_multiple_users(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        user2.password = '******'
        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)

        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user2
Exemplo n.º 19
0
    def test_get_user_by_activation_with_multiple_users(self):
        from horus.tests.models import User
        from horus.tests.models import Activation

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        user2.password = '******'
        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)

        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_activation(request, activation)

        assert new_user == user2
Exemplo n.º 20
0
    def test_activate(self):
        from horus.views import RegisterController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IHorusUserClass
        from horus.tests.models         import User
        from horus.interfaces   import IHorusActivationClass
        from horus.tests.models import Activation
        self.config.registry.registerUtility(Activation, IHorusActivationClass)

        self.config.registry.registerUtility(User, IHorusUserClass)
        self.config.include('horus')
        self.config.add_route('index', '/')

        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(user_name='sontek', email='*****@*****.**')
        user.set_password('foo')
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()
        request.matchdict = Mock()

        def get(key, default):
            if key == 'code':
                return user.activation.code
            else:
                return user.pk

        request.matchdict.get = get

        controller = RegisterController(request)
        response = controller.activate()
        user = User.get_by_user_name(request, 'sontek')

        assert user.is_activated
        assert response.status_int == 302
Exemplo n.º 21
0
    def test_reset_password_loads(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation
        from horus.interfaces           import IActivationClass

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert response.get('form', None)
        assert 'sontek' in response['form']
Exemplo n.º 22
0
    def test_reset_password_loads(self):
        from horus.views import ForgotPasswordController
        from pyramid_mailer.interfaces import IMailer
        from pyramid_mailer.mailer import DummyMailer
        from horus.interfaces           import IUserClass
        from horus.tests.models         import User
        from horus.tests.models         import Activation
        from horus.interfaces           import IActivationClass

        self.config.registry.registerUtility(User, IUserClass)
        self.config.registry.registerUtility(Activation, IActivationClass)

        self.config.add_route('index', '/')
        self.config.include('horus')
        self.config.registry.registerUtility(DummyMailer(), IMailer)

        user = User(username='******', password='******',
            email='*****@*****.**')
        user.password = '******'
        user.activation = Activation()

        self.session.add(user)
        self.session.flush()

        request = testing.DummyRequest()

        request.matchdict = Mock()
        get = Mock()
        get.return_value = user.activation.code
        request.matchdict.get = get

        request.user = None

        view = ForgotPasswordController(request)
        response = view.reset_password()

        assert response.get('form', None)
        assert 'sontek' in response['form']
Exemplo n.º 23
0
    def test_get_user_activation(self):
        from horus.tests.models import Activation
        from horus.tests.models import User

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.password = '******'
        user2.password = '******'

        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_username(request, 'sontek2')

        new_activation = Activation.get_by_code(request, activation.code)

        assert activation == new_activation
        assert new_user.activation == new_activation
Exemplo n.º 24
0
    def test_get_user_activation(self):
        from horus.tests.models import Activation
        from horus.tests.models import User

        user1 = User(username='******', email='*****@*****.**')
        user2 = User(username='******', email='*****@*****.**')
        user1.set_password('password')
        user2.set_password('password')

        activation = Activation()
        user2.activation = activation

        self.session.add(user1)
        self.session.add(user2)
        self.session.commit()

        request = testing.DummyRequest()

        new_user = User.get_by_username(request, 'sontek2')

        new_activation = Activation.get_by_code(request, activation.code)

        assert activation == new_activation
        assert new_user.activation == new_activation
Exemplo n.º 25
0
    def test_inactive_login(self):
        """ Make sure inactive users can't sign in"""
        from horus.tests.models import User
        from horus.tests.models import Activation
        admin = User(username='******', email='*****@*****.**')
        admin.activation = Activation()
        admin.set_password('temp')
        self.session.add(admin)
        self.session.flush()

        res = self.app.get('/login')

        csrf = res.form.fields['csrf_token'][0].value

        res = self.app.post('/login', 
            {
                'submit': True,
                'Username': '******',
                'Password': '******',
                'csrf_token': csrf
            }
        )

        assert 'Your account is not active, please check your e-mail.' in res.body