Exemplo n.º 1
0
    def test_allow_password_reuse(self):
        """
        If the company doesn't enforce password expiration, allow dup passwords
        """
        self.company.password_expiration = False
        self.company.save()
        self.user = User.objects.get(pk=self.user.pk)

        password = '******'
        self.user.set_password(password)
        self.user.save()

        form = ChangePasswordForm(user=self.user,
                                  data={
                                      'password': password,
                                      'new_password1': password,
                                      'new_password2': password,
                                  })
        self.assertTrue(form.is_valid())
Exemplo n.º 2
0
    def test_prevent_password_reuse(self):
        """
        Prevent password reuse if any of the users' companies require it.
        """
        self.company.password_expiration = True
        self.company.save()
        self.user = User.objects.get(pk=self.user.pk)

        limit = settings.PASSWORD_HISTORY_ENTRIES

        def password(i):
            return 'password-enTry-%d' % i

        for i in range(0, limit + 1):
            entry = password(i)
            self.user.set_password(entry)
            self.user.save()
            last_pw = entry

        for i in range(1, limit + 1):
            entry = password(i)
            form = ChangePasswordForm(
                user=self.user,
                data={
                    'password': last_pw,
                    'new_password1': entry,
                    'new_password2': entry,
                })
            self.assertFalse(form.is_valid())
            self.assertRegexpMatches(
                form.errors['new_password1'][0],
                r'different from the previous')

        entry = password(0)
        form = ChangePasswordForm(
            user=self.user,
            data={
                'password': last_pw,
                'new_password1': entry,
                'new_password2': entry,
            })
        self.assertTrue(form.is_valid())
Exemplo n.º 3
0
    def test_allow_password_reuse(self):
        """
        If the company doesn't enforce password expiration, allow dup passwords
        """
        self.company.password_expiration = False
        self.company.save()
        self.user = User.objects.get(pk=self.user.pk)

        password = '******'
        self.user.set_password(password)
        self.user.save()

        form = ChangePasswordForm(
            user=self.user,
            data={
                'password': password,
                'new_password1': password,
                'new_password2': password,
            })
        self.assertTrue(form.is_valid())
Exemplo n.º 4
0
    def test_password_form(self):
        invalid_data = [
            { 'data': {'password': '******',
                       'new_password1': '7dY=Ybtk',
                       'new_password2': '7dY=Ybtk'},
              u'errors': [['password', [u"Wrong password."]]]},
            { 'data': {'password': '******',
                       'new_password1': '7dY=Ybtk',
                       'new_password2': 'notnewpassword'},
                u'errors':
                    [[u'new_password2', [u'The new password fields did not match.']],
                    [u'new_password1', [u'The new password fields did not match.']]],
            
            },
        ]

        for item in invalid_data:
            form = ChangePasswordForm(user=self.user, data=item['data'])
            self.failIf(form.is_valid())
            self.assertEqual(form.errors[item[u'errors'][0][0]],
                             item[u'errors'][0][1])

        form = ChangePasswordForm(user=self.user,data={'password': '******',
                                                       'new_password1': '7dY=Ybtk',
                                                       'new_password2': '7dY=Ybtk'})
        
        self.failUnless(form.is_valid())
        form.save()
        self.failUnless(self.user.check_password('7dY=Ybtk'))
Exemplo n.º 5
0
    def test_password_form(self):
        invalid_data = [
            {
                "data": {"password": "******", "new_password1": "newpassword", "new_password2": "newpassword"},
                u"errors": [["password", [u"Wrong password."]]],
            },
            {
                "data": {"password": "******", "new_password1": "newpassword", "new_password2": "notnewpassword"},
                u"errors": [
                    [u"new_password2", [u"The new password fields did not match."]],
                    [u"new_password1", [u"The new password fields did not match."]],
                ],
            },
        ]

        for item in invalid_data:
            form = ChangePasswordForm(user=self.user, data=item["data"])
            self.failIf(form.is_valid())
            self.assertEqual(form.errors[item[u"errors"][0][0]], item[u"errors"][0][1])

        form = ChangePasswordForm(
            user=self.user,
            data={"password": "******", "new_password1": "anothersecret", "new_password2": "anothersecret"},
        )

        self.failUnless(form.is_valid())
        form.save()
        self.failUnless(self.user.check_password("anothersecret"))
Exemplo n.º 6
0
    def test_password_form(self):
        invalid_data = [
            {
                'data': {
                    'password': '******',
                    'new_password1': 'newpassword',
                    'new_password2': 'newpassword'
                },
                u'errors': [['password', [u"Wrong password."]]]
            },
            {
                'data': {
                    'password': '******',
                    'new_password1': 'newpassword',
                    'new_password2': 'notnewpassword'
                },
                u'errors': [[
                    u'new_password2',
                    [u'The new password fields did not match.']
                ],
                            [
                                u'new_password1',
                                [u'The new password fields did not match.']
                            ]],
            },
        ]

        for item in invalid_data:
            form = ChangePasswordForm(user=self.user, data=item['data'])
            self.failIf(form.is_valid())
            self.assertEqual(form.errors[item[u'errors'][0][0]],
                             item[u'errors'][0][1])

        form = ChangePasswordForm(user=self.user,
                                  data={
                                      'password': '******',
                                      'new_password1': 'anothersecret',
                                      'new_password2': 'anothersecret'
                                  })

        self.failUnless(form.is_valid())
        form.save()
        self.failUnless(self.user.check_password('anothersecret'))
Exemplo n.º 7
0
    def test_prevent_password_reuse(self):
        """
        Prevent password reuse if any of the users' companies require it.
        """
        self.company.password_expiration = True
        self.company.save()
        self.user = User.objects.get(pk=self.user.pk)

        limit = settings.PASSWORD_HISTORY_ENTRIES

        def password(i):
            return 'password-enTry-%d' % i

        for i in range(0, limit + 1):
            entry = password(i)
            self.user.set_password(entry)
            self.user.save()
            last_pw = entry

        for i in range(1, limit + 1):
            entry = password(i)
            form = ChangePasswordForm(user=self.user,
                                      data={
                                          'password': last_pw,
                                          'new_password1': entry,
                                          'new_password2': entry,
                                      })
            self.assertFalse(form.is_valid())
            self.assertRegexpMatches(form.errors['new_password1'][0],
                                     r'different from the previous')

        entry = password(0)
        form = ChangePasswordForm(user=self.user,
                                  data={
                                      'password': last_pw,
                                      'new_password1': entry,
                                      'new_password2': entry,
                                  })
        self.assertTrue(form.is_valid())
Exemplo n.º 8
0
def edit_account(request):
    user = request.user
    obj = User.objects.get(id=user.id)
    change_password = False

    if user.is_verified:
        communication_form = EditCommunicationForm(user=user, instance=obj)
    else:
        communication_form = None
    password_form = ChangePasswordForm(user=user)

    if request.user.password_change:
        change_password = True

    ctx = {
        'user': user,
        'communication_form': communication_form,
        'password_form': password_form,
        'change_password': change_password,
    }

    if request.method == "POST":
        obj = User.objects.get(id=request.user.id)
        if 'communication' in request.REQUEST:
            form = EditCommunicationForm(user=request.user,
                                         instance=obj,
                                         data=request.POST)
            if form.is_valid():
                form.save()
                ctx['communication_form'] = form
                ctx['message_body'] = ('Communication Settings have been '
                                       'updated successfully.')
                ctx['messagetype'] = 'success'
                template = '%s/edit-account.html' % settings.PROJECT
                return render_to_response(template, ctx,
                                          RequestContext(request))
            else:
                ctx['communication_form'] = form
                template = '%s/edit-account.html' % settings.PROJECT
                return render_to_response(template, ctx,
                                          RequestContext(request))

        elif 'password' in request.REQUEST:
            form = ChangePasswordForm(user=request.user, data=request.POST)
            if form.is_valid():
                request.user.password_change = False
                request.user.save()
                form.save()
                ctx['password_form'] = form
                ctx['message_body'] = ('Password Settings have been '
                                       'updated successfully.')
                ctx['messagetype'] = 'success'
                template = '%s/edit-account.html' % settings.PROJECT
                return render_to_response(template, ctx,
                                          RequestContext(request))
            else:
                ctx['password_form'] = form
                template = '%s/edit-account.html' % settings.PROJECT
                return render_to_response(template, ctx,
                                          RequestContext(request))
        else:
            raise Http404("myjobs.views.edit_account: request is not POST")

    return render_to_response('%s/edit-account.html' % settings.PROJECT, ctx,
                              RequestContext(request))