def test_set_unusable_password(self):
pwd = 'password'
u = XmppUser.objects.create(jid='*****@*****.**')
xmpp_backend.create_user(u.node, u.domain, pwd)
self.assertTrue(u.check_password(pwd))
self.assertTrue(xmpp_backend.check_password(u.node, u.domain, pwd))
u.set_unusable_password()
self.assertFalse(u.check_password(pwd))
self.assertFalse(xmpp_backend.check_password(u.node, u.domain, pwd))
def form_valid(self, form):
password = form.cleaned_data['password']
request = self.request
user = request.user
if not xmpp_backend.check_password(user.node, user.domain, password=password):
form.add_error('password', _('The password is incorrect.'))
return self.form_invalid(form)
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
send_confirmation_task.delay(
user_pk=user.pk, purpose=PURPOSE_DELETE, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
messages.success(request, _(
'We sent you an email to %(email)s to confirm your request.') %
{'email': user.email, })
user.log(ugettext_noop('Requested deletion of account.'), address)
stat(STAT_DELETE_ACCOUNT)
AddressActivity.objects.log(request, ACTIVITY_SET_EMAIL, note=user.email)
return HttpResponseRedirect(reverse('account:detail'))
def test_registration(self):
"""Test basic registration."""
self.selenium.get('%s%s' % (self.live_server_url, reverse('account:register')))
#fg_username = self.find('#fg_username')
node = self.selenium.find_element_by_id('id_username_0')
#domain = self.selenium.find_element_by_id('id_username_1')
#fg_email = self.find('#fg_email')
email = self.selenium.find_element_by_id('id_email')
node.send_keys(NODE)
email.send_keys(EMAIL)
self.wait_for_valid_form()
with self.mock_celery() as mocked, freeze_time(NOW_STR):
self.selenium.find_element_by_css_selector('button[type="submit"]').click()
self.wait_for_page_load()
self.assertTaskCount(mocked, 1)
user = User.objects.get(username='******' % (NODE, DOMAIN))
lang = get_language().split('-', 1)[0]
site = settings.XMPP_HOSTS[settings.DEFAULT_XMPP_HOST]
self.assertTaskCall(
mocked, send_confirmation_task,
user_pk=user.pk, purpose=PURPOSE_REGISTER, to=EMAIL, hostname=site['NAME'],
base_url=self.live_server_url, language=lang, address='127.0.0.1'
)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(user.registered, NOW)
self.assertEqual(user.last_activity, NOW)
self.assertIsNone(user.confirmed)
self.assertFalse(user.created_in_backend)
self.assertFalse(user.blocked)
self.assertDisplayed('#email-confirmed.table-danger')
confirmation = Confirmation.objects.get(user=user, purpose=PURPOSE_REGISTER)
self.selenium.get('%s%s' % (self.live_server_url, confirmation.urlpath))
self.wait_for_page_load()
self.find('#id_new_password1').send_keys(PWD)
self.find('#id_new_password2').send_keys(PWD)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
# get user again
user = User.objects.get(username='******' % (NODE, DOMAIN))
self.assertEqual(user.confirmed, NOW2)
# TODO: currently not updated?
#self.assertEqual(user.last_activity, NOW2)
self.assertTrue(user.check_password(PWD))
self.assertTrue(xmpp_backend.check_password(user.node, user.domain, PWD)) # just to be sure
self.assertTrue(user.created_in_backend)
self.assertFalse(user.blocked)
self.assertDisplayed('#email-confirmed.table-success')
def test_registration(self):
"""Test basic registration."""
self.selenium.get('%s%s' % (self.live_server_url, reverse('account:register')))
#fg_username = self.find('#fg_username')
node = self.selenium.find_element_by_id('id_username_0')
#domain = self.selenium.find_element_by_id('id_username_1')
#fg_email = self.find('#fg_email')
email = self.selenium.find_element_by_id('id_email')
node.send_keys(NODE)
email.send_keys(EMAIL)
self.wait_for_valid_form()
with self.mock_celery() as mocked, freeze_time(NOW_STR):
self.selenium.find_element_by_css_selector('button[type="submit"]').click()
self.wait_for_page_load()
self.assertTaskCount(mocked, 1)
user = User.objects.get(username='******' % (NODE, DOMAIN))
lang = get_language().split('-', 1)[0]
site = settings.XMPP_HOSTS[settings.DEFAULT_XMPP_HOST]
self.assertTaskCall(
mocked, send_confirmation_task,
user_pk=user.pk, purpose=PURPOSE_REGISTER, to=EMAIL, hostname=site['NAME'],
base_url=self.live_server_url, language=lang, address='127.0.0.1'
)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(user.registered, NOW)
self.assertEqual(user.last_activity, NOW)
self.assertIsNone(user.confirmed)
self.assertFalse(user.created_in_backend)
self.assertFalse(user.blocked)
self.assertDisplayed('#email-confirmed.table-danger')
confirmation = Confirmation.objects.get(user=user, purpose=PURPOSE_REGISTER)
self.selenium.get('%s%s' % (self.live_server_url, confirmation.urlpath))
self.wait_for_page_load()
self.find('#id_new_password1').send_keys(PWD)
self.find('#id_new_password2').send_keys(PWD)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
# get user again
user = User.objects.get(username='******' % (NODE, DOMAIN))
self.assertEqual(user.confirmed, NOW2)
# TODO: currently not updated?
#self.assertEqual(user.last_activity, NOW2)
self.assertTrue(user.check_password(PWD))
self.assertTrue(xmpp_backend.check_password(user.node, user.domain, PWD)) # just to be sure
self.assertTrue(user.created_in_backend)
self.assertFalse(user.blocked)
self.assertDisplayed('#email-confirmed.table-success')
def form_valid(self, form):
password = form.cleaned_data['password']
request = self.request
user = request.user
# Check the password of the user again
if not xmpp_backend.check_password(user.node, user.domain, password=password):
form.add_error('password', _('The password is incorrect.'))
return self.form_invalid(form)
# Verify the confirmation key
key = get_object_or_404(self.queryset.filter(user=user), key=self.kwargs['key'])
# Log the user out, delete data
logout(request)
xmpp_backend.remove_user(user.node, user.domain)
key.delete()
user.delete()
stat(STAT_DELETE_ACCOUNT_CONFIRMED)
return HttpResponseRedirect(reverse('blog:home'))
def test_password_validation(self):
user = User.objects.create(username=JID, email=EMAIL)
addr = Address.objects.create(address='127.0.0.1')
conf = Confirmation.objects.create(user=user,
purpose=PURPOSE_REGISTER,
language='en',
address=addr,
to=EMAIL)
self.selenium.get('%s%s' % (self.live_server_url, conf.urlpath))
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertNotValidated(fg_pwd, pwd)
self.assertNotValidated(fg_pwd2, pwd2)
pwd.send_keys(PWD)
pwd2.send_keys(PWD2)
self.wait_for_valid(pwd)
self.wait_for_invalid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertInvalid(fg_pwd2, pwd2, 'password_mismatch')
# clear input - it's required though
for i in range(0, len(PWD2)):
pwd2.send_keys(Keys.BACKSPACE)
self.assertValid(fg_pwd, pwd)
self.assertInvalid(fg_pwd2, pwd2, 'required')
# test server-side validation
for i in range(0, len(PWD)):
pwd.send_keys(Keys.BACKSPACE)
pwd.send_keys('12345678')
pwd2.send_keys('12345678')
self.wait_for_valid(pwd)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_entirely_numeric',
'password_too_common')
self.assertInvalid(fg_pwd2, pwd2, 'password_entirely_numeric',
'password_too_common')
# Send JID as password, which is always "too similar"
pwd.send_keys(JID)
pwd2.send_keys(JID)
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_too_similar')
self.assertInvalid(fg_pwd2, pwd2, 'password_too_similar')
# Send very common password
pwd.send_keys(COMMON_PWD)
pwd2.send_keys(COMMON_PWD)
self.wait_for_valid(pwd)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_too_common')
self.assertInvalid(fg_pwd2, pwd2, 'password_too_common')
# send correct password
pwd.send_keys(PWD)
pwd2.send_keys(PWD)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
# get user again
user = User.objects.get(username='******' % (NODE, DOMAIN))
self.assertEqual(user.confirmed, NOW2)
# TODO: currently not updated?
#self.assertEqual(user.last_activity, NOW2)
self.assertTrue(user.created_in_backend)
self.assertTrue(user.check_password(PWD))
self.assertTrue(
xmpp_backend.check_password(user.node, user.domain,
PWD)) # just to be sure
self.assertFalse(user.blocked)
def test_password_validation(self):
user = User.objects.create(username=JID, email=EMAIL)
addr = Address.objects.create(address='127.0.0.1')
conf = Confirmation.objects.create(user=user, purpose=PURPOSE_REGISTER, language='en',
address=addr, to=EMAIL)
self.selenium.get('%s%s' % (self.live_server_url, conf.urlpath))
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertNotValidated(fg_pwd, pwd)
self.assertNotValidated(fg_pwd2, pwd2)
pwd.send_keys(PWD)
pwd2.send_keys(PWD2)
self.wait_for_valid(pwd)
self.wait_for_invalid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertInvalid(fg_pwd2, pwd2, 'password_mismatch')
# clear input - it's required though
for i in range(0, len(PWD2)):
pwd2.send_keys(Keys.BACKSPACE)
self.assertValid(fg_pwd, pwd)
self.assertInvalid(fg_pwd2, pwd2, 'required')
# test server-side validation
for i in range(0, len(PWD)):
pwd.send_keys(Keys.BACKSPACE)
pwd.send_keys('12345678')
pwd2.send_keys('12345678')
self.wait_for_valid(pwd)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_entirely_numeric', 'password_too_common')
self.assertInvalid(fg_pwd2, pwd2, 'password_entirely_numeric', 'password_too_common')
# Send JID as password, which is always "too similar"
pwd.send_keys(JID)
pwd2.send_keys(JID)
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_too_similar')
self.assertInvalid(fg_pwd2, pwd2, 'password_too_similar')
# Send very common password
pwd.send_keys(COMMON_PWD)
pwd2.send_keys(COMMON_PWD)
self.wait_for_valid(pwd)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
fg_pwd = self.find('#fg_new_password1')
pwd = fg_pwd.find_element_by_css_selector('#id_new_password1')
fg_pwd2 = self.find('#fg_new_password2')
pwd2 = fg_pwd2.find_element_by_css_selector('#id_new_password2')
self.assertInvalid(fg_pwd, pwd, 'password_too_common')
self.assertInvalid(fg_pwd2, pwd2, 'password_too_common')
# send correct password
pwd.send_keys(PWD)
pwd2.send_keys(PWD)
self.wait_for_valid(pwd2)
self.assertValid(fg_pwd, pwd)
self.assertValid(fg_pwd2, pwd2)
self.wait_for_valid_form()
with freeze_time(NOW2_STR):
self.find('button[type="submit"]').click()
self.wait_for_page_load()
# get user again
user = User.objects.get(username='******' % (NODE, DOMAIN))
self.assertEqual(user.confirmed, NOW2)
# TODO: currently not updated?
#self.assertEqual(user.last_activity, NOW2)
self.assertTrue(user.created_in_backend)
self.assertTrue(user.check_password(PWD))
self.assertTrue(xmpp_backend.check_password(user.node, user.domain, PWD)) # just to be sure
self.assertFalse(user.blocked)
