def test_valid_reset_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertTrue(u.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def test_expired_confirmation_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token(1)
time.sleep(2)
self.assertFalse(u.confirm(token))
def test_valid_reset_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertTrue(u.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def test_expired_confirmation_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token(1)
time.sleep(2)
self.assertFalse(u.confirm(token))
def test_invalid_confirmation_token(self):
u1 = User(password='******', email='*****@*****.**', name='user')
u2 = User(password='******', email='*****@*****.**', name='user')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_confirmation_token()
self.assertFalse(u2.confirm(token))
def test_invalid_reset_token(self):
u1 = User(password='******', email='*****@*****.**', name='user')
u2 = User(password='******', email='*****@*****.**', name='user')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_reset_token()
self.assertFalse(u2.reset_password(token, 'horse'))
self.assertTrue(u2.verify_password('dog'))
def _set_student_objective(self, userobjective):
student_id = userobjective.user_id
tutor_id = userobjective.assessor_id
objective_id = userobjective.objective_id
if User._is_authorised(student_id, tutor_id):
self.find_or_include(objective_id=objective_id,
student_id=student_id,
tutor_id=student_id,
by_user=User.main_admin_user(),
common_assessors=False)
def _set_common_assessors(self, userobjective):
# Set all other members from the student's institution to have the same assessment. Assessment is therefore an institution wide thing bt stored at the individual member level
student_id = userobjective.user_id
tutor_id = userobjective.assessor_id
objective_id = userobjective.objective_id
print User._common_assessors(student_id, tutor_id)
for member in User._common_assessors(student_id, tutor_id):
userobj = self.find_or_include(objective_id=objective_id,
student_id=student_id,
tutor_id=member.id,
by_user=User.main_admin_user(),
common_assessors=False)
userobj.completed = userobjective.completed
db.session.add(userobj)
db.session.commit()
def test_invalid_reset_token(self):
u1 = User(password='******', email='*****@*****.**', name='user')
u2 = User(password='******', email='*****@*****.**', name='user')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_reset_token()
self.assertFalse(u2.reset_password(token, 'horse'))
self.assertTrue(u2.verify_password('dog'))
def test_invalid_confirmation_token(self):
u1 = User(password='******', email='*****@*****.**', name='user')
u2 = User(password='******', email='*****@*****.**', name='user')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_confirmation_token()
self.assertFalse(u2.confirm(token))
def _create_fixtures(self):
# would probably be better that these are created through
# the service layer as that mimics what the users of the
# ObjectiveService would do.
from courseme.models import User, Subject, Topic
self.subject = Subject(name='Test Subject')
self.user = User(name='Test User',
email='*****@*****.**',
password='******',
subject=self.subject)
self.topic = Topic(name='Test Topic', subject=self.subject)
db.session.add(self.subject)
db.session.add(self.user)
db.session.add(self.topic)
db.session.commit()
def available_to(self, user, matching_names=None):
"""List of Objectives available to the given User
:param user: User
:param matching_names: optional list of Objective names to further
restrict availability.
TODO: matching should probably match on ID, rather than name. It's
based on the name because that's what the form that ultimately
uses this query is using, but that could be changed.
"""
q = Objective.query.filter(
and_(
Objective.subject_id == user.subject_id,
or_(
Objective.created_by_id.in_(User.admin_usersQ().options(
load_only("id"))),
Objective.created_by_id == user.id)))
if matching_names:
q = q.filter(Objective.name.in_(matching_names))
return q.all()
def test_no_password_getter(self):
u = User(password='******')
with self.assertRaises(AttributeError):
u.password
def test_password_setter(self):
u = User(password='******')
self.assertTrue(u.password_hash is not None)
def _check_user_id_or_admin(self, user_id, user):
if user_id != user.id and user != User.main_admin_user():
raise NotAuthorised
number = Topic(name="Number", time_created=datetime.utcnow(), subject=maths)
calculus = Topic(name="Calculus",
time_created=datetime.utcnow(),
subject=maths)
db.session.add(algebra)
db.session.add(geometry)
db.session.add(number)
db.session.add(calculus)
db.session.commit()
user = User(email="*****@*****.**",
password="******",
name="CourseMe",
time_registered=datetime.utcnow(),
last_seen=datetime.utcnow(),
role=ROLE_ADMIN)
db.session.add(user)
me = User(email="*****@*****.**",
password="******",
name="Dan",
forename="Dan",
blurb="I built the CourseMe website and now am fabulously rich.",
time_registered=datetime.utcnow(),
last_seen=datetime.utcnow(),
role=ROLE_ADMIN)
db.session.add(me)
user = User(email="*****@*****.**",
def test_valid_confirmation_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token()
self.assertTrue(u.confirm(token))
def _check_user_id_or_admin(self, user_id, user):
if user_id != user.id and user != User.main_admin_user():
raise NotAuthorised
def test_password_verification(self):
u = User(password='******')
self.assertTrue(u.verify_password('cat'))
self.assertFalse(u.verify_password('dog'))
role = ROLE_ADMIN)
db.session.add(me)
head = User(email="*****@*****.**",
password="******",
name="Head of School",
blurb="I have been Headmaster at High School for five years. I'm great.",
time_registered=datetime.utcnow(),
last_seen=datetime.utcnow(),
role = ROLE_USER)
db.session.add(head)
db.session.commit()
courseMe = Institution.create(
name = "CourseMe",
administrator = User.main_admin_user(),
blurb = "This is the main CourseMe institution"
)
school = Institution.create(
name = "High School",
administrator = head,
blurb = "This is a great High School. We use CourseMe for everything. We have 100 pupils and they're all doing great."
)
for i in range(1, 3):
teacher = User(email="teacher" + str(i) + "@server.fake",
password="******",
name="Mrs. Blogs " + str(i),
blurb="I have been a teacher at High School for five years. I'm great.",
time_registered=datetime.utcnow(),
def test_password_salts_are_random(self):
u = User(password='******')
u2 = User(password='******')
self.assertTrue(u.password_hash != u2.password_hash)
def test_valid_confirmation_token(self):
u = User(password='******', email='*****@*****.**', name='user')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token()
self.assertTrue(u.confirm(token))
def test_password_verification(self):
u = User(password='******')
self.assertTrue(u.verify_password('cat'))
self.assertFalse(u.verify_password('dog'))
