def setUp(self): from pyramid_bimt.views import DatatablesDataView from pyramid_bimt.models import AuditLogEntry from pyramid_bimt.models import User self.config = testing.setUp() initTestingDB(auditlog_types=True, users=True, groups=True) self.request = testing.DummyRequest(user=User.by_email('*****@*****.**')) self.view = DatatablesDataView(self.request) self.view.model = mock.Mock() self.view.columns = OrderedDict() self.view.columns['foo'] = None self.view.columns['bar'] = None Session.add( AuditLogEntry(user=User.by_email('*****@*****.**'), comment=u'föo')) Session.add( AuditLogEntry(user=User.by_email('*****@*****.**'), comment=u'bar')) Session.flush() class DummyDatatablesAJAXView(DatatablesDataView): model = AuditLogEntry columns = OrderedDict() columns['id'] = None columns['comment'] = None def populate_columns(self, entry): self.columns['id'] = entry.id self.columns['comment'] = entry.comment self.columns['DT_RowClass'] = 'info' self.datatable_view = DummyDatatablesAJAXView
def test_addon_group(self): User.by_email('*****@*****.**').groups = [ _make_group(name='foo', product_id='foo'), _make_group(name='bar', product_id='bar', addon=True), ] self.assertEqual( User.by_email('*****@*****.**').product_group.name, 'foo')
def test_multiple_product_groups(self): product_group_foo = _make_group(name='foo', product_id='foo') product_group_bar = _make_group(name='bar', product_id='bar') product_group_foo.users.append(User.by_email('*****@*****.**')) product_group_bar.users.append(User.by_email('*****@*****.**')) from sqlalchemy.orm.exc import MultipleResultsFound with self.assertRaises(MultipleResultsFound): User.by_email('*****@*****.**').product_group
def setUp(self): self.config = testing.setUp() add_routes_user(self.config) initTestingDB(users=True, groups=True, auditlog_types=True) from pyramid_bimt.views.user import UserView self.context = User.by_email('*****@*****.**') self.request = testing.DummyRequest( layout_manager=mock.Mock(), user=User.by_email('*****@*****.**')) self.view = UserView(self.context, self.request)
def test_admin_mark_only_own_entries_as_unread(self): self.request.user = User.by_email('*****@*****.**') AuditLogEntry.by_id(2).user = User.by_email('*****@*****.**') AuditLogEntry.by_id(2).read = False self._make_view() self.assertEqual(AuditLogEntry.by_id(2).read, True) AuditLogEntry.by_id(2).user = User.by_email('*****@*****.**') AuditLogEntry.by_id(2).read = False self._make_view() self.assertEqual(AuditLogEntry.by_id(2).read, False)
def test_union(self): add_groups() add_users() mailing = _make_mailing( name='foo', groups=[Group.by_name('admins'), Group.by_name('staff')], ) self.request.context = mailing self.assertItemsEqual( self.view.recipients, [User.by_email('*****@*****.**'), User.by_email('*****@*****.**')], )
def test_loginas_view_submit_disabled_user(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import LoginAs context = User.by_email('*****@*****.**') request = testing.DummyRequest( layout_manager=mock.Mock(), session=mock.Mock(), ) form_values = {'email': '*****@*****.**'} request.user = context view = LoginAs(request) User.by_email('*****@*****.**').disable() self.assertIsNone(view.login_as_success(form_values)) request.session.flash.assert_called_once_with( u'User "*****@*****.**" is disabled.', 'error')
def login_as_success(self, appstruct): email = appstruct['email'].lower() user = User.by_email(email) if user is None: self.request.session.flash(u'User with that email does not exist.', 'error') elif not user.enabled: self.request.session.flash( u'User "{}" is disabled.'.format(user.email), 'error') elif user.admin and not self.request.user.admin: self.request.session.flash( u'You do not have permission to login as admin user.', 'error') elif user.staff and not self.request.user.staff: self.request.session.flash( u'You do not have permission to login as staff user.', 'error') else: headers = remember(self.request, user.email) self.request.session.flash( u'You have successfully logged in as user "{}".'.format( user.email)) self.request.registry.notify( UserLoggedInAs(self.request, self.request.user, comment=u'Logged in as "{}".'.format( user.email))) return HTTPFound(location=self.request.host_url, headers=headers)
def test_groups_choices_non_admin(self): self.request.user = User.by_email('*****@*****.**') self.view = UserAdd(self.request) choices = [ group for id_, group in self.view.schema['groups'].widget.values ] self.assertFalse('enabled' in choices) self.assertFalse('admins' in choices)
def setUp(self): from pyramid_bimt.testing import initTestingDB from pyramid_bimt.models import User self.config = testing.setUp() initTestingDB(groups=True, users=True) self.request = testing.DummyRequest(user=User.by_email('*****@*****.**'))
def add_demo_auditlog_entries(): """Add a dummy audit-log entry.""" with transaction.manager: read = AuditLogEntry( user=User.by_email('*****@*****.**'), event_type_id=AuditLogEventType.by_name(u'UserChangedPassword').id, comment=u'read entry', read=True, ) Session.add(read) unread = AuditLogEntry( user=User.by_email('*****@*****.**'), event_type_id=AuditLogEventType.by_name(u'UserChangedPassword').id, comment=u'unread entry', read=False, ) Session.add(unread)
def test_loginas_view(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import LoginAs context = User.by_email('*****@*****.**') request = testing.DummyRequest(layout_manager=mock.Mock()) request.user = context resp = LoginAs(request)() self.assertEqual(resp['title'], 'Login as user') self.assertIn('Login as user', resp['form'])
def ipn(self): """The main IPN handler, called by the IPN service.""" # skip over to-be-ignored products if self.params.product_id in self.request.registry.settings.get( 'bimt.products_to_ignore', '').split(','): logger.info('The product is listed on the ignore list: {}'.format( self.params.product_id)) return 'Done.' # try to find an existing user with given email user = User.by_email(self.params.email) if not user: user = User.by_billing_email(self.params.email) # create a new user if no existing user found if not user: password = generate() user = User( email=self.params.email, billing_email=self.params.email, password=encrypt(password), fullname=u'{}'.format(self.params.fullname), affiliate=u'{}'.format(self.params.get('affiliate', '')), ) Session.add(user) comment = COMMENT.format( u'Created', self.provider, self.params.trans_id, self.params.trans_type, '', ) logger.info(comment) self.request.registry.notify( UserCreated(self.request, user, password, comment)) # find a group that is used for given product group = Group.by_product_id(self.params.product_id) if not group: raise ValueError('Cannot find group with product_id "{}"'.format( self.params.product_id)) # perform IPN transaction actions self.ipn_transaction(user, group) # send request with same parameters to the URL specified on group if group.forward_ipn_to_url: requests.post( group.forward_ipn_to_url, params=self.request.POST, ) logger.info('IPN re-posted to {}.'.format( group.forward_ipn_to_url)) logger.info('IPN done.') return 'Done.'
def test_disable_expired_member(self, mocked_date): mocked_date.today.return_value = date(2013, 12, 30) user = User.by_email('*****@*****.**') user.valid_to = date(2013, 12, 29) transaction.commit() expire_subscriptions() user = User.by_email('*****@*****.**') self.assertFalse(user.enabled) self.assertEqual(len(user.audit_log_entries), 1) self.assertEqual(user.audit_log_entries[0].event_type.name, u'UserDisabled') self.assertEqual( user.audit_log_entries[0].comment, u'Disabled user [email protected] (1) because its ' u'valid_to (2013-12-29) has expired.', )
def setUp(self): self.config = testing.setUp() add_routes_user(self.config) initTestingDB(groups=True, auditlog_types=True, users=True) self.request = testing.DummyRequest( user=User.by_email('*****@*****.**'), registry=mock.Mock()) self.request.registry.notify = mock.Mock() self.view = UserAdd(self.request)
def test_logout_view(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import logout context = User.by_email('*****@*****.**') request = testing.DummyRequest(layout_manager=mock.Mock()) request.user = context self.assertEqual( logout(context, request).location, request.params.get('came_from', request.application_url))
def test_view_csrf_token(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import LoginAs context = User.by_email('*****@*****.**') request = testing.DummyRequest(layout_manager=mock.Mock()) request.user = context view = LoginAs(request) csrf_token_field = view.schema.get('csrf_token') self.assertIsNotNone(csrf_token_field) self.assertEqual(csrf_token_field.title, 'Csrf Token')
def test_context_billing_email_allowed_for_billing_email(self): from pyramid_bimt.views.user import deferred_user_billing_email_validator # noqa schema = SQLAlchemySchemaNode(User) self.request.context = User.by_email('*****@*****.**') self.request.POST['email'] = '*****@*****.**' validator = deferred_user_billing_email_validator( None, {'request': self.request}) self.assertFalse(validator(schema.get('email'), '*****@*****.**'))
def test_disable_expired_addon(self, mocked_date): mocked_date.today.return_value = date(2013, 12, 30) user = User.by_email('*****@*****.**') user.valid_to = date(2013, 12, 31) user.set_property('addon_1_valid_to', date(2013, 12, 29)) user.groups.append(Group(name='foo', product_id=1)) transaction.commit() expire_subscriptions() user = User.by_email('*****@*****.**') self.assertTrue(user.enabled) self.assertEqual([g.name for g in user.groups], ['admins', 'enabled']) self.assertEqual(len(user.audit_log_entries), 1) self.assertEqual(user.audit_log_entries[0].event_type.name, u'UserDisabled') self.assertEqual( user.audit_log_entries[0].comment, u'Addon "foo" disabled for user [email protected] (1) because its ' u'valid_to (2013-12-29) has expired.', )
def test_loginas_view_submit_success(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import LoginAs context = User.by_email('*****@*****.**') request = testing.DummyRequest( layout_manager=mock.Mock(), session=mock.Mock(), ) form_values = {'email': '*****@*****.**'} request.user = context view = LoginAs(request) resp = view.login_as_success(form_values) self.assertEqual(resp.location, 'http://example.com') request.session.flash.assert_called_once_with( u'You have successfully logged in as user "*****@*****.**".')
def test_loginas_view_submit_user_as_staff_member(self): from pyramid_bimt.models import User from pyramid_bimt.views.auth import LoginAs context = User.by_email('*****@*****.**') self.config.testing_securitypolicy(userid='*****@*****.**', permissive=False) request = testing.DummyRequest( layout_manager=mock.Mock(), session=mock.Mock(), ) form_values = {'email': '*****@*****.**'} request.user = context view = LoginAs(request) self.assertIsNone(view.login_as_success(form_values)) request.session.flash.assert_called_once_with( u'You do not have permission to login as staff user.', 'error')
def login_success(self, appstruct): came_from = self.request.params.get('came_from', self.request.application_url) email = appstruct.get('email', '').lower() password = appstruct.get('password') user = User.by_email(email) if (password is not None and user is not None and verify(password, user.password)): headers = remember(self.request, user.email) self.request.registry.notify( UserLoggedIn(self.request, user, comment=self.user_agent_info()) # noqa ) return HTTPFound(location=came_from, headers=headers) self.request.session.flash(u'Login failed.', 'error')
def reset_password_success(self, appstruct): email = appstruct['email'].lower() user = User.by_email(email) if user is not None: # change user's password and fire event password = generate() user.password = encrypt(password) self.request.registry.notify( UserChangedPassword(self.request, user, password)) self.request.session.flash( u'A new password was sent to your email.') return HTTPFound(location=self.request.route_path('login')) self.request.session.flash( u'Password reset failed. Make sure you ' 'have correctly entered your email address.', 'error')
def test_create_new_user(self): post = { 'ccustname': 'John Smith', 'ccustemail': '*****@*****.**', 'ctransaction': 'SALE', 'ctransaffiliate': '*****@*****.**', 'ctransreceipt': 123, 'cproditem': 1, 'cverify': 'F718EC5F', } resp = self.testapp.post('/jvzoo/', params=post, status=200) self.assertEqual('Done.', resp.text) user = User.by_email('*****@*****.**') self.assertEqual(user.fullname, 'John Smith') self.assertEqual(user.affiliate, '*****@*****.**') self.assertEqual(user.trial, True) self.assertEqual(user.valid_to, date.today() + timedelta(days=7)) self.assertEqual(user.last_payment, date.today()) self.assertTrue(user.enabled) self.assertEqual(len(user.audit_log_entries), 2) self.assertEqual( user.audit_log_entries[0].event_type.name, u'UserCreated') self.assertEqual( user.audit_log_entries[0].comment, u'Created by jvzoo, transaction id: 123, type: SALE, note: ', ) self.assertEqual( user.audit_log_entries[1].event_type.name, u'UserEnabled') self.assertEqual( user.audit_log_entries[1].comment, u'Enabled by jvzoo, transaction id: 123, type: SALE, note: trial until {}'.format( # noqa date.today() + timedelta(days=7)), ) self.assertEqual(len(self.mailer.outbox), 1) self.assertEqual(self.mailer.outbox[0].subject, u'Welcome to BIMT!') self.assertIn(u'Hello John Smith', self.mailer.outbox[0].html) # noqa self.assertIn(u'here are your login details for the membership area', self.mailer.outbox[0].html) # noqa self.assertIn(u'u: [email protected]', self.mailer.outbox[0].html) # noqa self.assertIn(u'p: ', self.mailer.outbox[0].html) # noqa self.assertIn(u'Best wishes', self.mailer.outbox[0].html) # noqa self.assertIn(u'<a href="http://blog.bigimtoolbox.com/">visit our blog</a>', self.mailer.outbox[0].html) # noqa
def test_test_success_non_unicode(self): add_users() self.request.user = User.by_email('*****@*****.**') self.request.context = _make_mailing( id=1, name='foo', groups=None, exclude_groups=None, trigger=MailingTriggers.never.name, days=0, subject='Subject', body='Body', ) with self.assertRaises(AssertionError) as cm: self.view.test_success(self.APPSTRUCT) self.assertEqual( cm.exception.message, 'Mail body type must be unicode, not <type \'str\'>!')
def test_test_success(self): add_users() self.request.user = User.by_email('*****@*****.**') self.request.context = Mailing.by_name('welcome_email') result = self.view.test_success(self.APPSTRUCT) self.assertIsInstance(result, HTTPFound) self.assertEqual(result.location, '/mailing/4/edit/') self.assertEqual( self.request.session.pop_flash(), [u'Mailing "welcome_email" sent to "*****@*****.**".'], ) mailer = get_mailer(self.request) self.assertEqual(len(mailer.outbox), 1) self.assertEqual(mailer.outbox[0].subject, u'[Mailing Test] Über Welcome!') self.assertIn('This mailing would be sent to:', mailer.outbox[0].html) self.assertIn('*****@*****.**', mailer.outbox[0].html)
def test_not_in_unsubscribed(self, get_current_request): get_current_request.return_value = self.request add_routes_user(self.config) self.request.user = User.by_email('*****@*****.**') self.request.context = _make_mailing( id=123, name='excluded', groups=[Group.by_name('admins'), Group.by_name('enabled')], exclude_groups=[], body=u'Body', subject=u'Subject') mailer = get_mailer(self.request) self.request.context.send(self.request.user) self.assertEqual(len(mailer.outbox), 1) self.assertEqual(mailer.outbox[0].subject, u'Subject') self.assertNotIn('Unsubscribe from our Newsletter', mailer.outbox[0].html) # noqa
def test_new_user_no_trial(self, mocked_date): Group.by_name('monthly').trial_validity = None mocked_date.today.return_value = date(2013, 12, 30) view = IPNView(testing.DummyRequest()) view.provider = 'clickbank' view.params = AttrDict({ 'email': '*****@*****.**', 'fullname': u'Föo Bar', 'trans_type': 'SALE', 'trans_id': 123, 'product_id': 1, 'affiliate': '*****@*****.**', }) resp = view.ipn() self.assertEqual(resp, 'Done.') user = User.by_email('*****@*****.**') self.assertEqual(user.enabled, True) self.assertEqual(user.trial, False) self.assertEqual(user.affiliate, '*****@*****.**') self.assertEqual(user.valid_to, date(2014, 1, 30)) self.assertEqual(user.last_payment, date(2013, 12, 30)) self.assertEqual(len(user.audit_log_entries), 2) self.assertEqual( user.audit_log_entries[0].event_type.name, u'UserCreated') self.assertEqual( user.audit_log_entries[0].comment, u'Created by clickbank, transaction id: 123, type: SALE, note: ', ) self.assertEqual( user.audit_log_entries[1].event_type.name, u'UserEnabled') self.assertEqual( user.audit_log_entries[1].comment, u'Enabled by clickbank, transaction id: 123, type: SALE, note: ' u'regular until 2014-01-30', )
def test_loginas_view_submit_success_as_user(self): from pyramid_bimt.models import User from pyramid_bimt.models import Group from pyramid_bimt.views.auth import LoginAs Session.add( User(email='*****@*****.**', groups=[ Group.by_name('enabled'), ])) context = User.by_email('*****@*****.**') context.groups.append(Group.by_name('impersonators')) request = testing.DummyRequest( layout_manager=mock.Mock(), session=mock.Mock(), ) form_values = {'email': '*****@*****.**'} request.user = context view = LoginAs(request) resp = view.login_as_success(form_values) self.assertEqual(resp.location, 'http://example.com') request.session.flash.assert_called_once_with( u'You have successfully logged in as user "*****@*****.**".')
def test_appstruct_full_context(self): from pyramid_bimt.tests.test_group_model import _make_group self.request.context = _make_group( name='foo', product_id=13, validity=31, trial_validity=7, addon=True, forward_ipn_to_url='http://example.com') self.request.context.set_property('foo', u'bar') self.request.context.users = [ User.by_email('*****@*****.**'), ] self.request.context.upgrade_groups = [ _make_group(name='group2'), ] self.assertEqual( self.view(self.request).appstruct(), { 'name': 'foo', 'product_id': 13, 'validity': 31, 'trial_validity': 7, 'addon': True, 'forward_ipn_to_url': 'http://example.com', 'users': [ '3', ], 'upgrade_groups': [ '8', ], 'properties': [ { 'key': u'foo', 'value': u'bar' }, ], })