async def logged_user(client): # , role: UserRole):
"""adds a user in db and logs in with client
NOTE: role fixture is defined as a parametrization below
"""
role = UserRole.USER # TODO: parameterize roles
async with LoggedUser(
client, {"role": role.name},
check_if_succeeds=role != UserRole.ANONYMOUS) as user:
yield user
await delete_all_projects(client.app)
async def logged_user(client, user_role: UserRole) -> AsyncIterator[AUserDict]:
"""adds a user in db and logs in with client
NOTE: `user_role` fixture is defined as a parametrization below!!!
"""
async with LoggedUser(
client,
{"role": user_role.name},
check_if_succeeds=user_role != UserRole.ANONYMOUS,
) as user:
print("-----> logged in user", user["name"], user_role)
yield user
print("<----- logged out user", user["name"], user_role)
async def test_change_to_existing_email(client):
url = client.app.router["auth_change_email"].url_for()
async with LoggedUser(client) as user:
async with NewUser() as other:
rsp = await client.post(
url,
json={
"email": other["email"],
},
)
await assert_status(rsp, web.HTTPUnprocessableEntity,
"This email cannot be used")
async def test_change_and_confirm(client, capsys):
cfg = client.app[APP_LOGIN_CONFIG]
url = client.app.router["auth_change_email"].url_for()
index_url = client.app.router[INDEX_RESOURCE_NAME].url_for()
login_url = client.app.router["auth_login"].url_for()
logout_url = client.app.router["auth_logout"].url_for()
assert index_url.path == URL(cfg.LOGIN_REDIRECT).path
async with LoggedUser(client) as user:
# request change email
rsp = await client.post(
url,
json={
"email": NEW_EMAIL,
},
)
assert rsp.url_obj.path == url.path
await assert_status(rsp, web.HTTPOk, cfg.MSG_CHANGE_EMAIL_REQUESTED)
# email sent
out, err = capsys.readouterr()
link = parse_link(out)
# try new email but logout first
rsp = await client.post(logout_url)
assert rsp.url_obj.path == logout_url.path
await assert_status(rsp, web.HTTPOk, cfg.MSG_LOGGED_OUT)
# click email's link
rsp = await client.get(link)
txt = await rsp.text()
assert rsp.url_obj.path == index_url.path
assert (
"This is a result of disable_static_webserver fixture for product OSPARC"
in txt
)
rsp = await client.post(
login_url,
json={
"email": NEW_EMAIL,
"password": user["raw_password"],
},
)
payload = await rsp.json()
assert rsp.url_obj.path == login_url.path
await assert_status(rsp, web.HTTPOk, cfg.MSG_LOGGED_IN)
async def test_wrong_confirm_pass(client: TestClient, cfg: LoginOptions):
url = client.app.router["auth_change_password"].url_for()
async with LoggedUser(client) as user:
rsp = await client.post(
f"{url}",
json={
"current": user["raw_password"],
"new": NEW_PASSWORD,
"confirm": NEW_PASSWORD.upper(),
},
)
assert rsp.url_obj.path == url.path
assert rsp.status == 409
await assert_status(rsp, web.HTTPConflict, cfg.MSG_PASSWORD_MISMATCH)
async def test_wrong_current_password(client: TestClient, cfg: LoginOptions):
url = client.app.router["auth_change_password"].url_for()
async with LoggedUser(client):
rsp = await client.post(
f"{url}",
json={
"current": "wrongpassword",
"new": NEW_PASSWORD,
"confirm": NEW_PASSWORD,
},
)
assert rsp.url_obj.path == url.path
assert rsp.status == 422
assert cfg.MSG_WRONG_PASSWORD in await rsp.text()
await assert_status(rsp, web.HTTPUnprocessableEntity, cfg.MSG_WRONG_PASSWORD)
async def test_logout(client: TestClient, db: AsyncpgStorage):
logout_url = client.app.router["auth_logout"].url_for()
protected_url = client.app.router["auth_change_email"].url_for()
async with LoggedUser(client) as user:
# try to access protected page
r = await client.post(protected_url, json={"email": user["email"]})
assert r.url_obj.path == protected_url.path
await assert_status(r, web.HTTPOk)
# logout
r = await client.post(logout_url)
assert r.url_obj.path == logout_url.path
await assert_status(r, web.HTTPOk)
# and try again
r = await client.post(protected_url)
assert r.url_obj.path == protected_url.path
await assert_status(r, web.HTTPUnauthorized)
await db.delete_user(user)
async def test_success(client: TestClient, cfg: LoginOptions):
url_change_password = client.app.router["auth_change_password"].url_for()
url_login = client.app.router["auth_login"].url_for()
url_logout = client.app.router["auth_logout"].url_for()
async with LoggedUser(client) as user:
# change password
rsp = await client.post(
f"{url_change_password}",
json={
"current": user["raw_password"],
"new": NEW_PASSWORD,
"confirm": NEW_PASSWORD,
},
)
assert rsp.url_obj.path == url_change_password.path
assert rsp.status == 200
assert cfg.MSG_PASSWORD_CHANGED in await rsp.text()
await assert_status(rsp, web.HTTPOk, cfg.MSG_PASSWORD_CHANGED)
# logout
rsp = await client.post(f"{url_logout}")
assert rsp.status == 200
assert rsp.url_obj.path == url_logout.path
# login with new password
rsp = await client.post(
f"{url_login}",
json={
"email": user["email"],
"password": NEW_PASSWORD,
},
)
assert rsp.status == 200
assert rsp.url_obj.path == url_login.path
await assert_status(rsp, web.HTTPOk, cfg.MSG_LOGGED_IN)
