def test_handle_submit_key_expired(self):
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template('templates/reset_failed.pt')
request = self.request
request.params['key'] = '0' * 40
self._setupUsers()
context = self.context
context['profiles'] = testing.DummyModel()
profile = context['profiles']['me'] = testing.DummyModel()
profile.password_reset_key = '0' * 40
controller = self._makeOne(context, request)
converted = {'login': '******'}
# first w/ no profile reset time
response = controller.handle_submit(converted)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset Confirmation Key Expired')
# now w/ expired key
renderer = config.testing_add_template('templates/reset_failed.pt')
from karl.views.resetpassword import max_reset_timedelta
import datetime
keytime = datetime.datetime.now() - max_reset_timedelta
profile.password_reset_time = keytime
response = controller.handle_submit(converted)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset Confirmation Key Expired')
def test_handle_submit_wrong_key(self):
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template('templates/reset_failed.pt')
request = self.request
request.params['key'] = '0' * 40
self._setupUsers()
context = self.context
context['profiles'] = testing.DummyModel()
context['profiles']['me'] = testing.DummyModel()
controller = self._makeOne(context, request)
converted = {'login': '******'}
# first w/ no profile reset key
response = controller.handle_submit(converted)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset Confirmation Problem')
# now w/ wrong profile reset key
renderer = config.testing_add_template('templates/reset_failed.pt')
context['profiles']['me'].password_reset_key = '1' * 40
response = controller.handle_submit(converted)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset Confirmation Problem')
def test___call__bad_key(self):
# register dummy renderer for the email template
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template('templates/reset_failed.pt')
request = self.request
# no key
controller = self._makeOne(self.context, request)
response = controller()
from webob.response import Response
self.assertEqual(response.__class__, Response)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset URL Problem')
# reset renderer.api value so we know the test is useful
renderer = config.testing_add_template('templates/reset_failed.pt')
# key of wrong length
request.params['key'] = 'foofoofoo'
controller = self._makeOne(self.context, request)
response = controller()
from webob.response import Response
self.assertEqual(response.__class__, Response)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset URL Problem')
def test_handle_submit_utf8_password(self):
password = u'password\xe1'
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template('templates/reset_complete.pt')
request = self.request
request.params['key'] = '0' * 40
self._setupUsers()
context = self.context
context['profiles'] = testing.DummyModel()
profile = context['profiles']['me'] = testing.DummyModel()
profile.password_reset_key = '0' * 40
controller = self._makeOne(context, request)
converted = {'login': '******', 'password': password}
import datetime
keytime = datetime.datetime.now()
profile.password_reset_time = keytime
response = controller.handle_submit(converted)
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset Complete')
renderer.assert_(login='******', password=password)
self.failUnless(profile.password_reset_key is None)
self.failUnless(profile.password_reset_time is None)
user = self.context.users.get(login='******')
from repoze.who.plugins.zodb.users import get_sha_password
self.assertEqual(user['password'], get_sha_password(password.encode('utf8')))
def test_handle_submit_bad_key(self):
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template('templates/reset_failed.pt')
request = self.request
request.params['key'] = 'foofoofoo'
controller = self._makeOne(self.context, request)
response = controller.handle_submit({})
self.failUnless(hasattr(renderer, 'api'))
self.assertEqual(renderer.api.page_title,
'Password Reset URL Problem')
def test_handle_submit(self):
context = self.context
request = self.request
# fake the mailer
from repoze.sendmail.interfaces import IMailDelivery
from karl.testing import DummyMailer
mailer = DummyMailer()
testing.registerUtility(mailer, IMailDelivery)
# fake catalog search
from karl.models.interfaces import ICatalogSearch
from zope.interface import Interface
testing.registerAdapter(
DummyProfileSearch, (Interface,), ICatalogSearch)
# fake a staff user
from karl.testing import DummyUsers
context.users = DummyUsers()
context.users.add('me', 'me', 'password', ['group.KarlStaff'])
# register dummy renderer for email template
reg = get_current_registry()
config = Configurator(reg)
renderer = config.testing_add_template(
'templates/email_reset_password.pt')
# test w/ staff user
controller = self._makeOne(context, request)
converted = {'email': '*****@*****.**'}
response = controller.handle_submit(converted)
self.failIf(len(mailer))
self.assertEqual(response.location,
'http://login.example.com/resetpassword?email=me%40example.com'
'&came_from=http%3A%2F%2Fexample.com%2Flogin.html')
# register dummy profile search
profile_search = DummyProfileSearch(context)
def search_adapter(context):
return profile_search
testing.registerAdapter(search_adapter, (Interface,), ICatalogSearch)
# convert to non-staff user and test again, email should
# go out this time
context.users._by_id['me']['groups'] = []
response = controller.handle_submit(converted)
self.assertEqual(response.location,
'http://example.com/reset_sent.html?email=me%40example.com')
profile = profile_search.profile
self.failUnless(profile.password_reset_key)
self.failUnless(profile.password_reset_time)
self.assertEqual(len(mailer), 1)
msg = mailer.pop()
self.assertEqual(len(msg.mto), 1)
self.assertEqual(msg.mto[0], '*****@*****.**')
self.assertEqual(dict(msg.msg._headers)['Subject'],
'karl3test Password Reset Request')
renderer.assert_(login='******', system_name='karl3test')
self.failUnless(hasattr(renderer, 'reset_url'))
self.failUnless(renderer.reset_url.startswith(
'http://example.com/reset_confirm.html?key='), renderer.reset_url)
