def test_password_reset_no_new_password(test_project, waf, create_users): """Test changing password via post.""" change_form_data = { 'username': '******', } selector, verifier = users._generate_split_token() token = '{0}{1}'.format(selector.decode('utf-8'), verifier.decode('utf-8')) with get_engine().connect() as con: query = sa.select('*').select_from(user) row = con.execute(query).fetchone() change_form_data['username'] = row.username stmt = user_password_reset.insert().values( user_id=row.id, selector=str(selector), verifier=hashlib.sha256(verifier).hexdigest(), expires=get_utc(datetime.datetime.now() + datetime.timedelta(hours=3)), ) con.execute(stmt) encoded_user_id = users.encode_user_id(row.id) request, response = testing.simulate_request(waf) middleware = testing.injected_session_start(waf, request) request, response = waf.server.test_client.post( f'/auth/password_reset/{encoded_user_id}/{token}/', json=change_form_data, headers=testing.csrf_headers()) testing.injected_session_end(waf, middleware) assert response.status == 401
def create_users(): """Create test users.""" engine = get_engine('default') users.create_user_sync(engine, username='******', password='******') users.create_user_sync(engine, username='******', password='******')
def handle(self, **options): engine = get_engine() with engine.connect() as con: stmt = question.insert().values( question_text='What?', pub_date=datetime.datetime.now()) con.execute(stmt)
def test_create_user_sync(test_project, waf): """Test creating a user from engine.""" engine = get_engine('default') users.create_user_sync(engine, username='******', password='******') with engine.connect() as con: query = sa.select('*').select_from( tables.user).where(tables.user.c.username == 'test2') row = [r for r in con.execute(query)][0] assert users.check_password('pass2', row.password)
def create_admin_test_data_user(name, password='******'): """Create test users.""" engine = get_engine('default') users.create_user_sync(engine, username=name, password=password) with engine.connect() as con: query = sa.select('*').select_from(tables.user).where(tables.user.c.username==name) results = con.execute(query) user_row = results.fetchone() return user_row.id, user_row.username, password
def admin_login_user(): engine = get_engine('default') username='******' password='******' users.create_user_sync(engine, username=username, password=password, is_staff=True, is_superuser=True) with engine.connect() as con: query = sa.select('*').select_from(tables.user).where(tables.user.c.username==username) results = con.execute(query) user_row = results.fetchone() return user_row.id, user_row.username, password
def handle(self, **options): """Create test databases for all db connections.""" # Create test db for key in settings.DATABASES: test_db = settings.DATABASES[key] test_db['database'] = 'test_' + test_db['database'] engine = get_engine(key) if not database_exists(engine.url): create_database(engine.url) create_tables(settings.INSTALLED_APPS, warn=False) pytest.main(options['unknown'])
def handle(self, **options): print('Create a super user') waf = Jawaf(settings.PROJECT_NAME) username = input('Username: '******'Email Address: ') engine = get_engine() password = None while(password == None): password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if not self._validate_password(password, password2): password = None create_user_from_engine(engine, username=username, password=password, email=email)
def test_data_patch(test_project, waf, admin_login_user): """Test posting a new user""" user_id, username, password = create_admin_test_data_user('admin_test_put') form_data = { 'id': user_id, 'username': '******', 'password': '******', } request, response = testing.simulate_login(waf, 'admin_api_test', 'admin_api_pass') middleware = testing.injected_session_start(waf, request) form_data[settings.CSRF_FIELD_NAME] = request['session']['csrf_token'] c_headers = testing.csrf_headers() c_headers.pop(settings.CSRF_HEADER_NAME) request, response = waf.server.test_client.patch('/admin/user/', json=form_data, headers=c_headers) testing.injected_session_end(waf, middleware) assert response.status == 200 with get_engine('default').connect() as con: query = sa.select('*').select_from(tables.user).where(tables.user.c.id==user_id) row = con.execute(query) assert(row.fetchone().username == 'new')
def create_groups(): """Create test users.""" engine = get_engine('default') users.create_user_sync(engine, username='******', password='******') users.create_user_sync(engine, username='******', password='******') group_id = permissions.create_group_sync(engine, name='AdminEditors', permission_pairs=({ 'name': 'get', 'target': 'test_app' }, )) with engine.connect() as con: query = sa.select('*').select_from(tables.user).where( tables.user.c.username == 'permission_test_admin') user_row = [r for r in con.execute(query)][0] permissions.add_user_to_group_sync(engine, user_row.id, group_id)
def test_password_reset(test_project, waf, create_users): """Test changing password via post.""" change_form_data = { 'username': '******', 'new_password': '******', } selector, verifier = users._generate_split_token() token = '%s%s' % (selector.decode('utf-8'), verifier.decode('utf-8')) with get_engine().connect() as con: stmt = user_password_reset.insert().values( user_id=1, selector=str(selector), verifier=hashlib.sha256(verifier).hexdigest(), expires=get_utc(datetime.datetime.now() + datetime.timedelta(hours=3)), ) con.execute(stmt) encoded_user_id = users.encode_user_id(1) request, response = waf.server.test_client.post( '/auth/password_reset/%s/%s/' % (encoded_user_id, token), data=change_form_data) assert response.status == 200