def test_create_user(self):
# Important - don't instantiate the mock class,
# as the session creation function in the service
# will do that for us
sample_user = User()
sample_user.username = '******'
sample_user.name = 'Test User'
sample_user.email = '*****@*****.**'
sample_user.access_level = 'External'
sample_user.first_name = "first_name"
sample_user.last_name = "last_name"
sample_user.storage_quota_in_gb = 89
self._mock_session.add = MagicMock()
self._mock_session.commit = MagicMock()
user_service = UserService(self._mock_session)
user_service.create(sample_user.username,
sample_user.first_name,
sample_user.last_name,
sample_user.email,
sample_user.access_level)
self._mock_session.add.assert_called_once_with(ANY)
self._mock_session.commit.assert_called_once_with()
def login(self,
username="******",
access_level=constants.USER_ACCESS_LEVEL_EXTERNAL,
workbench_username=None):
"""
Setup the request as if the user has already logged in as a non admin user
:param username: the username for the user to log in, stored in self.login_username, default "test"
:param access_level: the access level of the user
:param workbench_username: the workbench username for this user
:return the details for the logged in user
"""
self.login_username = username
user_service = UserService()
user = user_service.get_user_by_username(self.login_username)
if user is None:
user_service.create(
self.login_username,
'test',
'testerson',
'*****@*****.**',
access_level,
workbench_username=workbench_username)
user = user_service.get_user_by_username(self.login_username)
self.app.extra_environ['REMOTE_USER'] = str(user.username)
return user
def test_GIVEN_id_but_no_uuid_WHEN_password_THEN_page_with_error(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
response = self.app.get(
url=url(controller='home', action='password', id=user.id)
)
assert_that(response.normal_body, contains_string("Invalid Password Request"), "Correct page")
def test_GIVEN_invalid_id_and_valid_uuid_WHEN_post_password_THEN_page_with_error(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
response = self.app.post(
url=url(controller='home', action='password', id=user.id + 1),
params={'uuid': user.forgotten_password_uuid}
)
assert_that(response.normal_body, contains_string("Invalid Password Request"), "Invalid password page")
def test_GIVEN_valid_id_and_uuid_WHEN_password_THEN_page_with_no_error(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
user = user_service.get_user_by_username(username)
response = self.app.get(
url=url(controller='home', action='password', id=user.id, uuid=user.forgotten_password_uuid)
)
assert_that(response.normal_body, contains_string("Password Request"), "Correct page")
assert_that(response.normal_body, is_not(contains_string("Your new password")), "tooltip is rewriten")
assert_that(response.normal_body, contains_string('title="Username"'), "Username tooltip")
assert_that(response.normal_body, contains_string('title="New password"'), "Username tooltip")
assert_that(response.normal_body, contains_string('title="Retype your new password"'), "Username tooltip")
def test_GIVEN_valid_id_and_uuid_non_matching_password_WHEN_post_new_password_THEN_error_message(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
user = user_service.get_user_by_username(username)
new_password = '******'
response = self.app.post(
url=url(controller='home', action='password', id=user.id),
params={
'uuid': user.forgotten_password_uuid,
'password_one': new_password,
'password_two': "not new password"}
)
assert_that(response.normal_body, contains_string("passwords are not the same"))
def test_GIVEN_valid_id_and_valid_uuid_which_has_expired_WHEN_password_THEN_reset_forgotten_password(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
user.forgotten_password_expiry_date = datetime.datetime.now() - datetime.timedelta(minutes=1)
session.add(user)
original_uuid = user.forgotten_password_uuid
response = self.app.get(
url=url(controller='home', action='password', id=user.id, uuid=original_uuid)
)
assert_that(response.normal_body, contains_string("Expired Password Request"), "Expired password page")
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_not(original_uuid), "uuid reset")
def test_GIVEN_valid_id_and_uuid_WHEN_post_new_password_THEN_login_page_with_message(self):
user_service = UserService()
username = "******"
user_service.create(username, "test", "test", "email", constants.USER_ACCESS_LEVEL_EXTERNAL)
user = user_service.get_user_by_username(username)
user_service.set_forgot_password(user.id)
user = user_service.get_user_by_username(username)
new_password = '******'
response = self.app.post(
url=url(controller='home', action='password', id=user.id),
params={
'uuid': user.forgotten_password_uuid,
'password_one': new_password,
'password_two': new_password}
)
assert_that(response.status_code, is_(302), "Response is redirect")
assert_that(urlparse(response.response.location).path, is_(url(controller='account', action='login')), "url")
with session_scope() as session:
user = user_service.get_user_by_id(user.id)
assert_that(user.forgotten_password_uuid, is_(None), "uuid blanked")