def test_allow_password_reuse(self):
"""
If the company doesn't enforce password expiration, allow dup passwords
"""
self.company.password_expiration = False
self.company.save()
self.user = User.objects.get(pk=self.user.pk)
password = '******'
self.user.set_password(password)
self.user.save()
form = ChangePasswordForm(user=self.user,
data={
'password': password,
'new_password1': password,
'new_password2': password,
})
self.assertTrue(form.is_valid())
def test_prevent_password_reuse(self):
"""
Prevent password reuse if any of the users' companies require it.
"""
self.company.password_expiration = True
self.company.save()
self.user = User.objects.get(pk=self.user.pk)
limit = settings.PASSWORD_HISTORY_ENTRIES
def password(i):
return 'password-enTry-%d' % i
for i in range(0, limit + 1):
entry = password(i)
self.user.set_password(entry)
self.user.save()
last_pw = entry
for i in range(1, limit + 1):
entry = password(i)
form = ChangePasswordForm(
user=self.user,
data={
'password': last_pw,
'new_password1': entry,
'new_password2': entry,
})
self.assertFalse(form.is_valid())
self.assertRegexpMatches(
form.errors['new_password1'][0],
r'different from the previous')
entry = password(0)
form = ChangePasswordForm(
user=self.user,
data={
'password': last_pw,
'new_password1': entry,
'new_password2': entry,
})
self.assertTrue(form.is_valid())
def test_allow_password_reuse(self):
"""
If the company doesn't enforce password expiration, allow dup passwords
"""
self.company.password_expiration = False
self.company.save()
self.user = User.objects.get(pk=self.user.pk)
password = '******'
self.user.set_password(password)
self.user.save()
form = ChangePasswordForm(
user=self.user,
data={
'password': password,
'new_password1': password,
'new_password2': password,
})
self.assertTrue(form.is_valid())
def test_password_form(self):
invalid_data = [
{ 'data': {'password': '******',
'new_password1': '7dY=Ybtk',
'new_password2': '7dY=Ybtk'},
u'errors': [['password', [u"Wrong password."]]]},
{ 'data': {'password': '******',
'new_password1': '7dY=Ybtk',
'new_password2': 'notnewpassword'},
u'errors':
[[u'new_password2', [u'The new password fields did not match.']],
[u'new_password1', [u'The new password fields did not match.']]],
},
]
for item in invalid_data:
form = ChangePasswordForm(user=self.user, data=item['data'])
self.failIf(form.is_valid())
self.assertEqual(form.errors[item[u'errors'][0][0]],
item[u'errors'][0][1])
form = ChangePasswordForm(user=self.user,data={'password': '******',
'new_password1': '7dY=Ybtk',
'new_password2': '7dY=Ybtk'})
self.failUnless(form.is_valid())
form.save()
self.failUnless(self.user.check_password('7dY=Ybtk'))
def test_password_form(self):
invalid_data = [
{
"data": {"password": "******", "new_password1": "newpassword", "new_password2": "newpassword"},
u"errors": [["password", [u"Wrong password."]]],
},
{
"data": {"password": "******", "new_password1": "newpassword", "new_password2": "notnewpassword"},
u"errors": [
[u"new_password2", [u"The new password fields did not match."]],
[u"new_password1", [u"The new password fields did not match."]],
],
},
]
for item in invalid_data:
form = ChangePasswordForm(user=self.user, data=item["data"])
self.failIf(form.is_valid())
self.assertEqual(form.errors[item[u"errors"][0][0]], item[u"errors"][0][1])
form = ChangePasswordForm(
user=self.user,
data={"password": "******", "new_password1": "anothersecret", "new_password2": "anothersecret"},
)
self.failUnless(form.is_valid())
form.save()
self.failUnless(self.user.check_password("anothersecret"))
def test_password_form(self):
invalid_data = [
{
'data': {
'password': '******',
'new_password1': 'newpassword',
'new_password2': 'newpassword'
},
u'errors': [['password', [u"Wrong password."]]]
},
{
'data': {
'password': '******',
'new_password1': 'newpassword',
'new_password2': 'notnewpassword'
},
u'errors': [[
u'new_password2',
[u'The new password fields did not match.']
],
[
u'new_password1',
[u'The new password fields did not match.']
]],
},
]
for item in invalid_data:
form = ChangePasswordForm(user=self.user, data=item['data'])
self.failIf(form.is_valid())
self.assertEqual(form.errors[item[u'errors'][0][0]],
item[u'errors'][0][1])
form = ChangePasswordForm(user=self.user,
data={
'password': '******',
'new_password1': 'anothersecret',
'new_password2': 'anothersecret'
})
self.failUnless(form.is_valid())
form.save()
self.failUnless(self.user.check_password('anothersecret'))
def test_prevent_password_reuse(self):
"""
Prevent password reuse if any of the users' companies require it.
"""
self.company.password_expiration = True
self.company.save()
self.user = User.objects.get(pk=self.user.pk)
limit = settings.PASSWORD_HISTORY_ENTRIES
def password(i):
return 'password-enTry-%d' % i
for i in range(0, limit + 1):
entry = password(i)
self.user.set_password(entry)
self.user.save()
last_pw = entry
for i in range(1, limit + 1):
entry = password(i)
form = ChangePasswordForm(user=self.user,
data={
'password': last_pw,
'new_password1': entry,
'new_password2': entry,
})
self.assertFalse(form.is_valid())
self.assertRegexpMatches(form.errors['new_password1'][0],
r'different from the previous')
entry = password(0)
form = ChangePasswordForm(user=self.user,
data={
'password': last_pw,
'new_password1': entry,
'new_password2': entry,
})
self.assertTrue(form.is_valid())
def edit_account(request):
user = request.user
obj = User.objects.get(id=user.id)
change_password = False
if user.is_verified:
communication_form = EditCommunicationForm(user=user, instance=obj)
else:
communication_form = None
password_form = ChangePasswordForm(user=user)
if request.user.password_change:
change_password = True
ctx = {
'user': user,
'communication_form': communication_form,
'password_form': password_form,
'change_password': change_password,
}
if request.method == "POST":
obj = User.objects.get(id=request.user.id)
if 'communication' in request.REQUEST:
form = EditCommunicationForm(user=request.user,
instance=obj,
data=request.POST)
if form.is_valid():
form.save()
ctx['communication_form'] = form
ctx['message_body'] = ('Communication Settings have been '
'updated successfully.')
ctx['messagetype'] = 'success'
template = '%s/edit-account.html' % settings.PROJECT
return render_to_response(template, ctx,
RequestContext(request))
else:
ctx['communication_form'] = form
template = '%s/edit-account.html' % settings.PROJECT
return render_to_response(template, ctx,
RequestContext(request))
elif 'password' in request.REQUEST:
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
request.user.password_change = False
request.user.save()
form.save()
ctx['password_form'] = form
ctx['message_body'] = ('Password Settings have been '
'updated successfully.')
ctx['messagetype'] = 'success'
template = '%s/edit-account.html' % settings.PROJECT
return render_to_response(template, ctx,
RequestContext(request))
else:
ctx['password_form'] = form
template = '%s/edit-account.html' % settings.PROJECT
return render_to_response(template, ctx,
RequestContext(request))
else:
raise Http404("myjobs.views.edit_account: request is not POST")
return render_to_response('%s/edit-account.html' % settings.PROJECT, ctx,
RequestContext(request))
