def setUp(self): super(TestConfirmingEmail, self).setUp() self.user = UnconfirmedUserFactory() self.confirmation_url = self.user.get_confirmation_url( self.user.username, external=False, ) self.confirmation_token = self.user.get_confirmation_token( self.user.username)
def test_get_user_confirmation_link_with_expired_token(self): user = UnconfirmedUserFactory() request = RequestFactory().get('/fake_path') view = views.GetUserConfirmationLink() view = setup_view(view, request, guid=user._id) old_user_token = user.email_verifications.keys()[0] user.email_verifications[old_user_token]['expiration'] = datetime.utcnow().replace(tzinfo=pytz.utc) - timedelta(hours=24) user.save() link = view.get_link(user) new_user_token = user.email_verifications.keys()[0] link_path = str(furl.furl(link).path) ideal_link_path = '/confirm/{}/{}/'.format(user._id, new_user_token) nt.assert_equal(link_path, ideal_link_path)
def test__initiate_retraction_does_not_create_tokens_for_unregistered_admin(self): unconfirmed_user = UnconfirmedUserFactory() Contributor.objects.create(node=self.registration, user=unconfirmed_user) self.registration.add_permission(unconfirmed_user, permissions.ADMIN, save=True) assert_equal(Contributor.objects.get(node=self.registration, user=unconfirmed_user).permission, permissions.ADMIN) retraction = self.registration._initiate_retraction(self.user) assert_true(self.user._id in retraction.approval_state) assert_false(unconfirmed_user._id in retraction.approval_state)
def setUp(self): super(TestConfirmingEmail, self).setUp() self.user = UnconfirmedUserFactory() self.confirmation_url = self.user.get_confirmation_url( self.user.username, external=False, ) self.confirmation_token = self.user.get_confirmation_token( self.user.username )
def test__initiate_approval_does_not_create_tokens_for_unregistered_admin(self): unconfirmed_user = UnconfirmedUserFactory() Contributor.objects.create(node=self.registration, user=unconfirmed_user) self.registration.add_permission(unconfirmed_user, 'admin', save=True) assert_true(self.registration.has_permission(unconfirmed_user, 'admin')) approval = self.registration._initiate_approval( self.user ) assert_true(self.user._id in approval.approval_state) assert_false(unconfirmed_user._id in approval.approval_state)
def test_get_user_confirmation_link(self): user = UnconfirmedUserFactory() request = RequestFactory().get('/fake_path') view = views.GetUserConfirmationLink() view = setup_view(view, request, guid=user._id) user_token = user.email_verifications.keys()[0] ideal_link_path = '/confirm/{}/{}/'.format(user._id, user_token) link = view.get_link(user) link_path = str(furl.furl(link).path) nt.assert_equal(link_path, ideal_link_path)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(self): unconfirmed_user = UnconfirmedUserFactory() Contributor.objects.create(user=unconfirmed_user, node=self.registration) self.registration.add_permission(unconfirmed_user, 'admin', save=True) assert_true(self.registration.has_permission(unconfirmed_user, 'admin')) embargo = self.registration._initiate_embargo( self.user, self.valid_embargo_end_date, for_existing_registration=True ) assert_true(self.user._id in embargo.approval_state) assert_false(unconfirmed_user._id in embargo.approval_state)
def test_get_password_reset_link(self): user = UnconfirmedUserFactory() request = RequestFactory().get('/fake_path') view = views.GetPasswordResetLink() view = setup_view(view, request, guid=user._id) link = view.get_link(user) user_token = user.verification_key_v2.get('token') nt.assert_is_not_none(user_token) ideal_link_path = '/resetpassword/{}/{}'.format(user._id, user_token) link_path = str(furl.furl(link).path) nt.assert_equal(link_path, ideal_link_path)
class TestConfirmingEmail(OsfTestCase): def setUp(self): super(TestConfirmingEmail, self).setUp() self.user = UnconfirmedUserFactory() self.confirmation_url = self.user.get_confirmation_url( self.user.username, external=False, ) self.confirmation_token = self.user.get_confirmation_token( self.user.username ) def test_cannot_remove_another_user_email(self): user1 = AuthUserFactory() user2 = AuthUserFactory() url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username}]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_cannnot_make_primary_email_for_another_user(self): user1 = AuthUserFactory() user2 = AuthUserFactory() email = '*****@*****.**' user1.emails.create(address=email) user1.save() url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username, 'primary': False, 'confirmed': True}, {'address': email, 'primary': True, 'confirmed': True} ]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_cannnot_add_email_for_another_user(self): user1 = AuthUserFactory() user2 = AuthUserFactory() email = '*****@*****.**' url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username, 'primary': True, 'confirmed': True}, {'address': email, 'primary': False, 'confirmed': False} ]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_error_page_if_confirm_link_is_used(self): self.user.confirm_email(self.confirmation_token) self.user.save() res = self.app.get(self.confirmation_url, expect_errors=True) assert_in(auth_exc.InvalidTokenError.message_short, res) assert_equal(res.status_code, http.BAD_REQUEST)
class TestConfirmingEmail(OsfTestCase): def setUp(self): super(TestConfirmingEmail, self).setUp() self.user = UnconfirmedUserFactory() self.confirmation_url = self.user.get_confirmation_url( self.user.username, external=False, ) self.confirmation_token = self.user.get_confirmation_token( self.user.username ) def test_cannot_remove_another_user_email(self): user1 = AuthUserFactory() user2 = AuthUserFactory() url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username}]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_cannnot_make_primary_email_for_another_user(self): user1 = AuthUserFactory() user2 = AuthUserFactory() email = '*****@*****.**' user1.emails.create(address=email) user1.save() url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username, 'primary': False, 'confirmed': True}, {'address': email, 'primary': True, 'confirmed': True} ]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_cannnot_add_email_for_another_user(self): user1 = AuthUserFactory() user2 = AuthUserFactory() email = '*****@*****.**' url = api_url_for('update_user') header = {'id': user1.username, 'emails': [{'address': user1.username, 'primary': True, 'confirmed': True}, {'address': email, 'primary': False, 'confirmed': False} ]} res = self.app.put_json(url, header, auth=user2.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_error_page_if_confirm_link_is_used(self): self.user.confirm_email(self.confirmation_token) self.user.save() res = self.app.get(self.confirmation_url, expect_errors=True) assert_in(auth_exc.InvalidTokenError.message_short, res) assert_equal(res.status_code, http.BAD_REQUEST)
def setUp(self): super(TestResendConfirmation, self).setUp() self.unconfirmed_user = UnconfirmedUserFactory() self.confirmed_user = UserFactory() self.get_url = web_url_for('resend_confirmation_get') self.post_url = web_url_for('resend_confirmation_post')
def user_unconfirmed(self): return UnconfirmedUserFactory()