示例#1
0
    def test_success(self):
        "User can delete itself"
        self.add_user_root()

        user = self.makeUser('thruflo', 'Password')
        Session.add(user)

        self.authenticate()

        # Attempt to delete user
        res = self.app.get('/users/thruflo/delete_user')

        # Verify confirmation message
        self.assertTrue('Are you really sure' in res.body)

        # Verify that the user has not yet been deleted
        self.assertTrue(get_existing_user(username='******') is not None)

        # Delete the user
        res = self.app.post('/users/thruflo/delete_user')

        # Verify that the user has now been deleted
        self.assertTrue(get_existing_user(username='******') is None)

        # User should be logged out
        self.assertTrue(len(res.headers['Set-Cookie']) < 200)
    def test_success(self):
        "User can delete itself"
        self.add_user_root()

        user = self.makeUser('thruflo', 'Password')
        Session.add(user)

        self.authenticate()

        # Attempt to delete user
        res = self.app.get('/users/thruflo/delete_user')

        # Verify confirmation message
        self.assertTrue('Are you really sure' in res.body)

        # Verify that the user has not yet been deleted
        self.assertTrue(get_existing_user(username='******') is not None)

        # Delete the user
        res = self.app.post('/users/thruflo/delete_user')

        # Verify that the user has now been deleted
        self.assertTrue(get_existing_user(username='******') is None)

        # User should be logged out
        self.assertTrue(len(res.headers['Set-Cookie']) < 200)
示例#3
0
    def test_signup(self):
        """Signup saves a user and their email address."""

        # Sanity check there isn't an existing user.
        existing = get_existing_user(username="******")
        self.assertTrue(existing is None)
        # Signup.
        post_data = {"username": "******", "email": "*****@*****.**", "password": "******", "confirm": "Password"}
        res = self.app.post("/auth/signup", post_data, status=302)
        assert res  # to satisfy pyflakes
        # Now there is a user.
        existing = get_existing_user(username="******")
        self.assertTrue(existing is not None)
        # And their email address is...
        self.assertTrue(existing.emails[0].address == "*****@*****.**")
示例#4
0
    def test_signup(self):
        """Signup saves a user and their email address."""

        # Sanity check there isn't an existing user.
        existing = get_existing_user(username='******')
        self.assertTrue(existing is None)
        # Signup.
        post_data = {
            'username': '******',
            'email': '*****@*****.**',
            'password': '******',
            'confirm': 'Password'
        }
        res = self.app.post('/auth/signup', post_data, status=302)
        assert res  # to satisfy pyflakes
        # Now there is a user.
        existing = get_existing_user(username='******')
        self.assertTrue(existing is not None)
        # And their email address is...
        self.assertTrue(existing.emails[0].address == '*****@*****.**')
    def test_signup(self):
        """Signup saves a user and their email address."""

        # Sanity check there isn't an existing user.
        existing = get_existing_user(username='******')
        self.assertTrue(existing is None)
        # Signup.
        post_data = {
            'username': '******',
            'email': '*****@*****.**',
            'password': '******',
            'confirm': 'Password'
        }
        res = self.app.post('/auth/signup', post_data, status=302)
        assert res  # to satisfy pyflakes
        # Now there is a user.
        existing = get_existing_user(username='******')
        self.assertTrue(existing is not None)
        # And their email address is...
        self.assertTrue(existing.emails[0].address == '*****@*****.**')
示例#6
0
    def test_success(self):
        """User can NOT delete itself. We have rules for what delete means."""
        self.add_user_root()

        user = self.makeUser('thruflo', 'Password')
        Session.add(user)

        self.authenticate()

        # Attempt to delete user
        res = self.app.post('/users/thruflo/delete_user', status=404)

        # Verify that the user was not deleted.
        self.assertIsNotNone(get_existing_user(username='******'))
示例#7
0
    def test_other_user(self):
        "Non-admin user cannot delete other user"
        self.add_user_root()

        # User to delete
        self.makeUser('alice', 'Password')

        # Login as other user
        bob = self.makeUser('bob', 'Password')
        model.save(bob)
        transaction.commit()
        self.authenticate(username='******', password='******')

        # Try to delete user
        res = self.app.post('/users/alice/delete_user', status=403)

        # Verify that the user has not been deleted
        self.assertTrue(get_existing_user(username='******') is not None)
        # User should still be logged in
        self.assertTrue(len(res.headers['Set-Cookie']) > 250)
    def test_other_user(self):
        "Non-admin user cannot delete other user"
        self.add_user_root()

        # User to delete
        self.makeUser('alice', 'Password')

        # Login as other user
        bob = self.makeUser('bob', 'Password')
        model.save(bob)
        transaction.commit()
        self.authenticate(username='******', password='******')

        # Try to delete user
        res = self.app.post('/users/alice/delete_user', status=403)

        # Verify that the user has not been deleted
        self.assertTrue(get_existing_user(username='******') is not None)
        # User should still be logged in
        self.assertTrue(len(res.headers['Set-Cookie']) > 250)
示例#9
0
    def test_admin(self):
        "Admin should be allowed to delete any user"
        self.add_user_root()

        # User to delete
        self.makeUser('alice', 'Password')

        # Login as admin
        admin = self.makeUser('admin', 'Password')
        admin.roles.append(model.Role(name='admin'))
        model.save(admin)
        transaction.commit()
        self.authenticate(username='******', password='******')

        # Delete user
        res = self.app.post('/users/alice/delete_user')

        # Verify that user has been successfully deleted
        self.assertTrue(get_existing_user(username='******') is None)
        # Admin should still be logged in
        self.assertTrue(len(res.headers['Set-Cookie']) > 250)
示例#10
0
    def test_admin(self):
        "Admin should be allowed to delete any user"
        self.add_user_root()

        # User to delete
        self.makeUser('alice', 'Password')

        # Login as admin
        admin = self.makeUser('admin', 'Password')
        admin.roles.append(model.Role(name='admin'))
        model.save(admin)
        transaction.commit()
        self.authenticate(username='******', password='******')

        # Delete user
        res = self.app.post('/users/alice/delete_user')

        # Verify that user has been successfully deleted
        self.assertTrue(get_existing_user(username='******') is None)
        # Admin should still be logged in
        self.assertTrue(len(res.headers['Set-Cookie']) > 250)
示例#11
0
def get_operator_user(request, registry=None):
    """We have a special user in our db representing the operator user. Here
      We look them up by username, constructed from the client server name.
      The operator should be the one to receive e-mails that target
      the website / administration.
    """

    if registry == None:
        # Unpack.
        settings = request.registry.settings
    else:
        settings = registry.settings

    # Get the user, which depends on the server.
    server = os.environ.get('INI_site__title', '')
    if server.lower() == 'opendesk':
        username = u'opendesk_operator'
    elif server.lower() == 'fabhub':
        username = u'fabhub_operator'
    else:
        raise Exception('Operator user not configured.')

    return get_existing_user(username=username)
def get_operator_user(request, registry=None):
    """We have a special user in our db representing the operator user. Here
      We look them up by username, constructed from the client server name.
      The operator should be the one to receive e-mails that target
      the website / administration.
    """

    if registry == None:
        # Unpack.
        settings = request.registry.settings
    else:
        settings = registry.settings

    # Get the user, which depends on the server.
    server = os.environ.get('INI_site__title', '')
    if server.lower() == 'opendesk':
        username = u'opendesk_operator'
    elif server.lower() == 'fabhub':
        username = u'fabhub_operator'
    else:
        raise Exception('Operator user not configured.')

    return get_existing_user(username=username)