def post(self): message = "" level = "" page = "lost_pass.html" user_id = None try: user = User(self.get_argument("email")) except QiitaDBUnknownIDError: message = "ERROR: Unknown user." level = "danger" else: user_id = user.id user.generate_reset_code() info = user.info try: send_email(user.id, "Qiita: Password Reset", "Please go to " "the following URL to reset your password: \n" "%s/auth/reset/%s \nYou " "have 30 minutes from the time you requested a " "reset to change your password. After this period, " "you will have to request another reset." % (qiita_config.base_url, info["pass_reset_code"])) message = ("Check your email for the reset code.") level = "success" page = "index.html" except Exception as e: message = ("Unable to send email. Error has been registered. " "Your password has not been reset.") level = "danger" LogEntry.create('Runtime', "Unable to send forgot password " "email: %s" % str(e), info={'User': user.id}) self.render(page, user=user_id, message=message, level=level)
def post(self): message = "" level = "" page = "lost_pass.html" user_id = None try: user = User(self.get_argument("email")) except QiitaDBUnknownIDError: message = "ERROR: Unknown user." level = "danger" else: user_id = user.id user.generate_reset_code() info = user.info try: send_email(user.id, "Qiita: Password Reset", "Please go to " "the following URL to reset your password: "******"http://qiita.colorado.edu/auth/reset/%s" % info["pass_reset_code"]) message = ("Check your email for the reset code.") level = "success" page = "index.html" except Exception as e: message = ("Unable to send email. Error has been registered. " "Your password has not been reset.") level = "danger" LogEntry.create('Runtime', "Unable to send forgot password " "email: %s" % str(e), info={'User': user.id}) self.render(page, user=user_id, message=message, level=level)
def post(self): error = "" try: user = User(self.get_argument("email")) except QiitaDBUnknownIDError: error = "ERROR: Unknown user." else: user.generate_reset_code() info = user.info try: send_email(user, "QIITA: Password Reset", "Please go to the " "following URL to reset your password: "******"http://qiita.colorado.edu/auth/reset/%s" % info["pass_reset_code"]) error = "Password reset. Check your email for the reset code." except Exception as e: error = "Unable to send email." LogEntry.create('Runtime', "Unable to send forgot password " "email" % str(e), info={'User': user.id}) self.render("lost_pass.html", user=None, error=error)
def post(self): error = "" try: user = User(self.get_argument("email")) except QiitaDBUnknownIDError: error = "ERROR: Unknown user." else: user.generate_reset_code() info = user.info try: send_email( user, "QIITA: Password Reset", "Please go to the " "following URL to reset your password: "******"http://qiita.colorado.edu/auth/reset/%s" % info["pass_reset_code"]) error = "Password reset. Check your email for the reset code." except Exception as e: error = "Unable to send email." LogEntry.create('Runtime', "Unable to send forgot password " "email" % str(e), info={'User': user.id}) self.render("lost_pass.html", user=None, error=error)
class UserTest(TestCase): """Tests the User object and all properties/methods""" def setUp(self): self.user = User('*****@*****.**') self.portal = qiita_config.portal self.userinfo = { 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None } def tearDown(self): qiita_config.portal = self.portal def test_instantiate_user(self): User('*****@*****.**') def test_instantiate_unknown_user(self): with self.assertRaises(QiitaDBUnknownIDError): User('*****@*****.**') def _check_correct_info(self, obs, exp): self.assertEqual(set(exp.keys()), set(obs.keys())) for key in exp: # user_verify_code and password seed randomly generated so just # making sure they exist and is correct length if key == 'user_verify_code': self.assertEqual(len(obs[key]), 20) elif key == "password": self.assertEqual(len(obs[key]), 60) else: self.assertEqual(obs[key], exp[key]) def test_create_user(self): user = User.create('*****@*****.**', 'password') self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': None, 'pass_reset_timestamp': None, 'affiliation': None, 'pass_reset_code': None, 'phone': None, 'user_verify_code': '', 'address': None, 'user_level_id': 5, 'email': '*****@*****.**'} self._check_correct_info(obs, exp) def test_create_user_info(self): user = User.create('*****@*****.**', 'password', self.userinfo) self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_timestamp': None, 'pass_reset_code': None, 'user_verify_code': '', 'user_level_id': 5, 'email': '*****@*****.**'} self._check_correct_info(obs, exp) def test_create_user_column_not_allowed(self): self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_non_existent_column(self): self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_duplicate(self): with self.assertRaises(QiitaDBDuplicateError): User.create('*****@*****.**', 'password') def test_create_user_bad_email(self): with self.assertRaises(IncorrectEmailError): User.create('notanemail', 'password') def test_create_user_bad_password(self): with self.assertRaises(IncorrectPasswordError): User.create('*****@*****.**', '') def test_login(self): self.assertEqual(User.login("*****@*****.**", "password"), User("*****@*****.**")) def test_login_incorrect_user(self): with self.assertRaises(IncorrectEmailError): User.login("*****@*****.**", "password") def test_login_incorrect_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "WRONGPASSWORD") def test_login_invalid_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "SHORT") def test_exists(self): self.assertTrue(User.exists("*****@*****.**")) def test_exists_notindb(self): self.assertFalse(User.exists("*****@*****.**")) def test_exists_invalid_email(self): with self.assertRaises(IncorrectEmailError): User.exists("notanemail.@badformat") def test_get_email(self): self.assertEqual(self.user.email, '*****@*****.**') def test_get_level(self): self.assertEqual(self.user.level, "admin") def test_get_info(self): expinfo = { 'name': 'Admin', 'affiliation': 'Owner University', 'address': '312 noname st, Apt K, Nonexistantown, CO 80302', 'phone': '222-444-6789', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None, 'phone': '222-444-6789' } self.assertEqual(self.user.info, expinfo) def test_set_info(self): self.user.info = self.userinfo self.assertEqual(self.user.info, self.userinfo) def test_set_info_not_info(self): """Tests setting info with a non-allowed column""" self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_set_info_bad_info(self): """Test setting info with a key not in the table""" self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_default_analysis(self): qiita_config.portal = "QIITA" obs = self.user.default_analysis self.assertEqual(obs, 4) qiita_config.portal = "EMP" obs = self.user.default_analysis self.assertEqual(obs, 8) def test_get_user_studies(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.user_studies, {1}) qiita_config.portal = "EMP" self.assertEqual(user.user_studies, set()) def test_get_shared_studies(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.shared_studies, {1}) qiita_config.portal = "EMP" self.assertEqual(user.shared_studies, set()) def test_get_private_analyses(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.private_analyses, set([1, 2])) qiita_config.portal = "EMP" self.assertEqual(user.private_analyses, set()) def test_get_shared_analyses(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.shared_analyses, set([1])) qiita_config.portal = "EMP" self.assertEqual(user.shared_analyses, set()) def test_verify_code(self): sql = ("insert into qiita.qiita_user values ('*****@*****.**', '1', " "'testtest', 'testuser', '', '', '', 'verifycode', 'resetcode'" ",null)") self.conn_handler.execute(sql) self.assertFalse(User.verify_code('*****@*****.**', 'wrongcode', 'create')) self.assertFalse(User.verify_code('*****@*****.**', 'wrongcode', 'reset')) self.assertTrue(User.verify_code('*****@*****.**', 'verifycode', 'create')) self.assertTrue(User.verify_code('*****@*****.**', 'resetcode', 'reset')) # make sure errors raised if code already used or wrong type with self.assertRaises(QiitaDBError): User.verify_code('*****@*****.**', 'verifycode', 'create') with self.assertRaises(QiitaDBError): User.verify_code('*****@*****.**', 'resetcode', 'reset') with self.assertRaises(IncompetentQiitaDeveloperError): User.verify_code('*****@*****.**', 'fakecode', 'badtype') # make sure default analyses created sql = ("SELECT email, name, description, dflt FROM qiita.analysis " "WHERE email = '*****@*****.**'") obs = self.conn_handler.execute_fetchall(sql) exp = [['*****@*****.**', '[email protected]', 'dflt', True], ['*****@*****.**', '[email protected]', 'dflt', True]] self.assertEqual(obs, exp) def _check_pass(self, passwd): obspass = self.conn_handler.execute_fetchone( "SELECT password FROM qiita.qiita_user WHERE email = %s", (self.user.id, ))[0] self.assertEqual(hash_password(passwd, obspass), obspass) def test_change_pass(self): self.user._change_pass("newpassword") self._check_pass("newpassword") self.assertIsNone(self.user.info["pass_reset_code"]) def test_change_pass_short(self): with self.assertRaises(IncorrectPasswordError): self.user._change_pass("newpass") self._check_pass("password") def test_change_password(self): self.user.change_password("password", "newpassword") self._check_pass("newpassword") def test_change_password_wrong_oldpass(self): self.user.change_password("WRONG", "newpass") self._check_pass("password") def test_generate_reset_code(self): user = User.create('*****@*****.**', 'password') sql = "SELECT LOCALTIMESTAMP" before = self.conn_handler.execute_fetchone(sql)[0] user.generate_reset_code() after = self.conn_handler.execute_fetchone(sql)[0] sql = ("SELECT pass_reset_code, pass_reset_timestamp FROM " "qiita.qiita_user WHERE email = %s") obscode, obstime = self.conn_handler.execute_fetchone( sql, ('*****@*****.**',)) self.assertEqual(len(obscode), 20) self.assertTrue(before < obstime < after) def test_change_forgot_password(self): self.user.generate_reset_code() code = self.user.info["pass_reset_code"] obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, True) self._check_pass("newpassword") def test_change_forgot_password_bad_code(self): self.user.generate_reset_code() code = "AAAAAAA" obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, False) self._check_pass("password")
class UserTest(TestCase): """Tests the User object and all properties/methods""" def setUp(self): self.user = User('*****@*****.**') self.portal = qiita_config.portal self.userinfo = { 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None } def tearDown(self): qiita_config.portal = self.portal def test_instantiate_user(self): User('*****@*****.**') def test_instantiate_unknown_user(self): with self.assertRaises(QiitaDBUnknownIDError): User('*****@*****.**') def _check_correct_info(self, obs, exp): self.assertEqual(set(exp.keys()), set(obs.keys())) for key in exp: # user_verify_code and password seed randomly generated so just # making sure they exist and is correct length if key == 'user_verify_code': self.assertEqual(len(obs[key]), 20) elif key == "password": self.assertEqual(len(obs[key]), 60) else: self.assertEqual(obs[key], exp[key]) def test_create_user(self): user = User.create('*****@*****.**', 'password') self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': None, 'pass_reset_timestamp': None, 'affiliation': None, 'pass_reset_code': None, 'phone': None, 'user_verify_code': '', 'address': None, 'user_level_id': 5, 'email': '*****@*****.**'} self._check_correct_info(obs, exp) def test_create_user_info(self): user = User.create('*****@*****.**', 'password', self.userinfo) self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_timestamp': None, 'pass_reset_code': None, 'user_verify_code': '', 'user_level_id': 5, 'email': '*****@*****.**'} self._check_correct_info(obs, exp) def test_create_user_column_not_allowed(self): self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_non_existent_column(self): self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_duplicate(self): with self.assertRaises(QiitaDBDuplicateError): User.create('*****@*****.**', 'password') def test_create_user_bad_email(self): with self.assertRaises(IncorrectEmailError): User.create('notanemail', 'password') def test_create_user_bad_password(self): with self.assertRaises(IncorrectPasswordError): User.create('*****@*****.**', '') def test_login(self): self.assertEqual(User.login("*****@*****.**", "password"), User("*****@*****.**")) def test_login_incorrect_user(self): with self.assertRaises(IncorrectEmailError): User.login("*****@*****.**", "password") def test_login_incorrect_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "WRONGPASSWORD") def test_login_invalid_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "SHORT") def test_exists(self): self.assertTrue(User.exists("*****@*****.**")) def test_exists_notindb(self): self.assertFalse(User.exists("*****@*****.**")) def test_exists_invalid_email(self): with self.assertRaises(IncorrectEmailError): User.exists("notanemail.@badformat") def test_get_email(self): self.assertEqual(self.user.email, '*****@*****.**') def test_get_level(self): self.assertEqual(self.user.level, "admin") def test_get_info(self): expinfo = { 'name': 'Admin', 'affiliation': 'Owner University', 'address': '312 noname st, Apt K, Nonexistantown, CO 80302', 'phone': '222-444-6789', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None, 'phone': '222-444-6789' } self.assertEqual(self.user.info, expinfo) def test_set_info(self): self.user.info = self.userinfo self.assertEqual(self.user.info, self.userinfo) def test_set_info_not_info(self): """Tests setting info with a non-allowed column""" self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_set_info_bad_info(self): """Test setting info with a key not in the table""" self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_default_analysis(self): qiita_config.portal = "QIITA" obs = self.user.default_analysis self.assertEqual(obs, 4) qiita_config.portal = "EMP" obs = self.user.default_analysis self.assertEqual(obs, 8) def test_get_user_studies(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.user_studies, {1}) qiita_config.portal = "EMP" self.assertEqual(user.user_studies, set()) def test_get_shared_studies(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.shared_studies, {1}) qiita_config.portal = "EMP" self.assertEqual(user.shared_studies, set()) def test_get_private_analyses(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.private_analyses, set([1, 2])) qiita_config.portal = "EMP" self.assertEqual(user.private_analyses, set()) def test_get_shared_analyses(self): user = User('*****@*****.**') qiita_config.portal = "QIITA" self.assertEqual(user.shared_analyses, set([1])) qiita_config.portal = "EMP" self.assertEqual(user.shared_analyses, set()) def test_verify_code(self): add_system_message("TESTMESSAGE_OLD", datetime.now()) add_system_message("TESTMESSAGE", datetime.now() + timedelta(seconds=59)) sql = ("insert into qiita.qiita_user values ('*****@*****.**', '1', " "'testtest', 'testuser', '', '', '', 'verifycode', 'resetcode'" ",null)") self.conn_handler.execute(sql) self.assertFalse(User.verify_code('*****@*****.**', 'wrongcode', 'create')) self.assertFalse(User.verify_code('*****@*****.**', 'wrongcode', 'reset')) self.assertTrue(User.verify_code('*****@*****.**', 'verifycode', 'create')) self.assertTrue(User.verify_code('*****@*****.**', 'resetcode', 'reset')) # make sure errors raised if code already used or wrong type with self.assertRaises(QiitaDBError): User.verify_code('*****@*****.**', 'verifycode', 'create') with self.assertRaises(QiitaDBError): User.verify_code('*****@*****.**', 'resetcode', 'reset') with self.assertRaises(IncompetentQiitaDeveloperError): User.verify_code('*****@*****.**', 'fakecode', 'badtype') # make sure default analyses created sql = ("SELECT email, name, description, dflt FROM qiita.analysis " "WHERE email = '*****@*****.**'") obs = self.conn_handler.execute_fetchall(sql) exp = [['*****@*****.**', '[email protected]', 'dflt', True], ['*****@*****.**', '[email protected]', 'dflt', True]] self.assertEqual(obs, exp) # Make sure default analyses are linked with the portal sql = """SELECT COUNT(1) FROM qiita.analysis JOIN qiita.analysis_portal USING (analysis_id) JOIN qiita.portal_type USING (portal_type_id) WHERE email = '*****@*****.**' AND dflt = true""" self.assertEqual(self.conn_handler.execute_fetchone(sql)[0], 2) # Make sure new system messages are linked to user sql = """SELECT message_id FROM qiita.message_user WHERE email = '*****@*****.**'""" m_id = get_count('qiita.message') self.assertEqual(self.conn_handler.execute_fetchall(sql), [[m_id]]) def _check_pass(self, passwd): obspass = self.conn_handler.execute_fetchone( "SELECT password FROM qiita.qiita_user WHERE email = %s", (self.user.id, ))[0] self.assertEqual(hash_password(passwd, obspass), obspass) def test_change_pass(self): self.user._change_pass("newpassword") self._check_pass("newpassword") self.assertIsNone(self.user.info["pass_reset_code"]) def test_change_pass_short(self): with self.assertRaises(IncorrectPasswordError): self.user._change_pass("newpass") self._check_pass("password") def test_change_password(self): self.user.change_password("password", "newpassword") self._check_pass("newpassword") def test_change_password_wrong_oldpass(self): self.user.change_password("WRONG", "newpass") self._check_pass("password") def test_generate_reset_code(self): user = User.create('*****@*****.**', 'password') sql = "SELECT LOCALTIMESTAMP" before = self.conn_handler.execute_fetchone(sql)[0] user.generate_reset_code() after = self.conn_handler.execute_fetchone(sql)[0] sql = ("SELECT pass_reset_code, pass_reset_timestamp FROM " "qiita.qiita_user WHERE email = %s") obscode, obstime = self.conn_handler.execute_fetchone( sql, ('*****@*****.**',)) self.assertEqual(len(obscode), 20) self.assertTrue(before < obstime < after) def test_change_forgot_password(self): self.user.generate_reset_code() code = self.user.info["pass_reset_code"] obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, True) self._check_pass("newpassword") def test_change_forgot_password_bad_code(self): self.user.generate_reset_code() code = "AAAAAAA" obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, False) self._check_pass("password") def test_messages(self): add_system_message('SYS MESSAGE', datetime.now()) user = User('*****@*****.**') obs = user.messages() exp_msg = [ (4, 'SYS MESSAGE'), (1, 'message 1'), (2, 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. ' 'Pellentesque sed auctor ex, non placerat sapien. Vestibulum ' 'vestibulum massa ut sapien condimentum, cursus consequat diam' ' sodales. Nulla aliquam arcu ut massa auctor, et vehicula ' 'mauris tempor. In lacinia viverra ante quis pellentesque. ' 'Nunc vel mi accumsan, porttitor eros ut, pharetra elit. Nulla' ' ac nisi quis dui egestas malesuada vitae ut mauris. Morbi ' 'blandit non nisl a finibus. In erat velit, congue at ipsum ' 'sit amet, venenatis bibendum sem. Curabitur vel odio sed est ' 'rutrum rutrum. Quisque efficitur ut purus in ultrices. ' 'Pellentesque eu auctor justo.'), (3, 'message <a href="#">3</a>')] self.assertEqual([(x[0], x[1]) for x in obs], exp_msg) self.assertTrue(all(x[2] < datetime.now() for x in obs)) self.assertFalse(all(x[3] for x in obs)) self.assertEqual([x[4] for x in obs], [True, False, False, False]) obs = user.messages(1) exp_msg = ['SYS MESSAGE'] self.assertEqual([x[1] for x in obs], exp_msg) def test_mark_messages(self): user = User('*****@*****.**') user.mark_messages([1, 2]) obs = user.messages() exp = [True, True, False] self.assertEqual([x[3] for x in obs], exp) user.mark_messages([1], read=False) obs = user.messages() exp = [False, True, False] self.assertEqual([x[3] for x in obs], exp) def test_delete_messages(self): # Make message 1 a system message sql = """UPDATE qiita.message SET expiration = '2015-08-05' WHERE message_id = 1""" self.conn_handler.execute(sql) user = User('*****@*****.**') user.delete_messages([1, 2]) obs = user.messages() exp_msg = [(3, 'message <a href="#">3</a>')] self.assertItemsEqual([(x[0], x[1]) for x in obs], exp_msg) sql = "SELECT message_id FROM qiita.message" obs = self.conn_handler.execute_fetchall(sql) self.assertItemsEqual(obs, [[1], [3]])
class UserTest(TestCase): """Tests the User object and all properties/methods""" def setUp(self): self.user = User('*****@*****.**') self.userinfo = { 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None } def test_instantiate_user(self): User('*****@*****.**') def test_instantiate_unknown_user(self): with self.assertRaises(QiitaDBUnknownIDError): User('*****@*****.**') def _check_correct_info(self, obs, exp): self.assertEqual(set(exp.keys()), set(obs.keys())) for key in exp: # user_verify_code and password seed randomly generated so just # making sure they exist and is correct length if key == 'user_verify_code': self.assertEqual(len(obs[key]), 20) elif key == "password": self.assertEqual(len(obs[key]), 60) else: self.assertEqual(obs[key], exp[key]) def test_create_user(self): user = User.create('*****@*****.**', 'password') self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': None, 'pass_reset_timestamp': None, 'affiliation': None, 'pass_reset_code': None, 'phone': None, 'user_verify_code': '', 'address': None, 'user_level_id': 5, 'email': '*****@*****.**' } self._check_correct_info(obs, exp) def test_create_user_info(self): user = User.create('*****@*****.**', 'password', self.userinfo) self.assertEqual(user.id, '*****@*****.**') sql = "SELECT * from qiita.qiita_user WHERE email = '*****@*****.**'" obs = self.conn_handler.execute_fetchall(sql) self.assertEqual(len(obs), 1) obs = dict(obs[0]) exp = { 'password': '', 'name': 'Dude', 'affiliation': 'Nowhere University', 'address': '123 fake st, Apt 0, Faketown, CO 80302', 'phone': '111-222-3344', 'pass_reset_timestamp': None, 'pass_reset_code': None, 'user_verify_code': '', 'user_level_id': 5, 'email': '*****@*****.**' } self._check_correct_info(obs, exp) def test_create_user_column_not_allowed(self): self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_non_existent_column(self): self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): User.create('*****@*****.**', 'password', self.userinfo) def test_create_user_duplicate(self): with self.assertRaises(QiitaDBDuplicateError): User.create('*****@*****.**', 'password') def test_create_user_bad_email(self): with self.assertRaises(IncorrectEmailError): User.create('notanemail', 'password') def test_create_user_bad_password(self): with self.assertRaises(IncorrectPasswordError): User.create('*****@*****.**', '') def test_login(self): self.assertEqual(User.login("*****@*****.**", "password"), User("*****@*****.**")) def test_login_incorrect_user(self): with self.assertRaises(IncorrectEmailError): User.login("*****@*****.**", "password") def test_login_incorrect_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "WRONGPASSWORD") def test_login_invalid_password(self): with self.assertRaises(IncorrectPasswordError): User.login("*****@*****.**", "SHORT") def test_exists(self): self.assertTrue(User.exists("*****@*****.**")) def test_exists_notindb(self): self.assertFalse(User.exists("*****@*****.**")) def test_exists_invaid_email(self): with self.assertRaises(IncorrectEmailError): User.exists("notanemail@badformat") def test_get_email(self): self.assertEqual(self.user.email, '*****@*****.**') def test_get_level(self): self.assertEqual(self.user.level, "admin") def test_get_info(self): expinfo = { 'name': 'Admin', 'affiliation': 'Owner University', 'address': '312 noname st, Apt K, Nonexistantown, CO 80302', 'phone': '222-444-6789', 'pass_reset_code': None, 'pass_reset_timestamp': None, 'user_verify_code': None, 'phone': '222-444-6789' } self.assertEqual(self.user.info, expinfo) def test_set_info(self): self.user.info = self.userinfo self.assertEqual(self.user.info, self.userinfo) def test_set_info_not_info(self): """Tests setting info with a non-allowed column""" self.userinfo["email"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_set_info_bad_info(self): """Test setting info with a key not in the table""" self.userinfo["BADTHING"] = "FAIL" with self.assertRaises(QiitaDBColumnError): self.user.info = self.userinfo def test_get_user_studies(self): user = User('*****@*****.**') self.assertEqual(user.user_studies, [1]) def test_get_shared_studies(self): user = User('*****@*****.**') self.assertEqual(user.shared_studies, [1]) def test_get_private_analyses(self): self.assertEqual(self.user.private_analyses, []) def test_get_shared_analyses(self): self.assertEqual(self.user.shared_analyses, []) def test_verify_code(self): sql = ("insert into qiita.qiita_user values ('*****@*****.**', '1', " "'testtest', 'testuser', '', '', '', 'verifycode', 'resetcode'" ",null)") self.conn_handler.execute(sql) self.assertTrue( User.verify_code('*****@*****.**', 'verifycode', 'create')) self.assertTrue(User.verify_code('*****@*****.**', 'resetcode', 'reset')) self.assertFalse( User.verify_code('*****@*****.**', 'wrongcode', 'create')) self.assertFalse( User.verify_code('*****@*****.**', 'wrongcode', 'reset')) with self.assertRaises(IncompetentQiitaDeveloperError): User.verify_code('*****@*****.**', 'fakecode', 'badtype') def _check_pass(self, passwd): obspass = self.conn_handler.execute_fetchone( "SELECT password FROM qiita.qiita_user WHERE email = %s", (self.user.id, ))[0] self.assertEqual(hash_password(passwd, obspass), obspass) def test_change_pass(self): self.user._change_pass("newpassword") self._check_pass("newpassword") self.assertIsNone(self.user.info["pass_reset_code"]) def test_change_pass_short(self): with self.assertRaises(IncorrectPasswordError): self.user._change_pass("newpass") self._check_pass("password") def test_change_password(self): self.user.change_password("password", "newpassword") self._check_pass("newpassword") def test_change_password_wrong_oldpass(self): self.user.change_password("WRONG", "newpass") self._check_pass("password") def test_generate_reset_code(self): user = User.create('*****@*****.**', 'password') sql = "SELECT LOCALTIMESTAMP" before = self.conn_handler.execute_fetchone(sql)[0] user.generate_reset_code() after = self.conn_handler.execute_fetchone(sql)[0] sql = ("SELECT pass_reset_code, pass_reset_timestamp FROM " "qiita.qiita_user WHERE email = %s") obscode, obstime = self.conn_handler.execute_fetchone( sql, ('*****@*****.**', )) self.assertEqual(len(obscode), 20) self.assertTrue(before < obstime < after) def test_change_forgot_password(self): self.user.generate_reset_code() code = self.user.info["pass_reset_code"] obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, True) self._check_pass("newpassword") def test_change_forgot_password_bad_code(self): self.user.generate_reset_code() code = "AAAAAAA" obsbool = self.user.change_forgot_password(code, "newpassword") self.assertEqual(obsbool, False) self._check_pass("password")