def test_ask_for_event_mail(client_session):
client, session = client_session
with client.application.app_context():
with mail.record_messages() as outbox:
with login_scope(client, 'test_user', 'test') as client:
rv = client.get('problems/iris/ask_for_event')
assert rv.status_code == 200
data = {
'suffix': 'test_2',
'title': 'whatever title',
'n_students': 200,
'min_duration_between_submissions_hour': 1,
'min_duration_between_submissions_minute': 2,
'min_duration_between_submissions_second': 3,
'opening_date': '2019-01-01',
'closing_date': '2020-01-01'
}
rv = client.post('problems/iris/ask_for_event', data=data)
assert rv.status_code == 302
# check that the email has been sent
assert len(outbox) == 1
assert ('User test_user asked to add a new event'
in outbox[0].body)
def test_reset_token_error(client_session):
client, session = client_session
# POST method
new_password = '******'
rv = client.post('/reset/xxx', data={'password': new_password})
assert rv.status_code == 404
# Get get the link to a real token but remove the user in between
user = get_user_by_name(session, 'test_user')
with client.application.app_context():
with mail.record_messages() as outbox:
rv = client.post('/reset_password', data={'email': user.email})
assert len(outbox) == 1
assert 'click on the link to reset your password' in outbox[0].body
# get the link to reset the password
reg_exp = re.search("http://localhost/reset/.*", outbox[0].body)
reset_password_link = reg_exp.group()
# remove the part with 'localhost' for the next query
reset_password_link = reset_password_link[reset_password_link.
find('/reset'):]
user = get_user_by_name(session, 'test_user')
session.delete(user)
session.commit()
new_password = '******'
rv = client.post(reset_password_link, data={'password': new_password})
assert rv.status_code == 404
def test_reset_password(client_session):
client, session = client_session
# GET method
rv = client.get('/reset_password')
assert rv.status_code == 200
assert b'If you are a registered user, we are going to send' in rv.data
# POST method
# check that we raise an error if the email does not exist
rv = client.post('/reset_password', data={'email': '*****@*****.**'})
assert rv.status_code == 200
assert b'You can sign-up instead.' in rv.data
# set a user to "asked" access level
user = get_user_by_name(session, 'test_user')
user.access_level = 'asked'
session.commit()
rv = client.post('/reset_password', data={'email': user.email})
assert rv.status_code == 200
assert b'Your account has not been yet approved.' in rv.data
# set back the account to 'user' access level
user.access_level = 'user'
session.commit()
rv = client.post('/reset_password', data={'email': user.email})
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert flash_message['message'] == ('An email to reset your password has '
'been sent')
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
with client.application.app_context():
with mail.record_messages() as outbox:
rv = client.post('/reset_password', data={'email': user.email})
assert len(outbox) == 1
assert 'click on the link to reset your password' in outbox[0].body
# get the link to reset the password
reg_exp = re.search("http://localhost/reset/.*", outbox[0].body)
reset_password_link = reg_exp.group()
# remove the part with 'localhost' for the next query
reset_password_link = reset_password_link[reset_password_link.
find('/reset'):]
# check that we can reset the password using the previous link
# GET method
rv = client.get(reset_password_link)
assert rv.status_code == 200
assert b'Change my password' in rv.data
# POST method
new_password = '******'
rv = client.post(reset_password_link, data={'password': new_password})
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
# make a commit to be sure that the update has been done
session.commit()
user = get_user_by_name(session, 'test_user')
assert check_password(new_password, user.hashed_password)
def test_send_mail(client_session):
client, _ = client_session
with client.application.app_context():
with mail.record_messages() as outbox:
send_mail('*****@*****.**', 'subject', 'body')
assert len(outbox) == 1
assert outbox[0].subject == 'subject'
assert outbox[0].body == 'body'
assert outbox[0].recipients == ['*****@*****.**']
def test_sign_up_for_event_mail(client_session):
client, session = client_session
# GET: sign-up to a new controlled event
with client.application.app_context():
with mail.record_messages() as outbox:
add_user(session,
'zz',
'zz',
'zz',
'zz',
'zz@gmail',
access_level='user')
with login_scope(client, 'zz', 'zz') as client:
rv = client.get('/events/iris_test/sign_up')
assert rv.status_code == 302
session.commit()
# check that the email has been sent
assert len(outbox) == 1
assert ('Click on this link to approve the sign-up request'
in outbox[0].body)
def test_sign_up_with_approval(client_session):
# check the sign-up and email confirmation framework
client, session = client_session
with client.application.app_context():
with mail.record_messages() as outbox:
user_profile = {
'user_name': 'new_user_1',
'password': '******',
'firstname': 'xx',
'lastname': 'xx',
'email': '*****@*****.**'
}
rv = client.post('/sign_up', data=user_profile)
# check the flash box to inform the user about the mail
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert 'We sent a confirmation email.' in flash_message['message']
# check that the email has been sent
assert len(outbox) == 1
assert ('click on the following link to confirm your email'
in outbox[0].body)
# get the link to reset the password
reg_exp = re.search("http://localhost/confirm_email/.*",
outbox[0].body)
confirm_email_link = reg_exp.group()
# remove the part with 'localhost' for the next query
confirm_email_link = confirm_email_link[confirm_email_link.
find('/confirm_email'):]
# check the redirection
assert rv.status_code == 200
user = get_user_by_name(session, 'new_user_1')
assert user is not None
assert user.access_level == 'not_confirmed'
# POST method of the email confirmation
with client.application.app_context():
with mail.record_messages() as outbox:
rv = client.post(confirm_email_link)
# check the flash box to inform the user to wait for admin's
# approval
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert ('An email has been sent to the RAMP administrator'
in flash_message['message'])
# check that we send an email to the administrator
assert len(outbox) == 1
assert "Approve registration of new_user_1" in outbox[0].subject
# ensure that we have the last changes
session.commit()
user = get_user_by_name(session, 'new_user_1')
assert user.access_level == 'asked'
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
# POST to check that we raise the right errors
# resend the confirmation for a user which already confirmed
rv = client.post(confirm_email_link)
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert ('Your email address already has been confirmed'
in flash_message['error'])
assert rv.status_code == 302
assert rv.location == 'http://localhost/'
# check when the user was already approved
for status in ('user', 'admin'):
user = get_user_by_name(session, 'new_user_1')
user.access_level = status
session.commit()
rv = client.post(confirm_email_link)
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert 'Your account is already approved.' in flash_message['error']
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
# delete the user in the middle
session.delete(user)
session.commit()
rv = client.post(confirm_email_link)
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert 'You did not sign-up yet to RAMP.' in flash_message['error']
assert rv.status_code == 302
assert rv.location == 'http://localhost/sign_up'
# access a token which does not exist
rv = client.post('/confirm_email/xxx')
assert rv.status_code == 404
