def test_change_password(self): self.create_data() # With existing users for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) # Good password UserManager.change_password(user.id, name.upper(), "newpass") self.assertEqual(UserManager.try_auth(name, "newpass"), user) # Old password self.assertEqual(UserManager.try_auth(name, name.upper()), None) # Wrong password self.assertRaises(ValueError, UserManager.change_password, user.id, "badpass", "newpass") # Ensure we still got the same number of users self.assertEqual(db.User.select().count(), 3) # With invalid UUID self.assertRaises( ValueError, UserManager.change_password, "invalid-uuid", "oldpass", "newpass", ) # Non-existent user self.assertRaises( ObjectNotFound, UserManager.change_password, uuid.uuid4(), "oldpass", "newpass", )
def test_change_password(self): # With existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() # God password self.assertEqual(UserManager.change_password(self.store, user.id, name, 'newpass'), UserManager.SUCCESS) self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user)) # Wrong password self.assertEqual(UserManager.change_password(self.store, user.id, 'badpass', 'newpass'), UserManager.WRONG_PASS) # With invalid UUID self.assertEqual(UserManager.change_password(self.store, 'invalid-uuid', 'oldpass', 'newpass'), UserManager.INVALID_ID) # Non-existent user self.assertEqual(UserManager.change_password(self.store, uuid.uuid4(), 'oldpass', 'newpass'), UserManager.NO_SUCH_USER)
def change_password(uid): if uid == 'me': user = UserManager.get(store, session.get('userid'))[1].name else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1].name if request.method == 'POST': error = False if uid == 'me' or uid == session.get('userid'): current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) if current in ('', None): flash('The current password is required') error = True else: new, confirm = map(request.form.get, [ 'new', 'confirm' ]) if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: if uid == 'me' or uid == session.get('userid'): status = UserManager.change_password(store, session.get('userid'), current, new) else: status = UserManager.change_password2(store, UserManager.get(store, uid)[1].name, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile', uid = uid)) return render_template('change_pass.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def change_password_post(uid, user): error = False if user.id == request.user.id: current = request.form.get('current') if not current: flash('The current password is required') error = True new, confirm = map(request.form.get, [ 'new', 'confirm' ]) if not new: flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: if user.id == request.user.id: status = UserManager.change_password(store, user.id, current, new) else: status = UserManager.change_password2(store, user.name, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile', uid = uid)) return change_password_form(uid, user)
def test_change_password(self): # With existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() # Good password self.assertEqual(UserManager.change_password(self.store, user.id, name.upper(), 'newpass'), UserManager.SUCCESS) self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user)) # Old password self.assertEqual(UserManager.try_auth(self.store, name, name.upper()), (UserManager.WRONG_PASS, None)) # Wrong password self.assertEqual(UserManager.change_password(self.store, user.id, 'badpass', 'newpass'), UserManager.WRONG_PASS) # Ensure we still got the same number of users self.assertEqual(self.store.find(db.User).count(), 3) # With invalid UUID self.assertEqual(UserManager.change_password(self.store, 'invalid-uuid', 'oldpass', 'newpass'), UserManager.INVALID_ID) # Non-existent user self.assertEqual(UserManager.change_password(self.store, uuid.uuid4(), 'oldpass', 'newpass'), UserManager.NO_SUCH_USER)
def change_password(): if request.method == 'POST': current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) error = False if current in ('', None): flash('The current password is required') error = True if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: status = UserManager.change_password(store, session.get('userid'), current, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile')) return render_template('change_pass.html', user = UserManager.get(store, session.get('userid'))[1].name)