def test_post_redirects_user(self, pyramid_request, expected_next_url, observed_next_url): pyramid_request.method = "POST" pyramid_request.POST["next"] = expected_next_url result = views.logout(pyramid_request) assert isinstance(result, HTTPSeeOther) assert result.headers["Location"] == observed_next_url
def test_post_redirects_user(self, pyramid_request, expected_next_url, observed_next_url): pyramid_request.user = pretend.stub() pyramid_request.method = "POST" pyramid_request.POST["next"] = expected_next_url result = views.logout(pyramid_request) assert isinstance(result, HTTPSeeOther) assert result.headers["Location"] == observed_next_url
def test_get_returns_empty(self, pyramid_request, next_url): if next_url is not None: pyramid_request.GET["next"] = next_url assert views.logout(pyramid_request) == { "redirect": { "field": "next", "data": next_url } }
def test_get_redirects_anonymous_user(self, pyramid_request, expected_next_url, observed_next_url): pyramid_request.user = None pyramid_request.method = "GETT" pyramid_request.GET["next"] = expected_next_url result = views.logout(pyramid_request) assert isinstance(result, HTTPSeeOther) assert result.headers["Location"] == observed_next_url
def test_user_logout_get(app): request = pretend.stub( method="GET", values={}, _session=Session({"user.id": 1}, "1234", False), ) resp = logout(app, request) assert resp.status_code == 200 assert resp.response.template.name == "accounts/logout.html" assert resp.response.context == {"next": None}
def test_post_forgets_user(self, monkeypatch, pyramid_request): forget = pretend.call_recorder(lambda request: [("foo", "bar")]) monkeypatch.setattr(views, "forget", forget) pyramid_request.method = "POST" pyramid_request.session = pretend.stub( invalidate=pretend.call_recorder(lambda: None)) result = views.logout(pyramid_request) assert isinstance(result, HTTPSeeOther) assert result.headers["Location"] == "/" assert result.headers["foo"] == "bar" assert forget.calls == [pretend.call(pyramid_request)] assert pyramid_request.session.invalidate.calls == [pretend.call()]
def test_post_forgets_user(self, monkeypatch, pyramid_request): forget = pretend.call_recorder(lambda request: [("foo", "bar")]) monkeypatch.setattr(views, "forget", forget) pyramid_request.method = "POST" pyramid_request.session = pretend.stub( invalidate=pretend.call_recorder(lambda: None), ) result = views.logout(pyramid_request) assert isinstance(result, HTTPSeeOther) assert result.headers["Location"] == "/" assert result.headers["foo"] == "bar" assert forget.calls == [pretend.call(pyramid_request)] assert pyramid_request.session.invalidate.calls == [pretend.call()]
def delete_account(self): username = self.request.params.get('confirm_username') if not username: self.request.session.flash( "Must confirm the request.", queue='error' ) return self.default_response if username != self.request.user.username: self.request.session.flash( f"Could not delete account - {username!r} is not the same as " f"{self.request.user.username!r}", queue='error' ) return self.default_response if self.active_projects: self.request.session.flash( "Cannot delete account with active project ownerships.", queue='error', ) return self.default_response # Update all journals to point to `deleted-user` instead deleted_user = ( self.request.db.query(User) .filter(User.username == 'deleted-user') .one() ) journals = ( self.request.db.query(JournalEntry) .filter(JournalEntry.submitted_by == self.request.user) .all() ) for journal in journals: journal.submitted_by = deleted_user # Send a notification email send_account_deletion_email(self.request, self.request.user) # Actually delete the user self.request.db.delete(self.request.user) return logout(self.request)
def delete_account(self): username = self.request.params.get('confirm_username') if not username: self.request.session.flash( "Must confirm the request", queue='error' ) return self.default_response if username != self.request.user.username: self.request.session.flash( f"Could not delete account - {username!r} is not the same as " f"{self.request.user.username!r}", queue='error' ) return self.default_response if self.active_projects: self.request.session.flash( "Cannot delete account with active project ownerships", queue='error', ) return self.default_response # Update all journals to point to `deleted-user` instead deleted_user = ( self.request.db.query(User) .filter(User.username == 'deleted-user') .one() ) journals = ( self.request.db.query(JournalEntry) .filter(JournalEntry.submitted_by == self.request.user) .all() ) for journal in journals: journal.submitted_by = deleted_user # Send a notification email send_account_deletion_email(self.request, self.request.user) # Actually delete the user self.request.db.delete(self.request.user) return logout(self.request)
def delete_account(self): confirm_password = self.request.params.get("confirm_password") if not confirm_password: self.request.session.flash("Confirm the request", queue="error") return self.default_response form = ConfirmPasswordForm( password=confirm_password, username=self.request.user.username, user_service=self.user_service, ) if not form.validate(): self.request.session.flash( f"Could not delete account - Invalid credentials. Please try again.", queue="error", ) return self.default_response if self.active_projects: self.request.session.flash( "Cannot delete account with active project ownerships", queue="error" ) return self.default_response # Update all journals to point to `deleted-user` instead deleted_user = ( self.request.db.query(User).filter(User.username == "deleted-user").one() ) journals = ( self.request.db.query(JournalEntry) .options(joinedload("submitted_by")) .filter(JournalEntry.submitted_by == self.request.user) .all() ) for journal in journals: journal.submitted_by = deleted_user # Send a notification email send_account_deletion_email(self.request, self.request.user) # Actually delete the user self.request.db.delete(self.request.user) return logout(self.request)
def test_user_logout_post(values, location): app = pretend.stub(config=pretend.stub()) request = pretend.stub( method="POST", host="example.com", values=values, url_adapter=pretend.stub(build=lambda *a, **kw: "/", ), _session=Session({"user.id": 1}, "1234", False), ) resp = logout(app, request) assert resp.status_code == 303 assert resp.headers["Location"] == location assert resp.headers.getlist("Set-Cookie") == [ "username=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/", ] assert request._session.deleted
def test_user_logout_post(values, location): app = pretend.stub(config=pretend.stub()) request = pretend.stub( method="POST", host="example.com", values=values, url_adapter=pretend.stub( build=lambda *a, **kw: "/", ), _session=Session({"user.id": 1}, "1234", False), ) resp = logout(app, request) assert resp.status_code == 303 assert resp.headers["Location"] == location assert resp.headers.getlist("Set-Cookie") == [ "username=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/", ] assert request._session.deleted
def test_user_logout_get(): app = pretend.stub( config=pretend.stub(), templates=pretend.stub( get_template=pretend.call_recorder( lambda t: pretend.stub(render=lambda **ctx: ""), ), ), ) request = pretend.stub( method="GET", values={}, _session=Session({"user.id": 1}, "1234", False), ) resp = logout(app, request) assert resp.status_code == 200 assert app.templates.get_template.calls == [ pretend.call("accounts/logout.html"), ]
def test_get_returns_empty(self, pyramid_request): assert views.logout(pyramid_request) == {}
def test_get_returns_empty(self, pyramid_request, next_url): if next_url is not None: pyramid_request.GET["next"] = next_url assert views.logout(pyramid_request) == \ {"redirect": {"field": "next", "data": next_url}}