##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
pytest: Remove oauth related tests.
johbo -
r39:0aab9a51 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,391 +1,341 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2016 RhodeCode GmbH
3 # Copyright (C) 2010-2016 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import pytest
21 import pytest
22
22
23 from rhodecode.lib import helpers as h
23 from rhodecode.lib import helpers as h
24 from rhodecode.model.db import User, UserFollowing, Repository, UserApiKeys
24 from rhodecode.model.db import User, UserFollowing, Repository, UserApiKeys
25 from rhodecode.model.meta import Session
25 from rhodecode.model.meta import Session
26 from rhodecode.tests import (
26 from rhodecode.tests import (
27 TestController, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL,
27 TestController, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL,
28 assert_session_flash)
28 assert_session_flash)
29 from rhodecode.tests.fixture import Fixture
29 from rhodecode.tests.fixture import Fixture
30 from rhodecode.tests.utils import AssertResponse
30 from rhodecode.tests.utils import AssertResponse
31
31
32 fixture = Fixture()
32 fixture = Fixture()
33
33
34
34
35 class TestMyAccountController(TestController):
35 class TestMyAccountController(TestController):
36 test_user_1 = 'testme'
36 test_user_1 = 'testme'
37 destroy_users = set()
37 destroy_users = set()
38
38
39 @classmethod
39 @classmethod
40 def teardown_class(cls):
40 def teardown_class(cls):
41 fixture.destroy_users(cls.destroy_users)
41 fixture.destroy_users(cls.destroy_users)
42
42
43 def test_my_account(self):
43 def test_my_account(self):
44 self.log_user()
44 self.log_user()
45 response = self.app.get(url('my_account'))
45 response = self.app.get(url('my_account'))
46
46
47 response.mustcontain('test_admin')
47 response.mustcontain('test_admin')
48 response.mustcontain('href="/_admin/my_account/edit"')
48 response.mustcontain('href="/_admin/my_account/edit"')
49
49
50 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
50 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
51 response = self.app.get(url('my_account'))
51 response = self.app.get(url('my_account'))
52 assert_response = AssertResponse(response)
52 assert_response = AssertResponse(response)
53 element = assert_response.get_element('.logout #csrf_token')
53 element = assert_response.get_element('.logout #csrf_token')
54 assert element.value == csrf_token
54 assert element.value == csrf_token
55
55
56 def test_my_account_edit(self):
56 def test_my_account_edit(self):
57 self.log_user()
57 self.log_user()
58 response = self.app.get(url('my_account_edit'))
58 response = self.app.get(url('my_account_edit'))
59
59
60 response.mustcontain('value="test_admin')
60 response.mustcontain('value="test_admin')
61
61
62 def test_my_account_my_repos(self):
62 def test_my_account_my_repos(self):
63 self.log_user()
63 self.log_user()
64 response = self.app.get(url('my_account_repos'))
64 response = self.app.get(url('my_account_repos'))
65 repos = Repository.query().filter(
65 repos = Repository.query().filter(
66 Repository.user == User.get_by_username(
66 Repository.user == User.get_by_username(
67 TEST_USER_ADMIN_LOGIN)).all()
67 TEST_USER_ADMIN_LOGIN)).all()
68 for repo in repos:
68 for repo in repos:
69 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
69 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
70
70
71 def test_my_account_my_watched(self):
71 def test_my_account_my_watched(self):
72 self.log_user()
72 self.log_user()
73 response = self.app.get(url('my_account_watched'))
73 response = self.app.get(url('my_account_watched'))
74
74
75 repos = UserFollowing.query().filter(
75 repos = UserFollowing.query().filter(
76 UserFollowing.user == User.get_by_username(
76 UserFollowing.user == User.get_by_username(
77 TEST_USER_ADMIN_LOGIN)).all()
77 TEST_USER_ADMIN_LOGIN)).all()
78 for repo in repos:
78 for repo in repos:
79 response.mustcontain(
79 response.mustcontain(
80 '"name_raw": "%s"' % repo.follows_repository.repo_name)
80 '"name_raw": "%s"' % repo.follows_repository.repo_name)
81
81
82 @pytest.mark.backends("git", "hg")
82 @pytest.mark.backends("git", "hg")
83 def test_my_account_my_pullrequests(self, pr_util):
83 def test_my_account_my_pullrequests(self, pr_util):
84 self.log_user()
84 self.log_user()
85 response = self.app.get(url('my_account_pullrequests'))
85 response = self.app.get(url('my_account_pullrequests'))
86 response.mustcontain('You currently have no open pull requests.')
86 response.mustcontain('You currently have no open pull requests.')
87
87
88 pr = pr_util.create_pull_request()
88 pr = pr_util.create_pull_request()
89 response = self.app.get(url('my_account_pullrequests'))
89 response = self.app.get(url('my_account_pullrequests'))
90 response.mustcontain('Pull request #%d opened' % pr.pull_request_id)
90 response.mustcontain('Pull request #%d opened' % pr.pull_request_id)
91
91
92 def test_my_account_my_emails(self):
92 def test_my_account_my_emails(self):
93 self.log_user()
93 self.log_user()
94 response = self.app.get(url('my_account_emails'))
94 response = self.app.get(url('my_account_emails'))
95 response.mustcontain('No additional emails specified')
95 response.mustcontain('No additional emails specified')
96
96
97 def test_my_account_my_emails_add_existing_email(self):
97 def test_my_account_my_emails_add_existing_email(self):
98 self.log_user()
98 self.log_user()
99 response = self.app.get(url('my_account_emails'))
99 response = self.app.get(url('my_account_emails'))
100 response.mustcontain('No additional emails specified')
100 response.mustcontain('No additional emails specified')
101 response = self.app.post(url('my_account_emails'),
101 response = self.app.post(url('my_account_emails'),
102 {'new_email': TEST_USER_REGULAR_EMAIL,
102 {'new_email': TEST_USER_REGULAR_EMAIL,
103 'csrf_token': self.csrf_token})
103 'csrf_token': self.csrf_token})
104 assert_session_flash(response, 'This e-mail address is already taken')
104 assert_session_flash(response, 'This e-mail address is already taken')
105
105
106 def test_my_account_my_emails_add_mising_email_in_form(self):
106 def test_my_account_my_emails_add_mising_email_in_form(self):
107 self.log_user()
107 self.log_user()
108 response = self.app.get(url('my_account_emails'))
108 response = self.app.get(url('my_account_emails'))
109 response.mustcontain('No additional emails specified')
109 response.mustcontain('No additional emails specified')
110 response = self.app.post(url('my_account_emails'),
110 response = self.app.post(url('my_account_emails'),
111 {'csrf_token': self.csrf_token})
111 {'csrf_token': self.csrf_token})
112 assert_session_flash(response, 'Please enter an email address')
112 assert_session_flash(response, 'Please enter an email address')
113
113
114 def test_my_account_my_emails_add_remove(self):
114 def test_my_account_my_emails_add_remove(self):
115 self.log_user()
115 self.log_user()
116 response = self.app.get(url('my_account_emails'))
116 response = self.app.get(url('my_account_emails'))
117 response.mustcontain('No additional emails specified')
117 response.mustcontain('No additional emails specified')
118
118
119 response = self.app.post(url('my_account_emails'),
119 response = self.app.post(url('my_account_emails'),
120 {'new_email': 'foo@barz.com',
120 {'new_email': 'foo@barz.com',
121 'csrf_token': self.csrf_token})
121 'csrf_token': self.csrf_token})
122
122
123 response = self.app.get(url('my_account_emails'))
123 response = self.app.get(url('my_account_emails'))
124
124
125 from rhodecode.model.db import UserEmailMap
125 from rhodecode.model.db import UserEmailMap
126 email_id = UserEmailMap.query().filter(
126 email_id = UserEmailMap.query().filter(
127 UserEmailMap.user == User.get_by_username(
127 UserEmailMap.user == User.get_by_username(
128 TEST_USER_ADMIN_LOGIN)).filter(
128 TEST_USER_ADMIN_LOGIN)).filter(
129 UserEmailMap.email == 'foo@barz.com').one().email_id
129 UserEmailMap.email == 'foo@barz.com').one().email_id
130
130
131 response.mustcontain('foo@barz.com')
131 response.mustcontain('foo@barz.com')
132 response.mustcontain('<input id="del_email_id" name="del_email_id" '
132 response.mustcontain('<input id="del_email_id" name="del_email_id" '
133 'type="hidden" value="%s" />' % email_id)
133 'type="hidden" value="%s" />' % email_id)
134
134
135 response = self.app.post(
135 response = self.app.post(
136 url('my_account_emails'), {
136 url('my_account_emails'), {
137 'del_email_id': email_id, '_method': 'delete',
137 'del_email_id': email_id, '_method': 'delete',
138 'csrf_token': self.csrf_token})
138 'csrf_token': self.csrf_token})
139 assert_session_flash(response, 'Removed email address from user account')
139 assert_session_flash(response, 'Removed email address from user account')
140 response = self.app.get(url('my_account_emails'))
140 response = self.app.get(url('my_account_emails'))
141 response.mustcontain('No additional emails specified')
141 response.mustcontain('No additional emails specified')
142
142
143 @pytest.mark.parametrize(
143 @pytest.mark.parametrize(
144 "name, attrs", [
144 "name, attrs", [
145 ('firstname', {'firstname': 'new_username'}),
145 ('firstname', {'firstname': 'new_username'}),
146 ('lastname', {'lastname': 'new_username'}),
146 ('lastname', {'lastname': 'new_username'}),
147 ('admin', {'admin': True}),
147 ('admin', {'admin': True}),
148 ('admin', {'admin': False}),
148 ('admin', {'admin': False}),
149 ('extern_type', {'extern_type': 'ldap'}),
149 ('extern_type', {'extern_type': 'ldap'}),
150 ('extern_type', {'extern_type': None}),
150 ('extern_type', {'extern_type': None}),
151 # ('extern_name', {'extern_name': 'test'}),
151 # ('extern_name', {'extern_name': 'test'}),
152 # ('extern_name', {'extern_name': None}),
152 # ('extern_name', {'extern_name': None}),
153 ('active', {'active': False}),
153 ('active', {'active': False}),
154 ('active', {'active': True}),
154 ('active', {'active': True}),
155 ('email', {'email': 'some@email.com'}),
155 ('email', {'email': 'some@email.com'}),
156 ])
156 ])
157 def test_my_account_update(self, name, attrs):
157 def test_my_account_update(self, name, attrs):
158 usr = fixture.create_user(self.test_user_1, password='qweqwe',
158 usr = fixture.create_user(self.test_user_1, password='qweqwe',
159 email='testme@rhodecode.org',
159 email='testme@rhodecode.org',
160 extern_type='rhodecode',
160 extern_type='rhodecode',
161 extern_name=self.test_user_1,
161 extern_name=self.test_user_1,
162 skip_if_exists=True)
162 skip_if_exists=True)
163 self.destroy_users.add(self.test_user_1)
163 self.destroy_users.add(self.test_user_1)
164
164
165 params = usr.get_api_data() # current user data
165 params = usr.get_api_data() # current user data
166 user_id = usr.user_id
166 user_id = usr.user_id
167 self.log_user(username=self.test_user_1, password='qweqwe')
167 self.log_user(username=self.test_user_1, password='qweqwe')
168
168
169 params.update({'password_confirmation': ''})
169 params.update({'password_confirmation': ''})
170 params.update({'new_password': ''})
170 params.update({'new_password': ''})
171 params.update({'extern_type': 'rhodecode'})
171 params.update({'extern_type': 'rhodecode'})
172 params.update({'extern_name': self.test_user_1})
172 params.update({'extern_name': self.test_user_1})
173 params.update({'csrf_token': self.csrf_token})
173 params.update({'csrf_token': self.csrf_token})
174
174
175 params.update(attrs)
175 params.update(attrs)
176 # my account page cannot set language param yet, only for admins
176 # my account page cannot set language param yet, only for admins
177 del params['language']
177 del params['language']
178 response = self.app.post(url('my_account'), params)
178 response = self.app.post(url('my_account'), params)
179
179
180 assert_session_flash(
180 assert_session_flash(
181 response, 'Your account was updated successfully')
181 response, 'Your account was updated successfully')
182
182
183 del params['csrf_token']
183 del params['csrf_token']
184
184
185 updated_user = User.get_by_username(self.test_user_1)
185 updated_user = User.get_by_username(self.test_user_1)
186 updated_params = updated_user.get_api_data()
186 updated_params = updated_user.get_api_data()
187 updated_params.update({'password_confirmation': ''})
187 updated_params.update({'password_confirmation': ''})
188 updated_params.update({'new_password': ''})
188 updated_params.update({'new_password': ''})
189
189
190 params['last_login'] = updated_params['last_login']
190 params['last_login'] = updated_params['last_login']
191 # my account page cannot set language param yet, only for admins
191 # my account page cannot set language param yet, only for admins
192 # but we get this info from API anyway
192 # but we get this info from API anyway
193 params['language'] = updated_params['language']
193 params['language'] = updated_params['language']
194
194
195 if name == 'email':
195 if name == 'email':
196 params['emails'] = [attrs['email']]
196 params['emails'] = [attrs['email']]
197 if name == 'extern_type':
197 if name == 'extern_type':
198 # cannot update this via form, expected value is original one
198 # cannot update this via form, expected value is original one
199 params['extern_type'] = "rhodecode"
199 params['extern_type'] = "rhodecode"
200 if name == 'extern_name':
200 if name == 'extern_name':
201 # cannot update this via form, expected value is original one
201 # cannot update this via form, expected value is original one
202 params['extern_name'] = str(user_id)
202 params['extern_name'] = str(user_id)
203 if name == 'active':
203 if name == 'active':
204 # my account cannot deactivate account
204 # my account cannot deactivate account
205 params['active'] = True
205 params['active'] = True
206 if name == 'admin':
206 if name == 'admin':
207 # my account cannot make you an admin !
207 # my account cannot make you an admin !
208 params['admin'] = False
208 params['admin'] = False
209
209
210 assert params == updated_params
210 assert params == updated_params
211
211
212 def test_my_account_update_err_email_exists(self):
212 def test_my_account_update_err_email_exists(self):
213 self.log_user()
213 self.log_user()
214
214
215 new_email = 'test_regular@mail.com' # already exisitn email
215 new_email = 'test_regular@mail.com' # already exisitn email
216 response = self.app.post(url('my_account'),
216 response = self.app.post(url('my_account'),
217 params={
217 params={
218 'username': 'test_admin',
218 'username': 'test_admin',
219 'new_password': 'test12',
219 'new_password': 'test12',
220 'password_confirmation': 'test122',
220 'password_confirmation': 'test122',
221 'firstname': 'NewName',
221 'firstname': 'NewName',
222 'lastname': 'NewLastname',
222 'lastname': 'NewLastname',
223 'email': new_email,
223 'email': new_email,
224 'csrf_token': self.csrf_token,
224 'csrf_token': self.csrf_token,
225 })
225 })
226
226
227 response.mustcontain('This e-mail address is already taken')
227 response.mustcontain('This e-mail address is already taken')
228
228
229 def test_my_account_update_err(self):
229 def test_my_account_update_err(self):
230 self.log_user('test_regular2', 'test12')
230 self.log_user('test_regular2', 'test12')
231
231
232 new_email = 'newmail.pl'
232 new_email = 'newmail.pl'
233 response = self.app.post(url('my_account'),
233 response = self.app.post(url('my_account'),
234 params={
234 params={
235 'username': 'test_admin',
235 'username': 'test_admin',
236 'new_password': 'test12',
236 'new_password': 'test12',
237 'password_confirmation': 'test122',
237 'password_confirmation': 'test122',
238 'firstname': 'NewName',
238 'firstname': 'NewName',
239 'lastname': 'NewLastname',
239 'lastname': 'NewLastname',
240 'email': new_email,
240 'email': new_email,
241 'csrf_token': self.csrf_token,
241 'csrf_token': self.csrf_token,
242 })
242 })
243
243
244 response.mustcontain('An email address must contain a single @')
244 response.mustcontain('An email address must contain a single @')
245 from rhodecode.model import validators
245 from rhodecode.model import validators
246 msg = validators.ValidUsername(
246 msg = validators.ValidUsername(
247 edit=False, old_data={})._messages['username_exists']
247 edit=False, old_data={})._messages['username_exists']
248 msg = h.html_escape(msg % {'username': 'test_admin'})
248 msg = h.html_escape(msg % {'username': 'test_admin'})
249 response.mustcontain(u"%s" % msg)
249 response.mustcontain(u"%s" % msg)
250
250
251 def test_my_account_auth_tokens(self):
251 def test_my_account_auth_tokens(self):
252 usr = self.log_user('test_regular2', 'test12')
252 usr = self.log_user('test_regular2', 'test12')
253 user = User.get(usr['user_id'])
253 user = User.get(usr['user_id'])
254 response = self.app.get(url('my_account_auth_tokens'))
254 response = self.app.get(url('my_account_auth_tokens'))
255 response.mustcontain(user.api_key)
255 response.mustcontain(user.api_key)
256 response.mustcontain('expires: never')
256 response.mustcontain('expires: never')
257
257
258 @pytest.mark.parametrize("desc, lifetime", [
258 @pytest.mark.parametrize("desc, lifetime", [
259 ('forever', -1),
259 ('forever', -1),
260 ('5mins', 60*5),
260 ('5mins', 60*5),
261 ('30days', 60*60*24*30),
261 ('30days', 60*60*24*30),
262 ])
262 ])
263 def test_my_account_add_auth_tokens(self, desc, lifetime):
263 def test_my_account_add_auth_tokens(self, desc, lifetime):
264 usr = self.log_user('test_regular2', 'test12')
264 usr = self.log_user('test_regular2', 'test12')
265 user = User.get(usr['user_id'])
265 user = User.get(usr['user_id'])
266 response = self.app.post(url('my_account_auth_tokens'),
266 response = self.app.post(url('my_account_auth_tokens'),
267 {'description': desc, 'lifetime': lifetime,
267 {'description': desc, 'lifetime': lifetime,
268 'csrf_token': self.csrf_token})
268 'csrf_token': self.csrf_token})
269 assert_session_flash(response, 'Auth token successfully created')
269 assert_session_flash(response, 'Auth token successfully created')
270 try:
270 try:
271 response = response.follow()
271 response = response.follow()
272 user = User.get(usr['user_id'])
272 user = User.get(usr['user_id'])
273 for auth_token in user.auth_tokens:
273 for auth_token in user.auth_tokens:
274 response.mustcontain(auth_token)
274 response.mustcontain(auth_token)
275 finally:
275 finally:
276 for auth_token in UserApiKeys.query().all():
276 for auth_token in UserApiKeys.query().all():
277 Session().delete(auth_token)
277 Session().delete(auth_token)
278 Session().commit()
278 Session().commit()
279
279
280 def test_my_account_remove_auth_token(self):
280 def test_my_account_remove_auth_token(self):
281 # TODO: without this cleanup it fails when run with the whole
281 # TODO: without this cleanup it fails when run with the whole
282 # test suite, so there must be some interference with other tests.
282 # test suite, so there must be some interference with other tests.
283 UserApiKeys.query().delete()
283 UserApiKeys.query().delete()
284
284
285 usr = self.log_user('test_regular2', 'test12')
285 usr = self.log_user('test_regular2', 'test12')
286 User.get(usr['user_id'])
286 User.get(usr['user_id'])
287 response = self.app.post(url('my_account_auth_tokens'),
287 response = self.app.post(url('my_account_auth_tokens'),
288 {'description': 'desc', 'lifetime': -1,
288 {'description': 'desc', 'lifetime': -1,
289 'csrf_token': self.csrf_token})
289 'csrf_token': self.csrf_token})
290 assert_session_flash(response, 'Auth token successfully created')
290 assert_session_flash(response, 'Auth token successfully created')
291 response = response.follow()
291 response = response.follow()
292
292
293 # now delete our key
293 # now delete our key
294 keys = UserApiKeys.query().all()
294 keys = UserApiKeys.query().all()
295 assert 1 == len(keys)
295 assert 1 == len(keys)
296
296
297 response = self.app.post(
297 response = self.app.post(
298 url('my_account_auth_tokens'),
298 url('my_account_auth_tokens'),
299 {'_method': 'delete', 'del_auth_token': keys[0].api_key,
299 {'_method': 'delete', 'del_auth_token': keys[0].api_key,
300 'csrf_token': self.csrf_token})
300 'csrf_token': self.csrf_token})
301 assert_session_flash(response, 'Auth token successfully deleted')
301 assert_session_flash(response, 'Auth token successfully deleted')
302 keys = UserApiKeys.query().all()
302 keys = UserApiKeys.query().all()
303 assert 0 == len(keys)
303 assert 0 == len(keys)
304
304
305 def test_my_account_reset_main_auth_token(self):
305 def test_my_account_reset_main_auth_token(self):
306 usr = self.log_user('test_regular2', 'test12')
306 usr = self.log_user('test_regular2', 'test12')
307 user = User.get(usr['user_id'])
307 user = User.get(usr['user_id'])
308 api_key = user.api_key
308 api_key = user.api_key
309 response = self.app.get(url('my_account_auth_tokens'))
309 response = self.app.get(url('my_account_auth_tokens'))
310 response.mustcontain(api_key)
310 response.mustcontain(api_key)
311 response.mustcontain('expires: never')
311 response.mustcontain('expires: never')
312
312
313 response = self.app.post(
313 response = self.app.post(
314 url('my_account_auth_tokens'),
314 url('my_account_auth_tokens'),
315 {'_method': 'delete', 'del_auth_token_builtin': api_key,
315 {'_method': 'delete', 'del_auth_token_builtin': api_key,
316 'csrf_token': self.csrf_token})
316 'csrf_token': self.csrf_token})
317 assert_session_flash(response, 'Auth token successfully reset')
317 assert_session_flash(response, 'Auth token successfully reset')
318 response = response.follow()
318 response = response.follow()
319 response.mustcontain(no=[api_key])
319 response.mustcontain(no=[api_key])
320
320
321 def test_password_is_updated_in_session_on_password_change(
321 def test_password_is_updated_in_session_on_password_change(
322 self, user_util):
322 self, user_util):
323 old_password = 'abcdef123'
323 old_password = 'abcdef123'
324 new_password = 'abcdef124'
324 new_password = 'abcdef124'
325
325
326 user = user_util.create_user(password=old_password)
326 user = user_util.create_user(password=old_password)
327 session = self.log_user(user.username, old_password)
327 session = self.log_user(user.username, old_password)
328 old_password_hash = session['password']
328 old_password_hash = session['password']
329
329
330 form_data = {
330 form_data = {
331 'current_password': old_password,
331 'current_password': old_password,
332 'new_password': new_password,
332 'new_password': new_password,
333 'new_password_confirmation': new_password,
333 'new_password_confirmation': new_password,
334 'csrf_token': self.csrf_token
334 'csrf_token': self.csrf_token
335 }
335 }
336 self.app.post(url('my_account_password'), form_data)
336 self.app.post(url('my_account_password'), form_data)
337
337
338 response = self.app.get(url('home'))
338 response = self.app.get(url('home'))
339 new_password_hash = response.session['rhodecode_user']['password']
339 new_password_hash = response.session['rhodecode_user']['password']
340
340
341 assert old_password_hash != new_password_hash
341 assert old_password_hash != new_password_hash
342
343 def test_my_account_oauth_tokens_empty(self):
344 usr = self.log_user('test_regular2', 'test12')
345 User.get(usr['user_id'])
346 response = self.app.get(url('my_account_oauth'))
347 response.mustcontain(no=['Connect with GitHub'])
348 response.mustcontain('You have no accounts linked yet')
349
350 def test_my_account_oauth_tokens_present(self):
351 from rhodecode.model.db import ExternalIdentity
352 usr = self.log_user('test_regular2', 'test12')
353 user = User.get(usr['user_id'])
354
355 ex_identity = ExternalIdentity()
356 ex_identity.external_id = '55'
357 ex_identity.provider_name = 'twitter'
358 ex_identity.local_user_id = user.user_id
359 db_session = Session()
360 db_session.add(ex_identity)
361 Session.flush()
362 db_session.commit()
363 try:
364 response = self.app.get(url('my_account_oauth'))
365 response.mustcontain('twitter',
366 no=['You have no accounts linked yet'])
367 finally:
368 db_session = Session()
369 db_session.delete(ex_identity)
370 db_session.commit()
371
372 def test_my_account_oauth_tokens_delete(self):
373 from rhodecode.model.db import ExternalIdentity
374 usr = self.log_user('test_regular2', 'test12')
375 user = User.get(usr['user_id'])
376
377 ex_identity = ExternalIdentity()
378 ex_identity.external_id = '99'
379 ex_identity.provider_name = 'twitter'
380 ex_identity.local_user_id = user.user_id
381 db_session = Session()
382 db_session.add(ex_identity)
383 Session.flush()
384 db_session.commit()
385 assert ExternalIdentity.query().count() == 1
386 response = self.app.post(
387 url('my_account_oauth', provider_name='twitter',
388 external_id='99'),
389 {'_method': 'delete', 'csrf_token': self.csrf_token})
390 assert_session_flash(response, 'OAuth token successfully deleted')
391 assert ExternalIdentity.query().count() == 0
General Comments 0
You need to be logged in to leave comments. Login now