##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
api: added last-activity into returned data of get_user api....
marcink -
r1558:107da576 default
parent child Browse files
Show More

The requested changes are too big and content was truncated. Show full diff

Show file before | Show file after | Hide comments
@@ -1,472 +1,473 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2011-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import logging
22 22
23 23 from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden
24 24 from rhodecode.api.utils import (
25 25 Optional, OAttr, has_superadmin_permission, get_user_or_error, store_update)
26 26 from rhodecode.lib.auth import AuthUser, PasswordGenerator
27 27 from rhodecode.lib.exceptions import DefaultUserException
28 28 from rhodecode.lib.utils2 import safe_int, str2bool
29 29 from rhodecode.model.db import Session, User, Repository
30 30 from rhodecode.model.user import UserModel
31 31
32 32
33 33 log = logging.getLogger(__name__)
34 34
35 35
36 36 @jsonrpc_method()
37 37 def get_user(request, apiuser, userid=Optional(OAttr('apiuser'))):
38 38 """
39 39 Returns the information associated with a username or userid.
40 40
41 41 * If the ``userid`` is not set, this command returns the information
42 42 for the ``userid`` calling the method.
43 43
44 44 .. note::
45 45
46 46 Normal users may only run this command against their ``userid``. For
47 47 full privileges you must run this command using an |authtoken| with
48 48 admin rights.
49 49
50 50 :param apiuser: This is filled automatically from the |authtoken|.
51 51 :type apiuser: AuthUser
52 52 :param userid: Sets the userid for which data will be returned.
53 53 :type userid: Optional(str or int)
54 54
55 55 Example output:
56 56
57 57 .. code-block:: bash
58 58
59 59 {
60 60 "error": null,
61 61 "id": <id>,
62 62 "result": {
63 63 "active": true,
64 64 "admin": false,
65 65 "api_keys": [ list of keys ],
66 66 "auth_tokens": [ list of tokens with details ],
67 67 "email": "user@example.com",
68 68 "emails": [
69 69 "user@example.com"
70 70 ],
71 71 "extern_name": "rhodecode",
72 72 "extern_type": "rhodecode",
73 73 "firstname": "username",
74 74 "ip_addresses": [],
75 75 "language": null,
76 76 "last_login": "Timestamp",
77 "last_activity": "Timestamp",
77 78 "lastname": "surnae",
78 79 "permissions": {
79 80 "global": [
80 81 "hg.inherit_default_perms.true",
81 82 "usergroup.read",
82 83 "hg.repogroup.create.false",
83 84 "hg.create.none",
84 85 "hg.password_reset.enabled",
85 86 "hg.extern_activate.manual",
86 87 "hg.create.write_on_repogroup.false",
87 88 "hg.usergroup.create.false",
88 89 "group.none",
89 90 "repository.none",
90 91 "hg.register.none",
91 92 "hg.fork.repository"
92 93 ],
93 94 "repositories": { "username/example": "repository.write"},
94 95 "repositories_groups": { "user-group/repo": "group.none" },
95 96 "user_groups": { "user_group_name": "usergroup.read" }
96 97 },
97 98 "user_id": 32,
98 99 "username": "username"
99 100 }
100 101 }
101 102 """
102 103
103 104 if not has_superadmin_permission(apiuser):
104 105 # make sure normal user does not pass someone else userid,
105 106 # he is not allowed to do that
106 107 if not isinstance(userid, Optional) and userid != apiuser.user_id:
107 108 raise JSONRPCError('userid is not the same as your user')
108 109
109 110 userid = Optional.extract(userid, evaluate_locals=locals())
110 111 userid = getattr(userid, 'user_id', userid)
111 112
112 113 user = get_user_or_error(userid)
113 114 data = user.get_api_data(include_secrets=True)
114 115 data['permissions'] = AuthUser(user_id=user.user_id).permissions
115 116 return data
116 117
117 118
118 119 @jsonrpc_method()
119 120 def get_users(request, apiuser):
120 121 """
121 122 Lists all users in the |RCE| user database.
122 123
123 124 This command can only be run using an |authtoken| with admin rights to
124 125 the specified repository.
125 126
126 127 This command takes the following options:
127 128
128 129 :param apiuser: This is filled automatically from the |authtoken|.
129 130 :type apiuser: AuthUser
130 131
131 132 Example output:
132 133
133 134 .. code-block:: bash
134 135
135 136 id : <id_given_in_input>
136 137 result: [<user_object>, ...]
137 138 error: null
138 139 """
139 140
140 141 if not has_superadmin_permission(apiuser):
141 142 raise JSONRPCForbidden()
142 143
143 144 result = []
144 145 users_list = User.query().order_by(User.username) \
145 146 .filter(User.username != User.DEFAULT_USER) \
146 147 .all()
147 148 for user in users_list:
148 149 result.append(user.get_api_data(include_secrets=True))
149 150 return result
150 151
151 152
152 153 @jsonrpc_method()
153 154 def create_user(request, apiuser, username, email, password=Optional(''),
154 155 firstname=Optional(''), lastname=Optional(''),
155 156 active=Optional(True), admin=Optional(False),
156 157 extern_name=Optional('rhodecode'),
157 158 extern_type=Optional('rhodecode'),
158 159 force_password_change=Optional(False),
159 160 create_personal_repo_group=Optional(None)):
160 161 """
161 162 Creates a new user and returns the new user object.
162 163
163 164 This command can only be run using an |authtoken| with admin rights to
164 165 the specified repository.
165 166
166 167 This command takes the following options:
167 168
168 169 :param apiuser: This is filled automatically from the |authtoken|.
169 170 :type apiuser: AuthUser
170 171 :param username: Set the new username.
171 172 :type username: str or int
172 173 :param email: Set the user email address.
173 174 :type email: str
174 175 :param password: Set the new user password.
175 176 :type password: Optional(str)
176 177 :param firstname: Set the new user firstname.
177 178 :type firstname: Optional(str)
178 179 :param lastname: Set the new user surname.
179 180 :type lastname: Optional(str)
180 181 :param active: Set the user as active.
181 182 :type active: Optional(``True`` | ``False``)
182 183 :param admin: Give the new user admin rights.
183 184 :type admin: Optional(``True`` | ``False``)
184 185 :param extern_name: Set the authentication plugin name.
185 186 Using LDAP this is filled with LDAP UID.
186 187 :type extern_name: Optional(str)
187 188 :param extern_type: Set the new user authentication plugin.
188 189 :type extern_type: Optional(str)
189 190 :param force_password_change: Force the new user to change password
190 191 on next login.
191 192 :type force_password_change: Optional(``True`` | ``False``)
192 193 :param create_personal_repo_group: Create personal repo group for this user
193 194 :type create_personal_repo_group: Optional(``True`` | ``False``)
194 195 Example output:
195 196
196 197 .. code-block:: bash
197 198
198 199 id : <id_given_in_input>
199 200 result: {
200 201 "msg" : "created new user `<username>`",
201 202 "user": <user_obj>
202 203 }
203 204 error: null
204 205
205 206 Example error output:
206 207
207 208 .. code-block:: bash
208 209
209 210 id : <id_given_in_input>
210 211 result : null
211 212 error : {
212 213 "user `<username>` already exist"
213 214 or
214 215 "email `<email>` already exist"
215 216 or
216 217 "failed to create user `<username>`"
217 218 }
218 219
219 220 """
220 221 if not has_superadmin_permission(apiuser):
221 222 raise JSONRPCForbidden()
222 223
223 224 if UserModel().get_by_username(username):
224 225 raise JSONRPCError("user `%s` already exist" % (username,))
225 226
226 227 if UserModel().get_by_email(email, case_insensitive=True):
227 228 raise JSONRPCError("email `%s` already exist" % (email,))
228 229
229 230 # generate random password if we actually given the
230 231 # extern_name and it's not rhodecode
231 232 if (not isinstance(extern_name, Optional) and
232 233 Optional.extract(extern_name) != 'rhodecode'):
233 234 # generate temporary password if user is external
234 235 password = PasswordGenerator().gen_password(length=16)
235 236 create_repo_group = Optional.extract(create_personal_repo_group)
236 237 if isinstance(create_repo_group, basestring):
237 238 create_repo_group = str2bool(create_repo_group)
238 239
239 240 try:
240 241 user = UserModel().create_or_update(
241 242 username=Optional.extract(username),
242 243 password=Optional.extract(password),
243 244 email=Optional.extract(email),
244 245 firstname=Optional.extract(firstname),
245 246 lastname=Optional.extract(lastname),
246 247 active=Optional.extract(active),
247 248 admin=Optional.extract(admin),
248 249 extern_type=Optional.extract(extern_type),
249 250 extern_name=Optional.extract(extern_name),
250 251 force_password_change=Optional.extract(force_password_change),
251 252 create_repo_group=create_repo_group
252 253 )
253 254 Session().commit()
254 255 return {
255 256 'msg': 'created new user `%s`' % username,
256 257 'user': user.get_api_data(include_secrets=True)
257 258 }
258 259 except Exception:
259 260 log.exception('Error occurred during creation of user')
260 261 raise JSONRPCError('failed to create user `%s`' % (username,))
261 262
262 263
263 264 @jsonrpc_method()
264 265 def update_user(request, apiuser, userid, username=Optional(None),
265 266 email=Optional(None), password=Optional(None),
266 267 firstname=Optional(None), lastname=Optional(None),
267 268 active=Optional(None), admin=Optional(None),
268 269 extern_type=Optional(None), extern_name=Optional(None), ):
269 270 """
270 271 Updates the details for the specified user, if that user exists.
271 272
272 273 This command can only be run using an |authtoken| with admin rights to
273 274 the specified repository.
274 275
275 276 This command takes the following options:
276 277
277 278 :param apiuser: This is filled automatically from |authtoken|.
278 279 :type apiuser: AuthUser
279 280 :param userid: Set the ``userid`` to update.
280 281 :type userid: str or int
281 282 :param username: Set the new username.
282 283 :type username: str or int
283 284 :param email: Set the new email.
284 285 :type email: str
285 286 :param password: Set the new password.
286 287 :type password: Optional(str)
287 288 :param firstname: Set the new first name.
288 289 :type firstname: Optional(str)
289 290 :param lastname: Set the new surname.
290 291 :type lastname: Optional(str)
291 292 :param active: Set the new user as active.
292 293 :type active: Optional(``True`` | ``False``)
293 294 :param admin: Give the user admin rights.
294 295 :type admin: Optional(``True`` | ``False``)
295 296 :param extern_name: Set the authentication plugin user name.
296 297 Using LDAP this is filled with LDAP UID.
297 298 :type extern_name: Optional(str)
298 299 :param extern_type: Set the authentication plugin type.
299 300 :type extern_type: Optional(str)
300 301
301 302
302 303 Example output:
303 304
304 305 .. code-block:: bash
305 306
306 307 id : <id_given_in_input>
307 308 result: {
308 309 "msg" : "updated user ID:<userid> <username>",
309 310 "user": <user_object>,
310 311 }
311 312 error: null
312 313
313 314 Example error output:
314 315
315 316 .. code-block:: bash
316 317
317 318 id : <id_given_in_input>
318 319 result : null
319 320 error : {
320 321 "failed to update user `<username>`"
321 322 }
322 323
323 324 """
324 325 if not has_superadmin_permission(apiuser):
325 326 raise JSONRPCForbidden()
326 327
327 328 user = get_user_or_error(userid)
328 329
329 330 # only non optional arguments will be stored in updates
330 331 updates = {}
331 332
332 333 try:
333 334
334 335 store_update(updates, username, 'username')
335 336 store_update(updates, password, 'password')
336 337 store_update(updates, email, 'email')
337 338 store_update(updates, firstname, 'name')
338 339 store_update(updates, lastname, 'lastname')
339 340 store_update(updates, active, 'active')
340 341 store_update(updates, admin, 'admin')
341 342 store_update(updates, extern_name, 'extern_name')
342 343 store_update(updates, extern_type, 'extern_type')
343 344
344 345 user = UserModel().update_user(user, **updates)
345 346 Session().commit()
346 347 return {
347 348 'msg': 'updated user ID:%s %s' % (user.user_id, user.username),
348 349 'user': user.get_api_data(include_secrets=True)
349 350 }
350 351 except DefaultUserException:
351 352 log.exception("Default user edit exception")
352 353 raise JSONRPCError('editing default user is forbidden')
353 354 except Exception:
354 355 log.exception("Error occurred during update of user")
355 356 raise JSONRPCError('failed to update user `%s`' % (userid,))
356 357
357 358
358 359 @jsonrpc_method()
359 360 def delete_user(request, apiuser, userid):
360 361 """
361 362 Deletes the specified user from the |RCE| user database.
362 363
363 364 This command can only be run using an |authtoken| with admin rights to
364 365 the specified repository.
365 366
366 367 .. important::
367 368
368 369 Ensure all open pull requests and open code review
369 370 requests to this user are close.
370 371
371 372 Also ensure all repositories, or repository groups owned by this
372 373 user are reassigned before deletion.
373 374
374 375 This command takes the following options:
375 376
376 377 :param apiuser: This is filled automatically from the |authtoken|.
377 378 :type apiuser: AuthUser
378 379 :param userid: Set the user to delete.
379 380 :type userid: str or int
380 381
381 382 Example output:
382 383
383 384 .. code-block:: bash
384 385
385 386 id : <id_given_in_input>
386 387 result: {
387 388 "msg" : "deleted user ID:<userid> <username>",
388 389 "user": null
389 390 }
390 391 error: null
391 392
392 393 Example error output:
393 394
394 395 .. code-block:: bash
395 396
396 397 id : <id_given_in_input>
397 398 result : null
398 399 error : {
399 400 "failed to delete user ID:<userid> <username>"
400 401 }
401 402
402 403 """
403 404 if not has_superadmin_permission(apiuser):
404 405 raise JSONRPCForbidden()
405 406
406 407 user = get_user_or_error(userid)
407 408
408 409 try:
409 410 UserModel().delete(userid)
410 411 Session().commit()
411 412 return {
412 413 'msg': 'deleted user ID:%s %s' % (user.user_id, user.username),
413 414 'user': None
414 415 }
415 416 except Exception:
416 417 log.exception("Error occurred during deleting of user")
417 418 raise JSONRPCError(
418 419 'failed to delete user ID:%s %s' % (user.user_id, user.username))
419 420
420 421
421 422 @jsonrpc_method()
422 423 def get_user_locks(request, apiuser, userid=Optional(OAttr('apiuser'))):
423 424 """
424 425 Displays all repositories locked by the specified user.
425 426
426 427 * If this command is run by a non-admin user, it returns
427 428 a list of |repos| locked by that user.
428 429
429 430 This command takes the following options:
430 431
431 432 :param apiuser: This is filled automatically from the |authtoken|.
432 433 :type apiuser: AuthUser
433 434 :param userid: Sets the userid whose list of locked |repos| will be
434 435 displayed.
435 436 :type userid: Optional(str or int)
436 437
437 438 Example output:
438 439
439 440 .. code-block:: bash
440 441
441 442 id : <id_given_in_input>
442 443 result : {
443 444 [repo_object, repo_object,...]
444 445 }
445 446 error : null
446 447 """
447 448
448 449 include_secrets = False
449 450 if not has_superadmin_permission(apiuser):
450 451 # make sure normal user does not pass someone else userid,
451 452 # he is not allowed to do that
452 453 if not isinstance(userid, Optional) and userid != apiuser.user_id:
453 454 raise JSONRPCError('userid is not the same as your user')
454 455 else:
455 456 include_secrets = True
456 457
457 458 userid = Optional.extract(userid, evaluate_locals=locals())
458 459 userid = getattr(userid, 'user_id', userid)
459 460 user = get_user_or_error(userid)
460 461
461 462 ret = []
462 463
463 464 # show all locks
464 465 for r in Repository.getAll():
465 466 _user_id, _time, _reason = r.locked
466 467 if _user_id and _time:
467 468 _api_data = r.get_api_data(include_secrets=include_secrets)
468 469 # if we use user filter just show the locks for this user
469 470 if safe_int(_user_id) == user.user_id:
470 471 ret.append(_api_data)
471 472
472 473 return ret
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
@@ -1,246 +1,247 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22
23 23 from rhodecode.lib import helpers as h
24 24 from rhodecode.model.db import User, UserFollowing, Repository
25 25 from rhodecode.tests import (
26 26 TestController, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL,
27 27 assert_session_flash)
28 28 from rhodecode.tests.fixture import Fixture
29 29 from rhodecode.tests.utils import AssertResponse
30 30
31 31 fixture = Fixture()
32 32
33 33
34 34 class TestMyAccountController(TestController):
35 35 test_user_1 = 'testme'
36 36 test_user_1_password = '0jd83nHNS/d23n'
37 37 destroy_users = set()
38 38
39 39 @classmethod
40 40 def teardown_class(cls):
41 41 fixture.destroy_users(cls.destroy_users)
42 42
43 43 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
44 44 response = self.app.get(url('home'))
45 45 assert_response = AssertResponse(response)
46 46 element = assert_response.get_element('.logout #csrf_token')
47 47 assert element.value == csrf_token
48 48
49 49 def test_my_account_edit(self):
50 50 self.log_user()
51 51 response = self.app.get(url('my_account_edit'))
52 52
53 53 response.mustcontain('value="test_admin')
54 54
55 55 def test_my_account_my_repos(self):
56 56 self.log_user()
57 57 response = self.app.get(url('my_account_repos'))
58 58 repos = Repository.query().filter(
59 59 Repository.user == User.get_by_username(
60 60 TEST_USER_ADMIN_LOGIN)).all()
61 61 for repo in repos:
62 62 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
63 63
64 64 def test_my_account_my_watched(self):
65 65 self.log_user()
66 66 response = self.app.get(url('my_account_watched'))
67 67
68 68 repos = UserFollowing.query().filter(
69 69 UserFollowing.user == User.get_by_username(
70 70 TEST_USER_ADMIN_LOGIN)).all()
71 71 for repo in repos:
72 72 response.mustcontain(
73 73 '"name_raw": "%s"' % repo.follows_repository.repo_name)
74 74
75 75 @pytest.mark.backends("git", "hg")
76 76 def test_my_account_my_pullrequests(self, pr_util):
77 77 self.log_user()
78 78 response = self.app.get(url('my_account_pullrequests'))
79 79 response.mustcontain('There are currently no open pull '
80 80 'requests requiring your participation.')
81 81
82 82 pr = pr_util.create_pull_request(title='TestMyAccountPR')
83 83 response = self.app.get(url('my_account_pullrequests'))
84 84 response.mustcontain('"name_raw": %s' % pr.pull_request_id)
85 85 response.mustcontain('TestMyAccountPR')
86 86
87 87 def test_my_account_my_emails(self):
88 88 self.log_user()
89 89 response = self.app.get(url('my_account_emails'))
90 90 response.mustcontain('No additional emails specified')
91 91
92 92 def test_my_account_my_emails_add_existing_email(self):
93 93 self.log_user()
94 94 response = self.app.get(url('my_account_emails'))
95 95 response.mustcontain('No additional emails specified')
96 96 response = self.app.post(url('my_account_emails'),
97 97 {'new_email': TEST_USER_REGULAR_EMAIL,
98 98 'csrf_token': self.csrf_token})
99 99 assert_session_flash(response, 'This e-mail address is already taken')
100 100
101 101 def test_my_account_my_emails_add_mising_email_in_form(self):
102 102 self.log_user()
103 103 response = self.app.get(url('my_account_emails'))
104 104 response.mustcontain('No additional emails specified')
105 105 response = self.app.post(url('my_account_emails'),
106 106 {'csrf_token': self.csrf_token})
107 107 assert_session_flash(response, 'Please enter an email address')
108 108
109 109 def test_my_account_my_emails_add_remove(self):
110 110 self.log_user()
111 111 response = self.app.get(url('my_account_emails'))
112 112 response.mustcontain('No additional emails specified')
113 113
114 114 response = self.app.post(url('my_account_emails'),
115 115 {'new_email': 'foo@barz.com',
116 116 'csrf_token': self.csrf_token})
117 117
118 118 response = self.app.get(url('my_account_emails'))
119 119
120 120 from rhodecode.model.db import UserEmailMap
121 121 email_id = UserEmailMap.query().filter(
122 122 UserEmailMap.user == User.get_by_username(
123 123 TEST_USER_ADMIN_LOGIN)).filter(
124 124 UserEmailMap.email == 'foo@barz.com').one().email_id
125 125
126 126 response.mustcontain('foo@barz.com')
127 127 response.mustcontain('<input id="del_email_id" name="del_email_id" '
128 128 'type="hidden" value="%s" />' % email_id)
129 129
130 130 response = self.app.post(
131 131 url('my_account_emails'), {
132 132 'del_email_id': email_id, '_method': 'delete',
133 133 'csrf_token': self.csrf_token})
134 134 assert_session_flash(response, 'Removed email address from user account')
135 135 response = self.app.get(url('my_account_emails'))
136 136 response.mustcontain('No additional emails specified')
137 137
138 138 @pytest.mark.parametrize(
139 139 "name, attrs", [
140 140 ('firstname', {'firstname': 'new_username'}),
141 141 ('lastname', {'lastname': 'new_username'}),
142 142 ('admin', {'admin': True}),
143 143 ('admin', {'admin': False}),
144 144 ('extern_type', {'extern_type': 'ldap'}),
145 145 ('extern_type', {'extern_type': None}),
146 146 # ('extern_name', {'extern_name': 'test'}),
147 147 # ('extern_name', {'extern_name': None}),
148 148 ('active', {'active': False}),
149 149 ('active', {'active': True}),
150 150 ('email', {'email': 'some@email.com'}),
151 151 ])
152 152 def test_my_account_update(self, name, attrs):
153 153 usr = fixture.create_user(self.test_user_1,
154 154 password=self.test_user_1_password,
155 155 email='testme@rhodecode.org',
156 156 extern_type='rhodecode',
157 157 extern_name=self.test_user_1,
158 158 skip_if_exists=True)
159 159 self.destroy_users.add(self.test_user_1)
160 160
161 161 params = usr.get_api_data() # current user data
162 162 user_id = usr.user_id
163 163 self.log_user(
164 164 username=self.test_user_1, password=self.test_user_1_password)
165 165
166 166 params.update({'password_confirmation': ''})
167 167 params.update({'new_password': ''})
168 168 params.update({'extern_type': 'rhodecode'})
169 169 params.update({'extern_name': self.test_user_1})
170 170 params.update({'csrf_token': self.csrf_token})
171 171
172 172 params.update(attrs)
173 173 # my account page cannot set language param yet, only for admins
174 174 del params['language']
175 175 response = self.app.post(url('my_account'), params)
176 176
177 177 assert_session_flash(
178 178 response, 'Your account was updated successfully')
179 179
180 180 del params['csrf_token']
181 181
182 182 updated_user = User.get_by_username(self.test_user_1)
183 183 updated_params = updated_user.get_api_data()
184 184 updated_params.update({'password_confirmation': ''})
185 185 updated_params.update({'new_password': ''})
186 186
187 187 params['last_login'] = updated_params['last_login']
188 params['last_activity'] = updated_params['last_activity']
188 189 # my account page cannot set language param yet, only for admins
189 190 # but we get this info from API anyway
190 191 params['language'] = updated_params['language']
191 192
192 193 if name == 'email':
193 194 params['emails'] = [attrs['email']]
194 195 if name == 'extern_type':
195 196 # cannot update this via form, expected value is original one
196 197 params['extern_type'] = "rhodecode"
197 198 if name == 'extern_name':
198 199 # cannot update this via form, expected value is original one
199 200 params['extern_name'] = str(user_id)
200 201 if name == 'active':
201 202 # my account cannot deactivate account
202 203 params['active'] = True
203 204 if name == 'admin':
204 205 # my account cannot make you an admin !
205 206 params['admin'] = False
206 207
207 208 assert params == updated_params
208 209
209 210 def test_my_account_update_err_email_exists(self):
210 211 self.log_user()
211 212
212 213 new_email = 'test_regular@mail.com' # already exisitn email
213 214 response = self.app.post(url('my_account'),
214 215 params={
215 216 'username': 'test_admin',
216 217 'new_password': 'test12',
217 218 'password_confirmation': 'test122',
218 219 'firstname': 'NewName',
219 220 'lastname': 'NewLastname',
220 221 'email': new_email,
221 222 'csrf_token': self.csrf_token,
222 223 })
223 224
224 225 response.mustcontain('This e-mail address is already taken')
225 226
226 227 def test_my_account_update_err(self):
227 228 self.log_user('test_regular2', 'test12')
228 229
229 230 new_email = 'newmail.pl'
230 231 response = self.app.post(url('my_account'),
231 232 params={
232 233 'username': 'test_admin',
233 234 'new_password': 'test12',
234 235 'password_confirmation': 'test122',
235 236 'firstname': 'NewName',
236 237 'lastname': 'NewLastname',
237 238 'email': new_email,
238 239 'csrf_token': self.csrf_token,
239 240 })
240 241
241 242 response.mustcontain('An email address must contain a single @')
242 243 from rhodecode.model import validators
243 244 msg = validators.ValidUsername(
244 245 edit=False, old_data={})._messages['username_exists']
245 246 msg = h.html_escape(msg % {'username': 'test_admin'})
246 247 response.mustcontain(u"%s" % msg)
General Comments 0
You need to be logged in to leave comments. Login now