##// END OF EJS Templates
feat(2fa): updates routes names and urls to better reflect actions
feat(2fa): updates routes names and urls to better reflect actions

File last commit:

r5178:30100c99 default
r5368:4bc46af9 default
Show More
test_my_account_password.py
131 lines | 5.1 KiB | text/x-python | PythonLexer
/ rhodecode / apps / my_account / tests / test_my_account_password.py
# Copyright (C) 2010-2023 RhodeCode GmbH
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
import pytest
import mock
from rhodecode.lib.auth import check_password
from rhodecode.model.meta import Session
from rhodecode.model.user import UserModel
from rhodecode.tests import assert_session_flash, TestController
from rhodecode.tests.fixture import Fixture, error_function
from rhodecode.tests.routes import route_path
fixture = Fixture()
test_user_1 = 'testme'
test_user_1_password = '0jd83nHNS/d23n'
class TestMyAccountPassword(TestController):
def test_valid_change_password(self, user_util):
new_password = 'my_new_valid_password'
user = user_util.create_user(password=test_user_1_password)
self.log_user(user.username, test_user_1_password)
form_data = [
('current_password', test_user_1_password),
('__start__', 'new_password:mapping'),
('new_password', new_password),
('new_password-confirm', new_password),
('__end__', 'new_password:mapping'),
('csrf_token', self.csrf_token),
]
response = self.app.post(
route_path('my_account_password_update'), form_data).follow()
assert 'Successfully updated password' in response
# check_password depends on user being in session
Session().add(user)
try:
assert check_password(new_password, user.password)
finally:
Session().expunge(user)
@pytest.mark.parametrize('current_pw, new_pw, confirm_pw', [
('', 'abcdef123', 'abcdef123'),
('wrong_pw', 'abcdef123', 'abcdef123'),
(test_user_1_password, test_user_1_password, test_user_1_password),
(test_user_1_password, '', ''),
(test_user_1_password, 'abcdef123', ''),
(test_user_1_password, '', 'abcdef123'),
(test_user_1_password, 'not_the', 'same_pw'),
(test_user_1_password, 'short', 'short'),
])
def test_invalid_change_password(self, current_pw, new_pw, confirm_pw,
user_util):
user = user_util.create_user(password=test_user_1_password)
self.log_user(user.username, test_user_1_password)
form_data = [
('current_password', current_pw),
('__start__', 'new_password:mapping'),
('new_password', new_pw),
('new_password-confirm', confirm_pw),
('__end__', 'new_password:mapping'),
('csrf_token', self.csrf_token),
]
response = self.app.post(
route_path('my_account_password_update'), form_data)
assert_response = response.assert_response()
assert assert_response.get_elements('.error-block')
@mock.patch.object(UserModel, 'update_user', error_function)
def test_invalid_change_password_exception(self, user_util):
user = user_util.create_user(password=test_user_1_password)
self.log_user(user.username, test_user_1_password)
form_data = [
('current_password', test_user_1_password),
('__start__', 'new_password:mapping'),
('new_password', '123456'),
('new_password-confirm', '123456'),
('__end__', 'new_password:mapping'),
('csrf_token', self.csrf_token),
]
response = self.app.post(
route_path('my_account_password_update'), form_data)
assert_session_flash(
response, 'Error occurred during update of user password')
def test_password_is_updated_in_session_on_password_change(self, user_util):
old_password = 'abcdef123'
new_password = 'abcdef124'
user = user_util.create_user(password=old_password)
session = self.log_user(user.username, old_password)
old_password_hash = session['password']
form_data = [
('current_password', old_password),
('__start__', 'new_password:mapping'),
('new_password', new_password),
('new_password-confirm', new_password),
('__end__', 'new_password:mapping'),
('csrf_token', self.csrf_token),
]
self.app.post(
route_path('my_account_password_update'), form_data)
response = self.app.get(route_path('home'))
session = response.get_session_from_response()
new_password_hash = session['rhodecode_user']['password']
assert old_password_hash != new_password_hash