##// END OF EJS Templates
u » pc » rhodecode-enterprise-ce-fork-pc
RSS

Fork of rhodecode-enterprise-ce

tests: fixed pull requests my account tests.
marcink -
r275:497f5ccd default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,341 +1,344 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2016 RhodeCode GmbH
3 # Copyright (C) 2010-2016 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import pytest
21 import pytest
22
22
23 from rhodecode.lib import helpers as h
23 from rhodecode.lib import helpers as h
24 from rhodecode.model.db import User, UserFollowing, Repository, UserApiKeys
24 from rhodecode.model.db import User, UserFollowing, Repository, UserApiKeys
25 from rhodecode.model.meta import Session
25 from rhodecode.model.meta import Session
26 from rhodecode.tests import (
26 from rhodecode.tests import (
27 TestController, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL,
27 TestController, url, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL,
28 assert_session_flash)
28 assert_session_flash)
29 from rhodecode.tests.fixture import Fixture
29 from rhodecode.tests.fixture import Fixture
30 from rhodecode.tests.utils import AssertResponse
30 from rhodecode.tests.utils import AssertResponse
31
31
32 fixture = Fixture()
32 fixture = Fixture()
33
33
34
34
35 class TestMyAccountController(TestController):
35 class TestMyAccountController(TestController):
36 test_user_1 = 'testme'
36 test_user_1 = 'testme'
37 destroy_users = set()
37 destroy_users = set()
38
38
39 @classmethod
39 @classmethod
40 def teardown_class(cls):
40 def teardown_class(cls):
41 fixture.destroy_users(cls.destroy_users)
41 fixture.destroy_users(cls.destroy_users)
42
42
43 def test_my_account(self):
43 def test_my_account(self):
44 self.log_user()
44 self.log_user()
45 response = self.app.get(url('my_account'))
45 response = self.app.get(url('my_account'))
46
46
47 response.mustcontain('test_admin')
47 response.mustcontain('test_admin')
48 response.mustcontain('href="/_admin/my_account/edit"')
48 response.mustcontain('href="/_admin/my_account/edit"')
49
49
50 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
50 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
51 response = self.app.get(url('my_account'))
51 response = self.app.get(url('my_account'))
52 assert_response = AssertResponse(response)
52 assert_response = AssertResponse(response)
53 element = assert_response.get_element('.logout #csrf_token')
53 element = assert_response.get_element('.logout #csrf_token')
54 assert element.value == csrf_token
54 assert element.value == csrf_token
55
55
56 def test_my_account_edit(self):
56 def test_my_account_edit(self):
57 self.log_user()
57 self.log_user()
58 response = self.app.get(url('my_account_edit'))
58 response = self.app.get(url('my_account_edit'))
59
59
60 response.mustcontain('value="test_admin')
60 response.mustcontain('value="test_admin')
61
61
62 def test_my_account_my_repos(self):
62 def test_my_account_my_repos(self):
63 self.log_user()
63 self.log_user()
64 response = self.app.get(url('my_account_repos'))
64 response = self.app.get(url('my_account_repos'))
65 repos = Repository.query().filter(
65 repos = Repository.query().filter(
66 Repository.user == User.get_by_username(
66 Repository.user == User.get_by_username(
67 TEST_USER_ADMIN_LOGIN)).all()
67 TEST_USER_ADMIN_LOGIN)).all()
68 for repo in repos:
68 for repo in repos:
69 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
69 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
70
70
71 def test_my_account_my_watched(self):
71 def test_my_account_my_watched(self):
72 self.log_user()
72 self.log_user()
73 response = self.app.get(url('my_account_watched'))
73 response = self.app.get(url('my_account_watched'))
74
74
75 repos = UserFollowing.query().filter(
75 repos = UserFollowing.query().filter(
76 UserFollowing.user == User.get_by_username(
76 UserFollowing.user == User.get_by_username(
77 TEST_USER_ADMIN_LOGIN)).all()
77 TEST_USER_ADMIN_LOGIN)).all()
78 for repo in repos:
78 for repo in repos:
79 response.mustcontain(
79 response.mustcontain(
80 '"name_raw": "%s"' % repo.follows_repository.repo_name)
80 '"name_raw": "%s"' % repo.follows_repository.repo_name)
81
81
82 @pytest.mark.backends("git", "hg")
82 @pytest.mark.backends("git", "hg")
83 def test_my_account_my_pullrequests(self, pr_util):
83 def test_my_account_my_pullrequests(self, pr_util):
84 self.log_user()
84 self.log_user()
85 response = self.app.get(url('my_account_pullrequests'))
85 response = self.app.get(url('my_account_pullrequests'))
86 response.mustcontain('You currently have no open pull requests.')
86 response.mustcontain('You currently have no open pull requests.')
87
87
88 pr = pr_util.create_pull_request()
88 pr = pr_util.create_pull_request(title='TestMyAccountPR')
89 response = self.app.get(url('my_account_pullrequests'))
89 response = self.app.get(url('my_account_pullrequests'))
90 response.mustcontain('Pull request #%d opened' % pr.pull_request_id)
90 response.mustcontain('There are currently no open pull requests '
91 'requiring your participation')
92
93 response.mustcontain('#%s: TestMyAccountPR' % pr.pull_request_id)
91
94
92 def test_my_account_my_emails(self):
95 def test_my_account_my_emails(self):
93 self.log_user()
96 self.log_user()
94 response = self.app.get(url('my_account_emails'))
97 response = self.app.get(url('my_account_emails'))
95 response.mustcontain('No additional emails specified')
98 response.mustcontain('No additional emails specified')
96
99
97 def test_my_account_my_emails_add_existing_email(self):
100 def test_my_account_my_emails_add_existing_email(self):
98 self.log_user()
101 self.log_user()
99 response = self.app.get(url('my_account_emails'))
102 response = self.app.get(url('my_account_emails'))
100 response.mustcontain('No additional emails specified')
103 response.mustcontain('No additional emails specified')
101 response = self.app.post(url('my_account_emails'),
104 response = self.app.post(url('my_account_emails'),
102 {'new_email': TEST_USER_REGULAR_EMAIL,
105 {'new_email': TEST_USER_REGULAR_EMAIL,
103 'csrf_token': self.csrf_token})
106 'csrf_token': self.csrf_token})
104 assert_session_flash(response, 'This e-mail address is already taken')
107 assert_session_flash(response, 'This e-mail address is already taken')
105
108
106 def test_my_account_my_emails_add_mising_email_in_form(self):
109 def test_my_account_my_emails_add_mising_email_in_form(self):
107 self.log_user()
110 self.log_user()
108 response = self.app.get(url('my_account_emails'))
111 response = self.app.get(url('my_account_emails'))
109 response.mustcontain('No additional emails specified')
112 response.mustcontain('No additional emails specified')
110 response = self.app.post(url('my_account_emails'),
113 response = self.app.post(url('my_account_emails'),
111 {'csrf_token': self.csrf_token})
114 {'csrf_token': self.csrf_token})
112 assert_session_flash(response, 'Please enter an email address')
115 assert_session_flash(response, 'Please enter an email address')
113
116
114 def test_my_account_my_emails_add_remove(self):
117 def test_my_account_my_emails_add_remove(self):
115 self.log_user()
118 self.log_user()
116 response = self.app.get(url('my_account_emails'))
119 response = self.app.get(url('my_account_emails'))
117 response.mustcontain('No additional emails specified')
120 response.mustcontain('No additional emails specified')
118
121
119 response = self.app.post(url('my_account_emails'),
122 response = self.app.post(url('my_account_emails'),
120 {'new_email': 'foo@barz.com',
123 {'new_email': 'foo@barz.com',
121 'csrf_token': self.csrf_token})
124 'csrf_token': self.csrf_token})
122
125
123 response = self.app.get(url('my_account_emails'))
126 response = self.app.get(url('my_account_emails'))
124
127
125 from rhodecode.model.db import UserEmailMap
128 from rhodecode.model.db import UserEmailMap
126 email_id = UserEmailMap.query().filter(
129 email_id = UserEmailMap.query().filter(
127 UserEmailMap.user == User.get_by_username(
130 UserEmailMap.user == User.get_by_username(
128 TEST_USER_ADMIN_LOGIN)).filter(
131 TEST_USER_ADMIN_LOGIN)).filter(
129 UserEmailMap.email == 'foo@barz.com').one().email_id
132 UserEmailMap.email == 'foo@barz.com').one().email_id
130
133
131 response.mustcontain('foo@barz.com')
134 response.mustcontain('foo@barz.com')
132 response.mustcontain('<input id="del_email_id" name="del_email_id" '
135 response.mustcontain('<input id="del_email_id" name="del_email_id" '
133 'type="hidden" value="%s" />' % email_id)
136 'type="hidden" value="%s" />' % email_id)
134
137
135 response = self.app.post(
138 response = self.app.post(
136 url('my_account_emails'), {
139 url('my_account_emails'), {
137 'del_email_id': email_id, '_method': 'delete',
140 'del_email_id': email_id, '_method': 'delete',
138 'csrf_token': self.csrf_token})
141 'csrf_token': self.csrf_token})
139 assert_session_flash(response, 'Removed email address from user account')
142 assert_session_flash(response, 'Removed email address from user account')
140 response = self.app.get(url('my_account_emails'))
143 response = self.app.get(url('my_account_emails'))
141 response.mustcontain('No additional emails specified')
144 response.mustcontain('No additional emails specified')
142
145
143 @pytest.mark.parametrize(
146 @pytest.mark.parametrize(
144 "name, attrs", [
147 "name, attrs", [
145 ('firstname', {'firstname': 'new_username'}),
148 ('firstname', {'firstname': 'new_username'}),
146 ('lastname', {'lastname': 'new_username'}),
149 ('lastname', {'lastname': 'new_username'}),
147 ('admin', {'admin': True}),
150 ('admin', {'admin': True}),
148 ('admin', {'admin': False}),
151 ('admin', {'admin': False}),
149 ('extern_type', {'extern_type': 'ldap'}),
152 ('extern_type', {'extern_type': 'ldap'}),
150 ('extern_type', {'extern_type': None}),
153 ('extern_type', {'extern_type': None}),
151 # ('extern_name', {'extern_name': 'test'}),
154 # ('extern_name', {'extern_name': 'test'}),
152 # ('extern_name', {'extern_name': None}),
155 # ('extern_name', {'extern_name': None}),
153 ('active', {'active': False}),
156 ('active', {'active': False}),
154 ('active', {'active': True}),
157 ('active', {'active': True}),
155 ('email', {'email': 'some@email.com'}),
158 ('email', {'email': 'some@email.com'}),
156 ])
159 ])
157 def test_my_account_update(self, name, attrs):
160 def test_my_account_update(self, name, attrs):
158 usr = fixture.create_user(self.test_user_1, password='qweqwe',
161 usr = fixture.create_user(self.test_user_1, password='qweqwe',
159 email='testme@rhodecode.org',
162 email='testme@rhodecode.org',
160 extern_type='rhodecode',
163 extern_type='rhodecode',
161 extern_name=self.test_user_1,
164 extern_name=self.test_user_1,
162 skip_if_exists=True)
165 skip_if_exists=True)
163 self.destroy_users.add(self.test_user_1)
166 self.destroy_users.add(self.test_user_1)
164
167
165 params = usr.get_api_data() # current user data
168 params = usr.get_api_data() # current user data
166 user_id = usr.user_id
169 user_id = usr.user_id
167 self.log_user(username=self.test_user_1, password='qweqwe')
170 self.log_user(username=self.test_user_1, password='qweqwe')
168
171
169 params.update({'password_confirmation': ''})
172 params.update({'password_confirmation': ''})
170 params.update({'new_password': ''})
173 params.update({'new_password': ''})
171 params.update({'extern_type': 'rhodecode'})
174 params.update({'extern_type': 'rhodecode'})
172 params.update({'extern_name': self.test_user_1})
175 params.update({'extern_name': self.test_user_1})
173 params.update({'csrf_token': self.csrf_token})
176 params.update({'csrf_token': self.csrf_token})
174
177
175 params.update(attrs)
178 params.update(attrs)
176 # my account page cannot set language param yet, only for admins
179 # my account page cannot set language param yet, only for admins
177 del params['language']
180 del params['language']
178 response = self.app.post(url('my_account'), params)
181 response = self.app.post(url('my_account'), params)
179
182
180 assert_session_flash(
183 assert_session_flash(
181 response, 'Your account was updated successfully')
184 response, 'Your account was updated successfully')
182
185
183 del params['csrf_token']
186 del params['csrf_token']
184
187
185 updated_user = User.get_by_username(self.test_user_1)
188 updated_user = User.get_by_username(self.test_user_1)
186 updated_params = updated_user.get_api_data()
189 updated_params = updated_user.get_api_data()
187 updated_params.update({'password_confirmation': ''})
190 updated_params.update({'password_confirmation': ''})
188 updated_params.update({'new_password': ''})
191 updated_params.update({'new_password': ''})
189
192
190 params['last_login'] = updated_params['last_login']
193 params['last_login'] = updated_params['last_login']
191 # my account page cannot set language param yet, only for admins
194 # my account page cannot set language param yet, only for admins
192 # but we get this info from API anyway
195 # but we get this info from API anyway
193 params['language'] = updated_params['language']
196 params['language'] = updated_params['language']
194
197
195 if name == 'email':
198 if name == 'email':
196 params['emails'] = [attrs['email']]
199 params['emails'] = [attrs['email']]
197 if name == 'extern_type':
200 if name == 'extern_type':
198 # cannot update this via form, expected value is original one
201 # cannot update this via form, expected value is original one
199 params['extern_type'] = "rhodecode"
202 params['extern_type'] = "rhodecode"
200 if name == 'extern_name':
203 if name == 'extern_name':
201 # cannot update this via form, expected value is original one
204 # cannot update this via form, expected value is original one
202 params['extern_name'] = str(user_id)
205 params['extern_name'] = str(user_id)
203 if name == 'active':
206 if name == 'active':
204 # my account cannot deactivate account
207 # my account cannot deactivate account
205 params['active'] = True
208 params['active'] = True
206 if name == 'admin':
209 if name == 'admin':
207 # my account cannot make you an admin !
210 # my account cannot make you an admin !
208 params['admin'] = False
211 params['admin'] = False
209
212
210 assert params == updated_params
213 assert params == updated_params
211
214
212 def test_my_account_update_err_email_exists(self):
215 def test_my_account_update_err_email_exists(self):
213 self.log_user()
216 self.log_user()
214
217
215 new_email = 'test_regular@mail.com' # already exisitn email
218 new_email = 'test_regular@mail.com' # already exisitn email
216 response = self.app.post(url('my_account'),
219 response = self.app.post(url('my_account'),
217 params={
220 params={
218 'username': 'test_admin',
221 'username': 'test_admin',
219 'new_password': 'test12',
222 'new_password': 'test12',
220 'password_confirmation': 'test122',
223 'password_confirmation': 'test122',
221 'firstname': 'NewName',
224 'firstname': 'NewName',
222 'lastname': 'NewLastname',
225 'lastname': 'NewLastname',
223 'email': new_email,
226 'email': new_email,
224 'csrf_token': self.csrf_token,
227 'csrf_token': self.csrf_token,
225 })
228 })
226
229
227 response.mustcontain('This e-mail address is already taken')
230 response.mustcontain('This e-mail address is already taken')
228
231
229 def test_my_account_update_err(self):
232 def test_my_account_update_err(self):
230 self.log_user('test_regular2', 'test12')
233 self.log_user('test_regular2', 'test12')
231
234
232 new_email = 'newmail.pl'
235 new_email = 'newmail.pl'
233 response = self.app.post(url('my_account'),
236 response = self.app.post(url('my_account'),
234 params={
237 params={
235 'username': 'test_admin',
238 'username': 'test_admin',
236 'new_password': 'test12',
239 'new_password': 'test12',
237 'password_confirmation': 'test122',
240 'password_confirmation': 'test122',
238 'firstname': 'NewName',
241 'firstname': 'NewName',
239 'lastname': 'NewLastname',
242 'lastname': 'NewLastname',
240 'email': new_email,
243 'email': new_email,
241 'csrf_token': self.csrf_token,
244 'csrf_token': self.csrf_token,
242 })
245 })
243
246
244 response.mustcontain('An email address must contain a single @')
247 response.mustcontain('An email address must contain a single @')
245 from rhodecode.model import validators
248 from rhodecode.model import validators
246 msg = validators.ValidUsername(
249 msg = validators.ValidUsername(
247 edit=False, old_data={})._messages['username_exists']
250 edit=False, old_data={})._messages['username_exists']
248 msg = h.html_escape(msg % {'username': 'test_admin'})
251 msg = h.html_escape(msg % {'username': 'test_admin'})
249 response.mustcontain(u"%s" % msg)
252 response.mustcontain(u"%s" % msg)
250
253
251 def test_my_account_auth_tokens(self):
254 def test_my_account_auth_tokens(self):
252 usr = self.log_user('test_regular2', 'test12')
255 usr = self.log_user('test_regular2', 'test12')
253 user = User.get(usr['user_id'])
256 user = User.get(usr['user_id'])
254 response = self.app.get(url('my_account_auth_tokens'))
257 response = self.app.get(url('my_account_auth_tokens'))
255 response.mustcontain(user.api_key)
258 response.mustcontain(user.api_key)
256 response.mustcontain('expires: never')
259 response.mustcontain('expires: never')
257
260
258 @pytest.mark.parametrize("desc, lifetime", [
261 @pytest.mark.parametrize("desc, lifetime", [
259 ('forever', -1),
262 ('forever', -1),
260 ('5mins', 60*5),
263 ('5mins', 60*5),
261 ('30days', 60*60*24*30),
264 ('30days', 60*60*24*30),
262 ])
265 ])
263 def test_my_account_add_auth_tokens(self, desc, lifetime):
266 def test_my_account_add_auth_tokens(self, desc, lifetime):
264 usr = self.log_user('test_regular2', 'test12')
267 usr = self.log_user('test_regular2', 'test12')
265 user = User.get(usr['user_id'])
268 user = User.get(usr['user_id'])
266 response = self.app.post(url('my_account_auth_tokens'),
269 response = self.app.post(url('my_account_auth_tokens'),
267 {'description': desc, 'lifetime': lifetime,
270 {'description': desc, 'lifetime': lifetime,
268 'csrf_token': self.csrf_token})
271 'csrf_token': self.csrf_token})
269 assert_session_flash(response, 'Auth token successfully created')
272 assert_session_flash(response, 'Auth token successfully created')
270 try:
273 try:
271 response = response.follow()
274 response = response.follow()
272 user = User.get(usr['user_id'])
275 user = User.get(usr['user_id'])
273 for auth_token in user.auth_tokens:
276 for auth_token in user.auth_tokens:
274 response.mustcontain(auth_token)
277 response.mustcontain(auth_token)
275 finally:
278 finally:
276 for auth_token in UserApiKeys.query().all():
279 for auth_token in UserApiKeys.query().all():
277 Session().delete(auth_token)
280 Session().delete(auth_token)
278 Session().commit()
281 Session().commit()
279
282
280 def test_my_account_remove_auth_token(self):
283 def test_my_account_remove_auth_token(self):
281 # TODO: without this cleanup it fails when run with the whole
284 # TODO: without this cleanup it fails when run with the whole
282 # test suite, so there must be some interference with other tests.
285 # test suite, so there must be some interference with other tests.
283 UserApiKeys.query().delete()
286 UserApiKeys.query().delete()
284
287
285 usr = self.log_user('test_regular2', 'test12')
288 usr = self.log_user('test_regular2', 'test12')
286 User.get(usr['user_id'])
289 User.get(usr['user_id'])
287 response = self.app.post(url('my_account_auth_tokens'),
290 response = self.app.post(url('my_account_auth_tokens'),
288 {'description': 'desc', 'lifetime': -1,
291 {'description': 'desc', 'lifetime': -1,
289 'csrf_token': self.csrf_token})
292 'csrf_token': self.csrf_token})
290 assert_session_flash(response, 'Auth token successfully created')
293 assert_session_flash(response, 'Auth token successfully created')
291 response = response.follow()
294 response = response.follow()
292
295
293 # now delete our key
296 # now delete our key
294 keys = UserApiKeys.query().all()
297 keys = UserApiKeys.query().all()
295 assert 1 == len(keys)
298 assert 1 == len(keys)
296
299
297 response = self.app.post(
300 response = self.app.post(
298 url('my_account_auth_tokens'),
301 url('my_account_auth_tokens'),
299 {'_method': 'delete', 'del_auth_token': keys[0].api_key,
302 {'_method': 'delete', 'del_auth_token': keys[0].api_key,
300 'csrf_token': self.csrf_token})
303 'csrf_token': self.csrf_token})
301 assert_session_flash(response, 'Auth token successfully deleted')
304 assert_session_flash(response, 'Auth token successfully deleted')
302 keys = UserApiKeys.query().all()
305 keys = UserApiKeys.query().all()
303 assert 0 == len(keys)
306 assert 0 == len(keys)
304
307
305 def test_my_account_reset_main_auth_token(self):
308 def test_my_account_reset_main_auth_token(self):
306 usr = self.log_user('test_regular2', 'test12')
309 usr = self.log_user('test_regular2', 'test12')
307 user = User.get(usr['user_id'])
310 user = User.get(usr['user_id'])
308 api_key = user.api_key
311 api_key = user.api_key
309 response = self.app.get(url('my_account_auth_tokens'))
312 response = self.app.get(url('my_account_auth_tokens'))
310 response.mustcontain(api_key)
313 response.mustcontain(api_key)
311 response.mustcontain('expires: never')
314 response.mustcontain('expires: never')
312
315
313 response = self.app.post(
316 response = self.app.post(
314 url('my_account_auth_tokens'),
317 url('my_account_auth_tokens'),
315 {'_method': 'delete', 'del_auth_token_builtin': api_key,
318 {'_method': 'delete', 'del_auth_token_builtin': api_key,
316 'csrf_token': self.csrf_token})
319 'csrf_token': self.csrf_token})
317 assert_session_flash(response, 'Auth token successfully reset')
320 assert_session_flash(response, 'Auth token successfully reset')
318 response = response.follow()
321 response = response.follow()
319 response.mustcontain(no=[api_key])
322 response.mustcontain(no=[api_key])
320
323
321 def test_password_is_updated_in_session_on_password_change(
324 def test_password_is_updated_in_session_on_password_change(
322 self, user_util):
325 self, user_util):
323 old_password = 'abcdef123'
326 old_password = 'abcdef123'
324 new_password = 'abcdef124'
327 new_password = 'abcdef124'
325
328
326 user = user_util.create_user(password=old_password)
329 user = user_util.create_user(password=old_password)
327 session = self.log_user(user.username, old_password)
330 session = self.log_user(user.username, old_password)
328 old_password_hash = session['password']
331 old_password_hash = session['password']
329
332
330 form_data = {
333 form_data = {
331 'current_password': old_password,
334 'current_password': old_password,
332 'new_password': new_password,
335 'new_password': new_password,
333 'new_password_confirmation': new_password,
336 'new_password_confirmation': new_password,
334 'csrf_token': self.csrf_token
337 'csrf_token': self.csrf_token
335 }
338 }
336 self.app.post(url('my_account_password'), form_data)
339 self.app.post(url('my_account_password'), form_data)
337
340
338 response = self.app.get(url('home'))
341 response = self.app.get(url('home'))
339 new_password_hash = response.session['rhodecode_user']['password']
342 new_password_hash = response.session['rhodecode_user']['password']
340
343
341 assert old_password_hash != new_password_hash
344 assert old_password_hash != new_password_hash
General Comments 0
You need to be logged in to leave comments. Login now