test_login.py
261 lines
| 12.1 KiB
| text/x-python
|
PythonLexer
r728 | # -*- coding: utf-8 -*- | |||
r547 | from rhodecode.tests import * | |||
from rhodecode.model.db import User | ||||
r1418 | from rhodecode.lib import generate_api_key | |||
r547 | from rhodecode.lib.auth import check_password | |||
class TestLoginController(TestController): | ||||
def test_index(self): | ||||
response = self.app.get(url(controller='login', action='index')) | ||||
r1418 | self.assertEqual(response.status, '200 OK') | |||
r547 | # Test response... | |||
def test_login_admin_ok(self): | ||||
response = self.app.post(url(controller='login', action='index'), | ||||
{'username':'test_admin', | ||||
'password':'test12'}) | ||||
r1418 | self.assertEqual(response.status, '302 Found') | |||
self.assertEqual(response.session['rhodecode_user'].username , | ||||
'test_admin') | ||||
r547 | response = response.follow() | |||
r1418 | self.assertTrue('%s repository' % HG_REPO in response.body) | |||
r659 | ||||
r547 | def test_login_regular_ok(self): | |||
response = self.app.post(url(controller='login', action='index'), | ||||
{'username':'test_regular', | ||||
'password':'test12'}) | ||||
r1418 | ||||
self.assertEqual(response.status, '302 Found') | ||||
self.assertEqual(response.session['rhodecode_user'].username , | ||||
'test_regular') | ||||
r547 | response = response.follow() | |||
r1418 | self.assertTrue('%s repository' % HG_REPO in response.body) | |||
self.assertTrue('<a title="Admin" href="/_admin">' not in response.body) | ||||
r659 | ||||
r547 | def test_login_ok_came_from(self): | |||
test_came_from = '/_admin/users' | ||||
r1418 | response = self.app.post(url(controller='login', action='index', | |||
came_from=test_came_from), | ||||
r547 | {'username':'test_admin', | |||
'password':'test12'}) | ||||
r1418 | self.assertEqual(response.status, '302 Found') | |||
r547 | response = response.follow() | |||
r659 | ||||
r1418 | self.assertEqual(response.status, '200 OK') | |||
self.assertTrue('Users administration' in response.body) | ||||
r659 | ||||
r547 | def test_login_short_password(self): | |||
response = self.app.post(url(controller='login', action='index'), | ||||
r1366 | {'username':'test_admin', | |||
'password':'as'}) | ||||
self.assertEqual(response.status, '200 OK') | ||||
r1418 | ||||
r1366 | self.assertTrue('Enter 3 characters or more' in response.body) | |||
r547 | ||||
def test_login_wrong_username_password(self): | ||||
response = self.app.post(url(controller='login', action='index'), | ||||
{'username':'error', | ||||
'password':'test12'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r659 | ||||
r1418 | self.assertTrue('invalid user name' in response.body) | |||
self.assertTrue('invalid password' in response.body) | ||||
r659 | ||||
r723 | #========================================================================== | |||
# REGISTRATIONS | ||||
#========================================================================== | ||||
r547 | def test_register(self): | |||
response = self.app.get(url(controller='login', action='register')) | ||||
r1418 | self.assertTrue('Sign Up to RhodeCode' in response.body) | |||
r659 | ||||
r547 | def test_register_err_same_username(self): | |||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'test_admin', | ||||
r723 | 'password':'test12', | |||
'password_confirmation':'test12', | ||||
r547 | 'email':'goodmail@domain.com', | |||
'name':'test', | ||||
'lastname':'test'}) | ||||
r659 | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
self.assertTrue('This username already exists' in response.body) | ||||
r659 | ||||
r745 | def test_register_err_same_email(self): | |||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'test_admin_0', | ||||
'password':'test12', | ||||
'password_confirmation':'test12', | ||||
'email':'test_admin@mail.com', | ||||
'name':'test', | ||||
'lastname':'test'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r746 | assert 'This e-mail address is already taken' in response.body | |||
r745 | ||||
def test_register_err_same_email_case_sensitive(self): | ||||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'test_admin_1', | ||||
'password':'test12', | ||||
'password_confirmation':'test12', | ||||
'email':'TesT_Admin@mail.COM', | ||||
'name':'test', | ||||
'lastname':'test'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r746 | assert 'This e-mail address is already taken' in response.body | |||
r745 | ||||
r547 | def test_register_err_wrong_data(self): | |||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'xs', | ||||
r723 | 'password':'test', | |||
'password_confirmation':'test', | ||||
r547 | 'email':'goodmailm', | |||
'name':'test', | ||||
'lastname':'test'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r547 | assert 'An email address must contain a single @' in response.body | |||
r728 | assert 'Enter a value 6 characters long or more' in response.body | |||
r659 | ||||
r745 | def test_register_err_username(self): | |||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'error user', | ||||
'password':'test12', | ||||
'password_confirmation':'test12', | ||||
'email':'goodmailm', | ||||
'name':'test', | ||||
'lastname':'test'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r745 | assert 'An email address must contain a single @' in response.body | |||
r1021 | assert ('Username may only contain ' | |||
'alphanumeric characters underscores, ' | ||||
'periods or dashes and must begin with ' | ||||
'alphanumeric character') in response.body | ||||
r745 | ||||
def test_register_err_case_sensitive(self): | ||||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'Test_Admin', | ||||
'password':'test12', | ||||
'password_confirmation':'test12', | ||||
'email':'goodmailm', | ||||
'name':'test', | ||||
'lastname':'test'}) | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r1539 | self.assertTrue('An email address must contain a single @' in response.body) | |||
self.assertTrue('This username already exists' in response.body) | ||||
r745 | ||||
r723 | def test_register_special_chars(self): | |||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'xxxaxn', | ||||
'password':'ąćźżąśśśś', | ||||
'password_confirmation':'ąćźżąśśśś', | ||||
r728 | 'email':'goodmailm@test.plx', | |||
r723 | 'name':'test', | |||
r728 | 'lastname':'test'}) | |||
r723 | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r1539 | self.assertTrue('Invalid characters in password' in response.body) | |||
r723 | ||||
def test_register_password_mismatch(self): | ||||
response = self.app.post(url(controller='login', action='register'), | ||||
{'username':'xs', | ||||
'password':'123qwe', | ||||
'password_confirmation':'qwe123', | ||||
r728 | 'email':'goodmailm@test.plxa', | |||
r723 | 'name':'test', | |||
r728 | 'lastname':'test'}) | |||
r723 | ||||
r1418 | self.assertEqual(response.status , '200 OK') | |||
r1481 | assert 'Passwords do not match' in response.body | |||
r659 | ||||
r547 | def test_register_ok(self): | |||
username = 'test_regular4' | ||||
password = 'qweqwe' | ||||
email = 'marcin@test.com' | ||||
name = 'testname' | ||||
lastname = 'testlastname' | ||||
r659 | ||||
r547 | response = self.app.post(url(controller='login', action='register'), | |||
{'username':username, | ||||
'password':password, | ||||
r723 | 'password_confirmation':password, | |||
r547 | 'email':email, | |||
'name':name, | ||||
'lastname':lastname}) | ||||
r1418 | self.assertEqual(response.status , '302 Found') | |||
r549 | assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration' | |||
r659 | ||||
r547 | ret = self.sa.query(User).filter(User.username == 'test_regular4').one() | |||
assert ret.username == username , 'field mismatch %s %s' % (ret.username, username) | ||||
assert check_password(password, ret.password) == True , 'password mismatch' | ||||
assert ret.email == email , 'field mismatch %s %s' % (ret.email, email) | ||||
assert ret.name == name , 'field mismatch %s %s' % (ret.name, name) | ||||
assert ret.lastname == lastname , 'field mismatch %s %s' % (ret.lastname, lastname) | ||||
r659 | ||||
def test_forgot_password_wrong_mail(self): | ||||
r547 | response = self.app.post(url(controller='login', action='password_reset'), | |||
{'email':'marcin@wrongmail.org', }) | ||||
r659 | ||||
r746 | assert "This e-mail address doesn't exist" in response.body, 'Missing error message about wrong email' | |||
r659 | ||||
r547 | def test_forgot_password(self): | |||
r1418 | response = self.app.get(url(controller='login', | |||
action='password_reset')) | ||||
self.assertEqual(response.status , '200 OK') | ||||
r547 | ||||
username = 'test_password_reset_1' | ||||
password = 'qweqwe' | ||||
email = 'marcin@python-works.com' | ||||
name = 'passwd' | ||||
lastname = 'reset' | ||||
r659 | ||||
r1418 | new = User() | |||
new.username = username | ||||
new.password = password | ||||
new.email = email | ||||
new.name = name | ||||
new.lastname = lastname | ||||
new.api_key = generate_api_key(username) | ||||
self.sa.add(new) | ||||
self.sa.commit() | ||||
response = self.app.post(url(controller='login', | ||||
action='password_reset'), | ||||
{'email':email, }) | ||||
self.checkSessionFlash(response, 'Your password reset link was sent') | ||||
response = response.follow() | ||||
# BAD KEY | ||||
key = "bad" | ||||
response = self.app.get(url(controller='login', | ||||
action='password_reset_confirmation', | ||||
key=key)) | ||||
self.assertEqual(response.status, '302 Found') | ||||
self.assertTrue(response.location.endswith(url('reset_password'))) | ||||
# GOOD KEY | ||||
r1530 | key = User.get_by_username(username).api_key | |||
r1418 | ||||
response = self.app.get(url(controller='login', | ||||
action='password_reset_confirmation', | ||||
key=key)) | ||||
self.assertEqual(response.status, '302 Found') | ||||
self.assertTrue(response.location.endswith(url('login_home'))) | ||||
self.checkSessionFlash(response, | ||||
('Your password reset was successful, ' | ||||
'new password has been sent to your email')) | ||||
response = response.follow() | ||||