##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

fixed login tests
marcink -
r3630:5d8cda8e beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,291 +1,290 b''
1 1 # -*- coding: utf-8 -*-
2 2 from rhodecode.tests import *
3 3 from rhodecode.model.db import User, Notification
4 4 from rhodecode.lib.utils2 import generate_api_key
5 5 from rhodecode.lib.auth import check_password
6 6 from rhodecode.lib import helpers as h
7 7 from rhodecode.model import validators
8 8
9 9
10 10 class TestLoginController(TestController):
11 11
12 12 def tearDown(self):
13 13 for n in Notification.query().all():
14 14 self.Session().delete(n)
15 15
16 16 self.Session().commit()
17 17 self.assertEqual(Notification.query().all(), [])
18 18
19 19 def test_index(self):
20 20 response = self.app.get(url(controller='login', action='index'))
21 21 self.assertEqual(response.status, '200 OK')
22 22 # Test response...
23 23
24 24 def test_login_admin_ok(self):
25 25 response = self.app.post(url(controller='login', action='index'),
26 26 {'username': 'test_admin',
27 27 'password': 'test12'})
28 28 self.assertEqual(response.status, '302 Found')
29 29 self.assertEqual(response.session['rhodecode_user'].get('username'),
30 30 'test_admin')
31 31 response = response.follow()
32 self.assertTrue('%s repository' % HG_REPO in response.body)
32 response.mustcontain('/%s' % HG_REPO)
33 33
34 34 def test_login_regular_ok(self):
35 35 response = self.app.post(url(controller='login', action='index'),
36 36 {'username': 'test_regular',
37 37 'password': 'test12'})
38 38
39 39 self.assertEqual(response.status, '302 Found')
40 40 self.assertEqual(response.session['rhodecode_user'].get('username'),
41 41 'test_regular')
42 42 response = response.follow()
43 self.assertTrue('%s repository' % HG_REPO in response.body)
44 self.assertTrue('<a title="Admin" href="/_admin">' not in response.body)
43 response.mustcontain('/%s' % HG_REPO)
45 44
46 45 def test_login_ok_came_from(self):
47 46 test_came_from = '/_admin/users'
48 47 response = self.app.post(url(controller='login', action='index',
49 48 came_from=test_came_from),
50 49 {'username': 'test_admin',
51 50 'password': 'test12'})
52 51 self.assertEqual(response.status, '302 Found')
53 52 response = response.follow()
54 53
55 54 self.assertEqual(response.status, '200 OK')
56 self.assertTrue('Users administration' in response.body)
55 response.mustcontain('Users administration')
57 56
58 57 @parameterized.expand([
59 58 ('data:text/html,<script>window.alert("xss")</script>',),
60 59 ('mailto:test@rhodecode.org',),
61 60 ('file:///etc/passwd',),
62 61 ('ftp://some.ftp.server',),
63 62 ('http://other.domain',),
64 63 ])
65 64 def test_login_bad_came_froms(self, url_came_from):
66 65 response = self.app.post(url(controller='login', action='index',
67 66 came_from=url_came_from),
68 67 {'username': 'test_admin',
69 68 'password': 'test12'})
70 69 self.assertEqual(response.status, '302 Found')
71 70 self.assertEqual(response._environ['paste.testing_variables']
72 71 ['tmpl_context'].came_from, '/')
73 72 response = response.follow()
74 73
75 74 self.assertEqual(response.status, '200 OK')
76 75
77 76 def test_login_short_password(self):
78 77 response = self.app.post(url(controller='login', action='index'),
79 78 {'username': 'test_admin',
80 79 'password': 'as'})
81 80 self.assertEqual(response.status, '200 OK')
82 81
83 self.assertTrue('Enter 3 characters or more' in response.body)
82 response.mustcontain('Enter 3 characters or more')
84 83
85 84 def test_login_wrong_username_password(self):
86 85 response = self.app.post(url(controller='login', action='index'),
87 86 {'username': 'error',
88 87 'password': 'test12'})
89 88
90 self.assertTrue('invalid user name' in response.body)
91 self.assertTrue('invalid password' in response.body)
89 response.mustcontain('invalid user name')
90 response.mustcontain('invalid password')
92 91
93 92 #==========================================================================
94 93 # REGISTRATIONS
95 94 #==========================================================================
96 95 def test_register(self):
97 96 response = self.app.get(url(controller='login', action='register'))
98 self.assertTrue('Sign Up to RhodeCode' in response.body)
97 response.mustcontain('Sign Up to RhodeCode')
99 98
100 99 def test_register_err_same_username(self):
101 100 uname = 'test_admin'
102 101 response = self.app.post(url(controller='login', action='register'),
103 102 {'username': uname,
104 103 'password': 'test12',
105 104 'password_confirmation': 'test12',
106 105 'email': 'goodmail@domain.com',
107 106 'firstname': 'test',
108 107 'lastname': 'test'})
109 108
110 109 msg = validators.ValidUsername()._messages['username_exists']
111 110 msg = h.html_escape(msg % {'username': uname})
112 111 response.mustcontain(msg)
113 112
114 113 def test_register_err_same_email(self):
115 114 response = self.app.post(url(controller='login', action='register'),
116 115 {'username': 'test_admin_0',
117 116 'password': 'test12',
118 117 'password_confirmation': 'test12',
119 118 'email': 'test_admin@mail.com',
120 119 'firstname': 'test',
121 120 'lastname': 'test'})
122 121
123 122 msg = validators.UniqSystemEmail()()._messages['email_taken']
124 123 response.mustcontain(msg)
125 124
126 125 def test_register_err_same_email_case_sensitive(self):
127 126 response = self.app.post(url(controller='login', action='register'),
128 127 {'username': 'test_admin_1',
129 128 'password': 'test12',
130 129 'password_confirmation': 'test12',
131 130 'email': 'TesT_Admin@mail.COM',
132 131 'firstname': 'test',
133 132 'lastname': 'test'})
134 133 msg = validators.UniqSystemEmail()()._messages['email_taken']
135 134 response.mustcontain(msg)
136 135
137 136 def test_register_err_wrong_data(self):
138 137 response = self.app.post(url(controller='login', action='register'),
139 138 {'username': 'xs',
140 139 'password': 'test',
141 140 'password_confirmation': 'test',
142 141 'email': 'goodmailm',
143 142 'firstname': 'test',
144 143 'lastname': 'test'})
145 144 self.assertEqual(response.status, '200 OK')
146 145 response.mustcontain('An email address must contain a single @')
147 146 response.mustcontain('Enter a value 6 characters long or more')
148 147
149 148 def test_register_err_username(self):
150 149 response = self.app.post(url(controller='login', action='register'),
151 150 {'username': 'error user',
152 151 'password': 'test12',
153 152 'password_confirmation': 'test12',
154 153 'email': 'goodmailm',
155 154 'firstname': 'test',
156 155 'lastname': 'test'})
157 156
158 157 response.mustcontain('An email address must contain a single @')
159 158 response.mustcontain('Username may only contain '
160 159 'alphanumeric characters underscores, '
161 160 'periods or dashes and must begin with '
162 161 'alphanumeric character')
163 162
164 163 def test_register_err_case_sensitive(self):
165 164 usr = 'Test_Admin'
166 165 response = self.app.post(url(controller='login', action='register'),
167 166 {'username': usr,
168 167 'password': 'test12',
169 168 'password_confirmation': 'test12',
170 169 'email': 'goodmailm',
171 170 'firstname': 'test',
172 171 'lastname': 'test'})
173 172
174 173 response.mustcontain('An email address must contain a single @')
175 174 msg = validators.ValidUsername()._messages['username_exists']
176 175 msg = h.html_escape(msg % {'username': usr})
177 176 response.mustcontain(msg)
178 177
179 178 def test_register_special_chars(self):
180 179 response = self.app.post(url(controller='login', action='register'),
181 180 {'username': 'xxxaxn',
182 181 'password': 'Δ…Δ‡ΕΊΕΌΔ…Ε›Ε›Ε›Ε›',
183 182 'password_confirmation': 'Δ…Δ‡ΕΊΕΌΔ…Ε›Ε›Ε›Ε›',
184 183 'email': 'goodmailm@test.plx',
185 184 'firstname': 'test',
186 185 'lastname': 'test'})
187 186
188 187 msg = validators.ValidPassword()._messages['invalid_password']
189 188 response.mustcontain(msg)
190 189
191 190 def test_register_password_mismatch(self):
192 191 response = self.app.post(url(controller='login', action='register'),
193 192 {'username': 'xs',
194 193 'password': '123qwe',
195 194 'password_confirmation': 'qwe123',
196 195 'email': 'goodmailm@test.plxa',
197 196 'firstname': 'test',
198 197 'lastname': 'test'})
199 198 msg = validators.ValidPasswordsMatch()._messages['password_mismatch']
200 199 response.mustcontain(msg)
201 200
202 201 def test_register_ok(self):
203 202 username = 'test_regular4'
204 203 password = 'qweqwe'
205 204 email = 'marcin@test.com'
206 205 name = 'testname'
207 206 lastname = 'testlastname'
208 207
209 208 response = self.app.post(url(controller='login', action='register'),
210 209 {'username': username,
211 210 'password': password,
212 211 'password_confirmation': password,
213 212 'email': email,
214 213 'firstname': name,
215 214 'lastname': lastname,
216 215 'admin': True}) # This should be overriden
217 216 self.assertEqual(response.status, '302 Found')
218 217 self.checkSessionFlash(response, 'You have successfully registered into RhodeCode')
219 218
220 219 ret = self.Session().query(User).filter(User.username == 'test_regular4').one()
221 220 self.assertEqual(ret.username, username)
222 221 self.assertEqual(check_password(password, ret.password), True)
223 222 self.assertEqual(ret.email, email)
224 223 self.assertEqual(ret.name, name)
225 224 self.assertEqual(ret.lastname, lastname)
226 225 self.assertNotEqual(ret.api_key, None)
227 226 self.assertEqual(ret.admin, False)
228 227
229 228 def test_forgot_password_wrong_mail(self):
230 229 bad_email = 'marcin@wrongmail.org'
231 230 response = self.app.post(
232 231 url(controller='login', action='password_reset'),
233 232 {'email': bad_email, }
234 233 )
235 234
236 235 msg = validators.ValidSystemEmail()._messages['non_existing_email']
237 236 msg = h.html_escape(msg % {'email': bad_email})
238 237 response.mustcontain()
239 238
240 239 def test_forgot_password(self):
241 240 response = self.app.get(url(controller='login',
242 241 action='password_reset'))
243 242 self.assertEqual(response.status, '200 OK')
244 243
245 244 username = 'test_password_reset_1'
246 245 password = 'qweqwe'
247 246 email = 'marcin@python-works.com'
248 247 name = 'passwd'
249 248 lastname = 'reset'
250 249
251 250 new = User()
252 251 new.username = username
253 252 new.password = password
254 253 new.email = email
255 254 new.name = name
256 255 new.lastname = lastname
257 256 new.api_key = generate_api_key(username)
258 257 self.Session().add(new)
259 258 self.Session().commit()
260 259
261 260 response = self.app.post(url(controller='login',
262 261 action='password_reset'),
263 262 {'email': email, })
264 263
265 264 self.checkSessionFlash(response, 'Your password reset link was sent')
266 265
267 266 response = response.follow()
268 267
269 268 # BAD KEY
270 269
271 270 key = "bad"
272 271 response = self.app.get(url(controller='login',
273 272 action='password_reset_confirmation',
274 273 key=key))
275 274 self.assertEqual(response.status, '302 Found')
276 275 self.assertTrue(response.location.endswith(url('reset_password')))
277 276
278 277 # GOOD KEY
279 278
280 279 key = User.get_by_username(username).api_key
281 280 response = self.app.get(url(controller='login',
282 281 action='password_reset_confirmation',
283 282 key=key))
284 283 self.assertEqual(response.status, '302 Found')
285 284 self.assertTrue(response.location.endswith(url('login_home')))
286 285
287 286 self.checkSessionFlash(response,
288 287 ('Your password reset was successful, '
289 288 'new password has been sent to your email'))
290 289
291 290 response = response.follow()
General Comments 0
You need to be logged in to leave comments. Login now