Show More
@@ -356,15 +356,14 b' class SettingsController(BaseController)' | |||||
356 | # h.form(url('admin_settings_my_account_update'), |
|
356 | # h.form(url('admin_settings_my_account_update'), | |
357 | # method='put') |
|
357 | # method='put') | |
358 | # url('admin_settings_my_account_update', id=ID) |
|
358 | # url('admin_settings_my_account_update', id=ID) | |
359 | user_model = UserModel() |
|
|||
360 | uid = self.rhodecode_user.user_id |
|
359 | uid = self.rhodecode_user.user_id | |
|
360 | email = self.rhodecode_user.email | |||
361 | _form = UserForm(edit=True, |
|
361 | _form = UserForm(edit=True, | |
362 | old_data={'user_id': uid, |
|
362 | old_data={'user_id': uid, 'email': email})() | |
363 | 'email': self.rhodecode_user.email})() |
|
|||
364 | form_result = {} |
|
363 | form_result = {} | |
365 | try: |
|
364 | try: | |
366 | form_result = _form.to_python(dict(request.POST)) |
|
365 | form_result = _form.to_python(dict(request.POST)) | |
367 |
|
|
366 | UserModel().update_my_account(uid, form_result) | |
368 | h.flash(_('Your account was updated successfully'), |
|
367 | h.flash(_('Your account was updated successfully'), | |
369 | category='success') |
|
368 | category='success') | |
370 | Session.commit() |
|
369 | Session.commit() |
@@ -446,16 +446,14 b' class User(Base, BaseModel):' | |||||
446 | return data |
|
446 | return data | |
447 |
|
447 | |||
448 | def __json__(self): |
|
448 | def __json__(self): | |
449 |
|
|
449 | data = dict( | |
450 | user_id=self.user_id, |
|
|||
451 | first_name=self.name, |
|
|||
452 | last_name=self.lastname, |
|
|||
453 | email=self.email, |
|
|||
454 | full_name=self.full_name, |
|
450 | full_name=self.full_name, | |
455 | full_name_or_username=self.full_name_or_username, |
|
451 | full_name_or_username=self.full_name_or_username, | |
456 | short_contact=self.short_contact, |
|
452 | short_contact=self.short_contact, | |
457 | full_contact=self.full_contact |
|
453 | full_contact=self.full_contact | |
458 | ) |
|
454 | ) | |
|
455 | data.update(self.get_api_data()) | |||
|
456 | return data | |||
459 |
|
457 | |||
460 |
|
458 | |||
461 | class UserEmailMap(Base, BaseModel): |
|
459 | class UserEmailMap(Base, BaseModel): |
@@ -66,6 +66,7 b' def UserForm(edit=False, old_data={}):' | |||||
66 | v.ValidUsername(edit, old_data)) |
|
66 | v.ValidUsername(edit, old_data)) | |
67 | if edit: |
|
67 | if edit: | |
68 | new_password = All( |
|
68 | new_password = All( | |
|
69 | v.ValidPassword(), | |||
69 | v.UnicodeString(strip=False, min=6, not_empty=False) |
|
70 | v.UnicodeString(strip=False, min=6, not_empty=False) | |
70 | ) |
|
71 | ) | |
71 | password_confirmation = All( |
|
72 | password_confirmation = All( | |
@@ -84,7 +85,7 b' def UserForm(edit=False, old_data={}):' | |||||
84 | ) |
|
85 | ) | |
85 |
|
86 | |||
86 | active = v.StringBoolean(if_missing=False) |
|
87 | active = v.StringBoolean(if_missing=False) | |
87 | name = v.UnicodeString(strip=True, min=1, not_empty=False) |
|
88 | firstname = v.UnicodeString(strip=True, min=1, not_empty=False) | |
88 | lastname = v.UnicodeString(strip=True, min=1, not_empty=False) |
|
89 | lastname = v.UnicodeString(strip=True, min=1, not_empty=False) | |
89 | email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data)) |
|
90 | email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data)) | |
90 |
|
91 |
@@ -96,6 +96,8 b' class UserModel(BaseModel):' | |||||
96 | for k, v in form_data.items(): |
|
96 | for k, v in form_data.items(): | |
97 | if k == 'password': |
|
97 | if k == 'password': | |
98 | v = get_crypt_password(v) |
|
98 | v = get_crypt_password(v) | |
|
99 | if k == 'firstname': | |||
|
100 | k = 'name' | |||
99 | setattr(new_user, k, v) |
|
101 | setattr(new_user, k, v) | |
100 |
|
102 | |||
101 | new_user.api_key = generate_api_key(form_data['username']) |
|
103 | new_user.api_key = generate_api_key(form_data['username']) | |
@@ -264,12 +266,13 b' class UserModel(BaseModel):' | |||||
264 | " crucial for entire application")) |
|
266 | " crucial for entire application")) | |
265 |
|
267 | |||
266 | for k, v in form_data.items(): |
|
268 | for k, v in form_data.items(): | |
267 |
if k == 'new_password' and v |
|
269 | if k == 'new_password' and v: | |
268 | user.password = get_crypt_password(v) |
|
270 | user.password = get_crypt_password(v) | |
269 | user.api_key = generate_api_key(user.username) |
|
271 | user.api_key = generate_api_key(user.username) | |
270 | else: |
|
272 | else: | |
|
273 | if k == 'firstname': | |||
|
274 | k = 'name' | |||
271 | setattr(user, k, v) |
|
275 | setattr(user, k, v) | |
272 |
|
||||
273 | self.sa.add(user) |
|
276 | self.sa.add(user) | |
274 | except: |
|
277 | except: | |
275 | log.error(traceback.format_exc()) |
|
278 | log.error(traceback.format_exc()) | |
@@ -285,10 +288,12 b' class UserModel(BaseModel):' | |||||
285 | " crucial for entire application") |
|
288 | " crucial for entire application") | |
286 | ) |
|
289 | ) | |
287 | for k, v in form_data.items(): |
|
290 | for k, v in form_data.items(): | |
288 |
if k == 'new_password' and v |
|
291 | if k == 'new_password' and v: | |
289 | user.password = get_crypt_password(v) |
|
292 | user.password = get_crypt_password(v) | |
290 | user.api_key = generate_api_key(user.username) |
|
293 | user.api_key = generate_api_key(user.username) | |
291 | else: |
|
294 | else: | |
|
295 | if k == 'firstname': | |||
|
296 | k = 'name' | |||
292 | if k not in ['admin', 'active']: |
|
297 | if k not in ['admin', 'active']: | |
293 | setattr(user, k, v) |
|
298 | setattr(user, k, v) | |
294 |
|
299 |
@@ -83,10 +83,10 b'' | |||||
83 |
|
83 | |||
84 | <div class="field"> |
|
84 | <div class="field"> | |
85 | <div class="label"> |
|
85 | <div class="label"> | |
86 | <label for="name">${_('First Name')}:</label> |
|
86 | <label for="firstname">${_('First Name')}:</label> | |
87 | </div> |
|
87 | </div> | |
88 | <div class="input"> |
|
88 | <div class="input"> | |
89 | ${h.text('name',class_='medium')} |
|
89 | ${h.text('firstname',class_='medium')} | |
90 | </div> |
|
90 | </div> | |
91 | </div> |
|
91 | </div> | |
92 |
|
92 |
@@ -53,7 +53,7 b'' | |||||
53 | <label for="name">${_('First Name')}:</label> |
|
53 | <label for="name">${_('First Name')}:</label> | |
54 | </div> |
|
54 | </div> | |
55 | <div class="input"> |
|
55 | <div class="input"> | |
56 | ${h.text('name',class_="medium")} |
|
56 | ${h.text('firstname',class_="medium")} | |
57 | </div> |
|
57 | </div> | |
58 | </div> |
|
58 | </div> | |
59 |
|
59 |
@@ -4,6 +4,7 b' from rhodecode.lib.auth import get_crypt' | |||||
4 | from rhodecode.model.db import User, RhodeCodeSetting |
|
4 | from rhodecode.model.db import User, RhodeCodeSetting | |
5 | from rhodecode.tests import * |
|
5 | from rhodecode.tests import * | |
6 | from rhodecode.lib import helpers as h |
|
6 | from rhodecode.lib import helpers as h | |
|
7 | from rhodecode.model.user import UserModel | |||
7 |
|
8 | |||
8 |
|
9 | |||
9 | class TestAdminSettingsController(TestController): |
|
10 | class TestAdminSettingsController(TestController): | |
@@ -68,8 +69,7 b' class TestAdminSettingsController(TestCo' | |||||
68 | .get_app_settings()['rhodecode_ga_code'], new_ga_code) |
|
69 | .get_app_settings()['rhodecode_ga_code'], new_ga_code) | |
69 |
|
70 | |||
70 | response = response.follow() |
|
71 | response = response.follow() | |
71 |
se |
|
72 | response.mustcontain("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code) | |
72 | in response.body) |
|
|||
73 |
|
73 | |||
74 | def test_ga_code_inactive(self): |
|
74 | def test_ga_code_inactive(self): | |
75 | self.log_user() |
|
75 | self.log_user() | |
@@ -90,8 +90,8 b' class TestAdminSettingsController(TestCo' | |||||
90 | .get_app_settings()['rhodecode_ga_code'], new_ga_code) |
|
90 | .get_app_settings()['rhodecode_ga_code'], new_ga_code) | |
91 |
|
91 | |||
92 | response = response.follow() |
|
92 | response = response.follow() | |
93 |
self.assert |
|
93 | self.assertFalse("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code | |
94 |
|
|
94 | in response.body) | |
95 |
|
95 | |||
96 | def test_title_change(self): |
|
96 | def test_title_change(self): | |
97 | self.log_user() |
|
97 | self.log_user() | |
@@ -114,8 +114,7 b' class TestAdminSettingsController(TestCo' | |||||
114 | new_title.decode('utf-8')) |
|
114 | new_title.decode('utf-8')) | |
115 |
|
115 | |||
116 | response = response.follow() |
|
116 | response = response.follow() | |
117 |
se |
|
117 | response.mustcontain("""<h1><a href="/">%s</a></h1>""" % new_title) | |
118 | in response.body) |
|
|||
119 |
|
118 | |||
120 | def test_my_account(self): |
|
119 | def test_my_account(self): | |
121 | self.log_user() |
|
120 | self.log_user() | |
@@ -123,74 +122,73 b' class TestAdminSettingsController(TestCo' | |||||
123 |
|
122 | |||
124 | self.assertTrue('value="test_admin' in response.body) |
|
123 | self.assertTrue('value="test_admin' in response.body) | |
125 |
|
124 | |||
126 | def test_my_account_update(self): |
|
125 | @parameterized.expand([('firstname', 'new_username'), | |
127 | self.log_user() |
|
126 | ('lastname', 'new_username'), | |
128 |
|
127 | ('admin', True), | ||
129 | new_email = 'new@mail.pl' |
|
128 | ('admin', False), | |
130 | new_name = 'NewName' |
|
129 | ('ldap_dn', 'test'), | |
131 | new_lastname = 'NewLastname' |
|
130 | ('ldap_dn', None), | |
132 | new_password = 'test123' |
|
131 | ('active', False), | |
133 |
|
132 | ('active', True), | ||
134 | response = self.app.post(url('admin_settings_my_account_update'), |
|
133 | ('email', 'some@email.com'), | |
135 |
|
|
134 | ]) | |
136 | username='test_admin', |
|
135 | def test_my_account_update(self, name, expected): | |
137 | new_password=new_password, |
|
136 | uname = 'testme' | |
138 | password_confirmation=new_password, |
|
137 | usr = UserModel().create_or_update(username=uname, password='qweqwe', | |
139 |
|
|
138 | email='testme@rhodecod.org') | |
140 | name=new_name, |
|
139 | self.Session().commit() | |
141 | lastname=new_lastname, |
|
140 | params = usr.get_api_data() | |
142 | email=new_email,)) |
|
141 | user_id = usr.user_id | |
143 | response.follow() |
|
142 | self.log_user(username=uname, password='qweqwe') | |
|
143 | params.update({name: expected}) | |||
|
144 | params.update({'password_confirmation': ''}) | |||
|
145 | params.update({'new_password': ''}) | |||
144 |
|
146 | |||
145 | assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change' |
|
147 | try: | |
146 | user = self.Session.query(User).filter(User.username == 'test_admin').one() |
|
148 | response = self.app.put(url('admin_settings_my_account_update', | |
147 | assert user.email == new_email, 'incorrect user email after update got %s vs %s' % (user.email, new_email) |
|
149 | id=user_id), params) | |
148 | assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name) |
|
|||
149 | assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname) |
|
|||
150 | assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password) |
|
|||
151 |
|
150 | |||
152 | #bring back the admin settings |
|
|||
153 | old_email = 'test_admin@mail.com' |
|
|||
154 | old_name = 'RhodeCode' |
|
|||
155 | old_lastname = 'Admin' |
|
|||
156 | old_password = 'test12' |
|
|||
157 |
|
||||
158 | response = self.app.post(url('admin_settings_my_account_update'), params=dict( |
|
|||
159 | _method='put', |
|
|||
160 | username='test_admin', |
|
|||
161 | new_password=old_password, |
|
|||
162 | password_confirmation=old_password, |
|
|||
163 | password='', |
|
|||
164 | name=old_name, |
|
|||
165 | lastname=old_lastname, |
|
|||
166 | email=old_email,)) |
|
|||
167 |
|
||||
168 | response.follow() |
|
|||
169 | self.checkSessionFlash(response, |
|
151 | self.checkSessionFlash(response, | |
170 | 'Your account was updated successfully') |
|
152 | 'Your account was updated successfully') | |
171 |
|
153 | |||
172 | user = self.Session.query(User).filter(User.username == 'test_admin').one() |
|
154 | updated_user = User.get_by_username(uname) | |
173 | assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email) |
|
155 | updated_params = updated_user.get_api_data() | |
|
156 | updated_params.update({'password_confirmation': ''}) | |||
|
157 | updated_params.update({'new_password': ''}) | |||
174 |
|
158 | |||
175 | assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email) |
|
159 | params['last_login'] = updated_params['last_login'] | |
176 | assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name) |
|
160 | if name == 'email': | |
177 | assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname) |
|
161 | params['emails'] = [expected] | |
178 | assert check_password(old_password, user.password) is True, 'password updated field mismatch %s vs %s' % (user.password, old_password) |
|
162 | if name == 'ldap_dn': | |
|
163 | #cannot update this via form | |||
|
164 | params['ldap_dn'] = None | |||
|
165 | if name == 'active': | |||
|
166 | #my account cannot deactivate account | |||
|
167 | params['active'] = True | |||
|
168 | if name == 'admin': | |||
|
169 | #my account cannot make you an admin ! | |||
|
170 | params['admin'] = False | |||
|
171 | ||||
|
172 | self.assertEqual(params, updated_params) | |||
|
173 | ||||
|
174 | finally: | |||
|
175 | UserModel().delete('testme') | |||
179 |
|
176 | |||
180 | def test_my_account_update_err_email_exists(self): |
|
177 | def test_my_account_update_err_email_exists(self): | |
181 | self.log_user() |
|
178 | self.log_user() | |
182 |
|
179 | |||
183 | new_email = 'test_regular@mail.com' # already exisitn email |
|
180 | new_email = 'test_regular@mail.com' # already exisitn email | |
184 |
response = self.app.p |
|
181 | response = self.app.put(url('admin_settings_my_account_update'), | |
185 | _method='put', |
|
182 | params=dict( | |
186 |
|
|
183 | username='test_admin', | |
187 |
|
|
184 | new_password='test12', | |
188 |
|
|
185 | password_confirmation='test122', | |
189 |
|
|
186 | firstname='NewName', | |
190 |
|
|
187 | lastname='NewLastname', | |
191 |
|
|
188 | email=new_email,) | |
|
189 | ) | |||
192 |
|
190 | |||
193 | assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email' |
|
191 | response.mustcontain('This e-mail address is already taken') | |
194 |
|
192 | |||
195 | def test_my_account_update_err(self): |
|
193 | def test_my_account_update_err(self): | |
196 | self.log_user('test_regular2', 'test12') |
|
194 | self.log_user('test_regular2', 'test12') | |
@@ -202,7 +200,7 b' class TestAdminSettingsController(TestCo' | |||||
202 | username='test_admin', |
|
200 | username='test_admin', | |
203 | new_password='test12', |
|
201 | new_password='test12', | |
204 | password_confirmation='test122', |
|
202 | password_confirmation='test122', | |
205 | name='NewName', |
|
203 | firstname='NewName', | |
206 | lastname='NewLastname', |
|
204 | lastname='NewLastname', | |
207 | email=new_email,) |
|
205 | email=new_email,) | |
208 | ) |
|
206 | ) |
@@ -31,14 +31,13 b' class TestAdminUsersController(TestContr' | |||||
31 | {'username': username, |
|
31 | {'username': username, | |
32 | 'password': password, |
|
32 | 'password': password, | |
33 | 'password_confirmation': password_confirmation, |
|
33 | 'password_confirmation': password_confirmation, | |
34 | 'name': name, |
|
34 | 'firstname': name, | |
35 | 'active': True, |
|
35 | 'active': True, | |
36 | 'lastname': lastname, |
|
36 | 'lastname': lastname, | |
37 | 'email': email}) |
|
37 | 'email': email}) | |
38 |
|
38 | |||
39 | self.checkSessionFlash(response, '''created user %s''' % (username)) |
|
39 | self.checkSessionFlash(response, '''created user %s''' % (username)) | |
40 |
|
40 | |||
41 |
|
||||
42 | new_user = self.Session.query(User).\ |
|
41 | new_user = self.Session.query(User).\ | |
43 | filter(User.username == username).one() |
|
42 | filter(User.username == username).one() | |
44 |
|
43 | |||
@@ -50,7 +49,7 b' class TestAdminUsersController(TestContr' | |||||
50 |
|
49 | |||
51 | response.follow() |
|
50 | response.follow() | |
52 | response = response.follow() |
|
51 | response = response.follow() | |
53 |
se |
|
52 | response.mustcontain("""edit">newtestuser</a>""") | |
54 |
|
53 | |||
55 | def test_create_err(self): |
|
54 | def test_create_err(self): | |
56 | self.log_user() |
|
55 | self.log_user() | |
@@ -85,8 +84,45 b' class TestAdminUsersController(TestContr' | |||||
85 | def test_new_as_xml(self): |
|
84 | def test_new_as_xml(self): | |
86 | response = self.app.get(url('formatted_new_user', format='xml')) |
|
85 | response = self.app.get(url('formatted_new_user', format='xml')) | |
87 |
|
86 | |||
88 | def test_update(self): |
|
87 | @parameterized.expand([('firstname', 'new_username'), | |
89 | response = self.app.put(url('user', id=1)) |
|
88 | ('lastname', 'new_username'), | |
|
89 | ('admin', True), | |||
|
90 | ('admin', False), | |||
|
91 | ('ldap_dn', 'test'), | |||
|
92 | ('ldap_dn', None), | |||
|
93 | ('active', False), | |||
|
94 | ('active', True), | |||
|
95 | ('email', 'some@email.com'), | |||
|
96 | ]) | |||
|
97 | def test_update(self, name, expected): | |||
|
98 | self.log_user() | |||
|
99 | uname = 'testme' | |||
|
100 | usr = UserModel().create_or_update(username=uname, password='qweqwe', | |||
|
101 | email='testme@rhodecod.org') | |||
|
102 | self.Session().commit() | |||
|
103 | params = usr.get_api_data() | |||
|
104 | params.update({name: expected}) | |||
|
105 | params.update({'password_confirmation': ''}) | |||
|
106 | params.update({'new_password': ''}) | |||
|
107 | if name == 'email': | |||
|
108 | params['emails'] = [expected] | |||
|
109 | if name == 'ldap_dn': | |||
|
110 | #cannot update this via form | |||
|
111 | params['ldap_dn'] = None | |||
|
112 | try: | |||
|
113 | response = self.app.put(url('user', id=usr.user_id), params) | |||
|
114 | ||||
|
115 | self.checkSessionFlash(response, '''User updated successfully''') | |||
|
116 | ||||
|
117 | updated_user = User.get_by_username(uname) | |||
|
118 | updated_params = updated_user.get_api_data() | |||
|
119 | updated_params.update({'password_confirmation': ''}) | |||
|
120 | updated_params.update({'new_password': ''}) | |||
|
121 | ||||
|
122 | self.assertEqual(params, updated_params) | |||
|
123 | ||||
|
124 | finally: | |||
|
125 | UserModel().delete('testme') | |||
90 |
|
126 | |||
91 | def test_update_browser_fakeout(self): |
|
127 | def test_update_browser_fakeout(self): | |
92 | response = self.app.post(url('user', id=1), params=dict(_method='put')) |
|
128 | response = self.app.post(url('user', id=1), params=dict(_method='put')) | |
@@ -102,7 +138,7 b' class TestAdminUsersController(TestContr' | |||||
102 | response = self.app.post(url('users'), {'username': username, |
|
138 | response = self.app.post(url('users'), {'username': username, | |
103 | 'password': password, |
|
139 | 'password': password, | |
104 | 'password_confirmation': password, |
|
140 | 'password_confirmation': password, | |
105 | 'name': name, |
|
141 | 'firstname': name, | |
106 | 'active': True, |
|
142 | 'active': True, | |
107 | 'lastname': lastname, |
|
143 | 'lastname': lastname, | |
108 | 'email': email}) |
|
144 | 'email': email}) |
General Comments 0
You need to be logged in to leave comments.
Login now