Show More
@@ -1,459 +1,459 b'' | |||
|
1 | 1 | """ this is forms validation classes |
|
2 | 2 | http://formencode.org/module-formencode.validators.html |
|
3 | 3 | for list off all availible validators |
|
4 | 4 | |
|
5 | 5 | we can create our own validators |
|
6 | 6 | |
|
7 | 7 | The table below outlines the options which can be used in a schema in addition to the validators themselves |
|
8 | 8 | pre_validators [] These validators will be applied before the schema |
|
9 | 9 | chained_validators [] These validators will be applied after the schema |
|
10 | 10 | allow_extra_fields False If True, then it is not an error when keys that aren't associated with a validator are present |
|
11 | 11 | filter_extra_fields False If True, then keys that aren't associated with a validator are removed |
|
12 | 12 | if_key_missing NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value. |
|
13 | 13 | ignore_key_missing False If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already |
|
14 | 14 | |
|
15 | 15 | |
|
16 | 16 | <name> = formencode.validators.<name of validator> |
|
17 | 17 | <name> must equal form name |
|
18 | 18 | list=[1,2,3,4,5] |
|
19 | 19 | for SELECT use formencode.All(OneOf(list), Int()) |
|
20 | 20 | |
|
21 | 21 | """ |
|
22 | 22 | from formencode import All |
|
23 | 23 | from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \ |
|
24 | 24 | Email, Bool, StringBoolean |
|
25 | 25 | from pylons import session |
|
26 | 26 | from pylons.i18n.translation import _ |
|
27 | 27 | from rhodecode.lib.auth import authfunc, get_crypt_password |
|
28 | 28 | from rhodecode.lib.exceptions import LdapImportError |
|
29 | 29 | from rhodecode.model import meta |
|
30 | 30 | from rhodecode.model.user import UserModel |
|
31 | 31 | from rhodecode.model.repo import RepoModel |
|
32 | 32 | from rhodecode.model.db import User |
|
33 | 33 | from webhelpers.pylonslib.secure_form import authentication_token |
|
34 | 34 | from rhodecode import BACKENDS |
|
35 | 35 | import formencode |
|
36 | 36 | import logging |
|
37 | 37 | import os |
|
38 | 38 | import re |
|
39 | 39 | import rhodecode.lib.helpers as h |
|
40 | 40 | |
|
41 | 41 | log = logging.getLogger(__name__) |
|
42 | 42 | |
|
43 | 43 | #this is needed to translate the messages using _() in validators |
|
44 | 44 | class State_obj(object): |
|
45 | 45 | _ = staticmethod(_) |
|
46 | 46 | |
|
47 | 47 | #=============================================================================== |
|
48 | 48 | # VALIDATORS |
|
49 | 49 | #=============================================================================== |
|
50 | 50 | class ValidAuthToken(formencode.validators.FancyValidator): |
|
51 | 51 | messages = {'invalid_token':_('Token mismatch')} |
|
52 | 52 | |
|
53 | 53 | def validate_python(self, value, state): |
|
54 | 54 | |
|
55 | 55 | if value != authentication_token(): |
|
56 | 56 | raise formencode.Invalid(self.message('invalid_token', state, |
|
57 | 57 | search_number=value), value, state) |
|
58 | 58 | |
|
59 | 59 | def ValidUsername(edit, old_data): |
|
60 | 60 | class _ValidUsername(formencode.validators.FancyValidator): |
|
61 | 61 | |
|
62 | 62 | def validate_python(self, value, state): |
|
63 | 63 | if value in ['default', 'new_user']: |
|
64 | 64 | raise formencode.Invalid(_('Invalid username'), value, state) |
|
65 | 65 | #check if user is unique |
|
66 | 66 | old_un = None |
|
67 | 67 | if edit: |
|
68 | 68 | old_un = UserModel().get(old_data.get('user_id')).username |
|
69 | 69 | |
|
70 | 70 | if old_un != value or not edit: |
|
71 | 71 | if UserModel().get_by_username(value, cache=False, |
|
72 | 72 | case_insensitive=True): |
|
73 | 73 | raise formencode.Invalid(_('This username already exists') , |
|
74 | 74 | value, state) |
|
75 | ||
|
76 | ||
|
77 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-]+$', value) is None: | |
|
75 | ||
|
76 | ||
|
77 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_]+$', value) is None: | |
|
78 | 78 | raise formencode.Invalid(_('Username may only contain ' |
|
79 | 'alphanumeric characters ' | |
|
80 |
'or dashes and |
|
|
79 | 'alphanumeric characters underscores ' | |
|
80 | 'or dashes and must begin with ' | |
|
81 | 'alphanumeric character'), | |
|
81 | 82 | value, state) |
|
82 | ||
|
83 | ||
|
84 | ||
|
83 | ||
|
84 | ||
|
85 | ||
|
85 | 86 | return _ValidUsername |
|
86 | 87 | |
|
87 | 88 | class ValidPassword(formencode.validators.FancyValidator): |
|
88 | 89 | |
|
89 | 90 | def to_python(self, value, state): |
|
90 | 91 | |
|
91 | 92 | if value: |
|
92 | 93 | |
|
93 | 94 | if value.get('password'): |
|
94 | 95 | try: |
|
95 | 96 | value['password'] = get_crypt_password(value['password']) |
|
96 | 97 | except UnicodeEncodeError: |
|
97 | 98 | e_dict = {'password':_('Invalid characters in password')} |
|
98 | 99 | raise formencode.Invalid('', value, state, error_dict=e_dict) |
|
99 | 100 | |
|
100 | 101 | if value.get('password_confirmation'): |
|
101 | 102 | try: |
|
102 | 103 | value['password_confirmation'] = \ |
|
103 | 104 | get_crypt_password(value['password_confirmation']) |
|
104 | 105 | except UnicodeEncodeError: |
|
105 | 106 | e_dict = {'password_confirmation':_('Invalid characters in password')} |
|
106 | 107 | raise formencode.Invalid('', value, state, error_dict=e_dict) |
|
107 | 108 | |
|
108 | 109 | if value.get('new_password'): |
|
109 | 110 | try: |
|
110 | 111 | value['new_password'] = \ |
|
111 | 112 | get_crypt_password(value['new_password']) |
|
112 | 113 | except UnicodeEncodeError: |
|
113 | 114 | e_dict = {'new_password':_('Invalid characters in password')} |
|
114 | 115 | raise formencode.Invalid('', value, state, error_dict=e_dict) |
|
115 | 116 | |
|
116 | 117 | return value |
|
117 | 118 | |
|
118 | 119 | class ValidPasswordsMatch(formencode.validators.FancyValidator): |
|
119 | 120 | |
|
120 | 121 | def validate_python(self, value, state): |
|
121 | 122 | |
|
122 | 123 | if value['password'] != value['password_confirmation']: |
|
123 | 124 | e_dict = {'password_confirmation': |
|
124 | 125 | _('Password do not match')} |
|
125 | 126 | raise formencode.Invalid('', value, state, error_dict=e_dict) |
|
126 | 127 | |
|
127 | 128 | class ValidAuth(formencode.validators.FancyValidator): |
|
128 | 129 | messages = { |
|
129 | 130 | 'invalid_password':_('invalid password'), |
|
130 | 131 | 'invalid_login':_('invalid user name'), |
|
131 | 132 | 'disabled_account':_('Your account is disabled') |
|
132 | 133 | |
|
133 | 134 | } |
|
134 | 135 | #error mapping |
|
135 | 136 | e_dict = {'username':messages['invalid_login'], |
|
136 | 137 | 'password':messages['invalid_password']} |
|
137 | 138 | e_dict_disable = {'username':messages['disabled_account']} |
|
138 | 139 | |
|
139 | 140 | def validate_python(self, value, state): |
|
140 | 141 | password = value['password'] |
|
141 | 142 | username = value['username'] |
|
142 | 143 | user = UserModel().get_by_username(username) |
|
143 | 144 | |
|
144 | 145 | if authfunc(None, username, password): |
|
145 | 146 | return value |
|
146 | 147 | else: |
|
147 | 148 | if user and user.active is False: |
|
148 | 149 | log.warning('user %s is disabled', username) |
|
149 | 150 | raise formencode.Invalid(self.message('disabled_account', |
|
150 | 151 | state=State_obj), |
|
151 | 152 | value, state, |
|
152 | 153 | error_dict=self.e_dict_disable) |
|
153 | 154 | else: |
|
154 | 155 | log.warning('user %s not authenticated', username) |
|
155 | 156 | raise formencode.Invalid(self.message('invalid_password', |
|
156 | 157 | state=State_obj), value, state, |
|
157 | 158 | error_dict=self.e_dict) |
|
158 | 159 | |
|
159 | 160 | class ValidRepoUser(formencode.validators.FancyValidator): |
|
160 | 161 | |
|
161 | 162 | def to_python(self, value, state): |
|
162 | 163 | sa = meta.Session() |
|
163 | 164 | try: |
|
164 | 165 | self.user_db = sa.query(User)\ |
|
165 | 166 | .filter(User.active == True)\ |
|
166 | 167 | .filter(User.username == value).one() |
|
167 | 168 | except Exception: |
|
168 | 169 | raise formencode.Invalid(_('This username is not valid'), |
|
169 | 170 | value, state) |
|
170 | 171 | finally: |
|
171 | 172 | meta.Session.remove() |
|
172 | 173 | |
|
173 | 174 | return self.user_db.user_id |
|
174 | 175 | |
|
175 | 176 | def ValidRepoName(edit, old_data): |
|
176 | 177 | class _ValidRepoName(formencode.validators.FancyValidator): |
|
177 | 178 | |
|
178 | 179 | def to_python(self, value, state): |
|
179 | 180 | slug = h.repo_name_slug(value) |
|
180 | 181 | if slug in ['_admin']: |
|
181 | 182 | raise formencode.Invalid(_('This repository name is disallowed'), |
|
182 | 183 | value, state) |
|
183 | 184 | if old_data.get('repo_name') != value or not edit: |
|
184 | 185 | if RepoModel().get_by_repo_name(slug, cache=False): |
|
185 | 186 | raise formencode.Invalid(_('This repository already exists') , |
|
186 | 187 | value, state) |
|
187 | 188 | return slug |
|
188 | 189 | |
|
189 | 190 | |
|
190 | 191 | return _ValidRepoName |
|
191 | 192 | |
|
192 | 193 | def ValidForkType(old_data): |
|
193 | 194 | class _ValidForkType(formencode.validators.FancyValidator): |
|
194 | 195 | |
|
195 | 196 | def to_python(self, value, state): |
|
196 | 197 | if old_data['repo_type'] != value: |
|
197 | 198 | raise formencode.Invalid(_('Fork have to be the same type as original'), |
|
198 | 199 | value, state) |
|
199 | 200 | return value |
|
200 | 201 | return _ValidForkType |
|
201 | 202 | |
|
202 | 203 | class ValidPerms(formencode.validators.FancyValidator): |
|
203 | 204 | messages = {'perm_new_user_name':_('This username is not valid')} |
|
204 | 205 | |
|
205 | 206 | def to_python(self, value, state): |
|
206 | 207 | perms_update = [] |
|
207 | 208 | perms_new = [] |
|
208 | 209 | #build a list of permission to update and new permission to create |
|
209 | 210 | for k, v in value.items(): |
|
210 | 211 | if k.startswith('perm_'): |
|
211 | 212 | if k.startswith('perm_new_user'): |
|
212 | 213 | new_perm = value.get('perm_new_user', False) |
|
213 | 214 | new_user = value.get('perm_new_user_name', False) |
|
214 | 215 | if new_user and new_perm: |
|
215 | 216 | if (new_user, new_perm) not in perms_new: |
|
216 | 217 | perms_new.append((new_user, new_perm)) |
|
217 | 218 | else: |
|
218 | 219 | usr = k[5:] |
|
219 | 220 | if usr == 'default': |
|
220 | 221 | if value['private']: |
|
221 | 222 | #set none for default when updating to private repo |
|
222 | 223 | v = 'repository.none' |
|
223 | 224 | perms_update.append((usr, v)) |
|
224 | 225 | value['perms_updates'] = perms_update |
|
225 | 226 | value['perms_new'] = perms_new |
|
226 | 227 | sa = meta.Session |
|
227 | 228 | for k, v in perms_new: |
|
228 | 229 | try: |
|
229 | 230 | self.user_db = sa.query(User)\ |
|
230 | 231 | .filter(User.active == True)\ |
|
231 | 232 | .filter(User.username == k).one() |
|
232 | 233 | except Exception: |
|
233 | 234 | msg = self.message('perm_new_user_name', |
|
234 | 235 | state=State_obj) |
|
235 | 236 | raise formencode.Invalid(msg, value, state, |
|
236 | 237 | error_dict={'perm_new_user_name':msg}) |
|
237 | 238 | return value |
|
238 | 239 | |
|
239 | 240 | class ValidSettings(formencode.validators.FancyValidator): |
|
240 | 241 | |
|
241 | 242 | def to_python(self, value, state): |
|
242 | 243 | #settings form can't edit user |
|
243 | 244 | if value.has_key('user'): |
|
244 | 245 | del['value']['user'] |
|
245 | 246 | |
|
246 | 247 | return value |
|
247 | 248 | |
|
248 | 249 | class ValidPath(formencode.validators.FancyValidator): |
|
249 | 250 | def to_python(self, value, state): |
|
250 | 251 | |
|
251 | 252 | if not os.path.isdir(value): |
|
252 | 253 | msg = _('This is not a valid path') |
|
253 | 254 | raise formencode.Invalid(msg, value, state, |
|
254 | 255 | error_dict={'paths_root_path':msg}) |
|
255 | 256 | return value |
|
256 | 257 | |
|
257 | 258 | def UniqSystemEmail(old_data): |
|
258 | 259 | class _UniqSystemEmail(formencode.validators.FancyValidator): |
|
259 | 260 | def to_python(self, value, state): |
|
260 | 261 | value = value.lower() |
|
261 | #TODO:write test for MixedCase scenarios | |
|
262 | 262 | if old_data.get('email') != value: |
|
263 | 263 | sa = meta.Session() |
|
264 | 264 | try: |
|
265 | 265 | user = sa.query(User).filter(User.email == value).scalar() |
|
266 | 266 | if user: |
|
267 | 267 | raise formencode.Invalid(_("That e-mail address is already taken") , |
|
268 | 268 | value, state) |
|
269 | 269 | finally: |
|
270 | 270 | meta.Session.remove() |
|
271 | 271 | |
|
272 | 272 | return value |
|
273 | 273 | |
|
274 | 274 | return _UniqSystemEmail |
|
275 | 275 | |
|
276 | 276 | class ValidSystemEmail(formencode.validators.FancyValidator): |
|
277 | 277 | def to_python(self, value, state): |
|
278 | 278 | value = value.lower() |
|
279 | 279 | sa = meta.Session |
|
280 | 280 | try: |
|
281 | 281 | user = sa.query(User).filter(User.email == value).scalar() |
|
282 | 282 | if user is None: |
|
283 | 283 | raise formencode.Invalid(_("That e-mail address doesn't exist.") , |
|
284 | 284 | value, state) |
|
285 | 285 | finally: |
|
286 | 286 | meta.Session.remove() |
|
287 | 287 | |
|
288 | 288 | return value |
|
289 | 289 | |
|
290 | 290 | class LdapLibValidator(formencode.validators.FancyValidator): |
|
291 | 291 | |
|
292 | 292 | def to_python(self, value, state): |
|
293 | 293 | |
|
294 | 294 | try: |
|
295 | 295 | import ldap |
|
296 | 296 | except ImportError: |
|
297 | 297 | raise LdapImportError |
|
298 | 298 | return value |
|
299 | 299 | |
|
300 | 300 | #=============================================================================== |
|
301 | 301 | # FORMS |
|
302 | 302 | #=============================================================================== |
|
303 | 303 | class LoginForm(formencode.Schema): |
|
304 | 304 | allow_extra_fields = True |
|
305 | 305 | filter_extra_fields = True |
|
306 | 306 | username = UnicodeString( |
|
307 | 307 | strip=True, |
|
308 | 308 | min=1, |
|
309 | 309 | not_empty=True, |
|
310 | 310 | messages={ |
|
311 | 311 | 'empty':_('Please enter a login'), |
|
312 | 312 | 'tooShort':_('Enter a value %(min)i characters long or more')} |
|
313 | 313 | ) |
|
314 | 314 | |
|
315 | 315 | password = UnicodeString( |
|
316 | 316 | strip=True, |
|
317 | 317 | min=6, |
|
318 | 318 | not_empty=True, |
|
319 | 319 | messages={ |
|
320 | 320 | 'empty':_('Please enter a password'), |
|
321 | 321 | 'tooShort':_('Enter %(min)i characters or more')} |
|
322 | 322 | ) |
|
323 | 323 | |
|
324 | 324 | |
|
325 | 325 | #chained validators have access to all data |
|
326 | 326 | chained_validators = [ValidAuth] |
|
327 | 327 | |
|
328 | 328 | def UserForm(edit=False, old_data={}): |
|
329 | 329 | class _UserForm(formencode.Schema): |
|
330 | 330 | allow_extra_fields = True |
|
331 | 331 | filter_extra_fields = True |
|
332 | 332 | username = All(UnicodeString(strip=True, min=1, not_empty=True), |
|
333 | 333 | ValidUsername(edit, old_data)) |
|
334 | 334 | if edit: |
|
335 | 335 | new_password = All(UnicodeString(strip=True, min=6, not_empty=False)) |
|
336 | 336 | admin = StringBoolean(if_missing=False) |
|
337 | 337 | else: |
|
338 | 338 | password = All(UnicodeString(strip=True, min=6, not_empty=True)) |
|
339 | 339 | active = StringBoolean(if_missing=False) |
|
340 | 340 | name = UnicodeString(strip=True, min=1, not_empty=True) |
|
341 | 341 | lastname = UnicodeString(strip=True, min=1, not_empty=True) |
|
342 | 342 | email = All(Email(not_empty=True), UniqSystemEmail(old_data)) |
|
343 | 343 | |
|
344 | 344 | chained_validators = [ValidPassword] |
|
345 | 345 | |
|
346 | 346 | return _UserForm |
|
347 | 347 | |
|
348 | 348 | def RegisterForm(edit=False, old_data={}): |
|
349 | 349 | class _RegisterForm(formencode.Schema): |
|
350 | 350 | allow_extra_fields = True |
|
351 | 351 | filter_extra_fields = True |
|
352 | 352 | username = All(ValidUsername(edit, old_data), |
|
353 | 353 | UnicodeString(strip=True, min=1, not_empty=True)) |
|
354 | 354 | password = All(UnicodeString(strip=True, min=6, not_empty=True)) |
|
355 | 355 | password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=True)) |
|
356 | 356 | active = StringBoolean(if_missing=False) |
|
357 | 357 | name = UnicodeString(strip=True, min=1, not_empty=True) |
|
358 | 358 | lastname = UnicodeString(strip=True, min=1, not_empty=True) |
|
359 | 359 | email = All(Email(not_empty=True), UniqSystemEmail(old_data)) |
|
360 | 360 | |
|
361 | 361 | chained_validators = [ValidPasswordsMatch, ValidPassword] |
|
362 | 362 | |
|
363 | 363 | return _RegisterForm |
|
364 | 364 | |
|
365 | 365 | def PasswordResetForm(): |
|
366 | 366 | class _PasswordResetForm(formencode.Schema): |
|
367 | 367 | allow_extra_fields = True |
|
368 | 368 | filter_extra_fields = True |
|
369 | 369 | email = All(ValidSystemEmail(), Email(not_empty=True)) |
|
370 | 370 | return _PasswordResetForm |
|
371 | 371 | |
|
372 | 372 | def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()): |
|
373 | 373 | class _RepoForm(formencode.Schema): |
|
374 | 374 | allow_extra_fields = True |
|
375 | 375 | filter_extra_fields = False |
|
376 | 376 | repo_name = All(UnicodeString(strip=True, min=1, not_empty=True), |
|
377 | 377 | ValidRepoName(edit, old_data)) |
|
378 | 378 | description = UnicodeString(strip=True, min=1, not_empty=True) |
|
379 | 379 | private = StringBoolean(if_missing=False) |
|
380 | 380 | repo_type = OneOf(supported_backends) |
|
381 | 381 | if edit: |
|
382 | 382 | user = All(Int(not_empty=True), ValidRepoUser) |
|
383 | 383 | |
|
384 | 384 | chained_validators = [ValidPerms] |
|
385 | 385 | return _RepoForm |
|
386 | 386 | |
|
387 | 387 | def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()): |
|
388 | 388 | class _RepoForkForm(formencode.Schema): |
|
389 | 389 | allow_extra_fields = True |
|
390 | 390 | filter_extra_fields = False |
|
391 | 391 | fork_name = All(UnicodeString(strip=True, min=1, not_empty=True), |
|
392 | 392 | ValidRepoName(edit, old_data)) |
|
393 | 393 | description = UnicodeString(strip=True, min=1, not_empty=True) |
|
394 | 394 | private = StringBoolean(if_missing=False) |
|
395 | 395 | repo_type = All(ValidForkType(old_data), OneOf(supported_backends)) |
|
396 | 396 | return _RepoForkForm |
|
397 | 397 | |
|
398 | 398 | def RepoSettingsForm(edit=False, old_data={}): |
|
399 | 399 | class _RepoForm(formencode.Schema): |
|
400 | 400 | allow_extra_fields = True |
|
401 | 401 | filter_extra_fields = False |
|
402 | 402 | repo_name = All(UnicodeString(strip=True, min=1, not_empty=True), |
|
403 | 403 | ValidRepoName(edit, old_data)) |
|
404 | 404 | description = UnicodeString(strip=True, min=1, not_empty=True) |
|
405 | 405 | private = StringBoolean(if_missing=False) |
|
406 | 406 | |
|
407 | 407 | chained_validators = [ValidPerms, ValidSettings] |
|
408 | 408 | return _RepoForm |
|
409 | 409 | |
|
410 | 410 | |
|
411 | 411 | def ApplicationSettingsForm(): |
|
412 | 412 | class _ApplicationSettingsForm(formencode.Schema): |
|
413 | 413 | allow_extra_fields = True |
|
414 | 414 | filter_extra_fields = False |
|
415 | 415 | rhodecode_title = UnicodeString(strip=True, min=1, not_empty=True) |
|
416 | 416 | rhodecode_realm = UnicodeString(strip=True, min=1, not_empty=True) |
|
417 | 417 | |
|
418 | 418 | return _ApplicationSettingsForm |
|
419 | 419 | |
|
420 | 420 | def ApplicationUiSettingsForm(): |
|
421 | 421 | class _ApplicationUiSettingsForm(formencode.Schema): |
|
422 | 422 | allow_extra_fields = True |
|
423 | 423 | filter_extra_fields = False |
|
424 | 424 | web_push_ssl = OneOf(['true', 'false'], if_missing='false') |
|
425 | 425 | paths_root_path = All(ValidPath(), UnicodeString(strip=True, min=1, not_empty=True)) |
|
426 | 426 | hooks_changegroup_update = OneOf(['True', 'False'], if_missing=False) |
|
427 | 427 | hooks_changegroup_repo_size = OneOf(['True', 'False'], if_missing=False) |
|
428 | 428 | hooks_pretxnchangegroup_push_logger = OneOf(['True', 'False'], if_missing=False) |
|
429 | 429 | hooks_preoutgoing_pull_logger = OneOf(['True', 'False'], if_missing=False) |
|
430 | 430 | |
|
431 | 431 | return _ApplicationUiSettingsForm |
|
432 | 432 | |
|
433 | 433 | def DefaultPermissionsForm(perms_choices, register_choices, create_choices): |
|
434 | 434 | class _DefaultPermissionsForm(formencode.Schema): |
|
435 | 435 | allow_extra_fields = True |
|
436 | 436 | filter_extra_fields = True |
|
437 | 437 | overwrite_default = StringBoolean(if_missing=False) |
|
438 | 438 | anonymous = OneOf(['True', 'False'], if_missing=False) |
|
439 | 439 | default_perm = OneOf(perms_choices) |
|
440 | 440 | default_register = OneOf(register_choices) |
|
441 | 441 | default_create = OneOf(create_choices) |
|
442 | 442 | |
|
443 | 443 | return _DefaultPermissionsForm |
|
444 | 444 | |
|
445 | 445 | |
|
446 | 446 | def LdapSettingsForm(): |
|
447 | 447 | class _LdapSettingsForm(formencode.Schema): |
|
448 | 448 | allow_extra_fields = True |
|
449 | 449 | filter_extra_fields = True |
|
450 | 450 | pre_validators = [LdapLibValidator] |
|
451 | 451 | ldap_active = StringBoolean(if_missing=False) |
|
452 | 452 | ldap_host = UnicodeString(strip=True,) |
|
453 | 453 | ldap_port = Number(strip=True,) |
|
454 | 454 | ldap_ldaps = StringBoolean(if_missing=False) |
|
455 | 455 | ldap_dn_user = UnicodeString(strip=True,) |
|
456 | 456 | ldap_dn_pass = UnicodeString(strip=True,) |
|
457 | 457 | ldap_base_dn = UnicodeString(strip=True,) |
|
458 | 458 | |
|
459 | 459 | return _LdapSettingsForm |
@@ -1,178 +1,230 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | from rhodecode.tests import * |
|
3 | 3 | from rhodecode.model.db import User |
|
4 | 4 | from rhodecode.lib.auth import check_password |
|
5 | 5 | |
|
6 | 6 | |
|
7 | 7 | class TestLoginController(TestController): |
|
8 | 8 | |
|
9 | 9 | def test_index(self): |
|
10 | 10 | response = self.app.get(url(controller='login', action='index')) |
|
11 | 11 | assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status |
|
12 | 12 | # Test response... |
|
13 | 13 | |
|
14 | 14 | def test_login_admin_ok(self): |
|
15 | 15 | response = self.app.post(url(controller='login', action='index'), |
|
16 | 16 | {'username':'test_admin', |
|
17 | 17 | 'password':'test12'}) |
|
18 | 18 | assert response.status == '302 Found', 'Wrong response code from login got %s' % response.status |
|
19 | 19 | assert response.session['rhodecode_user'].username == 'test_admin', 'wrong logged in user' |
|
20 | 20 | response = response.follow() |
|
21 | 21 | assert '%s repository' % HG_REPO in response.body |
|
22 | 22 | |
|
23 | 23 | def test_login_regular_ok(self): |
|
24 | 24 | response = self.app.post(url(controller='login', action='index'), |
|
25 | 25 | {'username':'test_regular', |
|
26 | 26 | 'password':'test12'}) |
|
27 | 27 | print response |
|
28 | 28 | assert response.status == '302 Found', 'Wrong response code from login got %s' % response.status |
|
29 | 29 | assert response.session['rhodecode_user'].username == 'test_regular', 'wrong logged in user' |
|
30 | 30 | response = response.follow() |
|
31 | 31 | assert '%s repository' % HG_REPO in response.body |
|
32 | 32 | assert '<a title="Admin" href="/_admin">' not in response.body |
|
33 | 33 | |
|
34 | 34 | def test_login_ok_came_from(self): |
|
35 | 35 | test_came_from = '/_admin/users' |
|
36 | 36 | response = self.app.post(url(controller='login', action='index', came_from=test_came_from), |
|
37 | 37 | {'username':'test_admin', |
|
38 | 38 | 'password':'test12'}) |
|
39 | 39 | assert response.status == '302 Found', 'Wrong response code from came from redirection' |
|
40 | 40 | response = response.follow() |
|
41 | 41 | |
|
42 | 42 | assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status |
|
43 | 43 | assert 'Users administration' in response.body, 'No proper title in response' |
|
44 | 44 | |
|
45 | 45 | |
|
46 | 46 | def test_login_short_password(self): |
|
47 | 47 | response = self.app.post(url(controller='login', action='index'), |
|
48 | 48 | {'username':'error', |
|
49 | 49 | 'password':'test'}) |
|
50 | 50 | assert response.status == '200 OK', 'Wrong response from login page' |
|
51 | 51 | print response.body |
|
52 | 52 | assert 'Enter 6 characters or more' in response.body, 'No error password message in response' |
|
53 | 53 | |
|
54 | 54 | def test_login_wrong_username_password(self): |
|
55 | 55 | response = self.app.post(url(controller='login', action='index'), |
|
56 | 56 | {'username':'error', |
|
57 | 57 | 'password':'test12'}) |
|
58 | 58 | assert response.status == '200 OK', 'Wrong response from login page' |
|
59 | 59 | |
|
60 | 60 | assert 'invalid user name' in response.body, 'No error username message in response' |
|
61 | 61 | assert 'invalid password' in response.body, 'No error password message in response' |
|
62 | 62 | |
|
63 | 63 | #========================================================================== |
|
64 | 64 | # REGISTRATIONS |
|
65 | 65 | #========================================================================== |
|
66 | 66 | def test_register(self): |
|
67 | 67 | response = self.app.get(url(controller='login', action='register')) |
|
68 | 68 | assert 'Sign Up to RhodeCode' in response.body, 'wrong page for user registration' |
|
69 | 69 | |
|
70 | 70 | def test_register_err_same_username(self): |
|
71 | 71 | response = self.app.post(url(controller='login', action='register'), |
|
72 | 72 | {'username':'test_admin', |
|
73 | 73 | 'password':'test12', |
|
74 | 74 | 'password_confirmation':'test12', |
|
75 | 75 | 'email':'goodmail@domain.com', |
|
76 | 76 | 'name':'test', |
|
77 | 77 | 'lastname':'test'}) |
|
78 | 78 | |
|
79 | 79 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status |
|
80 | 80 | assert 'This username already exists' in response.body |
|
81 | 81 | |
|
82 | def test_register_err_same_email(self): | |
|
83 | response = self.app.post(url(controller='login', action='register'), | |
|
84 | {'username':'test_admin_0', | |
|
85 | 'password':'test12', | |
|
86 | 'password_confirmation':'test12', | |
|
87 | 'email':'test_admin@mail.com', | |
|
88 | 'name':'test', | |
|
89 | 'lastname':'test'}) | |
|
90 | ||
|
91 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status | |
|
92 | assert 'That e-mail address is already taken' in response.body | |
|
93 | ||
|
94 | def test_register_err_same_email_case_sensitive(self): | |
|
95 | response = self.app.post(url(controller='login', action='register'), | |
|
96 | {'username':'test_admin_1', | |
|
97 | 'password':'test12', | |
|
98 | 'password_confirmation':'test12', | |
|
99 | 'email':'TesT_Admin@mail.COM', | |
|
100 | 'name':'test', | |
|
101 | 'lastname':'test'}) | |
|
102 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status | |
|
103 | assert 'That e-mail address is already taken' in response.body | |
|
104 | ||
|
82 | 105 | def test_register_err_wrong_data(self): |
|
83 | 106 | response = self.app.post(url(controller='login', action='register'), |
|
84 | 107 | {'username':'xs', |
|
85 | 108 | 'password':'test', |
|
86 | 109 | 'password_confirmation':'test', |
|
87 | 110 | 'email':'goodmailm', |
|
88 | 111 | 'name':'test', |
|
89 | 112 | 'lastname':'test'}) |
|
90 | 113 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status |
|
91 | 114 | assert 'An email address must contain a single @' in response.body |
|
92 | 115 | assert 'Enter a value 6 characters long or more' in response.body |
|
93 | 116 | |
|
94 | 117 | |
|
118 | def test_register_err_username(self): | |
|
119 | response = self.app.post(url(controller='login', action='register'), | |
|
120 | {'username':'error user', | |
|
121 | 'password':'test12', | |
|
122 | 'password_confirmation':'test12', | |
|
123 | 'email':'goodmailm', | |
|
124 | 'name':'test', | |
|
125 | 'lastname':'test'}) | |
|
126 | ||
|
127 | print response.body | |
|
128 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status | |
|
129 | assert 'An email address must contain a single @' in response.body | |
|
130 | assert 'Username may only contain alphanumeric characters underscores or dashes and must begin with alphanumeric character' in response.body | |
|
131 | ||
|
132 | def test_register_err_case_sensitive(self): | |
|
133 | response = self.app.post(url(controller='login', action='register'), | |
|
134 | {'username':'Test_Admin', | |
|
135 | 'password':'test12', | |
|
136 | 'password_confirmation':'test12', | |
|
137 | 'email':'goodmailm', | |
|
138 | 'name':'test', | |
|
139 | 'lastname':'test'}) | |
|
140 | ||
|
141 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status | |
|
142 | assert 'An email address must contain a single @' in response.body | |
|
143 | assert 'This username already exists' in response.body | |
|
144 | ||
|
145 | ||
|
146 | ||
|
95 | 147 | def test_register_special_chars(self): |
|
96 | 148 | response = self.app.post(url(controller='login', action='register'), |
|
97 | 149 | {'username':'xxxaxn', |
|
98 | 150 | 'password':'Δ ΔΕΊΕΌΔ ΕΕΕΕ', |
|
99 | 151 | 'password_confirmation':'Δ ΔΕΊΕΌΔ ΕΕΕΕ', |
|
100 | 152 | 'email':'goodmailm@test.plx', |
|
101 | 153 | 'name':'test', |
|
102 | 154 | 'lastname':'test'}) |
|
103 | 155 | |
|
104 | 156 | print response.body |
|
105 | 157 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status |
|
106 | 158 | assert 'Invalid characters in password' in response.body |
|
107 | 159 | |
|
108 | 160 | |
|
109 | 161 | def test_register_password_mismatch(self): |
|
110 | 162 | response = self.app.post(url(controller='login', action='register'), |
|
111 | 163 | {'username':'xs', |
|
112 | 164 | 'password':'123qwe', |
|
113 | 165 | 'password_confirmation':'qwe123', |
|
114 | 166 | 'email':'goodmailm@test.plxa', |
|
115 | 167 | 'name':'test', |
|
116 | 168 | 'lastname':'test'}) |
|
117 | 169 | |
|
118 | 170 | assert response.status == '200 OK', 'Wrong response from register page got %s' % response.status |
|
119 | 171 | print response.body |
|
120 | 172 | assert 'Password do not match' in response.body |
|
121 | 173 | |
|
122 | 174 | def test_register_ok(self): |
|
123 | 175 | username = 'test_regular4' |
|
124 | 176 | password = 'qweqwe' |
|
125 | 177 | email = 'marcin@test.com' |
|
126 | 178 | name = 'testname' |
|
127 | 179 | lastname = 'testlastname' |
|
128 | 180 | |
|
129 | 181 | response = self.app.post(url(controller='login', action='register'), |
|
130 | 182 | {'username':username, |
|
131 | 183 | 'password':password, |
|
132 | 184 | 'password_confirmation':password, |
|
133 | 185 | 'email':email, |
|
134 | 186 | 'name':name, |
|
135 | 187 | 'lastname':lastname}) |
|
136 | 188 | assert response.status == '302 Found', 'Wrong response from register page got %s' % response.status |
|
137 | 189 | assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration' |
|
138 | 190 | |
|
139 | 191 | ret = self.sa.query(User).filter(User.username == 'test_regular4').one() |
|
140 | 192 | assert ret.username == username , 'field mismatch %s %s' % (ret.username, username) |
|
141 | 193 | assert check_password(password, ret.password) == True , 'password mismatch' |
|
142 | 194 | assert ret.email == email , 'field mismatch %s %s' % (ret.email, email) |
|
143 | 195 | assert ret.name == name , 'field mismatch %s %s' % (ret.name, name) |
|
144 | 196 | assert ret.lastname == lastname , 'field mismatch %s %s' % (ret.lastname, lastname) |
|
145 | 197 | |
|
146 | 198 | |
|
147 | 199 | def test_forgot_password_wrong_mail(self): |
|
148 | 200 | response = self.app.post(url(controller='login', action='password_reset'), |
|
149 | 201 | {'email':'marcin@wrongmail.org', }) |
|
150 | 202 | |
|
151 | 203 | assert "That e-mail address doesn't exist" in response.body, 'Missing error message about wrong email' |
|
152 | 204 | |
|
153 | 205 | def test_forgot_password(self): |
|
154 | 206 | response = self.app.get(url(controller='login', action='password_reset')) |
|
155 | 207 | assert response.status == '200 OK', 'Wrong response from login page got %s' % response.status |
|
156 | 208 | |
|
157 | 209 | username = 'test_password_reset_1' |
|
158 | 210 | password = 'qweqwe' |
|
159 | 211 | email = 'marcin@python-works.com' |
|
160 | 212 | name = 'passwd' |
|
161 | 213 | lastname = 'reset' |
|
162 | 214 | |
|
163 | 215 | response = self.app.post(url(controller='login', action='register'), |
|
164 | 216 | {'username':username, |
|
165 | 217 | 'password':password, |
|
166 | 218 | 'password_confirmation':password, |
|
167 | 219 | 'email':email, |
|
168 | 220 | 'name':name, |
|
169 | 221 | 'lastname':lastname}) |
|
170 | 222 | #register new user for email test |
|
171 | 223 | response = self.app.post(url(controller='login', action='password_reset'), |
|
172 | 224 | {'email':email, }) |
|
173 | 225 | print response.session['flash'] |
|
174 | 226 | assert 'You have successfully registered into rhodecode' in response.session['flash'][0], 'No flash message about user registration' |
|
175 | 227 | assert 'Your new password was sent' in response.session['flash'][1], 'No flash message about password reset' |
|
176 | 228 | |
|
177 | 229 | |
|
178 | 230 |
General Comments 0
You need to be logged in to leave comments.
Login now