Passed
Push — main ( d6e672...4ee965 )
by Jochen
05:01
created

user4()   A

Complexity

Conditions 1

Size

Total Lines 3
Code Lines 3

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
eloc 3
nop 1
dl 0
loc 3
rs 10
c 0
b 0
f 0
1
"""
2
:Copyright: 2006-2021 Jochen Kupperschmidt
3
:License: Revised BSD (see `LICENSE` file for details)
4
"""
5
6
import pytest
7
8
from byceps.database import db
9
from byceps.services.authorization import service as authorization_service
10
from byceps.services.user import service as user_service
11
from byceps.services.verification_token import (
12
    service as verification_token_service,
13
)
14
15
from tests.helpers import http_client
16
17
18
@pytest.fixture(scope='module')
19
def user1(make_user):
20
    return make_user(
21
        'EAC-User1', email_address='[email protected]', initialized=False
22
    )
23
24
25
@pytest.fixture(scope='module')
26
def user2(make_user):
27
    return make_user('EAC-User2', initialized=False)
28
29
30
@pytest.fixture(scope='module')
31
def user3(make_user):
32
    return make_user(
33
        'EAC-User3', email_address='[email protected]', initialized=True
34
    )
35
36
37
@pytest.fixture(scope='module')
38
def user4(make_user):
39
    return make_user('EAC-User4', initialized=True)
40
41
42
@pytest.fixture(scope='module')
43
def user5(make_user):
44
    return make_user(
45
        'EAC-User5', email_address='[email protected]', initialized=True
46
    )
47
48
49
@pytest.fixture
50
def role(admin_app, site, user1, user2):
51
    role = authorization_service.create_role('board_user', 'Board User')
52
53
    yield role
54
55
    for user in user1, user2:
56
        authorization_service.deassign_all_roles_from_user(user.id)
57
58
    authorization_service.delete_role(role.id)
59
60
61
def test_valid_token(site_app, user1, role):
62
    user_id = user1.id
63
64
    user_before = user_service.get_db_user(user_id)
65
    assert not user_before.email_address_verified
66
    assert not user_before.initialized
67
68
    token = create_confirmation_token(user_id, '[email protected]')
69
70
    # -------------------------------- #
71
72
    response = confirm(site_app, token)
73
74
    # -------------------------------- #
75
76
    assert response.status_code == 302
77
78
    user_after = user_service.get_db_user(user_id)
79
    assert user_before.email_address_verified
80
    assert user_after.initialized
81
82
    assert get_role_ids(user_id) == {'board_user'}
83
84
85
def test_unknown_token(site_app, site, user2, role):
86
    user_id = user2.id
87
88
    user_before = user_service.get_db_user(user_id)
89
    assert not user_before.initialized
90
91
    unknown_token = 'wZdSLzkT-zRf2x2T6AR7yGa3Nc_X3Nn3F3XGPvPtOhw'
92
93
    # -------------------------------- #
94
95
    response = confirm(site_app, unknown_token)
96
97
    # -------------------------------- #
98
99
    assert response.status_code == 404
100
101
    user_after = user_service.get_db_user(user_id)
102
    assert not user_after.initialized
103
104
    assert get_role_ids(user_id) == set()
105
106
107
def test_initialized_user(site_app, user3, role):
108
    user_id = user3.id
109
110
    user_before = user_service.get_db_user(user_id)
111
    assert not user_before.email_address_verified
112
    assert user_before.initialized
113
114
    token = create_confirmation_token(user_id, '[email protected]')
115
116
    # -------------------------------- #
117
118
    response = confirm(site_app, token)
119
120
    # -------------------------------- #
121
122
    assert response.status_code == 302
123
124
    user_after = user_service.get_db_user(user_id)
125
    assert user_before.email_address_verified
126
    assert user_after.initialized
127
128
129
def test_account_without_email_address(site_app, site, user4, role):
130
    user_id = user4.id
131
132
    user_with_email_address = user_service.get_db_user(user_id)
133
    user_with_email_address.email_address = None
134
    db.session.commit()
135
136
    user_before = user_service.get_db_user(user_id)
137
    assert user_before.email_address is None
138
    assert not user_before.email_address_verified
139
    assert user_before.initialized
140
141
    token = create_confirmation_token(user_id, '[email protected]')
142
143
    # -------------------------------- #
144
145
    response = confirm(site_app, token)
146
147
    # -------------------------------- #
148
149
    assert response.status_code == 302
150
151
    user_after = user_service.get_db_user(user_id)
152
    assert not user_before.email_address_verified
153
154
155
def test_different_user_and_token_email_addresses(site_app, site, user5, role):
156
    user_id = user5.id
157
158
    user_before = user_service.get_db_user(user_id)
159
    assert not user_before.email_address_verified
160
    assert user_before.initialized
161
162
    token = create_confirmation_token(user_id, '[email protected]')
163
164
    # -------------------------------- #
165
166
    response = confirm(site_app, token)
167
168
    # -------------------------------- #
169
170
    assert response.status_code == 302
171
172
    user_after = user_service.get_db_user(user_id)
173
    assert not user_before.email_address_verified
174
175
176
# helpers
177
178
179
def confirm(app, token):
180
    url = f'/users/email_address/confirmation/{token}'
181
    with http_client(app) as client:
182
        return client.get(url)
183
184
185
def get_role_ids(user_id):
186
    return authorization_service.find_role_ids_for_user(user_id)
187
188
189
def create_confirmation_token(user_id, email_address):
190
    token = verification_token_service.create_for_email_address_confirmation(
191
        user_id, email_address
192
    )
193
    return token.token
194