1
|
|
|
""" |
2
|
|
|
:Copyright: 2006-2020 Jochen Kupperschmidt |
3
|
|
|
:License: Modified BSD, see LICENSE for details. |
4
|
|
|
""" |
5
|
|
|
|
6
|
|
|
import pytest |
7
|
|
|
|
8
|
|
|
from byceps.database import db |
9
|
|
|
from byceps.services.authorization import service as authorization_service |
10
|
|
|
from byceps.services.user import service as user_service |
11
|
|
|
from byceps.services.verification_token.models import Purpose, Token |
12
|
|
|
|
13
|
|
|
from tests.helpers import http_client |
14
|
|
|
|
15
|
|
|
|
16
|
|
|
@pytest.fixture(scope='module') |
17
|
|
|
def user1(make_user): |
18
|
|
|
return make_user('EAC-User1', initialized=False) |
19
|
|
|
|
20
|
|
|
|
21
|
|
|
@pytest.fixture(scope='module') |
22
|
|
|
def user2(make_user): |
23
|
|
|
return make_user('EAC-User2', initialized=False) |
24
|
|
|
|
25
|
|
|
|
26
|
|
|
@pytest.fixture |
27
|
|
|
def role(admin_app, site, user1, user2): |
28
|
|
|
role = authorization_service.create_role('board_user', 'Board User') |
29
|
|
|
|
30
|
|
|
yield role |
31
|
|
|
|
32
|
|
|
for user in user1, user2: |
33
|
|
|
authorization_service.deassign_all_roles_from_user(user.id) |
34
|
|
|
|
35
|
|
|
authorization_service.delete_role(role.id) |
36
|
|
|
|
37
|
|
|
|
38
|
|
|
def test_confirm_email_address_with_valid_token(site_app, user1, role): |
39
|
|
|
user = user1 |
40
|
|
|
|
41
|
|
|
verification_token = create_confirmation_token(user.id) |
42
|
|
|
db.session.add(verification_token) |
43
|
|
|
db.session.commit() |
44
|
|
|
|
45
|
|
|
# -------------------------------- # |
46
|
|
|
|
47
|
|
|
response = confirm(site_app, verification_token) |
48
|
|
|
|
49
|
|
|
# -------------------------------- # |
50
|
|
|
|
51
|
|
|
assert response.status_code == 302 |
52
|
|
|
assert is_user_initialized(user.id) |
53
|
|
|
assert get_role_ids(user.id) == {'board_user'} |
54
|
|
|
|
55
|
|
|
|
56
|
|
|
def test_confirm_email_address_with_unknown_token(site_app, site, user2, role): |
57
|
|
|
user = user2 |
58
|
|
|
|
59
|
|
|
verification_token = create_confirmation_token(user.id) |
60
|
|
|
verification_token.token = 'wZdSLzkT-zRf2x2T6AR7yGa3Nc_X3Nn3F3XGPvPtOhw' |
61
|
|
|
|
62
|
|
|
# -------------------------------- # |
63
|
|
|
|
64
|
|
|
response = confirm(site_app, verification_token) |
65
|
|
|
|
66
|
|
|
# -------------------------------- # |
67
|
|
|
|
68
|
|
|
assert response.status_code == 404 |
69
|
|
|
assert not is_user_initialized(user.id) |
70
|
|
|
assert get_role_ids(user.id) == set() |
71
|
|
|
|
72
|
|
|
|
73
|
|
|
# helpers |
74
|
|
|
|
75
|
|
|
|
76
|
|
|
def confirm(app, verification_token): |
77
|
|
|
url = f'/users/email_address/confirmation/{verification_token.token}' |
78
|
|
|
with http_client(app) as client: |
79
|
|
|
return client.get(url) |
80
|
|
|
|
81
|
|
|
|
82
|
|
|
def is_user_initialized(user_id) -> bool: |
83
|
|
|
user = user_service.get_db_user(user_id) |
84
|
|
|
return bool(user.initialized) |
85
|
|
|
|
86
|
|
|
|
87
|
|
|
def get_role_ids(user_id): |
88
|
|
|
return authorization_service.find_role_ids_for_user(user_id) |
89
|
|
|
|
90
|
|
|
|
91
|
|
|
def create_confirmation_token(user_id): |
92
|
|
|
purpose = Purpose.email_address_confirmation |
93
|
|
|
return Token(user_id, purpose) |
94
|
|
|
|