@@ 4426-4487 (lines=62) @@ | ||
4423 | assert not user.validate_password('mynewpassword') |
|
4424 | assert not user.validate_password('mynewpassword2') |
|
4425 | ||
4426 | def test_api__set_user_password__ok_200__user_itself(self): |
|
4427 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4428 | admin = dbsession.query(models.User) \ |
|
4429 | .filter(models.User.email == '[email protected]') \ |
|
4430 | .one() |
|
4431 | uapi = UserApi( |
|
4432 | current_user=admin, |
|
4433 | session=dbsession, |
|
4434 | config=self.app_config, |
|
4435 | ) |
|
4436 | gapi = GroupApi( |
|
4437 | current_user=admin, |
|
4438 | session=dbsession, |
|
4439 | config=self.app_config, |
|
4440 | ) |
|
4441 | groups = [gapi.get_one_with_name('users')] |
|
4442 | test_user = uapi.create_user( |
|
4443 | email='[email protected]', |
|
4444 | password='pass', |
|
4445 | name='bob', |
|
4446 | groups=groups, |
|
4447 | timezone='Europe/Paris', |
|
4448 | lang='fr', |
|
4449 | do_save=True, |
|
4450 | do_notify=False, |
|
4451 | ) |
|
4452 | uapi.save(test_user) |
|
4453 | transaction.commit() |
|
4454 | user_id = int(test_user.user_id) |
|
4455 | ||
4456 | self.testapp.authorization = ( |
|
4457 | 'Basic', |
|
4458 | ( |
|
4459 | '[email protected]', |
|
4460 | 'pass' |
|
4461 | ) |
|
4462 | ) |
|
4463 | # check before |
|
4464 | user = uapi.get_one(user_id) |
|
4465 | assert user.validate_password('pass') |
|
4466 | assert not user.validate_password('mynewpassword') |
|
4467 | # Set password |
|
4468 | params = { |
|
4469 | 'new_password': 'mynewpassword', |
|
4470 | 'new_password2': 'mynewpassword', |
|
4471 | 'loggedin_user_password': 'pass', |
|
4472 | } |
|
4473 | self.testapp.put_json( |
|
4474 | '/api/v2/users/{}/password'.format(user_id), |
|
4475 | params=params, |
|
4476 | status=204, |
|
4477 | ) |
|
4478 | # Check After |
|
4479 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4480 | uapi = UserApi( |
|
4481 | current_user=admin, |
|
4482 | session=dbsession, |
|
4483 | config=self.app_config, |
|
4484 | ) |
|
4485 | user = uapi.get_one(user_id) |
|
4486 | assert not user.validate_password('pass') |
|
4487 | assert user.validate_password('mynewpassword') |
|
4488 | ||
4489 | def test_api__set_user_email__err_403__other_normal_user(self): |
|
4490 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
@@ 4298-4359 (lines=62) @@ | ||
4295 | assert not user.validate_password('pass') |
|
4296 | assert user.validate_password('mynewpassword') |
|
4297 | ||
4298 | def test_api__set_user_password__err_403__admin_wrong_password(self): |
|
4299 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4300 | admin = dbsession.query(models.User) \ |
|
4301 | .filter(models.User.email == '[email protected]') \ |
|
4302 | .one() |
|
4303 | uapi = UserApi( |
|
4304 | current_user=admin, |
|
4305 | session=dbsession, |
|
4306 | config=self.app_config, |
|
4307 | ) |
|
4308 | gapi = GroupApi( |
|
4309 | current_user=admin, |
|
4310 | session=dbsession, |
|
4311 | config=self.app_config, |
|
4312 | ) |
|
4313 | groups = [gapi.get_one_with_name('users')] |
|
4314 | test_user = uapi.create_user( |
|
4315 | email='[email protected]', |
|
4316 | password='pass', |
|
4317 | name='bob', |
|
4318 | groups=groups, |
|
4319 | timezone='Europe/Paris', |
|
4320 | lang='fr', |
|
4321 | do_save=True, |
|
4322 | do_notify=False, |
|
4323 | ) |
|
4324 | uapi.save(test_user) |
|
4325 | transaction.commit() |
|
4326 | user_id = int(test_user.user_id) |
|
4327 | ||
4328 | self.testapp.authorization = ( |
|
4329 | 'Basic', |
|
4330 | ( |
|
4331 | '[email protected]', |
|
4332 | '[email protected]' |
|
4333 | ) |
|
4334 | ) |
|
4335 | # check before |
|
4336 | user = uapi.get_one(user_id) |
|
4337 | assert user.validate_password('pass') |
|
4338 | assert not user.validate_password('mynewpassword') |
|
4339 | # Set password |
|
4340 | params = { |
|
4341 | 'new_password': 'mynewpassword', |
|
4342 | 'new_password2': 'mynewpassword', |
|
4343 | 'loggedin_user_password': 'wrongpassword', |
|
4344 | } |
|
4345 | self.testapp.put_json( |
|
4346 | '/api/v2/users/{}/password'.format(user_id), |
|
4347 | params=params, |
|
4348 | status=403, |
|
4349 | ) |
|
4350 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4351 | uapi = UserApi( |
|
4352 | current_user=admin, |
|
4353 | session=dbsession, |
|
4354 | config=self.app_config, |
|
4355 | ) |
|
4356 | # Check After |
|
4357 | user = uapi.get_one(user_id) |
|
4358 | assert user.validate_password('pass') |
|
4359 | assert not user.validate_password('mynewpassword') |
|
4360 | ||
4361 | def test_api__set_user_password__err_400__admin_passwords_do_not_match(self): # nopep8 |
|
4362 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
@@ 4235-4296 (lines=62) @@ | ||
4232 | """ |
|
4233 | fixtures = [BaseFixture] |
|
4234 | ||
4235 | def test_api__set_user_password__ok_200__admin(self): |
|
4236 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4237 | admin = dbsession.query(models.User) \ |
|
4238 | .filter(models.User.email == '[email protected]') \ |
|
4239 | .one() |
|
4240 | uapi = UserApi( |
|
4241 | current_user=admin, |
|
4242 | session=dbsession, |
|
4243 | config=self.app_config, |
|
4244 | ) |
|
4245 | gapi = GroupApi( |
|
4246 | current_user=admin, |
|
4247 | session=dbsession, |
|
4248 | config=self.app_config, |
|
4249 | ) |
|
4250 | groups = [gapi.get_one_with_name('users')] |
|
4251 | test_user = uapi.create_user( |
|
4252 | email='[email protected]', |
|
4253 | password='pass', |
|
4254 | name='bob', |
|
4255 | groups=groups, |
|
4256 | timezone='Europe/Paris', |
|
4257 | lang='fr', |
|
4258 | do_save=True, |
|
4259 | do_notify=False, |
|
4260 | ) |
|
4261 | uapi.save(test_user) |
|
4262 | transaction.commit() |
|
4263 | user_id = int(test_user.user_id) |
|
4264 | ||
4265 | self.testapp.authorization = ( |
|
4266 | 'Basic', |
|
4267 | ( |
|
4268 | '[email protected]', |
|
4269 | '[email protected]' |
|
4270 | ) |
|
4271 | ) |
|
4272 | # check before |
|
4273 | user = uapi.get_one(user_id) |
|
4274 | assert user.validate_password('pass') |
|
4275 | assert not user.validate_password('mynewpassword') |
|
4276 | # Set password |
|
4277 | params = { |
|
4278 | 'new_password': 'mynewpassword', |
|
4279 | 'new_password2': 'mynewpassword', |
|
4280 | 'loggedin_user_password': '[email protected]', |
|
4281 | } |
|
4282 | self.testapp.put_json( |
|
4283 | '/api/v2/users/{}/password'.format(user_id), |
|
4284 | params=params, |
|
4285 | status=204, |
|
4286 | ) |
|
4287 | # Check After |
|
4288 | dbsession = get_tm_session(self.session_factory, transaction.manager) |
|
4289 | uapi = UserApi( |
|
4290 | current_user=admin, |
|
4291 | session=dbsession, |
|
4292 | config=self.app_config, |
|
4293 | ) |
|
4294 | user = uapi.get_one(user_id) |
|
4295 | assert not user.validate_password('pass') |
|
4296 | assert user.validate_password('mynewpassword') |
|
4297 | ||
4298 | def test_api__set_user_password__err_403__admin_wrong_password(self): |
|
4299 | dbsession = get_tm_session(self.session_factory, transaction.manager) |