wuttaweb/tests/views/test_auth.py

# -*- coding: utf-8; -*-

from unittest import TestCase
from unittest.mock import MagicMock

from pyramid import testing
from pyramid.httpexceptions import HTTPFound

from wuttjamaican.conf import WuttaConfig
from wuttaweb.views import auth as mod
from wuttaweb.auth import WuttaSecurityPolicy


class TestAuthView(TestCase):

    def setUp(self):
        self.config = WuttaConfig(defaults={
            'wutta.db.default.url': 'sqlite://',
        })

        self.request = testing.DummyRequest(wutta_config=self.config, user=None)
        self.pyramid_config = testing.setUp(request=self.request)

        self.app = self.config.get_app()
        auth = self.app.get_auth_handler()
        model = self.app.model
        model.Base.metadata.create_all(bind=self.config.appdb_engine)
        self.session = self.app.make_session()
        self.user = model.User(username='barney')
        self.session.add(self.user)
        auth.set_user_password(self.user, 'testpass')
        self.session.commit()

        self.pyramid_config.set_security_policy(WuttaSecurityPolicy(db_session=self.session))
        self.pyramid_config.include('wuttaweb.views.auth')
        self.pyramid_config.include('wuttaweb.views.common')

    def tearDown(self):
        testing.tearDown()

    def test_login(self):
        view = mod.AuthView(self.request)
        context = view.login()
        self.assertIn('form', context)

        # redirect if user already logged in
        self.request.user = self.user
        view = mod.AuthView(self.request)
        redirect = view.login(session=self.session)
        self.assertIsInstance(redirect, HTTPFound)

        # login fails w/ wrong password
        self.request.user = None
        self.request.method = 'POST'
        self.request.POST = {'username': 'barney', 'password': 'WRONG'}
        view = mod.AuthView(self.request)
        context = view.login(session=self.session)
        self.assertIn('form', context)

        # redirect if login succeeds
        self.request.method = 'POST'
        self.request.POST = {'username': 'barney', 'password': 'testpass'}
        view = mod.AuthView(self.request)
        redirect = view.login(session=self.session)
        self.assertIsInstance(redirect, HTTPFound)

    def test_logout(self):
        view = mod.AuthView(self.request)
        self.request.session.delete = MagicMock()
        redirect = view.logout()
        self.request.session.delete.assert_called_once_with()
        self.assertIsInstance(redirect, HTTPFound)

    def test_change_password(self):
        view = mod.AuthView(self.request)
        auth = self.app.get_auth_handler()

        # unauthenticated user is redirected
        redirect = view.change_password()
        self.assertIsInstance(redirect, HTTPFound)

        # now "login" the user, and set initial password
        self.request.user = self.user
        auth.set_user_password(self.user, 'foo')
        self.session.commit()

        # view should now return context w/ form
        context = view.change_password()
        self.assertIn('form', context)

        # submit valid form, ensure password is changed
        # (nb. this also would redirect user to home page)
        self.request.method = 'POST'
        self.request.POST = {
            'current_password': 'foo',
            # nb. new_password requires colander mapping structure
            '__start__': 'new_password:mapping',
            'new_password': 'bar',
            'new_password-confirm': 'bar',
            '__end__': 'new_password:mapping',
        }
        redirect = view.change_password()
        self.assertIsInstance(redirect, HTTPFound)
        self.session.commit()
        self.session.refresh(self.user)
        self.assertFalse(auth.check_user_password(self.user, 'foo'))
        self.assertTrue(auth.check_user_password(self.user, 'bar'))

        # at this point 'foo' is the password, now let's submit some
        # invalid forms and make sure we get back a context w/ form

        # first try empty data
        self.request.POST = {}
        context = view.change_password()
        self.assertIn('form', context)
        dform = context['form'].get_deform()
        self.assertEqual(dform['current_password'].errormsg, "Required")
        self.assertEqual(dform['new_password'].errormsg, "Required")

        # now try bad current password
        self.request.POST = {
            'current_password': 'blahblah',
            '__start__': 'new_password:mapping',
            'new_password': 'baz',
            'new_password-confirm': 'baz',
            '__end__': 'new_password:mapping',
        }
        context = view.change_password()
        self.assertIn('form', context)
        dform = context['form'].get_deform()
        self.assertEqual(dform['current_password'].errormsg, "Current password is incorrect.")

        # now try bad new password
        self.request.POST = {
            'current_password': 'bar',
            '__start__': 'new_password:mapping',
            'new_password': 'bar',
            'new_password-confirm': 'bar',
            '__end__': 'new_password:mapping',
        }
        context = view.change_password()
        self.assertIn('form', context)
        dform = context['form'].get_deform()
        self.assertEqual(dform['new_password'].errormsg, "New password must be different from old password.")
feat: add auth views, for login/logout 2024-08-04 23:09:29 -05:00			`# -- coding: utf-8; --`

			`from unittest import TestCase`
			`from unittest.mock import MagicMock`

			`from pyramid import testing`
			`from pyramid.httpexceptions import HTTPFound`

			`from wuttjamaican.conf import WuttaConfig`
			`from wuttaweb.views import auth as mod`
			`from wuttaweb.auth import WuttaSecurityPolicy`


			`class TestAuthView(TestCase):`

			`def setUp(self):`
			`self.config = WuttaConfig(defaults={`
			`'wutta.db.default.url': 'sqlite://',`
			`})`

			`self.request = testing.DummyRequest(wutta_config=self.config, user=None)`
			`self.pyramid_config = testing.setUp(request=self.request)`

			`self.app = self.config.get_app()`
			`auth = self.app.get_auth_handler()`
			`model = self.app.model`
			`model.Base.metadata.create_all(bind=self.config.appdb_engine)`
			`self.session = self.app.make_session()`
			`self.user = model.User(username='barney')`
			`self.session.add(self.user)`
			`auth.set_user_password(self.user, 'testpass')`
			`self.session.commit()`

			`self.pyramid_config.set_security_policy(WuttaSecurityPolicy(db_session=self.session))`
			`self.pyramid_config.include('wuttaweb.views.auth')`
			`self.pyramid_config.include('wuttaweb.views.common')`

			`def tearDown(self):`
			`testing.tearDown()`

			`def test_login(self):`
			`view = mod.AuthView(self.request)`
			`context = view.login()`
			`self.assertIn('form', context)`

			`# redirect if user already logged in`
			`self.request.user = self.user`
			`view = mod.AuthView(self.request)`
			`redirect = view.login(session=self.session)`
			`self.assertIsInstance(redirect, HTTPFound)`

			`# login fails w/ wrong password`
			`self.request.user = None`
			`self.request.method = 'POST'`
			`self.request.POST = {'username': 'barney', 'password': 'WRONG'}`
			`view = mod.AuthView(self.request)`
			`context = view.login(session=self.session)`
			`self.assertIn('form', context)`

			`# redirect if login succeeds`
			`self.request.method = 'POST'`
			`self.request.POST = {'username': 'barney', 'password': 'testpass'}`
			`view = mod.AuthView(self.request)`
			`redirect = view.login(session=self.session)`
			`self.assertIsInstance(redirect, HTTPFound)`

			`def test_logout(self):`
			`view = mod.AuthView(self.request)`
			`self.request.session.delete = MagicMock()`
			`redirect = view.logout()`
			`self.request.session.delete.assert_called_once_with()`
			`self.assertIsInstance(redirect, HTTPFound)`
feat: add view to change current user password 2024-08-05 11:45:00 -05:00
			`def test_change_password(self):`
			`view = mod.AuthView(self.request)`
			`auth = self.app.get_auth_handler()`

			`# unauthenticated user is redirected`
			`redirect = view.change_password()`
			`self.assertIsInstance(redirect, HTTPFound)`

			`# now "login" the user, and set initial password`
			`self.request.user = self.user`
			`auth.set_user_password(self.user, 'foo')`
			`self.session.commit()`

			`# view should now return context w/ form`
			`context = view.change_password()`
			`self.assertIn('form', context)`

			`# submit valid form, ensure password is changed`
			`# (nb. this also would redirect user to home page)`
			`self.request.method = 'POST'`
			`self.request.POST = {`
			`'current_password': 'foo',`
			`# nb. new_password requires colander mapping structure`
			`'__start__': 'new_password:mapping',`
			`'new_password': 'bar',`
			`'new_password-confirm': 'bar',`
			`'__end__': 'new_password:mapping',`
			`}`
			`redirect = view.change_password()`
			`self.assertIsInstance(redirect, HTTPFound)`
			`self.session.commit()`
			`self.session.refresh(self.user)`
			`self.assertFalse(auth.check_user_password(self.user, 'foo'))`
			`self.assertTrue(auth.check_user_password(self.user, 'bar'))`

			`# at this point 'foo' is the password, now let's submit some`
			`# invalid forms and make sure we get back a context w/ form`

			`# first try empty data`
			`self.request.POST = {}`
			`context = view.change_password()`
			`self.assertIn('form', context)`
			`dform = context['form'].get_deform()`
			`self.assertEqual(dform['current_password'].errormsg, "Required")`
			`self.assertEqual(dform['new_password'].errormsg, "Required")`

			`# now try bad current password`
			`self.request.POST = {`
			`'current_password': 'blahblah',`
			`'__start__': 'new_password:mapping',`
			`'new_password': 'baz',`
			`'new_password-confirm': 'baz',`
			`'__end__': 'new_password:mapping',`
			`}`
			`context = view.change_password()`
			`self.assertIn('form', context)`
			`dform = context['form'].get_deform()`
			`self.assertEqual(dform['current_password'].errormsg, "Current password is incorrect.")`

			`# now try bad new password`
			`self.request.POST = {`
			`'current_password': 'bar',`
			`'__start__': 'new_password:mapping',`
			`'new_password': 'bar',`
			`'new_password-confirm': 'bar',`
			`'__end__': 'new_password:mapping',`
			`}`
			`context = view.change_password()`
			`self.assertIn('form', context)`
			`dform = context['form'].get_deform()`
			`self.assertEqual(dform['new_password'].errormsg, "New password must be different from old password.")`