feat: expose User password for editing in master views

tests/views/test_users.py

@@ -15,6 +15,9 @@ class TestUserView(WebTestCase):
     def make_view(self):
         return mod.UserView(self.request)
 
+    def test_includeme(self):
+        self.pyramid_config.include('wuttaweb.views.users')
+
     def test_get_query(self):
         view = self.make_view()
         query = view.get_query(session=self.session)
@@ -76,11 +79,13 @@ class TestUserView(WebTestCase):
 
     def test_objectify(self):
         model = self.app.model
+        auth = self.app.get_auth_handler()
         blokes = model.Role(name="Blokes")
         self.session.add(blokes)
         others = model.Role(name="Others")
         self.session.add(others)
         barney = model.User(username='barney')
+        auth.set_user_password(barney, 'testpass')
         barney.roles.append(blokes)
         self.session.add(barney)
         self.session.commit()
@@ -93,6 +98,14 @@ class TestUserView(WebTestCase):
         self.assertEqual(len(barney.roles), 1)
         self.assertEqual(barney.roles[0].name, "Blokes")
 
+        # form can update user password
+        self.assertTrue(auth.check_user_password(barney, 'testpass'))
+        form = view.make_model_form(model_instance=barney)
+        form.validated = {'username': 'barney', 'set_password': 'testpass2'}
+        user = view.objectify(form, session=self.session)
+        self.assertIs(user, barney)
+        self.assertTrue(auth.check_user_password(barney, 'testpass2'))
+
         # form can update user roles
         form = view.make_model_form(model_instance=barney)
         form.validated = {'username': 'barney', 'roles': {others.uuid}}