Commit | Line | Data |
---|---|---|
c8ccd23e | 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
cf29e8a8 | 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
c8ccd23e JK |
3 | # |
4 | # This program is free software: you can redistribute it and/or modify | |
5 | # it under the terms of the GNU Affero General Public License as published by | |
6 | # the Free Software Foundation, either version 3 of the License, or | |
7 | # (at your option) any later version. | |
8 | # | |
9 | # This program is distributed in the hope that it will be useful, | |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | # GNU Affero General Public License for more details. | |
13 | # | |
14 | # You should have received a copy of the GNU Affero General Public License | |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
16 | ||
a3b98853 SS |
17 | from nose.tools import assert_equal |
18 | ||
c8ccd23e | 19 | from mediagoblin import mg_globals |
a3b98853 | 20 | from mediagoblin.db.models import User |
1be247b3 | 21 | from mediagoblin.tests.tools import get_app, fixture_add_user |
c8ccd23e | 22 | from mediagoblin.tools import template |
9754802d | 23 | from mediagoblin.auth.lib import bcrypt_check_password |
c8ccd23e | 24 | |
a3b98853 SS |
25 | class TestUserEdit(object): |
26 | def setUp(self): | |
1be247b3 | 27 | self.app = get_app(dump_old_app=False) |
a3b98853 SS |
28 | # set up new user |
29 | self.user_password = u'toast' | |
30 | self.user = fixture_add_user(password = self.user_password) | |
31 | self.login() | |
32 | ||
33 | def login(self): | |
34 | self.app.post( | |
35 | '/auth/login/', { | |
36 | 'username': self.user.username, | |
37 | 'password': self.user_password}) | |
38 | ||
39 | ||
6deb589d SS |
40 | def test_user_deletion(self): |
41 | """Delete user via web interface""" | |
42 | # Make sure user exists | |
43 | assert User.query.filter_by(username=u'chris').first() | |
44 | ||
45 | res = self.app.post('/edit/account/delete/', {'confirmed': 'y'}) | |
46 | ||
47 | # Make sure user has been deleted | |
48 | assert User.query.filter_by(username=u'chris').first() == None | |
49 | ||
50 | #TODO: make sure all corresponding items comments etc have been | |
51 | # deleted too. Perhaps in submission test? | |
52 | ||
53 | #Restore user at end of test | |
54 | self.user = fixture_add_user(password = self.user_password) | |
55 | self.login() | |
56 | ||
57 | ||
a3b98853 SS |
58 | def test_change_password(self): |
59 | """Test changing password correctly and incorrectly""" | |
60 | # test that the password can be changed | |
61 | # template.clear_test_template_context() | |
62 | res = self.app.post( | |
63 | '/edit/account/', { | |
64 | 'old_password': 'toast', | |
65 | 'new_password': '123456', | |
66 | 'wants_comment_notification': 'y' | |
67 | }) | |
68 | ||
69 | # Check for redirect on success | |
70 | assert_equal(res.status_int, 302) | |
71 | # test_user has to be fetched again in order to have the current values | |
72 | test_user = User.query.filter_by(username=u'chris').first() | |
73 | assert bcrypt_check_password('123456', test_user.pw_hash) | |
74 | # Update current user passwd | |
75 | self.user_password = '123456' | |
76 | ||
77 | # test that the password cannot be changed if the given | |
78 | # old_password is wrong template.clear_test_template_context() | |
79 | self.app.post( | |
80 | '/edit/account/', { | |
81 | 'old_password': 'toast', | |
82 | 'new_password': '098765', | |
83 | }) | |
84 | ||
85 | test_user = User.query.filter_by(username=u'chris').first() | |
86 | assert not bcrypt_check_password('098765', test_user.pw_hash) | |
87 | ||
88 | ||
89 | ||
90 | def test_change_bio_url(self): | |
91 | """Test changing bio and URL""" | |
92 | # Test if legacy profile editing URL redirects correctly | |
93 | res = self.app.post( | |
94 | '/edit/profile/', { | |
95 | 'bio': u'I love toast!', | |
96 | 'url': u'http://dustycloud.org/'}, expect_errors=True) | |
97 | ||
98 | # Should redirect to /u/chris/edit/ | |
99 | assert_equal (res.status_int, 302) | |
100 | assert res.headers['Location'].endswith("/u/chris/edit/") | |
101 | ||
102 | res = self.app.post( | |
103 | '/u/chris/edit/', { | |
104 | 'bio': u'I love toast!', | |
105 | 'url': u'http://dustycloud.org/'}) | |
106 | ||
107 | test_user = User.query.filter_by(username=u'chris').first() | |
108 | assert_equal(test_user.bio, u'I love toast!') | |
109 | assert_equal(test_user.url, u'http://dustycloud.org/') | |
110 | ||
111 | # change a different user than the logged in (should fail with 403) | |
112 | fixture_add_user(username=u"foo") | |
113 | res = self.app.post( | |
114 | '/u/foo/edit/', { | |
115 | 'bio': u'I love toast!', | |
116 | 'url': u'http://dustycloud.org/'}, expect_errors=True) | |
117 | assert_equal(res.status_int, 403) | |
118 | ||
119 | # test changing the bio and the URL inproperly | |
120 | too_long_bio = 150 * 'T' + 150 * 'o' + 150 * 'a' + 150 * 's' + 150* 't' | |
121 | ||
122 | self.app.post( | |
123 | '/u/chris/edit/', { | |
124 | # more than 500 characters | |
125 | 'bio': too_long_bio, | |
126 | 'url': 'this-is-no-url'}) | |
127 | ||
128 | # Check form errors | |
129 | context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/edit/edit_profile.html'] | |
130 | form = context['form'] | |
131 | ||
132 | assert_equal(form.bio.errors, [u'Field must be between 0 and 500 characters long.']) | |
133 | assert_equal(form.url.errors, [u'This address contains errors']) | |
134 | ||
135 | # test changing the url inproperly |