X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=mediagoblin%2Ftests%2Ftest_auth.py;h=618d02b650260b51719288366dee38dc5c637660;hb=52814967cd2ed0c93d68ae06e11322442e651293;hp=63c126820a3406d97f29f2fff103215b9cbf12be;hpb=25625107b6c7805b474ad7da976171991b259e58;p=mediagoblin.git

diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py
index 63c12682..618d02b6 100644
--- a/mediagoblin/tests/test_auth.py
+++ b/mediagoblin/tests/test_auth.py
@@ -13,12 +13,16 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-import urlparse
+
 import pkg_resources
 import pytest
 
+import six
+
+import six.moves.urllib.parse as urlparse
+
 from mediagoblin import mg_globals
-from mediagoblin.db.models import User
+from mediagoblin.db.models import User, LocalUser
 from mediagoblin.tests.tools import get_app, fixture_add_user
 from mediagoblin.tools import template, mail
 from mediagoblin.auth import tools as auth_tools
@@ -75,9 +79,31 @@ def test_register_views(test_app):
     assert form.username.errors == [u'This field does not take email addresses.']
     assert form.email.errors == [u'This field requires an email address.']
 
+    ## invalid characters
+    template.clear_test_template_context()
+    test_app.post(
+        '/auth/register/', {
+            'username': 'ampersand&invalid',
+            'email': 'easter@egg.com'})
+    context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/register.html']
+    form = context['register_form']
+
+    assert form.username.errors == [u'Invalid input.']
+
     ## At this point there should be no users in the database ;)
     assert User.query.count() == 0
 
+    ## mixture of characters from all valid ranges
+    template.clear_test_template_context()
+    test_app.post(
+        '/auth/register/', {
+            'username': 'Jean-Louis1_Le-Chat',
+            'password': 'iamsohappy',
+            'email': 'easter@egg.com'})
+
+    ## At this point there should on user in the database
+    assert User.query.count() == 1
+
     # Successful register
     # -------------------
     template.clear_test_template_context()
@@ -90,11 +116,12 @@ def test_register_views(test_app):
 
     ## Did we redirect to the proper page?  Use the right template?
     assert urlparse.urlsplit(response.location)[2] == '/u/angrygirl/'
-    assert 'mediagoblin/user_pages/user.html' in template.TEMPLATE_TEST_CONTEXT
+    assert 'mediagoblin/user_pages/user_nonactive.html' in template.TEMPLATE_TEST_CONTEXT
 
     ## Make sure user is in place
-    new_user = mg_globals.database.User.query.filter_by(
-        username=u'angrygirl').first()
+    new_user = mg_globals.database.LocalUser.query.filter(
+        LocalUser.username==u'angrygirl'
+    ).first()
     assert new_user
 
     ## Make sure that the proper privileges are granted on registration
@@ -105,16 +132,16 @@ def test_register_views(test_app):
     assert not new_user.has_privilege(u'active')
     ## Make sure user is logged in
     request = template.TEMPLATE_TEST_CONTEXT[
-        'mediagoblin/user_pages/user.html']['request']
-    assert request.session['user_id'] == unicode(new_user.id)
+        'mediagoblin/user_pages/user_nonactive.html']['request']
+    assert request.session['user_id'] == six.text_type(new_user.id)
 
     ## Make sure we get email confirmation, and try verifying
-    assert len(mail.EMAIL_TEST_INBOX) == 1
+    assert len(mail.EMAIL_TEST_INBOX) == 2
     message = mail.EMAIL_TEST_INBOX.pop()
     assert message['To'] == 'angrygrrl@example.org'
     email_context = template.TEMPLATE_TEST_CONTEXT[
         'mediagoblin/auth/verification_email.txt']
-    assert email_context['verification_url'] in message.get_payload(decode=True)
+    assert email_context['verification_url'].encode('ascii') in message.get_payload(decode=True)
 
     path = urlparse.urlsplit(email_context['verification_url'])[2]
     get_params = urlparse.urlsplit(email_context['verification_url'])[3]
@@ -132,8 +159,9 @@ def test_register_views(test_app):
 
     # assert context['verification_successful'] == True
     # TODO: Would be good to test messages here when we can do so...
-    new_user = mg_globals.database.User.query.filter_by(
-        username=u'angrygirl').first()
+    new_user = mg_globals.database.LocalUser.query.filter(
+        LocalUser.username==u'angrygirl'
+    ).first()
     assert new_user
 
     ## Verify the email activation works
@@ -144,8 +172,9 @@ def test_register_views(test_app):
         'mediagoblin/user_pages/user.html']
     # assert context['verification_successful'] == True
     # TODO: Would be good to test messages here when we can do so...
-    new_user = mg_globals.database.User.query.filter_by(
-        username=u'angrygirl').first()
+    new_user = mg_globals.database.LocalUser.query.filter(
+        LocalUser.username==u'angrygirl'
+    ).first()
     assert new_user
 
     # Uniqueness checks
@@ -179,13 +208,13 @@ def test_register_views(test_app):
     assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT
 
     ## Make sure link to change password is sent by email
-    assert len(mail.EMAIL_TEST_INBOX) == 1
+    assert len(mail.EMAIL_TEST_INBOX) == 2
     message = mail.EMAIL_TEST_INBOX.pop()
     assert message['To'] == 'angrygrrl@example.org'
     email_context = template.TEMPLATE_TEST_CONTEXT[
-        'mediagoblin/auth/fp_verification_email.txt']
+        'mediagoblin/plugins/basic_auth/fp_verification_email.txt']
     #TODO - change the name of verification_url to something forgot-password-ish
-    assert email_context['verification_url'] in message.get_payload(decode=True)
+    assert email_context['verification_url'].encode('ascii') in message.get_payload(decode=True)
 
     path = urlparse.urlsplit(email_context['verification_url'])[2]
     get_params = urlparse.urlsplit(email_context['verification_url'])[3]
@@ -204,7 +233,8 @@ def test_register_views(test_app):
     ## Verify step 1 of password-change works -- can see form to change password
     template.clear_test_template_context()
     response = test_app.get("%s?%s" % (path, get_params))
-    assert 'mediagoblin/auth/change_fp.html' in template.TEMPLATE_TEST_CONTEXT
+    assert 'mediagoblin/plugins/basic_auth/change_fp.html' in \
+            template.TEMPLATE_TEST_CONTEXT
 
     ## Verify step 2.1 of password-change works -- report success to user
     template.clear_test_template_context()
@@ -227,7 +257,6 @@ def test_register_views(test_app):
     assert urlparse.urlsplit(response.location)[2] == '/'
     assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
 
-
 def test_authentication_views(test_app):
     """
     Test logging in and logging out
@@ -303,7 +332,7 @@ def test_authentication_views(test_app):
     # Make sure user is in the session
     context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
     session = context['request'].session
-    assert session['user_id'] == unicode(test_user.id)
+    assert session['user_id'] == six.text_type(test_user.id)
 
     # Successful logout
     # -----------------
@@ -330,6 +359,66 @@ def test_authentication_views(test_app):
             'next' : '/u/chris/'})
     assert urlparse.urlsplit(response.location)[2] == '/u/chris/'
 
+    ## Verify that username is lowercased on login attempt
+    template.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'ANDREW',
+            'password': 'fuselage'})
+    context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    form = context['login_form']
+
+    # Username should no longer be uppercased; it should be lowercased
+    assert not form.username.data == u'ANDREW'
+    assert form.username.data == u'andrew'
+
+    # Successful login with short user
+    # --------------------------------
+    short_user = fixture_add_user(username=u'me', password=u'sho')
+    template.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'me',
+            'password': 'sho'})
+
+    # User should be redirected
+    response.follow()
+
+    assert urlparse.urlsplit(response.location)[2] == '/'
+    assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
+
+    # Make sure user is in the session
+    context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
+    session = context['request'].session
+    assert session['user_id'] == six.text_type(short_user.id)
+
+    # Must logout
+    template.clear_test_template_context()
+    response = test_app.get('/auth/logout/')
+
+    # Successful login with long user
+    # ----------------
+    long_user = fixture_add_user(
+        username=u'realllylonguser@reallylongdomain.com.co', password=u'sho')
+    template.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'realllylonguser@reallylongdomain.com.co',
+            'password': 'sho'})
+
+    # User should be redirected
+    response.follow()
+    assert urlparse.urlsplit(response.location)[2] == '/'
+    assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
+
+    # Make sure user is in the session
+    context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
+    session = context['request'].session
+    assert session['user_id'] == six.text_type(long_user.id)
+
+    template.clear_test_template_context()
+    response = test_app.get('/auth/logout/')
+
 @pytest.fixture()
 def authentication_disabled_app(request):
     return get_app(