From c8ccd23e8e0d77df3e7382cd6330e0c993bbcc8e Mon Sep 17 00:00:00 2001 From: Jakob Kramer Date: Sun, 20 Nov 2011 00:35:09 +0100 Subject: [PATCH] added unittests, now using form errors and fixed bug when no GET parameter is given for /edit/profile/ --- mediagoblin/edit/views.py | 23 ++++--- mediagoblin/tests/test_edit.py | 112 +++++++++++++++++++++++++++++++++ 2 files changed, 126 insertions(+), 9 deletions(-) create mode 100644 mediagoblin/tests/test_edit.py diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index 75bf51bf..673409bd 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -162,17 +162,22 @@ def edit_profile(request): bio=user.get('bio')) if request.method == 'POST' and form.validate(): - user['url'] = unicode(request.POST['url']) - user['bio'] = unicode(request.POST['bio']) - - password_matches = auth_lib.bcrypt_check_password(request.POST['old_password'], - user['pw_hash']) + password_matches = auth_lib.bcrypt_check_password( + request.POST['old_password'], + user['pw_hash']) if (request.POST['old_password'] or request.POST['new_password']) and not \ password_matches: - messages.add_message(request, - messages.ERROR, - _('Wrong password')) + form.old_password.errors.append(_('Wrong password')) + + return render_to_response( + request, + 'mediagoblin/edit/edit_profile.html', + {'user': user, + 'form': form}) + + user['url'] = unicode(request.POST['url']) + user['bio'] = unicode(request.POST['bio']) if password_matches: user['pw_hash'] = auth_lib.bcrypt_gen_password_hash( @@ -187,7 +192,7 @@ def edit_profile(request): _("Profile edited!")) return redirect(request, 'mediagoblin.user_pages.user_home', - user=edit_username) + user=user['username']) return render_to_response( request, diff --git a/mediagoblin/tests/test_edit.py b/mediagoblin/tests/test_edit.py new file mode 100644 index 00000000..3637b046 --- /dev/null +++ b/mediagoblin/tests/test_edit.py @@ -0,0 +1,112 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from mediagoblin import mg_globals +from mediagoblin.tests.tools import setup_fresh_app +from mediagoblin.tools import template +from mediagoblin.auth.lib import bcrypt_check_password, \ + bcrypt_gen_password_hash + + +@setup_fresh_app +def test_change_password(test_app): + """Test changing password correctly and incorrectly""" + # set up new user + test_user = mg_globals.database.User() + test_user['username'] = u'chris' + test_user['email'] = u'chris@example.com' + test_user['email_verified'] = True + test_user['status'] = u'active' + test_user['pw_hash'] = bcrypt_gen_password_hash('toast') + test_user.save() + + test_app.post( + '/auth/login/', { + 'username': u'chris', + 'password': 'toast'}) + + # test that the password can be changed + # template.clear_test_template_context() + test_app.post( + '/edit/profile/', { + 'bio': u'', + 'url': u'', + 'old_password': 'toast', + 'new_password': '123456', + 'confirm_password': '123456'}) + + # test_user has to be fetched again in order to have the current values + test_user = mg_globals.database.User.one({'username': 'chris'}) + + assert bcrypt_check_password('123456', test_user['pw_hash']) + + # test that the password cannot be changed if the given old_password + # is wrong + # template.clear_test_template_context() + test_app.post( + '/edit/profile/', { + 'bio': u'', + 'url': u'', + 'old_password': 'toast', + 'new_password': '098765', + 'confirm_password': '098765'}) + + test_user = mg_globals.database.User.one({'username': 'chris'}) + + assert not bcrypt_check_password('098765', test_user['pw_hash']) + + +@setup_fresh_app +def change_bio_url(test_app): + """Test changing bio and URL""" + # set up new user + test_user = mg_globals.database.User() + test_user['username'] = u'chris' + test_user['email'] = u'chris@example.com' + test_user['email_verified'] = True + test_user['status'] = u'active' + test_user['pw_hash'] = bcrypt_gen_password_hash('toast') + test_user.save() + + # test changing the bio and the URL properly + test_app.post( + '/edit/profile/', { + 'bio': u'I love toast!', + 'url': u'http://dustycloud.org/'}) + + test_user = mg_globals.database.User.one({'username': 'chris'}) + + assert test_user['bio'] == u'I love toast!' + assert test_user['url'] == u'http://dustycloud.org/' + + # test changing the bio and the URL inproperly + too_long_bio = 150 * 'T' + 150 * 'o' + 150 * 'a' + 150 * 's' + 150* 't' + + test_app.post( + '/edit/profile/', { + # more than 500 characters + 'bio': too_long_bio, + 'url': 'this-is-no-url'}) + + test_user = mg_globals.database.User.one({'username': 'chris'}) + + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/edit/edit_profile.html'] + form = context['edit_profile_form'] + + assert form.bio.errors == [u'Field must be between 0 and 500 characters long.'] + assert form.url.errors == [u'Improperly formed URL'] + + # test changing the url inproperly -- 2.25.1