Files
2025-05-20 11:57:43 -04:00

296 lines
11 KiB
Python

from flask import url_for
from lib.tests import assert_status_with_message, ViewTestMixin
from snakeeyes.blueprints.user.models import User
class TestLogin(ViewTestMixin):
def test_login_page(self):
""" Login page renders successfully. """
response = self.client.get(url_for('user.login'))
assert response.status_code == 200
def test_login(self):
""" Login successfully. """
response = self.login()
assert response.status_code == 200
def test_login_activity(self, users):
""" Login successfully and update the activity stats. """
user = User.find_by_identity('admin@local.host')
old_sign_in_count = user.sign_in_count
response = self.login()
new_sign_in_count = user.sign_in_count
assert response.status_code == 200
assert (old_sign_in_count + 1) == new_sign_in_count
def test_login_disable(self):
""" Login failure due to account being disabled. """
response = self.login(identity='disabled@local.host')
assert_status_with_message(200, response,
'This account has been disabled.')
def test_login_fail(self):
""" Login failure due to invalid login credentials. """
response = self.login(identity='foo@bar.com')
assert_status_with_message(200, response,
'Identity or password is incorrect.')
def test_logout(self):
""" Logout successfully. """
self.login()
response = self.logout()
assert_status_with_message(200, response, 'You have been logged out.')
class TestPasswordReset(ViewTestMixin):
def test_begin_password_reset_page(self):
""" Begin password reset renders successfully. """
response = self.client.get(url_for('user.begin_password_reset'))
assert response.status_code == 200
def test_password_reset_page(self):
""" Password reset renders successfully. """
response = self.client.get(url_for('user.password_reset'))
assert response.status_code == 200
def test_begin_password_reset_as_logged_in(self):
""" Begin password reset should redirect to settings. """
self.login()
response = self.client.get(url_for('user.begin_password_reset'),
follow_redirects=False)
assert response.status_code == 302
def test_password_reset_as_logged_in(self):
""" Password reset should redirect to settings. """
self.login()
response = self.client.get(url_for('user.password_reset'),
follow_redirects=False)
assert response.status_code == 302
def test_begin_password_reset_fail(self):
""" Begin reset failure due to using a non-existent account. """
user = {'identity': 'foo@invalid.com'}
response = self.client.post(url_for('user.begin_password_reset'),
data=user, follow_redirects=True)
assert_status_with_message(200, response, 'Unable to locate account.')
def test_begin_password_reset(self):
""" Begin password reset successfully. """
user = {'identity': 'admin@local.host'}
response = self.client.post(url_for('user.begin_password_reset'),
data=user, follow_redirects=True)
assert_status_with_message(200, response,
'An email has been sent to {0}.'.format(
'admin@local.host'))
def test_password_reset(self, users, token):
""" Reset successful. """
reset = {'password': 'newpassword', 'reset_token': token}
response = self.client.post(url_for('user.password_reset'), data=reset,
follow_redirects=True)
assert_status_with_message(200, response,
'Your password has been reset.')
admin = User.find_by_identity('admin@local.host')
assert admin.password != 'newpassword'
def test_password_reset_empty_token(self):
""" Reset failure due to empty reset token. """
reset = {'password': 'newpassword'}
response = self.client.post(url_for('user.password_reset'), data=reset,
follow_redirects=True)
assert_status_with_message(200, response,
'Your reset token has expired or was '
'tampered with.')
def test_password_reset_invalid_token(self):
""" Reset failure due to tampered reset token. """
reset = {'password': 'newpassword', 'token': '123'}
response = self.client.post(url_for('user.password_reset'), data=reset,
follow_redirects=True)
assert_status_with_message(200, response,
'Your reset token has expired or was '
'tampered with.')
class TestSignup(ViewTestMixin):
def test_signup_page(self):
""" Signup renders successfully. """
response = self.client.get(url_for('user.signup'))
assert response.status_code == 200
def test_welcome_page(self, users):
""" Welcome renders successfully. """
self.login()
response = self.client.get(url_for('user.welcome'))
assert response.status_code == 200
def test_begin_signup_fail_logged_in(self, users):
""" Signup should redirect to settings. """
self.login()
response = self.client.get(url_for('user.signup'),
follow_redirects=False)
assert response.status_code == 302
def test_begin_signup_fail(self):
""" Signup failure due to using an account that exists. """
user = {'email': 'admin@local.host', 'password': 'password'}
response = self.client.post(url_for('user.signup'), data=user,
follow_redirects=True)
assert_status_with_message(200, response, 'Already exists.')
def test_signup(self, users):
""" Signup successfully. """
old_user_count = User.query.count()
user = {'email': 'new@local.host', 'password': 'password'}
response = self.client.post(url_for('user.signup'), data=user,
follow_redirects=True)
assert_status_with_message(200, response,
'Awesome, thanks for signing up!')
new_user_count = User.query.count()
assert (old_user_count + 1) == new_user_count
new_user = User.find_by_identity('new@local.host')
assert new_user.password != 'password'
def test_welcome(self, users):
""" Create username successfully. """
self.login()
user = {'username': 'hello'}
response = self.client.post(url_for('user.welcome'), data=user,
follow_redirects=True)
assert_status_with_message(200, response,
'Sign up is complete, enjoy our services.')
def test_welcome_with_existing_username(self, users):
""" Create username failure due to username already existing. """
self.login()
u = User.find_by_identity('admin@local.host')
u.username = 'hello'
u.save()
user = {'username': 'hello'}
response = self.client.post(url_for('user.welcome'), data=user,
follow_redirects=True)
assert_status_with_message(200, response,
'You already picked a username.')
class TestSettings(ViewTestMixin):
def test_settings_page(self):
""" Settings renders successfully. """
self.login()
response = self.client.get(url_for('user.settings'))
assert response.status_code == 200
class TestUpdateCredentials(ViewTestMixin):
def test_update_credentials_page(self):
""" Update credentials renders successfully. """
self.login()
response = self.client.get(url_for('user.update_credentials'))
assert response.status_code == 200
def test_begin_update_credentials_invalid_current(self):
""" Update credentials failure due to invalid current password. """
self.login()
user = {'current_password': 'nope', 'email': 'admin@local.host'}
response = self.client.post(url_for('user.update_credentials'),
data=user, follow_redirects=True)
assert_status_with_message(200, response, 'Does not match.')
def test_begin_update_credentials_existing_email(self):
""" Update credentials failure due to existing account w/ email. """
self.login()
user = {
'current_password': 'password',
'email': 'disabled@local.host'
}
response = self.client.post(url_for('user.update_credentials'),
data=user, follow_redirects=True)
assert_status_with_message(200, response, 'Already exists.')
def test_begin_update_credentials_email_change(self):
""" Update credentials but only the e-mail address. """
self.login()
user = {
'current_password': 'password',
'email': 'admin2@local.host'
}
response = self.client.post(url_for('user.update_credentials'),
data=user, follow_redirects=True)
assert_status_with_message(200, response,
'Your sign in settings have been updated.')
old_user = User.find_by_identity('admin@local.host')
assert old_user is None
new_user = User.find_by_identity('admin2@local.host')
assert new_user is not None
def test_begin_update_credentials_password_change(self, client):
""" Update credentials but only the password. """
self.login()
user = {
'current_password': 'password',
'email': 'admin@local.host',
'password': 'newpassword'
}
response = self.client.post(url_for('user.update_credentials'),
data=user, follow_redirects=True)
assert response.status_code == 200
self.logout()
self.login()
assert response.status_code == 200
def test_begin_update_credentials_email_password(self):
""" Update both the email and a new password. """
self.login()
user = {
'current_password': 'password',
'email': 'admin2@local.host',
'password': 'newpassword'
}
response = self.client.post(url_for('user.update_credentials'),
data=user, follow_redirects=True)
assert response.status_code == 200