Changeset 1d92bf2 in OpenWorkouts-current for ow/tests/views/test_user.py

Timestamp:

Dec 16, 2018, 1:07:04 AM (5 years ago)

Author:

borja <borja@…>

Branches:

current, feature/docs, master

Children:

6560b8f

Parents:

929097a

Message:

(#37) Allow login using email address instead of username:

• Use user uids as keys in the root folder for referencing user objects (instead of username)

• Use uids for referencing users all over the place (auth, permissions, traversal urls, etc)

• Replaced the username concept with nickname. This nickname will be used as a shortcut to access "public profile" pages for users

• Reworked lots of basic methods in the OpenWorkouts root object (s/username/nickname, marked as properties some methods like users, emails, etc)

• Added new add_user() and delete_user() helpers to the OpenWorkouts root object

• Modified views to match the new OpenWorkouts root helpers

• Fixed bug in the dashboard redirect view, causing an endless loop if an authenticated user does not exist anymore when loading a page.

• Lots of tests fixes, adaptations and catch up.

File:

• ow/tests/views/test_user.py (modified) (24 diffs)

ow/tests/views/test_user.py

@@ -24 +24 @@
 
     @pytest.fixture
-    def root(self):
+    def john(self):
+        user = User(firstname='John', lastname='Doe',
+                    email='john.doe@example.net')
+        user.password = 's3cr3t'
+        return user
+
+    @pytest.fixture
+    def root(self, john):
         root = OpenWorkouts()
-        root['john'] = User(firstname='John', lastname='Doe',
-                            email='john.doe@example.net')
-        root['john'].password = 's3cr3t'
+        root.add_user(john)
         workout = Workout(
             start=datetime(2015, 6, 28, 12, 55, tzinfo=timezone.utc),
@@ -34 +39 @@
             distance=30
         )
-        root['john'].add_workout(workout)
+        john.add_workout(workout)
         return root
 
@@ -44 +49 @@
 
     @pytest.fixture
-    def profile_post_request(self, root):
+    def profile_post_request(self, root, john):
         """
         This is a valid POST request to update an user profile.
         Form will validate, but nothing will be really updated/changed.
         """
-        user = root['john']
+        user = john
         request = DummyRequest()
         request.root = root
@@ -94 +99 @@
         request.POST = MultiDict({
             'submit': True,
-            'username': 'JackBlack',
+            'nickname': 'JackBlack',
             'email': 'jack.black@example.net',
             'firstname': 'Jack',
@@ -134 +139 @@
         assert response.location == '/dashboard'
 
-    def test_dashboard(self, dummy_request):
+    def test_dashboard(self, dummy_request, john):
         """
         Renders the user dashboard
         """
         request = dummy_request
-        user = request.root['john']
-        response = user_views.dashboard(user, request)
+        response = user_views.dashboard(john, request)
         assert response == {}
 
-    def test_profile(self, dummy_request):
+    def test_profile(self, dummy_request, john):
         """
         Renders the user profile page
         """
         request = dummy_request
-        user = request.root['john']
-        response = user_views.profile(user, request)
+        response = user_views.profile(john, request)
         assert response == {}
 
@@ -159 +162 @@
         response = user_views.login(request.root, request)
         assert response['message'] == ''
-        assert response['username'] == ''
+        assert response['email'] == ''
         assert response['password'] == ''
         assert response['redirect_url'] == request.resource_url(request.root)
 
-    def test_login_get_return_to(self, dummy_request):
+    def test_login_get_return_to(self, dummy_request, john):
         """
         GET request to access the login page, if there is a page set to where
@@ -170 +173 @@
         """
         request = dummy_request
-        workout = request.root['john'].workouts()[0]
+        workout = john.workouts()[0]
         workout_url = request.resource_url(workout)
         request.params['return_to'] = workout_url
@@ -176 +179 @@
         assert response['redirect_url'] == workout_url
 
-    def test_login_post_bad_username(self, dummy_request):
+    def test_login_post_wrong_email(self, dummy_request):
         request = dummy_request
         request.method = 'POST'
         request.POST['submit'] = True
-        request.POST['username'] = 'jack'
+        request.POST['email'] = 'jack@example.net'
         response = user_views.login(request.root, request)
-        assert response['message'] == u'Bad username'
-
-    def test_login_post_bad_password(self, dummy_request):
+        assert response['message'] == u'Wrong email address'
+
+    def test_login_post_wrong_password(self, dummy_request):
         request = dummy_request
         request.method = 'POST'
         request.POST['submit'] = True
-        request.POST['username'] = 'john'
+        request.POST['email'] = 'john.doe@example.net'
         request.POST['password'] = 'badpassword'
         response = user_views.login(request.root, request)
-        assert response['message'] == u'Bad password'
+        assert response['message'] == u'Wrong password'
 
     @patch('ow.views.user.remember')
@@ -198 +201 @@
         request.method = 'POST'
         request.POST['submit'] = True
-        request.POST['username'] = 'john'
+        request.POST['email'] = 'john.doe@example.net'
         request.POST['password'] = 's3cr3t'
         response = user_views.login(request.root, request)
@@ -216 +219 @@
 
     @pytest.mark.parametrize('extension', extensions)
-    def test_profile_picture(self, extension, dummy_request):
+    def test_profile_picture(self, extension, dummy_request, john):
         """
         GET request to get the profile picture of an user.
@@ -222 +225 @@
         request = dummy_request
         # Get the user
-        user = request.root['john']
+        user = john
         # Get the path to the image, then open it and copy it to a new Blob
         # object
@@ -242 +245 @@
         assert response.content_type == 'image'
 
-    def test_edit_profile_get(self, dummy_request):
+    def test_edit_profile_get(self, dummy_request, john):
         """
         GET request to the edit profile page, returns the form ready to
@@ -248 +251 @@
         """
         request = dummy_request
-        user = request.root['john']
+        user = john
         response = user_views.edit_profile(user, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -261 +264 @@
         assert response['form'].data['email'] == 'john.doe@example.net'
 
-    def test_edit_profile_post_ok(self, profile_post_request):
+    def test_edit_profile_post_ok(self, profile_post_request, john):
         request = profile_post_request
-        user = request.root['john']
+        user = john
         # Update the bio field
         bio = 'Some text about this user'
@@ -272 +275 @@
         assert user.bio == bio
 
-    def test_edit_profile_post_missing_required(self, profile_post_request):
+    def test_edit_profile_post_missing_required(
+            self, profile_post_request, john):
         request = profile_post_request
         request.POST['email'] = ''
-        user = request.root['john']
+        user = john
         response = user_views.edit_profile(user, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -284 +288 @@
         assert response['form'].errors_for('email') == [error]
 
-    def test_change_password_get(self, dummy_request):
-        request = dummy_request
-        user = request.root['john']
+    def test_change_password_get(self, dummy_request, john):
+        request = dummy_request
+        user = john
         response = user_views.change_password(user, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -292 +296 @@
         assert response['form'].errorlist() == ''
 
-    def test_change_password_post_ok(self, passwd_post_request):
+    def test_change_password_post_ok(self, passwd_post_request, john):
         request = passwd_post_request
-        user = request.root['john']
+        user = john
         request.POST['old_password'] = 's3cr3t'
         request.POST['password'] = 'h1dd3n s3cr3t'
@@ -305 +309 @@
         assert user.check_password('h1dd3n s3cr3t')
 
-    def test_change_password_post_no_values(self, passwd_post_request):
+    def test_change_password_post_no_values(self, passwd_post_request, john):
         request = passwd_post_request
-        user = request.root['john']
+        user = john
         response = user_views.change_password(user, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -322 +326 @@
         assert user.check_password('s3cr3t')
 
-    def test_change_password_post_bad_old_password(self, passwd_post_request):
+    def test_change_password_post_bad_old_password(
+            self, passwd_post_request, john):
         request = passwd_post_request
-        user = request.root['john']
+        user = john
         request.POST['old_password'] = 'FAIL PASSWORD'
         request.POST['password'] = 'h1dd3n s3cr3t'
@@ -338 +343 @@
         assert not user.check_password('h1dd3n s3cr3t')
 
-    def test_change_password_post_password_mismatch(self, passwd_post_request):
+    def test_change_password_post_password_mismatch(
+            self, passwd_post_request, john):
         request = passwd_post_request
-        user = request.root['john']
+        user = john
         request.POST['old_password'] = 's3cr3t'
         request.POST['password'] = 'h1dd3n s3cr3ts'
@@ -363 +369 @@
     def test_signup_post_ok(self, signup_post_request):
         request = signup_post_request
-        assert 'JackBlack' not in request.root.all_usernames()
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
         response = user_views.signup(request.root, request)
         assert isinstance(response, HTTPFound)
         assert response.location == request.resource_url(request.root)
-        assert 'JackBlack' in request.root.all_usernames()
+        assert 'jack.black@example.net' in request.root.emails
+        assert 'JackBlack' in request.root.all_nicknames
 
     def test_signup_missing_required(self, signup_post_request):
         request = signup_post_request
         request.POST['email'] = ''
-        assert 'JackBlack' not in request.root.all_usernames()
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
         response = user_views.signup(request.root, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -382 +391 @@
         assert errorlist == html_error
         assert response['form'].errors_for('email') == [error]
-        assert 'JackBlack' not in request.root.all_usernames()
-
-    def test_signup_existing_username(self, signup_post_request):
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
+
+    def test_signup_existing_nickname(self, signup_post_request, john):
         request = signup_post_request
-        request.POST['username'] = 'john'
-        assert 'JackBlack' not in request.root.all_usernames()
+        # assign john a nickname first
+        john.nickname = 'john'
+        # now set it for the POST request
+        request.POST['nickname'] = 'john'
+        # check jack is not there yet
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
+        # now signup as jack, but trying to set the nickname 'john'
         response = user_views.signup(request.root, request)
         assert isinstance(response['form'], OWFormRenderer)
-        error = u'Another user is already registered with the username john'
+        error = u'Another user is already using the nickname john'
         html_error = '<ul class="error">'
         html_error += '<li>' + error + '</li>'
@@ -396 +412 @@
         errorlist = response['form'].errorlist().replace('\n', '')
         assert errorlist == html_error
-        assert response['form'].errors_for('username') == [error]
-        assert 'JackBlack' not in request.root.all_usernames()
+        assert response['form'].errors_for('nickname') == [error]
+        # all the errors, and jack is not there
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
 
     def test_signup_existing_email(self, signup_post_request):
         request = signup_post_request
         request.POST['email'] = 'john.doe@example.net'
-        assert 'JackBlack' not in request.root.all_usernames()
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames
         response = user_views.signup(request.root, request)
         assert isinstance(response['form'], OWFormRenderer)
@@ -413 +432 @@
         assert errorlist == html_error
         assert response['form'].errors_for('email') == [error]
-        assert 'JackBlack' not in request.root.all_usernames()
+        assert 'jack.black@example.net' not in request.root.emails
+        assert 'JackBlack' not in request.root.all_nicknames