Changeset - 019026a8cf67
Parent rev.
Child rev.
[Not reviewed]
beta
0 6 0
Marcin Kuzminski - 14 years ago 2011-10-25 03:02:28
marcin@python-works.com
implements #237 added password confirmation for my account and admin edit user.
6 files changed with 47 insertions and 9 deletions:
rhodecode/model/forms.py
7
5
rhodecode/templates/admin/users/user_add.html
10
1
rhodecode/templates/admin/users/user_edit.html
10
1
rhodecode/templates/admin/users/user_edit_my_account.html
13
2
rhodecode/tests/functional/test_admin_settings.py
4
rhodecode/tests/functional/test_admin_users.py
3
0 comments (0 inline, 0 general)
rhodecode/model/forms.py
Show inline comments
 
@@ -164,50 +164,51 @@ class ValidPassword(formencode.validator
 
                    e_dict = {'password':_('Invalid characters in password')}
 
                    raise formencode.Invalid('', value, state, error_dict=e_dict)
 

			




	
	
	
		
 
            if value.get('password_confirmation'):

			




	
	
	
		
 
                try:

			




	
	
	
		
 
                    value['password_confirmation'] = \

			




	
	
	
		
 
                        get_crypt_password(value['password_confirmation'])

			




	
	
	
		
 
                except UnicodeEncodeError:

			




	
	
	
		
 
                    e_dict = {'password_confirmation':_('Invalid characters in password')}

			




	
	
	
		
 
                    raise formencode.Invalid('', value, state, error_dict=e_dict)

			




	
	
	
		
 

			




	
	
	
		
 
            if value.get('new_password'):

			




	
	
	
		
 
                try:

			




	
	
	
		
 
                    value['new_password'] = \

			




	
	
	
		
 
                        get_crypt_password(value['new_password'])

			




	
	
	
		
 
                except UnicodeEncodeError:

			




	
	
	
		
 
                    e_dict = {'new_password':_('Invalid characters in password')}

			




	
	
	
		
 
                    raise formencode.Invalid('', value, state, error_dict=e_dict)

			




	
	
	
		
 

			




	
	
	
		
 
            return value

			




	
	
	
		
 

			




	
	
	
		
 
class ValidPasswordsMatch(formencode.validators.FancyValidator):

			




	
	
	
		
 

			




	
	
	
		
 
    def validate_python(self, value, state):

			




	
	
	
		
 

			




	
	
	
		
 
        if value['password'] != value['password_confirmation']:

			




	
	
	
		
 
        

			




	
	
	
		
 
        pass_val = value.get('password') or value.get('new_password')

			




	
	
	
		
 
        if pass_val != value['password_confirmation']:

			




	
	
	
		
 
            e_dict = {'password_confirmation':

			




	
	
	
		
 
                   _('Passwords do not match')}

			




	
	
	
		
 
            raise formencode.Invalid('', value, state, error_dict=e_dict)

			




	
	
	
		
 

			




	
	
	
		
 
class ValidAuth(formencode.validators.FancyValidator):

			




	
	
	
		
 
    messages = {

			




	
	
	
		
 
        'invalid_password':_('invalid password'),

			




	
	
	
		
 
        'invalid_login':_('invalid user name'),

			




	
	
	
		
 
        'disabled_account':_('Your account is disabled')

			




	
	
	
		
 
    }

			




	
	
	
		
 
    

			




	
	
	
		
 
    # error mapping

			




	
	
	
		
 
    e_dict = {'username':messages['invalid_login'],

			




	
	
	
		
 
              'password':messages['invalid_password']}

			




	
	
	
		
 
    e_dict_disable = {'username':messages['disabled_account']}

			




	
	
	
		
 

			




	
	
	
		
 
    def validate_python(self, value, state):

			




	
	
	
		
 
        password = value['password']

			




	
	
	
		
 
        username = value['username']

			




	
	
	
		
 
        user = User.get_by_username(username)

			




	
	
	
		
 

			




	
	
	
		
 
        if authenticate(username, password):

			




	
	
	
		
 
            return value

			




	
	
	
		
 
        else:

			




	
	
		
 
@@ -476,69 +477,70 @@ class AttrLoginValidator(formencode.vali

			




	
	
	
		
 
#===============================================================================

			




	
	
	
		
 
# FORMS

			




	
	
	
		
 
#===============================================================================

			




	
	
	
		
 
class LoginForm(formencode.Schema):

			




	
	
	
		
 
    allow_extra_fields = True

			




	
	
	
		
 
    filter_extra_fields = True

			




	
	
	
		
 
    username = UnicodeString(

			




	
	
	
		
 
                             strip=True,

			




	
	
	
		
 
                             min=1,

			




	
	
	
		
 
                             not_empty=True,

			




	
	
	
		
 
                             messages={

			




	
	
	
		
 
                                'empty':_('Please enter a login'),

			




	
	
	
		
 
                                'tooShort':_('Enter a value %(min)i characters long or more')}

			




	
	
	
		
 
                            )

			




	
	
	
		
 

			




	
	
	
		
 
    password = UnicodeString(

			




	
	
	
		
 
                            strip=True,

			




	
	
	
		
 
                            min=3,

			




	
	
	
		
 
                            not_empty=True,

			




	
	
	
		
 
                            messages={

			




	
	
	
		
 
                                'empty':_('Please enter a password'),

			




	
	
	
		
 
                                'tooShort':_('Enter %(min)i characters or more')}

			




	
	
	
		
 
                                )

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    #chained validators have access to all data

			




	
	
	
		
 
    chained_validators = [ValidAuth]

			




	
	
	
		
 

			




	
	
	
		
 
def UserForm(edit=False, old_data={}):

			




	
	
	
		
 
    class _UserForm(formencode.Schema):

			




	
	
	
		
 
        allow_extra_fields = True

			




	
	
	
		
 
        filter_extra_fields = True

			




	
	
	
		
 
        username = All(UnicodeString(strip=True, min=1, not_empty=True),

			




	
	
	
		
 
                       ValidUsername(edit, old_data))

			




	
	
	
		
 
        if edit:

			




	
	
	
		
 
            new_password = All(UnicodeString(strip=True, min=6, not_empty=False))

			




	
	
	
		
 
            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))

			




	
	
	
		
 
            admin = StringBoolean(if_missing=False)

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            password = All(UnicodeString(strip=True, min=6, not_empty=True))

			




	
	
	
		
 
            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))

			




	
	
	
		
 
            

			




	
	
	
		
 
        active = StringBoolean(if_missing=False)

			




	
	
	
		
 
        name = UnicodeString(strip=True, min=1, not_empty=True)

			




	
	
	
		
 
        lastname = UnicodeString(strip=True, min=1, not_empty=True)

			




	
	
	
		
 
        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

			




	
	
	
		
 

			




	
	
	
		
 
        chained_validators = [ValidPassword]

			




	
	
	
		
 
        chained_validators = [ValidPasswordsMatch, ValidPassword]

			




	
	
	
		
 

			




	
	
	
		
 
    return _UserForm

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def UsersGroupForm(edit=False, old_data={}, available_members=[]):

			




	
	
	
		
 
    class _UsersGroupForm(formencode.Schema):

			




	
	
	
		
 
        allow_extra_fields = True

			




	
	
	
		
 
        filter_extra_fields = True

			




	
	
	
		
 

			




	
	
	
		
 
        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

			




	
	
	
		
 
                       ValidUsersGroup(edit, old_data))

			




	
	
	
		
 

			




	
	
	
		
 
        users_group_active = StringBoolean(if_missing=False)

			




	
	
	
		
 

			




	
	
	
		
 
        if edit:

			




	
	
	
		
 
            users_group_members = OneOf(available_members, hideList=False,

			




	
	
	
		
 
                                        testValueList=True,

			




	
	
	
		
 
                                        if_missing=None, not_empty=False)

			




	
	
	
		
 

			




	
	
	
		
 
    return _UsersGroupForm

			




	
	
	
		
 

			




	
	
	
		
 
def ReposGroupForm(edit=False, old_data={}, available_groups=[]):

			




	
	
	
		
 
    class _ReposGroupForm(formencode.Schema):

			




	
	
	
		
 
        allow_extra_fields = True

			




        

    


    
    

    

        

                

                    rhodecode/templates/admin/users/user_add.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -23,49 +23,58 @@

			




	
	
	
		
 
        ${self.breadcrumbs()}       

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
    <!-- end box / title -->

			




	
	
	
		
 
    ${h.form(url('users'))}

			




	
	
	
		
 
    <div class="form">

			




	
	
	
		
 
        <!-- fields -->

			




	
	
	
		
 
        <div class="fields">

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="username">${_('Username')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('username',class_='small')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="password">${_('Password')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.password('password',class_='small')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="password_confirmation">${_('Password confirmation')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.password('password_confirmation',class_="small",autocomplete="off")}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>    

			




	
	
	
		
 
                         

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="name">${_('First Name')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('name',class_='small')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="lastname">${_('Last Name')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('lastname',class_='small')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="email">${_('Email')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('email',class_='small')}

			




        

    


    
    

    

        

                

                    rhodecode/templates/admin/users/user_edit.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -47,49 +47,58 @@

			




	
	
	
		
 
                    <label for="username">${_('Username')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('username',class_='medium')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="ldap_dn">${_('LDAP DN')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('ldap_dn',class_='medium')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="new_password">${_('New password')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.password('new_password',class_='medium',autocomplete="off")}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="password_confirmation">${_('New password confirmation')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.password('password_confirmation',class_="medium",autocomplete="off")}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
                         

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="name">${_('First Name')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('name',class_='medium')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="lastname">${_('Last Name')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('lastname',class_='medium')}

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
             </div>

			




	
	
	
		
 
            

			




	
	
	
		
 
             <div class="field">

			




	
	
	
		
 
                <div class="label">

			




	
	
	
		
 
                    <label for="email">${_('Email')}:</label>

			




	
	
	
		
 
                </div>

			




	
	
	
		
 
                <div class="input">

			




	
	
	
		
 
                    ${h.text('email',class_='medium')}

			




        

    


    
    

    

        

                

                    rhodecode/templates/admin/users/user_edit_my_account.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -36,49 +36,58 @@

			




	
	
	
		
 
             </div>   	    

			




	
	
	
		
 
	        <div class="field">

			




	
	
	
		
 
	            <div class="label">

			




	
	
	
		
 
	                <label>${_('API key')}</label> ${c.user.api_key}

			




	
	
	
		
 
	            </div>

			




	
	
	
		
 
	        </div>	    

			




	
	
	
		
 
	        <div class="fields">

			




	
	
	
		
 
	             <div class="field">

			




	
	
	
		
 
	                <div class="label">

			




	
	
	
		
 
	                    <label for="username">${_('Username')}:</label>

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	                <div class="input">

			




	
	
	
		
 
	                    ${h.text('username',class_="medium")}

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	             </div>

			




	
	
	
		
 
	            

			




	
	
	
		
 
	             <div class="field">

			




	
	
	
		
 
	                <div class="label">

			




	
	
	
		
 
	                    <label for="new_password">${_('New password')}:</label>

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	                <div class="input">

			




	
	
	
		
 
	                    ${h.password('new_password',class_="medium",autocomplete="off")}

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	             </div>

			




	
	
	
		
 
	            

			




	
	
	
		
 
                 

			




	
	
	
		
 
                 <div class="field">

			




	
	
	
		
 
                    <div class="label">

			




	
	
	
		
 
                        <label for="password_confirmation">${_('New password confirmation')}:</label>

			




	
	
	
		
 
                    </div>

			




	
	
	
		
 
                    <div class="input">

			




	
	
	
		
 
                        ${h.password('password_confirmation',class_="medium",autocomplete="off")}

			




	
	
	
		
 
                    </div>

			




	
	
	
		
 
                 </div>

			




	
	
	
		
 
                 	            

			




	
	
	
		
 
	             <div class="field">

			




	
	
	
		
 
	                <div class="label">

			




	
	
	
		
 
	                    <label for="name">${_('First Name')}:</label>

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	                <div class="input">

			




	
	
	
		
 
	                    ${h.text('name',class_="medium")}

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	             </div>

			




	
	
	
		
 
	            

			




	
	
	
		
 
	             <div class="field">

			




	
	
	
		
 
	                <div class="label">

			




	
	
	
		
 
	                    <label for="lastname">${_('Last Name')}:</label>

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	                <div class="input">

			




	
	
	
		
 
	                    ${h.text('lastname',class_="medium")}

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	             </div>

			




	
	
	
		
 
	            

			




	
	
	
		
 
	             <div class="field">

			




	
	
	
		
 
	                <div class="label">

			




	
	
	
		
 
	                    <label for="email">${_('Email')}:</label>

			




	
	
	
		
 
	                </div>

			




	
	
	
		
 
	                <div class="input">

			




	
	
	
		
 
	                    ${h.text('email',class_="medium")}

			




	
	
		
 
@@ -133,52 +142,54 @@

			




	
	
	
		
 
		             %if repo['dbrepo']['private']:

			




	
	
	
		
 
		                <img class="icon" alt="${_('private')}" src="${h.url("/images/icons/lock.png")}"/>

			




	
	
	
		
 
		             %else:

			




	
	
	
		
 
		                <img class="icon" alt="${_('public')}" src="${h.url("/images/icons/lock_open.png")}"/>

			




	
	
	
		
 
		             %endif

			




	
	
	
		
 
		                                             

			




	
	
	
		
 
		            ${h.link_to(repo['name'], h.url('summary_home',repo_name=repo['name']),class_="repo_name")}

			




	
	
	
		
 
		            %if repo['dbrepo_fork']:

			




	
	
	
		
 
		            	<a href="${h.url('summary_home',repo_name=repo['dbrepo_fork']['repo_name'])}">

			




	
	
	
		
 
		            	<img class="icon" alt="${_('public')}"

			




	
	
	
		
 
		            	title="${_('Fork of')} ${repo['dbrepo_fork']['repo_name']}" 

			




	
	
	
		
 
		            	src="${h.url('/images/icons/arrow_divide.png')}"/></a>

			




	
	
	
		
 
		            %endif		            

			




	
	
	
		
 
		            </td> 

			




	
	
	
		
 
		            <td><span class="tooltip" title="${repo['last_change']}">${("r%s:%s") % (repo['rev'],h.short_id(repo['tip']))}</span></td>

			




	
	
	
		
 
		            <td><a href="${h.url('repo_settings_home',repo_name=repo['name'])}" title="${_('edit')}"><img class="icon" alt="${_('private')}" src="${h.url('/images/icons/application_form_edit.png')}"/></a></td>

			




	
	
	
		
 
		            <td>

			




	
	
	
		
 
	                  ${h.form(url('repo_settings_delete', repo_name=repo['name']),method='delete')}

			




	
	
	
		
 
	                    ${h.submit('remove_%s' % repo['name'],'',class_="delete_icon action_button",onclick="return confirm('Confirm to delete this repository');")}

			




	
	
	
		
 
	                  ${h.end_form()}	            

			




	
	
	
		
 
		            </td>

			




	
	
	
		
 
		        </tr>

			




	
	
	
		
 
		     %endfor

			




	
	
	
		
 
	     %else:

			




	
	
	
		
 
            <div style="padding:5px 0px 10px 0px;">

			




	
	
	
		
 
	     	${_('No repositories yet')} 

			




	
	
	
		
 
	     	%if h.HasPermissionAny('hg.admin','hg.create.repository')():

			




	
	
	
		
 
	     		${h.link_to(_('create one now'),h.url('admin_settings_create_repository'))}

			




	
	
	
		
 
	     		${h.link_to(_('create one now'),h.url('admin_settings_create_repository'),class_="ui-button-small")}

			




	
	
	
		
 
	     	%endif

			




	
	
	
		
 
            </div>

			




	
	
	
		
 
	     %endif

			




	
	
	
		
 
	     </tbody>

			




	
	
	
		
 
	     </table>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
    

			




	
	
	
		
 
</div>

			




	
	
	
		
 
    <script type="text/javascript">

			




	
	
	
		
 
     var D = YAHOO.util.Dom;

			




	
	
	
		
 
     var E = YAHOO.util.Event;

			




	
	
	
		
 
     var S = YAHOO.util.Selector;

			




	
	
	
		
 
     

			




	
	
	
		
 
     var q_filter = D.get('q_filter');

			




	
	
	
		
 
     var F = YAHOO.namespace('q_filter'); 

			




	
	
	
		
 
     

			




	
	
	
		
 
     E.on(q_filter,'click',function(){

			




	
	
	
		
 
        q_filter.value = '';

			




	
	
	
		
 
     });

			




	
	
	
		
 

			




	
	
	
		
 
     F.filterTimeout = null;

			




	
	
	
		
 
     

			




	
	
	
		
 
     F.updateFilter  = function() { 

			




	
	
	
		
 
        // Reset timeout 

			




	
	
	
		
 
        F.filterTimeout = null;

			




	
	
	
		
 
        

			




        

    


    
    

    

        

                

                    rhodecode/tests/functional/test_admin_settings.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -116,93 +116,97 @@ class TestAdminSettingsController(TestCo

			




	
	
	
		
 
            response = response.follow()

			




	
	
	
		
 
            self.assertTrue("""<h1><a href="/">%s</a></h1>""" % new_title

			




	
	
	
		
 
                        in response.body)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    def test_my_account(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        response = self.app.get(url('admin_settings_my_account'))

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertTrue('value="test_admin' in response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_my_account_update(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 

			




	
	
	
		
 
        new_email = 'new@mail.pl'

			




	
	
	
		
 
        new_name = 'NewName'

			




	
	
	
		
 
        new_lastname = 'NewLastname'

			




	
	
	
		
 
        new_password = 'test123'

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('admin_settings_my_account_update'),

			




	
	
	
		
 
                                 params=dict(_method='put',

			




	
	
	
		
 
                                             username='test_admin',

			




	
	
	
		
 
                                             new_password=new_password,

			




	
	
	
		
 
                                             password_confirmation = new_password,

			




	
	
	
		
 
                                             password='',

			




	
	
	
		
 
                                             name=new_name,

			




	
	
	
		
 
                                             lastname=new_lastname,

			




	
	
	
		
 
                                             email=new_email,))

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'

			




	
	
	
		
 
        user = self.sa.query(User).filter(User.username == 'test_admin').one()

			




	
	
	
		
 
        assert user.email == new_email , 'incorrect user email after update got %s vs %s' % (user.email, new_email)

			




	
	
	
		
 
        assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)

			




	
	
	
		
 
        assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)

			




	
	
	
		
 
        assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)

			




	
	
	
		
 

			




	
	
	
		
 
        #bring back the admin settings

			




	
	
	
		
 
        old_email = 'test_admin@mail.com'

			




	
	
	
		
 
        old_name = 'RhodeCode'

			




	
	
	
		
 
        old_lastname = 'Admin'

			




	
	
	
		
 
        old_password = 'test12'

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

			




	
	
	
		
 
                                                            _method='put',

			




	
	
	
		
 
                                                            username='test_admin',

			




	
	
	
		
 
                                                            new_password=old_password,

			




	
	
	
		
 
                                                            password_confirmation = old_password,

			




	
	
	
		
 
                                                            password='',

			




	
	
	
		
 
                                                            name=old_name,

			




	
	
	
		
 
                                                            lastname=old_lastname,

			




	
	
	
		
 
                                                            email=old_email,))

			




	
	
	
		
 

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        self.checkSessionFlash(response,

			




	
	
	
		
 
                               'Your account was updated successfully')

			




	
	
	
		
 

			




	
	
	
		
 
        user = self.sa.query(User).filter(User.username == 'test_admin').one()

			




	
	
	
		
 
        assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)

			




	
	
	
		
 

			




	
	
	
		
 
        assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)

			




	
	
	
		
 
        assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name)

			




	
	
	
		
 
        assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)

			




	
	
	
		
 
        assert check_password(old_password, user.password) is True , 'password updated field mismatch %s vs %s' % (user.password, old_password)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    def test_my_account_update_err_email_exists(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 

			




	
	
	
		
 
        new_email = 'test_regular@mail.com'#already exisitn email

			




	
	
	
		
 
        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

			




	
	
	
		
 
                                                            _method='put',

			




	
	
	
		
 
                                                            username='test_admin',

			




	
	
	
		
 
                                                            new_password='test12',

			




	
	
	
		
 
                                                            password_confirmation = 'test122',

			




	
	
	
		
 
                                                            name='NewName',

			




	
	
	
		
 
                                                            lastname='NewLastname',

			




	
	
	
		
 
                                                            email=new_email,))

			




	
	
	
		
 

			




	
	
	
		
 
        assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    def test_my_account_update_err(self):

			




	
	
	
		
 
        self.log_user('test_regular2', 'test12')

			




	
	
	
		
 

			




	
	
	
		
 
        new_email = 'newmail.pl'

			




	
	
	
		
 
        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

			




	
	
	
		
 
                                                            _method='put',

			




	
	
	
		
 
                                                            username='test_admin',

			




	
	
	
		
 
                                                            new_password='test12',

			




	
	
	
		
 
                                                            password_confirmation = 'test122',

			




	
	
	
		
 
                                                            name='NewName',

			




	
	
	
		
 
                                                            lastname='NewLastname',

			




	
	
	
		
 
                                                            email=new_email,))

			




	
	
	
		
 
        assert 'An email address must contain a single @' in response.body, 'Missing error message about wrong email'

			




	
	
	
		
 
        assert 'This username already exists' in response.body, 'Missing error message about existing user'

			




        

    


    
    

    

        

                

                    rhodecode/tests/functional/test_admin_users.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
from rhodecode.tests import *

			




	
	
	
		
 
from rhodecode.model.db import User

			




	
	
	
		
 
from rhodecode.lib.auth import check_password

			




	
	
	
		
 
from sqlalchemy.orm.exc import NoResultFound

			




	
	
	
		
 

			




	
	
	
		
 
class TestAdminUsersController(TestController):

			




	
	
	
		
 

			




	
	
	
		
 
    def test_index(self):

			




	
	
	
		
 
        response = self.app.get(url('users'))

			




	
	
	
		
 
        # Test response...

			




	
	
	
		
 

			




	
	
	
		
 
    def test_index_as_xml(self):

			




	
	
	
		
 
        response = self.app.get(url('formatted_users', format='xml'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_create(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'newtestuser'

			




	
	
	
		
 
        password = 'test12'

			




	
	
	
		
 
        password_confirmation = password

			




	
	
	
		
 
        name = 'name'

			




	
	
	
		
 
        lastname = 'lastname'

			




	
	
	
		
 
        email = 'mail@mail.com'

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('users'), {'username':username,

			




	
	
	
		
 
                                               'password':password,

			




	
	
	
		
 
                                               'password_confirmation':password_confirmation,

			




	
	
	
		
 
                                               'name':name,

			




	
	
	
		
 
                                               'active':True,

			




	
	
	
		
 
                                               'lastname':lastname,

			




	
	
	
		
 
                                               'email':email})

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        assert '''created user %s''' % (username) in response.session['flash'][0], 'No flash message about new user'

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = self.sa.query(User).filter(User.username == username).one()

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        assert new_user.username == username, 'wrong info about username'

			




	
	
	
		
 
        assert check_password(password, new_user.password) == True , 'wrong info about password'

			




	
	
	
		
 
        assert new_user.name == name, 'wrong info about name'

			




	
	
	
		
 
        assert new_user.lastname == lastname, 'wrong info about lastname'

			




	
	
	
		
 
        assert new_user.email == email, 'wrong info about email'

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
        response.follow()

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 
        assert """edit">newtestuser</a>""" in response.body

			




	
	
	
		
 

			




	
	
	
		
 
    def test_create_err(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
		
 
@@ -69,48 +71,49 @@ class TestAdminUsersController(TestContr

			




	
	
	
		
 
        self.assertRaises(NoResultFound, get_user), 'found user in database'

			




	
	
	
		
 

			




	
	
	
		
 
    def test_new(self):

			




	
	
	
		
 
        response = self.app.get(url('new_user'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_new_as_xml(self):

			




	
	
	
		
 
        response = self.app.get(url('formatted_new_user', format='xml'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_update(self):

			




	
	
	
		
 
        response = self.app.put(url('user', id=1))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_update_browser_fakeout(self):

			




	
	
	
		
 
        response = self.app.post(url('user', id=1), params=dict(_method='put'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        username = 'newtestuserdeleteme'

			




	
	
	
		
 
        password = 'test12'

			




	
	
	
		
 
        name = 'name'

			




	
	
	
		
 
        lastname = 'lastname'

			




	
	
	
		
 
        email = 'todeletemail@mail.com'

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.post(url('users'), {'username':username,

			




	
	
	
		
 
                                               'password':password,

			




	
	
	
		
 
                                               'password_confirmation':password,

			




	
	
	
		
 
                                               'name':name,

			




	
	
	
		
 
                                               'active':True,

			




	
	
	
		
 
                                               'lastname':lastname,

			




	
	
	
		
 
                                               'email':email})

			




	
	
	
		
 

			




	
	
	
		
 
        response = response.follow()

			




	
	
	
		
 

			




	
	
	
		
 
        new_user = self.sa.query(User).filter(User.username == username).one()

			




	
	
	
		
 
        response = self.app.delete(url('user', id=new_user.user_id))

			




	
	
	
		
 

			




	
	
	
		
 
        assert """successfully deleted user""" in response.session['flash'][0], 'No info about user deletion'

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_browser_fakeout(self):

			




	
	
	
		
 
        response = self.app.post(url('user', id=1), params=dict(_method='delete'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_show(self):

			




	
	
	
		
 
        response = self.app.get(url('user', id=1))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_show_as_xml(self):

			




	
	
	
		
 
        response = self.app.get(url('formatted_user', id=1, format='xml'))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_edit(self):

			




	
	
	
		
 
        response = self.app.get(url('edit_user', id=1))

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.