Files
@ cec84c4675ce
Branch filter:
Location: kallithea/LICENSE-MERGELY.html
cec84c4675ce
5.6 KiB
text/html
tests: remove race condition in test_forgot_password
One in so many times, test_forgot_password failed with:
kallithea/tests/functional/test_login.py:427: in test_forgot_password
assert '\n%s\n' % token in body
E assert ('\n%s\n' % 'd71ad3ed3c6ca637ad00b7098828d33c56579201') in
"Password Reset Request\n\nHello passwd reset,\n\nWe have received a
request to reset the password for your account.\n\nTo
s...7e89326ca372ade1d424dafb106d824cddb\n\nIf it weren't you who
requested the password reset, just disregard this message.\n"
i.e. the expected token is not the one in the email.
The token is calculated based on a timestamp (among others). And the token
is calculated twice: once in the real code and once in the test, each time
on a slightly different timestamp. Even though there is flooring of the
timestamp to a second resolution, there will always be a race condition
where the two timestamps floor to a different second, e.g. 4.99 vs 5.01.
The problem can be reproduced reliably by adding a sleep of e.g. 2 seconds
before generating the password reset mail (after the test has already
calculated the expected token).
Solve this problem by mocking the time.time() used to generate the
timestamp, so that the timestamp used for the real token is the same as the
one used for the expected token in the test.
One in so many times, test_forgot_password failed with:
kallithea/tests/functional/test_login.py:427: in test_forgot_password
assert '\n%s\n' % token in body
E assert ('\n%s\n' % 'd71ad3ed3c6ca637ad00b7098828d33c56579201') in
"Password Reset Request\n\nHello passwd reset,\n\nWe have received a
request to reset the password for your account.\n\nTo
s...7e89326ca372ade1d424dafb106d824cddb\n\nIf it weren't you who
requested the password reset, just disregard this message.\n"
i.e. the expected token is not the one in the email.
The token is calculated based on a timestamp (among others). And the token
is calculated twice: once in the real code and once in the test, each time
on a slightly different timestamp. Even though there is flooring of the
timestamp to a second resolution, there will always be a race condition
where the two timestamps floor to a different second, e.g. 4.99 vs 5.01.
The problem can be reproduced reliably by adding a sleep of e.g. 2 seconds
before generating the password reset mail (after the test has already
calculated the expected token).
Solve this problem by mocking the time.time() used to generate the
timestamp, so that the timestamp used for the real token is the same as the
one used for the expected token in the test.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 | <!DOCTYPE html>
<html lang="en">
<!--[if IE]>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<![endif]-->
<head>
<meta charset="utf-8" /><title>Mergely License</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8"/>
<meta name="description" content="Mergely license requirements for open source software and commercial software" />
<meta name="keywords" content="diff,merge,compare,compare documents,js diff,javascript diff,comparison,online diff,difference,file,text,unix,patch,algorithm,saas,longest common subsequence,diff online" />
<meta name="author" content="Jamie Peabody" />
<meta name="author" content="Jamie Peabody" />
<link rel="shortcut icon" href="http://www.mergely.com/favicon.ico" />
<link href='http://fonts.googleapis.com/css?family=Noto+Sans:400,700' rel='stylesheet' type='text/css' />
<link href='fonts/berlin-sans-fb-demi.css' rel='stylesheet' type='text/css' />
<link href='style/mergely.css' rel='stylesheet' type='text/css' />
<link href='/Mergely/lib/mergely.css' rel='stylesheet' type='text/css' />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-85576-5']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body>
<div id="page">
<div id="content">
<div id="header">
<h1><span>Mergely License - Closed Distribution License</span></h1>
<div id="options">
<a href="/editor" class="button">Online Diff</a>
<a href="/download" class="button">Download</a>
</div>
<nav>
<ul>
<li><a href="/">Home</a></li> <li><a href="/doc">Documentation</a></li> <li><a href="/about">About Mergely</a></li> <li><a href="/license">License</a></li> <li><a href="#footer">Contact</a></li> </ul>
</nav>
</div>
<div id="main">
<h1>Mergely License</h1>
<p>
All Mergely code is Copyright 2014 by Jamie Peabody.
Mergely is distributed under the
<a href="http://www.gnu.org/licenses/gpl.html">GPL</a>,
<a href="http://www.gnu.org/licenses/lgpl.html">LGPL</a>
and
<a href="http://www.mozilla.org/MPL/MPL-1.1.html">MPL</a> open source licenses.
This triple <b>copyleft</b> licensing model avoids incompatibility with other open
source licenses. These open source licenses are specially indicated for:
<ul>
<li>Integrating Mergely into Open Source software;</li>
<li>Personal and educational use of Mergely;</li>
<li>
Integrating Mergely in commercial software, taking care of satisfying
the Open Source licenses terms, while not able or interested on supporting
Mergely and its development.
</li>
</ul>
</p>
<h2>Mergely Commercial License - Closed Distribution License - CDL</h2>
<p>
You may contact <a href="mailto:jamie.peabody@gmail.com">Jamie Peabody</a> to enquire about
obtaining a CDL license.
</p>
<p>
This license offers a very flexible way to integrate Mergely in your commercial
application. These are the main advantages it offers over an Open Source license:
</p>
<p>
Modifications and enhancements do not need to be released under an Open
Source license; There is no need to distribute any Open Source license terms
along with your product and no reference to it have to be done; You do not have
to mention any reference to Mergely in your product; Mergely source code does not
have to be distributed with your product; You can remove any file from Mergely
when integrating it with your product.
</p>
<p>
The CDL is a lifetime license valid for all previous releases of Mergely published
prior to the year of purchase, and any releases in the following year. Please select
the license option that best fit your needs above. It includes 1 year of
<b>personal e-mail support</b>.
</p>
<h2>Third party codes</h2>
<p>
Mergely utilizes <b>CodeMirror</b>, a third-party library released under an
<a href="http://en.wikipedia.org/wiki/MIT_License">MIT</a>
license. Also used is <b>jQuery</b> and is released under the
<a href="http://en.wikipedia.org/wiki/MIT_License">MIT</a> or
<a href="http://www.gnu.org/licenses/gpl.html">GPL</a> Version 2 license.
</p>
</div>
<div id="footer">
<a href="/download" class="download">Download</a>
<ul>
<li id="google-plus"><a target="_blank" href="http://groups.google.com/group/mergely">http://groups.google.com/group/mergely</a></li>
<li id="github"><a target="_blank" href="https://github.com/wickedest/Mergely">https://github.com/wickedest/Mergely</a></li>
<li id="email"><a target="_blank" href="mailto:jamie.peabody@gmail.com">jamie.peabody@gmail.com</a></li>
</ul>
</div>
</div>
<div id="copyright">By <b>Jamie Peabody</b></div>
</div>
</body>
</html>
|