tmeissner
/
flasky
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27 Commits
1 Branch
1.8 MiB
Tree: e61ae9a2c8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e61ae9a2c8'
${ noResults }
flasky/tests/test_user_model.py

139 lines
4.9 KiB
Raw Normal View History

Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 9: User roles and permissions (9a)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 9: User roles and permissions (9a)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
Chapter 9: User roles and permissions (9a)
6 years ago
 
  1. import unittest
  2. import time
  3. from app import create_app, db
  4. from app.models import User, AnonymousUser, Role, Permission
  5. 

  6. 

  7. class UserModelTestCase(unittest.TestCase):
  8.     def setUp(self):
  9.         self.app = create_app('testing')
  10.         self.app_context = self.app.app_context()
  11.         self.app_context.push()
  12.         db.create_all()
  13.         Role.insert_roles()
  14. 

  15.     def tearDown(self):
  16.         db.session.remove()
  17.         db.drop_all()
  18.         self.app_context.pop()
  19. 

  20.     def test_password_setter(self):
  21.         u = User(password='cat')
  22.         self.assertTrue(u.password_hash is not None)
  23. 

  24.     def test_no_password_getter(self):
  25.         u = User(password='cat')
  26.         with self.assertRaises(AttributeError):
  27.             u.password
  28. 

  29.     def test_password_verification(self):
  30.         u = User(password='cat')
  31.         self.assertTrue(u.verify_password('cat'))
  32.         self.assertFalse(u.verify_password('dog'))
  33. 

  34.     def test_password_salts_are_random(self):
  35.         u = User(password='cat')
  36.         u2 = User(password='cat')
  37.         self.assertTrue(u.password_hash != u2.password_hash)
  38. 

  39.     def test_valid_confirmation_token(self):
  40.         u = User(password='cat')
  41.         db.session.add(u)
  42.         db.session.commit()
  43.         token = u.generate_confirmation_token()
  44.         self.assertTrue(u.confirm(token))
  45. 

  46.     def test_invalid_confirmation_token(self):
  47.         u1 = User(password='cat')
  48.         u2 = User(password='dog')
  49.         db.session.add(u1)
  50.         db.session.add(u2)
  51.         db.session.commit()
  52.         token = u1.generate_confirmation_token()
  53.         self.assertFalse(u2.confirm(token))
  54. 

  55.     def test_expired_confirmation_token(self):
  56.         u = User(password='cat')
  57.         db.session.add(u)
  58.         db.session.commit()
  59.         token = u.generate_confirmation_token(1)
  60.         time.sleep(2)
  61.         self.assertFalse(u.confirm(token))
  62. 

  63.     def test_valid_reset_token(self):
  64.         u = User(password='cat')
  65.         db.session.add(u)
  66.         db.session.commit()
  67.         token = u.generate_reset_token()
  68.         self.assertTrue(User.reset_password(token, 'dog'))
  69.         self.assertTrue(u.verify_password('dog'))
  70. 

  71.     def test_invalid_reset_token(self):
  72.         u = User(password='cat')
  73.         db.session.add(u)
  74.         db.session.commit()
  75.         token = u.generate_reset_token()
  76.         self.assertFalse(User.reset_password(token+'a', 'horse'))
  77.         self.assertTrue(u.verify_password('cat'))
  78. 

  79.     def test_valid_email_change_token(self):
  80.         u = User(email='max@mustermann.de', password='cat')
  81.         db.session.add(u)
  82.         db.session.commit()
  83.         token = u.generate_email_change_token('foo@bar.de')
  84.         self.assertTrue(u.change_email(token))
  85.         self.assertTrue(u.email == 'foo@bar.de')
  86. 

  87.     def test_invalid_email_change_token(self):
  88.         u1 = User(email='max@mustermann.de', password='cat')
  89.         u2 = User(email='dirk@mustermann.de', password='dog')
  90.         db.session.add(u1)
  91.         db.session.add(u2)
  92.         db.session.commit()
  93.         token = u1.generate_email_change_token('foo@bar.de')
  94.         self.assertFalse(u2.change_email(token))
  95.         self.assertTrue(u2.email == 'dirk@mustermann.de')
  96. 

  97.     def test_duplicate_email_change_token(self):
  98.         u1 = User(email='max@mustermann.de', password='cat')
  99.         u2 = User(email='dirk@mustermann.de', password='dog')
  100.         db.session.add(u1)
  101.         db.session.add(u2)
  102.         db.session.commit()
  103.         token = u2.generate_email_change_token(u1.email)
  104.         self.assertFalse(u2.change_email(token))
  105.         self.assertTrue(u2.email == 'dirk@mustermann.de')
  106. 

  107.     def test_user_role(self):
  108.         u = User(email='max@mustermann.de', password='cat')
  109.         self.assertTrue(u.can(Permission.FOLLOW))
  110.         self.assertTrue(u.can(Permission.COMMENT))
  111.         self.assertTrue(u.can(Permission.WRITE))
  112.         self.assertFalse(u.can(Permission.MODERATE))
  113.         self.assertFalse(u.can(Permission.ADMIN))
  114. 

  115.     def test_moderator_role(self):
  116.         r = Role.query.filter_by(name='Moderator').first()
  117.         u = User(email='max@mustermann.de', password='cat', role=r)
  118.         self.assertTrue(u.can(Permission.FOLLOW))
  119.         self.assertTrue(u.can(Permission.COMMENT))
  120.         self.assertTrue(u.can(Permission.WRITE))
  121.         self.assertTrue(u.can(Permission.MODERATE))
  122.         self.assertFalse(u.can(Permission.ADMIN))
  123. 

  124.     def test_administrator_role(self):
  125.         r = Role.query.filter_by(name='Administrator').first()
  126.         u = User(email='max@mustermann.de', password='cat', role=r)
  127.         self.assertTrue(u.can(Permission.FOLLOW))
  128.         self.assertTrue(u.can(Permission.COMMENT))
  129.         self.assertTrue(u.can(Permission.WRITE))
  130.         self.assertTrue(u.can(Permission.MODERATE))
  131.         self.assertTrue(u.can(Permission.ADMIN))
  132. 

  133.     def test_anonymous_user(self):
  134.         u = AnonymousUser()
  135.         self.assertFalse(u.can(Permission.FOLLOW))
  136.         self.assertFalse(u.can(Permission.COMMENT))
  137.         self.assertFalse(u.can(Permission.WRITE))
  138.         self.assertFalse(u.can(Permission.MODERATE))
  139.         self.assertFalse(u.can(Permission.ADMIN))