221V
/
flaskbb


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
							import json

import pytest
from werkzeug.security import check_password_hash

from flaskbb.auth.services import password
from flaskbb.core.exceptions import StopValidation, ValidationError
from flaskbb.core.tokens import Token, TokenActions, TokenError
from flaskbb.user.models import User


class SimpleTokenSerializer:

    @staticmethod
    def dumps(token):
        return json.dumps({'user_id': token.user_id, 'op': token.operation})

    @staticmethod
    def loads(raw_token):
        loaded = json.loads(raw_token)
        return Token(user_id=loaded['user_id'], operation=loaded['op'])


class TestPasswordReset(object):

    def test_raises_token_error_if_not_a_password_reset(self):
        service = password.ResetPasswordService(
            SimpleTokenSerializer, User, []
        )
        raw_token = SimpleTokenSerializer.dumps(
            Token(user_id=1, operation=TokenActions.ACTIVATE_ACCOUNT)
        )

        with pytest.raises(TokenError) as excinfo:
            service.reset_password(
                raw_token, "some@e.mail", "a great password!"
            )

        assert "invalid" in str(excinfo.value)

    def test_raises_StopValidation_if_verifiers_fail(self):
        token = SimpleTokenSerializer.dumps(
            Token(user_id=1, operation=TokenActions.RESET_PASSWORD)
        )

        def verifier(*a, **k):
            raise ValidationError('attr', 'no')

        service = password.ResetPasswordService(
            SimpleTokenSerializer, User, [verifier]
        )

        with pytest.raises(StopValidation) as excinfo:
            service.reset_password(token, "an@e.mail", "great password!")
        assert ("attr", "no") in excinfo.value.reasons

    def test_sets_user_password_to_provided_if_verifiers_pass(self, Fred):
        token = SimpleTokenSerializer.dumps(
            Token(user_id=Fred.id, operation=TokenActions.RESET_PASSWORD)
        )

        service = password.ResetPasswordService(
            SimpleTokenSerializer, User, []
        )

        service.reset_password(token, Fred.email, "newpasswordwhodis")
        assert check_password_hash(Fred.password, "newpasswordwhodis")

    # need fred to initiate Users
    def test_initiate_raises_if_user_doesnt_exist(self, Fred):
        service = password.ResetPasswordService(
            SimpleTokenSerializer, User, []
        )
        with pytest.raises(ValidationError) as excinfo:
            service.initiate_password_reset('lol@doesnt.exist')

        assert excinfo.value.attribute == 'email'
        assert excinfo.value.reason == 'Invalid email'

    def test_calls_send_reset_token_successfully_if_user_exists(
            self, Fred, mocker
    ):
        service = password.ResetPasswordService(
            SimpleTokenSerializer, User, []
        )
        mock = mocker.MagicMock()

        with mocker.patch(
            'flaskbb.auth.services.password.send_reset_token.delay', mock
        ):
            service.initiate_password_reset(Fred.email)

        token = SimpleTokenSerializer.dumps(
            Token(user_id=Fred.id, operation=TokenActions.RESET_PASSWORD)
        )
        mock.assert_called_once_with(
            token=token, username=Fred.username, email=Fred.email
        )