You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by jo...@apache.org on 2013/11/07 22:07:27 UTC
[14/14] git commit: [#6783] Tweak error messages,
re-org tests slightly
[#6783] Tweak error messages, re-org tests slightly
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/7c7b1977
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/7c7b1977
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/7c7b1977
Branch: refs/heads/master
Commit: 7c7b197731db0c89985d3629eea66fb9f5acc12f
Parents: aa9a89c
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Thu Nov 7 21:03:52 2013 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Nov 7 21:05:05 2013 +0000
----------------------------------------------------------------------
Allura/allura/controllers/auth.py | 14 ++-
Allura/allura/lib/widgets/auth_widgets.py | 37 ++++----
Allura/allura/model/auth.py | 2 +-
Allura/allura/tests/functional/test_auth.py | 104 +++++++++++++----------
4 files changed, 80 insertions(+), 77 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7c7b1977/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 430d4fa..35bcf81 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -157,24 +157,22 @@ class AuthController(BaseController):
return dict()
def _validate_hash(self, hash):
+ login_url = config.get('auth.login_url', '/auth/')
if not hash:
- redirect(request.referer)
+ redirect(login_url)
user_record = M.User.query.find({'tool_data.AuthPasswordReset.hash': hash}).first()
if not user_record:
- flash('Hash was not found')
- redirect(request.referer)
+ flash('Unable to process reset, please try again')
+ redirect(login_url)
hash_expiry = user_record.get_tool_data('AuthPasswordReset', 'hash_expiry')
if not hash_expiry or hash_expiry < datetime.datetime.utcnow():
- flash('Hash time was expired.')
- redirect(request.referer)
+ flash('Unable to process reset, please try again')
+ redirect(login_url)
return user_record
-
@expose('jinja:allura:templates/forgotten_password.html')
def forgotten_password(self, hash=None, **kw):
provider = plugin.AuthenticationProvider.get(request)
- if not provider:
- redirect(request.referer)
if not hash:
c.forgotten_password_form = F.forgotten_password_form
else:
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7c7b1977/Allura/allura/lib/widgets/auth_widgets.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/auth_widgets.py b/Allura/allura/lib/widgets/auth_widgets.py
index f83ec48..93e8826 100644
--- a/Allura/allura/lib/widgets/auth_widgets.py
+++ b/Allura/allura/lib/widgets/auth_widgets.py
@@ -31,20 +31,21 @@ from allura import model as M
class LoginForm(ForgeForm):
submit_text='Login'
style='wide'
- class fields(ew_core.NameList):
- username = ew.TextField(label='Username')
- password = ew.PasswordField(label='Password')
- link = ew.HTMLField(text='<a href="./forgotten_password">Forgot password?</a>')
+
+ @property
+ def fields(self):
+ fields = [
+ ew.TextField(name='username', label='Username'),
+ ew.PasswordField(name='password', label='Password')
+ ]
+ if plugin.AuthenticationProvider.get(request).forgotten_password_process:
+ # only show link if auth provider has method of recovering password
+ fields.append(ew.HTMLField(name='link', text='<a href="forgotten_password">Forgot password?</a>'))
+ return fields
class hidden_fields(ew_core.NameList):
return_to = ew.HiddenField()
- def __init__(self, *args, **kw):
- super(LoginForm, self).__init__(*args, **kw)
- if not plugin.AuthenticationProvider.get(request).forgotten_password_process:
- # auth provider has no method of recovering password - do not show the link
- self.fields.link.text = ''
-
@validator
def validate(self, value, state=None):
try:
@@ -68,16 +69,10 @@ class ForgottenPasswordForm(ForgeForm):
@validator
def validate(self, value, state=None):
email = value['email']
- record = M.EmailAddress.query.find({'_id': email}).first()
- if not record or not record.confirmed:
+ email_record = M.EmailAddress.query.find({'_id': email}).first()
+ user = M.User.by_email_address(email)
+ if user is None or not email_record.confirmed:
raise Invalid(
- "Email doesn't exists",
- dict(email=value['email']),
- None)
- user_record = M.User.by_email_address(email)
- if not user_record or user_record.disabled:
- raise Invalid(
- "Email doesn't verified or user record disabled",
- dict(email=value['email']),
- None)
+ 'Unable to recover password for this email',
+ {'email': email}, None)
return value
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7c7b1977/Allura/allura/model/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/auth.py b/Allura/allura/model/auth.py
index 18e8b2e..2bc0ba3 100644
--- a/Allura/allura/model/auth.py
+++ b/Allura/allura/model/auth.py
@@ -300,7 +300,7 @@ class User(MappedClass, ActivityNode, ActivityObject):
class __mongometa__:
name='user'
session = main_orm_session
- indexes = [ 'tool_data.sfx.userid' ]
+ indexes = [ 'tool_data.sfx.userid', 'tool_data.AuthPasswordReset.hash' ]
unique_indexes = [ 'username' ]
_id=FieldProperty(S.ObjectId)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7c7b1977/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 7385ed1..7919206 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -712,80 +712,90 @@ class TestPreferences(TestController):
user = M.User.query.get(username='test-admin')
assert len(user.skills) == 0
+
+class TestPasswordReset(TestController):
@patch('allura.tasks.mail_tasks.sendmail')
@patch('allura.lib.helpers.gen_message_id')
- def test_forgot_password_reset(self, gen_message_id, sendmail):
+ def test_email_unconfirmed(self, gen_message_id, sendmail):
user = M.User.query.get(username='test-admin')
- old_pw_hash = user.password
-
email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
email.confirmed = False
- user.disabled = True
ThreadLocalORMSession.flush_all()
r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
hash = user.get_tool_data('AuthPasswordReset', 'hash')
assert hash is None
+ @patch('allura.tasks.mail_tasks.sendmail')
+ @patch('allura.lib.helpers.gen_message_id')
+ def test_user_disabled(self, gen_message_id, sendmail):
user = M.User.query.get(username='test-admin')
- user.disabled = True
email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
- email.confirmed = True
+ user.disabled = True
ThreadLocalORMSession.flush_all()
r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
hash = user.get_tool_data('AuthPasswordReset', 'hash')
assert hash is None
+ @patch('allura.tasks.mail_tasks.sendmail')
+ @patch('allura.lib.helpers.gen_message_id')
+ def test_password_reset(self, gen_message_id, sendmail):
user = M.User.query.get(username='test-admin')
- user.disabled = False
email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
email.confirmed = True
ThreadLocalORMSession.flush_all()
- with push_config(config, **{'auth.recovery_hash_expiry_period': '600'}):
- r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
- hash = user.get_tool_data('AuthPasswordReset', 'hash')
- hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
- assert hash is not None
- assert hash_expiry is not None
-
- r = self.app.get('/auth/forgotten_password/%s' % hash)
- assert_in('New Password:', r)
- assert_in('New Password (again):', r)
- form = r.forms[0]
- form['pw'] = form['pw2'] = new_password = '154321'
- r = form.submit()
- user = M.User.query.get(username='test-admin')
- assert_not_equal(old_pw_hash, user.password)
- provider = plugin.LocalAuthenticationProvider(None)
- assert_true(provider._validate_password(user, new_password))
-
- text = '''
+ old_pw_hash = user.password
+ r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+ assert hash is not None
+ assert hash_expiry is not None
+
+ r = self.app.get('/auth/forgotten_password/%s' % hash)
+ assert_in('New Password:', r)
+ assert_in('New Password (again):', r)
+ form = r.forms[0]
+ form['pw'] = form['pw2'] = new_password = '154321'
+ r = form.submit()
+ user = M.User.query.get(username='test-admin')
+ assert_not_equal(old_pw_hash, user.password)
+ provider = plugin.LocalAuthenticationProvider(None)
+ assert_true(provider._validate_password(user, new_password))
+
+ text = '''
To reset your password on %s, please visit the following URL:
%s/auth/forgotten_password/%s
''' % (config['site_name'], config['base_url'], hash)
- sendmail.post.assert_called_once_with(
- destinations=[email._id],
- fromaddr=config['forgemail.return_path'],
- reply_to='noreply@sourceforge.net',
- subject='Password recovery',
- message_id=gen_message_id(),
- text=text)
- user = M.User.query.get(username='test-admin')
- hash = user.get_tool_data('AuthPasswordReset', 'hash')
- hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
- assert_equal(hash, '')
- assert_equal(hash_expiry, '')
-
- r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
- user = M.User.by_username('test-admin')
- hash = user.get_tool_data('AuthPasswordReset', 'hash')
- user.set_tool_data('AuthPasswordReset', hash_expiry=datetime.datetime(2000, 10, 10))
- r = self.app.post('/auth/set_new_password/%s' % hash.encode('utf-8'), {'pw': '154321', 'pw2': '154321'})
- assert_in('Hash time was expired', r.follow().body)
- r = self.app.get('/auth/forgotten_password/%s' % hash.encode('utf-8'))
- assert_in('Hash time was expired', r.follow().body)
+ sendmail.post.assert_called_once_with(
+ destinations=[email._id],
+ fromaddr=config['forgemail.return_path'],
+ reply_to='noreply@sourceforge.net',
+ subject='Password recovery',
+ message_id=gen_message_id(),
+ text=text)
+ user = M.User.query.get(username='test-admin')
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+ assert_equal(hash, '')
+ assert_equal(hash_expiry, '')
+
+ @patch('allura.tasks.mail_tasks.sendmail')
+ @patch('allura.lib.helpers.gen_message_id')
+ def test_hash_expired(self, gen_message_id, sendmail):
+ user = M.User.query.get(username='test-admin')
+ email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
+ email.confirmed = True
+ ThreadLocalORMSession.flush_all()
+ r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+ user = M.User.by_username('test-admin')
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ user.set_tool_data('AuthPasswordReset', hash_expiry=datetime.datetime(2000, 10, 10))
+ r = self.app.get('/auth/forgotten_password/%s' % hash.encode('utf-8'))
+ assert_in('Unable to process reset, please try again', r.follow().body)
+ r = self.app.post('/auth/set_new_password/%s' % hash.encode('utf-8'), {'pw': '154321', 'pw2': '154321'})
+ assert_in('Unable to process reset, please try again', r.follow().body)
class TestOAuth(TestController):