api/tests: test get_or_create & force_password_reset jointly (#85363)
gitea/authentic/pipeline/head This commit looks good
Details
gitea/authentic/pipeline/head This commit looks good
Details
This commit is contained in:
parent
223f14e5a0
commit
3f038a7519
|
@ -20,6 +20,8 @@ from django.contrib.auth import get_user_model
|
|||
from authentic2.a2_rbac.models import OrganizationalUnit as OU
|
||||
from authentic2.a2_rbac.models import Role
|
||||
|
||||
from ..utils import login
|
||||
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
User = get_user_model()
|
||||
|
@ -162,6 +164,75 @@ def test_api_users_get_or_create(settings, app, admin):
|
|||
assert User.objects.get(id=id).check_password('secret')
|
||||
|
||||
|
||||
def test_api_users_get_or_create_force_password_reset(app, client, settings, superuser):
|
||||
app.authorization = ('Basic', (superuser.username, superuser.username))
|
||||
# test missing first_name
|
||||
payload = {
|
||||
'email': 'john.doe@example.net',
|
||||
'first_name': 'John',
|
||||
'last_name': 'Doe',
|
||||
'force_password_reset': True,
|
||||
'password': '1234',
|
||||
}
|
||||
resp = app.post_json('/api/users/?get_or_create=email', params=payload, status=201)
|
||||
id = resp.json['id']
|
||||
assert User.objects.get(id=id).first_name == 'John'
|
||||
assert User.objects.get(id=id).last_name == 'Doe'
|
||||
password = User.objects.get(id=id).password
|
||||
|
||||
resp = app.post_json('/api/users/?get_or_create=email', params=payload, status=200)
|
||||
assert id == resp.json['id']
|
||||
assert User.objects.get(id=id).first_name == 'John'
|
||||
assert User.objects.get(id=id).last_name == 'Doe'
|
||||
assert User.objects.get(id=id).password == password
|
||||
|
||||
# Verify password reset is enforced on next login
|
||||
resp = login(app, 'john.doe@example.net', path='/', password='1234').follow()
|
||||
resp.form.set('old_password', '1234')
|
||||
resp.form.set('new_password1', '1234==aB')
|
||||
resp.form.set('new_password2', '1234==aB')
|
||||
resp = resp.form.submit('Submit').follow().maybe_follow()
|
||||
assert 'Password changed' in resp
|
||||
|
||||
|
||||
def test_api_users_update_or_create_force_password_reset(app, client, settings, superuser):
|
||||
app.authorization = ('Basic', (superuser.username, superuser.username))
|
||||
user = User.objects.create(
|
||||
first_name='John',
|
||||
last_name='Doe',
|
||||
email='john.doe@example.net',
|
||||
)
|
||||
id = user.id
|
||||
user.set_password('1234')
|
||||
user.save()
|
||||
password = user.password
|
||||
|
||||
payload = {
|
||||
'email': 'john.doe@example.net',
|
||||
'first_name': 'Jane',
|
||||
'force_password_reset': True,
|
||||
}
|
||||
resp = app.post_json('/api/users/?update_or_create=email', params=payload, status=200)
|
||||
assert id == resp.json['id']
|
||||
assert User.objects.get(id=id).first_name == 'Jane'
|
||||
assert User.objects.get(id=id).last_name == 'Doe'
|
||||
assert User.objects.get(id=id).password == password
|
||||
|
||||
payload['password'] = 'secret'
|
||||
resp = app.post_json('/api/users/?update_or_create=email', params=payload, status=200)
|
||||
assert User.objects.get(id=id).first_name == 'Jane'
|
||||
assert User.objects.get(id=id).last_name == 'Doe'
|
||||
assert User.objects.get(id=id).password != password
|
||||
assert User.objects.get(id=id).check_password('secret')
|
||||
# Verify password reset is enforced on next login
|
||||
resp = login(app, 'john.doe@example.net', path='/', password='secret').follow()
|
||||
resp.form.set('old_password', 'secret')
|
||||
resp.form.set('new_password1', 'secret==aB1234!!')
|
||||
resp.form.set('new_password2', 'secret==aB1234!!')
|
||||
resp = resp.form.submit('Submit').follow().maybe_follow()
|
||||
assert 'Password changed' in resp
|
||||
|
||||
|
||||
def test_api_users_get_or_create_email_is_unique(settings, app, admin):
|
||||
settings.A2_EMAIL_IS_UNIQUE = True
|
||||
app.authorization = ('Basic', (admin.username, admin.username))
|
||||
|
|
Loading…
Reference in New Issue