2016-03-14 16:33:17 +00:00
|
|
|
from tests import BaseTestCase
|
|
|
|
|
import mock
|
|
|
|
|
import time
|
2016-11-02 13:03:12 +00:00
|
|
|
from redash import settings
|
2016-03-14 16:33:17 +00:00
|
|
|
from redash.models import User
|
|
|
|
|
from redash.authentication.account import invite_token
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestInvite(BaseTestCase):
|
|
|
|
|
def test_expired_invite_token(self):
|
|
|
|
|
|
|
|
|
|
with mock.patch('time.time') as patched_time:
|
|
|
|
|
patched_time.return_value = time.time() - (7 * 24 * 3600) - 10
|
|
|
|
|
token = invite_token(self.factory.user)
|
|
|
|
|
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.get_request('/invite/{}'.format(token), org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 400)
|
|
|
|
|
|
|
|
|
|
def test_invalid_invite_token(self):
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.get_request('/invite/badtoken', org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 400)
|
|
|
|
|
|
|
|
|
|
def test_valid_token(self):
|
|
|
|
|
token = invite_token(self.factory.user)
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.get_request('/invite/{}'.format(token), org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 200)
|
|
|
|
|
|
|
|
|
|
def test_already_active_user(self):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestInvitePost(BaseTestCase):
|
|
|
|
|
def test_empty_password(self):
|
|
|
|
|
token = invite_token(self.factory.user)
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.post_request('/invite/{}'.format(token), data={'password': ''}, org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 400)
|
|
|
|
|
|
|
|
|
|
def test_invalid_password(self):
|
|
|
|
|
token = invite_token(self.factory.user)
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.post_request('/invite/{}'.format(token), data={'password': '1234'}, org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 400)
|
|
|
|
|
|
|
|
|
|
def test_bad_token(self):
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.post_request('/invite/{}'.format('jdsnfkjdsnfkj'), data={'password': '1234'}, org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 400)
|
|
|
|
|
|
|
|
|
|
def test_already_active_user(self):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
def test_valid_password(self):
|
|
|
|
|
token = invite_token(self.factory.user)
|
|
|
|
|
password = 'test1234'
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.post_request('/invite/{}'.format(token), data={'password': password}, org=self.factory.org)
|
2016-03-14 16:33:17 +00:00
|
|
|
self.assertEqual(response.status_code, 302)
|
2016-11-29 20:58:04 +00:00
|
|
|
user = User.query.get(self.factory.user.id)
|
2016-10-26 13:09:55 +00:00
|
|
|
self.assertTrue(user.verify_password(password))
|
2016-03-14 16:33:17 +00:00
|
|
|
|
2016-11-02 13:03:12 +00:00
|
|
|
|
|
|
|
|
class TestLogin(BaseTestCase):
|
|
|
|
|
def test_throttle_login(self):
|
|
|
|
|
# Extract the limit from settings (ex: '50/day')
|
|
|
|
|
limit = settings.THROTTLE_LOGIN_PATTERN.split('/')[0]
|
|
|
|
|
for _ in range(0, int(limit)):
|
2016-11-28 10:16:32 +00:00
|
|
|
self.get_request('/login', org=self.factory.org)
|
2016-11-02 13:03:12 +00:00
|
|
|
|
2016-11-28 10:16:32 +00:00
|
|
|
response = self.get_request('/login', org=self.factory.org)
|
2016-11-02 13:03:12 +00:00
|
|
|
self.assertEqual(response.status_code, 429)
|
2016-12-04 12:05:24 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestSession(BaseTestCase):
|
|
|
|
|
# really simple test just to trigger this route
|
|
|
|
|
def test_get(self):
|
|
|
|
|
self.make_request('get', '/api/session', user=self.factory.user)
|
