aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--rhodecode/controllers/admin/settings.py7
-rwxr-xr-xrhodecode/model/db.py8
-rw-r--r--rhodecode/model/forms.py3
-rw-r--r--rhodecode/model/user.py11
-rw-r--r--rhodecode/templates/admin/users/user_edit.html4
-rw-r--r--rhodecode/templates/admin/users/user_edit_my_account_form.html2
-rw-r--r--rhodecode/tests/functional/test_admin_settings.py138
-rw-r--r--rhodecode/tests/functional/test_admin_users.py48
8 files changed, 129 insertions, 92 deletions
diff --git a/rhodecode/controllers/admin/settings.py b/rhodecode/controllers/admin/settings.py
index 1f41f72f..9fc3dd39 100644
--- a/rhodecode/controllers/admin/settings.py
+++ b/rhodecode/controllers/admin/settings.py
@@ -356,15 +356,14 @@ class SettingsController(BaseController):
# h.form(url('admin_settings_my_account_update'),
# method='put')
# url('admin_settings_my_account_update', id=ID)
- user_model = UserModel()
uid = self.rhodecode_user.user_id
+ email = self.rhodecode_user.email
_form = UserForm(edit=True,
- old_data={'user_id': uid,
- 'email': self.rhodecode_user.email})()
+ old_data={'user_id': uid, 'email': email})()
form_result = {}
try:
form_result = _form.to_python(dict(request.POST))
- user_model.update_my_account(uid, form_result)
+ UserModel().update_my_account(uid, form_result)
h.flash(_('Your account was updated successfully'),
category='success')
Session.commit()
diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py
index 481dfb52..fd2fc77f 100755
--- a/rhodecode/model/db.py
+++ b/rhodecode/model/db.py
@@ -446,16 +446,14 @@ class User(Base, BaseModel):
return data
def __json__(self):
- return dict(
- user_id=self.user_id,
- first_name=self.name,
- last_name=self.lastname,
- email=self.email,
+ data = dict(
full_name=self.full_name,
full_name_or_username=self.full_name_or_username,
short_contact=self.short_contact,
full_contact=self.full_contact
)
+ data.update(self.get_api_data())
+ return data
class UserEmailMap(Base, BaseModel):
diff --git a/rhodecode/model/forms.py b/rhodecode/model/forms.py
index c834d9be..de911e2b 100644
--- a/rhodecode/model/forms.py
+++ b/rhodecode/model/forms.py
@@ -66,6 +66,7 @@ def UserForm(edit=False, old_data={}):
v.ValidUsername(edit, old_data))
if edit:
new_password = All(
+ v.ValidPassword(),
v.UnicodeString(strip=False, min=6, not_empty=False)
)
password_confirmation = All(
@@ -84,7 +85,7 @@ def UserForm(edit=False, old_data={}):
)
active = v.StringBoolean(if_missing=False)
- name = v.UnicodeString(strip=True, min=1, not_empty=False)
+ firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
diff --git a/rhodecode/model/user.py b/rhodecode/model/user.py
index ce84fa25..d9c98bea 100644
--- a/rhodecode/model/user.py
+++ b/rhodecode/model/user.py
@@ -96,6 +96,8 @@ class UserModel(BaseModel):
for k, v in form_data.items():
if k == 'password':
v = get_crypt_password(v)
+ if k == 'firstname':
+ k = 'name'
setattr(new_user, k, v)
new_user.api_key = generate_api_key(form_data['username'])
@@ -264,12 +266,13 @@ class UserModel(BaseModel):
" crucial for entire application"))
for k, v in form_data.items():
- if k == 'new_password' and v != '':
+ if k == 'new_password' and v:
user.password = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
else:
+ if k == 'firstname':
+ k = 'name'
setattr(user, k, v)
-
self.sa.add(user)
except:
log.error(traceback.format_exc())
@@ -285,10 +288,12 @@ class UserModel(BaseModel):
" crucial for entire application")
)
for k, v in form_data.items():
- if k == 'new_password' and v != '':
+ if k == 'new_password' and v:
user.password = get_crypt_password(v)
user.api_key = generate_api_key(user.username)
else:
+ if k == 'firstname':
+ k = 'name'
if k not in ['admin', 'active']:
setattr(user, k, v)
diff --git a/rhodecode/templates/admin/users/user_edit.html b/rhodecode/templates/admin/users/user_edit.html
index 9e4a6e39..4a0867ea 100644
--- a/rhodecode/templates/admin/users/user_edit.html
+++ b/rhodecode/templates/admin/users/user_edit.html
@@ -83,10 +83,10 @@
<div class="field">
<div class="label">
- <label for="name">${_('First Name')}:</label>
+ <label for="firstname">${_('First Name')}:</label>
</div>
<div class="input">
- ${h.text('name',class_='medium')}
+ ${h.text('firstname',class_='medium')}
</div>
</div>
diff --git a/rhodecode/templates/admin/users/user_edit_my_account_form.html b/rhodecode/templates/admin/users/user_edit_my_account_form.html
index c329f38c..5509e82b 100644
--- a/rhodecode/templates/admin/users/user_edit_my_account_form.html
+++ b/rhodecode/templates/admin/users/user_edit_my_account_form.html
@@ -53,7 +53,7 @@
<label for="name">${_('First Name')}:</label>
</div>
<div class="input">
- ${h.text('name',class_="medium")}
+ ${h.text('firstname',class_="medium")}
</div>
</div>
diff --git a/rhodecode/tests/functional/test_admin_settings.py b/rhodecode/tests/functional/test_admin_settings.py
index 5bb57169..b3b7534d 100644
--- a/rhodecode/tests/functional/test_admin_settings.py
+++ b/rhodecode/tests/functional/test_admin_settings.py
@@ -4,6 +4,7 @@ from rhodecode.lib.auth import get_crypt_password, check_password
from rhodecode.model.db import User, RhodeCodeSetting
from rhodecode.tests import *
from rhodecode.lib import helpers as h
+from rhodecode.model.user import UserModel
class TestAdminSettingsController(TestController):
@@ -68,8 +69,7 @@ class TestAdminSettingsController(TestController):
.get_app_settings()['rhodecode_ga_code'], new_ga_code)
response = response.follow()
- self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
- in response.body)
+ response.mustcontain("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code)
def test_ga_code_inactive(self):
self.log_user()
@@ -90,8 +90,8 @@ class TestAdminSettingsController(TestController):
.get_app_settings()['rhodecode_ga_code'], new_ga_code)
response = response.follow()
- self.assertTrue("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
- not in response.body)
+ self.assertFalse("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code
+ in response.body)
def test_title_change(self):
self.log_user()
@@ -114,8 +114,7 @@ class TestAdminSettingsController(TestController):
new_title.decode('utf-8'))
response = response.follow()
- self.assertTrue("""<h1><a href="/">%s</a></h1>""" % new_title
- in response.body)
+ response.mustcontain("""<h1><a href="/">%s</a></h1>""" % new_title)
def test_my_account(self):
self.log_user()
@@ -123,74 +122,73 @@ class TestAdminSettingsController(TestController):
self.assertTrue('value="test_admin' in response.body)
- def test_my_account_update(self):
- self.log_user()
-
- new_email = 'new@mail.pl'
- new_name = 'NewName'
- new_lastname = 'NewLastname'
- new_password = 'test123'
-
- response = self.app.post(url('admin_settings_my_account_update'),
- params=dict(_method='put',
- username='test_admin',
- new_password=new_password,
- password_confirmation=new_password,
- password='',
- name=new_name,
- lastname=new_lastname,
- email=new_email,))
- response.follow()
-
- assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'
- user = self.Session.query(User).filter(User.username == 'test_admin').one()
- assert user.email == new_email, 'incorrect user email after update got %s vs %s' % (user.email, new_email)
- assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)
- assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)
- assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)
-
- #bring back the admin settings
- old_email = 'test_admin@mail.com'
- old_name = 'RhodeCode'
- old_lastname = 'Admin'
- old_password = 'test12'
-
- response = self.app.post(url('admin_settings_my_account_update'), params=dict(
- _method='put',
- username='test_admin',
- new_password=old_password,
- password_confirmation=old_password,
- password='',
- name=old_name,
- lastname=old_lastname,
- email=old_email,))
-
- response.follow()
- self.checkSessionFlash(response,
- 'Your account was updated successfully')
-
- user = self.Session.query(User).filter(User.username == 'test_admin').one()
- assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email)
-
- assert user.email == old_email, 'incorrect user email after update got %s vs %s' % (user.email, old_email)
- assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name)
- assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)
- assert check_password(old_password, user.password) is True, 'password updated field mismatch %s vs %s' % (user.password, old_password)
+ @parameterized.expand([('firstname', 'new_username'),
+ ('lastname', 'new_username'),
+ ('admin', True),
+ ('admin', False),
+ ('ldap_dn', 'test'),
+ ('ldap_dn', None),
+ ('active', False),
+ ('active', True),
+ ('email', 'some@email.com'),
+ ])
+ def test_my_account_update(self, name, expected):
+ uname = 'testme'
+ usr = UserModel().create_or_update(username=uname, password='qweqwe',
+ email='testme@rhodecod.org')
+ self.Session().commit()
+ params = usr.get_api_data()
+ user_id = usr.user_id
+ self.log_user(username=uname, password='qweqwe')
+ params.update({name: expected})
+ params.update({'password_confirmation': ''})
+ params.update({'new_password': ''})
+
+ try:
+ response = self.app.put(url('admin_settings_my_account_update',
+ id=user_id), params)
+
+ self.checkSessionFlash(response,
+ 'Your account was updated successfully')
+
+ updated_user = User.get_by_username(uname)
+ updated_params = updated_user.get_api_data()
+ updated_params.update({'password_confirmation': ''})
+ updated_params.update({'new_password': ''})
+
+ params['last_login'] = updated_params['last_login']
+ if name == 'email':
+ params['emails'] = [expected]
+ if name == 'ldap_dn':
+ #cannot update this via form
+ params['ldap_dn'] = None
+ if name == 'active':
+ #my account cannot deactivate account
+ params['active'] = True
+ if name == 'admin':
+ #my account cannot make you an admin !
+ params['admin'] = False
+
+ self.assertEqual(params, updated_params)
+
+ finally:
+ UserModel().delete('testme')
def test_my_account_update_err_email_exists(self):
self.log_user()
new_email = 'test_regular@mail.com' # already exisitn email
- response = self.app.post(url('admin_settings_my_account_update'), params=dict(
- _method='put',
- username='test_admin',
- new_password='test12',
- password_confirmation='test122',
- name='NewName',
- lastname='NewLastname',
- email=new_email,))
-
- assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'
+ response = self.app.put(url('admin_settings_my_account_update'),
+ params=dict(
+ username='test_admin',
+ new_password='test12',
+ password_confirmation='test122',
+ firstname='NewName',
+ lastname='NewLastname',
+ email=new_email,)
+ )
+
+ response.mustcontain('This e-mail address is already taken')
def test_my_account_update_err(self):
self.log_user('test_regular2', 'test12')
@@ -202,7 +200,7 @@ class TestAdminSettingsController(TestController):
username='test_admin',
new_password='test12',
password_confirmation='test122',
- name='NewName',
+ firstname='NewName',
lastname='NewLastname',
email=new_email,)
)
diff --git a/rhodecode/tests/functional/test_admin_users.py b/rhodecode/tests/functional/test_admin_users.py
index a46da2cb..4b179ded 100644
--- a/rhodecode/tests/functional/test_admin_users.py
+++ b/rhodecode/tests/functional/test_admin_users.py
@@ -31,14 +31,13 @@ class TestAdminUsersController(TestController):
{'username': username,
'password': password,
'password_confirmation': password_confirmation,
- 'name': name,
+ 'firstname': name,
'active': True,
'lastname': lastname,
'email': email})
self.checkSessionFlash(response, '''created user %s''' % (username))
-
new_user = self.Session.query(User).\
filter(User.username == username).one()
@@ -50,7 +49,7 @@ class TestAdminUsersController(TestController):
response.follow()
response = response.follow()
- self.assertTrue("""edit">newtestuser</a>""" in response.body)
+ response.mustcontain("""edit">newtestuser</a>""")
def test_create_err(self):
self.log_user()
@@ -85,8 +84,45 @@ class TestAdminUsersController(TestController):
def test_new_as_xml(self):
response = self.app.get(url('formatted_new_user', format='xml'))
- def test_update(self):
- response = self.app.put(url('user', id=1))
+ @parameterized.expand([('firstname', 'new_username'),
+ ('lastname', 'new_username'),
+ ('admin', True),
+ ('admin', False),
+ ('ldap_dn', 'test'),
+ ('ldap_dn', None),
+ ('active', False),
+ ('active', True),
+ ('email', 'some@email.com'),
+ ])
+ def test_update(self, name, expected):
+ self.log_user()
+ uname = 'testme'
+ usr = UserModel().create_or_update(username=uname, password='qweqwe',
+ email='testme@rhodecod.org')
+ self.Session().commit()
+ params = usr.get_api_data()
+ params.update({name: expected})
+ params.update({'password_confirmation': ''})
+ params.update({'new_password': ''})
+ if name == 'email':
+ params['emails'] = [expected]
+ if name == 'ldap_dn':
+ #cannot update this via form
+ params['ldap_dn'] = None
+ try:
+ response = self.app.put(url('user', id=usr.user_id), params)
+
+ self.checkSessionFlash(response, '''User updated successfully''')
+
+ updated_user = User.get_by_username(uname)
+ updated_params = updated_user.get_api_data()
+ updated_params.update({'password_confirmation': ''})
+ updated_params.update({'new_password': ''})
+
+ self.assertEqual(params, updated_params)
+
+ finally:
+ UserModel().delete('testme')
def test_update_browser_fakeout(self):
response = self.app.post(url('user', id=1), params=dict(_method='put'))
@@ -102,7 +138,7 @@ class TestAdminUsersController(TestController):
response = self.app.post(url('users'), {'username': username,
'password': password,
'password_confirmation': password,
- 'name': name,
+ 'firstname': name,
'active': True,
'lastname': lastname,
'email': email})
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 13:37:13 +0000