darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-15 07:54:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
a088409dfeba315d3719e9e6d147ddf96cd75b0f
notifications-admin/tests/app/main/views/test_new_password.py
Carlo Costino 9a83ba7475 Localize notification_utils to the admin 
This changeset pulls in all of the notification_utils code directly into the admin and removes it as an external dependency. We are doing this to cut down on operational maintenance of the project and will begin removing parts of it no longer needed for the admin.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
2024-05-16 10:37:37 -04:00

181 lines
5.6 KiB
Python
Raw Blame History

import json
from datetime import datetime
import pytest
from flask import url_for
from freezegun import freeze_time
from itsdangerous import SignatureExpired
from notifications_utils.url_safe_token import generate_token
from tests.conftest import SERVICE_ONE_ID, url_for_endpoint_with_token
@freeze_time("2021-01-01 11:11:11")
def test_should_render_new_password_template(
mocker,
notify_admin,
client_request,
mock_send_verify_code,
mock_get_user_by_email_request_password_reset,
):
client_request.logout()
user = mock_get_user_by_email_request_password_reset.return_value
user["password_changed_at"] = "2021-01-01 00:00:00"
mock_update_user_attribute = mocker.patch(
"app.user_api_client.update_user_attribute",
return_value=user,
)
data = json.dumps(
{"email": user["email_address"], "created_at": str(datetime.utcnow())}
)
token = generate_token(
data, notify_admin.config["SECRET_KEY"], notify_admin.config["DANGEROUS_SALT"]
)
page = client_request.get_url(
url_for_endpoint_with_token(".new_password", token=token)
)
assert "You can now create a new password for your account." in page.text
mock_update_user_attribute.assert_called_once_with(
user["id"], email_access_validated_at="2021-01-01T11:11:11"
)
def test_should_return_404_when_email_address_does_not_exist(
notify_admin,
client_request,
mock_get_user_by_email_not_found,
):
client_request.logout()
data = json.dumps(
{"email": "no_user@d.gsa.gov", "created_at": str(datetime.utcnow())}
)
token = generate_token(
data, notify_admin.config["SECRET_KEY"], notify_admin.config["DANGEROUS_SALT"]
)
client_request.get_url(
url_for_endpoint_with_token(".new_password", token=token),
_expected_status=404,
)
@pytest.mark.parametrize(
"redirect_url",
[
None,
f"/services/{SERVICE_ONE_ID}/templates",
],
)
def test_should_redirect_to_two_factor_when_password_reset_is_successful(
notify_admin,
client_request,
mock_get_user_by_email_request_password_reset,
mock_login,
mock_send_verify_code,
mock_reset_failed_login_count,
redirect_url,
):
client_request.logout()
user = mock_get_user_by_email_request_password_reset.return_value
data = json.dumps(
{"email": user["email_address"], "created_at": str(datetime.utcnow())}
)
token = generate_token(
data, notify_admin.config["SECRET_KEY"], notify_admin.config["DANGEROUS_SALT"]
)
client_request.post_url(
url_for_endpoint_with_token(".new_password", token=token, next=redirect_url),
_data={"new_password": "a-new_password"},
_expected_redirect=url_for(".two_factor_sms", next=redirect_url),
)
mock_get_user_by_email_request_password_reset.assert_called_once_with(
user["email_address"]
)
def test_should_redirect_index_if_user_has_already_changed_password(
notify_admin,
client_request,
mock_get_user_by_email_user_changed_password,
mock_login,
mock_send_verify_code,
mock_reset_failed_login_count,
):
client_request.logout()
user = mock_get_user_by_email_user_changed_password.return_value
data = json.dumps(
{"email": user["email_address"], "created_at": str(datetime.utcnow())}
)
token = generate_token(
data, notify_admin.config["SECRET_KEY"], notify_admin.config["DANGEROUS_SALT"]
)
client_request.post_url(
url_for_endpoint_with_token(".new_password", token=token),
_data={"new_password": "a-new_password"},
_expected_redirect=url_for(".index"),
)
mock_get_user_by_email_user_changed_password.assert_called_once_with(
user["email_address"]
)
def test_should_redirect_to_forgot_password_with_flash_message_when_token_is_expired(
notify_admin, client_request, mock_login, mocker
):
client_request.logout()
mocker.patch(
"app.main.views.new_password.check_token",
side_effect=SignatureExpired("expired"),
)
token = generate_token(
"foo@bar.com",
notify_admin.config["SECRET_KEY"],
notify_admin.config["DANGEROUS_SALT"],
)
client_request.get_url(
url_for_endpoint_with_token(".new_password", token=token),
_expected_redirect=url_for(".forgot_password"),
)
def test_should_sign_in_when_password_reset_is_successful_for_email_auth(
mocker,
notify_admin,
client_request,
api_user_active,
mock_get_user_by_email_request_password_reset,
mock_login,
mock_send_verify_code,
mock_reset_failed_login_count,
mock_update_user_password,
):
client_request.logout()
user = mock_get_user_by_email_request_password_reset.return_value
mock_get_user = mocker.patch(
"app.user_api_client.get_user", return_value=api_user_active
)
user["auth_type"] = "email_auth"
data = json.dumps(
{"email": user["email_address"], "created_at": str(datetime.utcnow())}
)
token = generate_token(
data, notify_admin.config["SECRET_KEY"], notify_admin.config["DANGEROUS_SALT"]
)
client_request.post_url(
url_for_endpoint_with_token(".new_password", token=token),
_data={"new_password": "a-new_password"},
_expected_redirect=url_for(".show_accounts_or_dashboard"),
)
assert mock_get_user_by_email_request_password_reset.called
assert mock_reset_failed_login_count.called
# the log-in flow makes a couple of calls
mock_get_user.assert_called_once_with(user["id"])
mock_update_user_password.assert_called_once_with(user["id"], "a-new_password")
assert not mock_send_verify_code.called
Reference in New Issue View Git Blame Copy Permalink