darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-01 07:35:34 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix reset password flow

Browse Source 
It was broken because of unhappy marshmallow schema and flag name
mismatch
This commit is contained in:
Pea Tyczynska
2020-02-18 14:48:23 +00:00
parent ce253a990b
commit e794300ff3
2 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/user/rest.py
View File

@@ -462,7 +462,7 @@ def update_password(user_id):
user = get_user_by_id(user_id=user_id) user = get_user_by_id(user_id=user_id)
req_json = request.get_json() req_json = request.get_json()
password = req_json.get('_password') password = req_json.get('_password')
validated_email_access = req_json.get('validated_email_access') validated_email_access = req_json.pop('validated_email_access', False)
update_dct, errors = user_update_password_schema_load_json.load(req_json) update_dct, errors = user_update_password_schema_load_json.load(req_json)
if errors: if errors:
raise InvalidRequest(errors, status_code=400) raise InvalidRequest(errors, status_code=400)

20
tests/app/user/test_rest.py
View File

@@ -2,6 +2,7 @@ import json
import pytest import pytest
import mock import mock
from uuid import UUID from uuid import UUID
from datetime import datetime
from flask import url_for from flask import url_for
from freezegun import freeze_time from freezegun import freeze_time
@@ -703,12 +704,22 @@ def test_send_user_confirm_new_email_returns_400_when_email_missing(client, samp
mocked.assert_not_called() mocked.assert_not_called()
def test_update_user_password_saves_correctly(client, sample_service): @pytest.mark.parametrize('data,email_access_validated_at', [
({'_password': '1234567890'}, datetime(2020, 2, 13, 12, 0)),
({
'_password': '1234567890',
'validated_email_access': True,
}, datetime(2020, 2, 14, 12, 0)),
({
'_password': '1234567890',
'validated_email_access': False,
}, datetime(2020, 2, 13, 12, 0))
])
@freeze_time('2020-02-14T12:00:00')
def test_update_user_password_saves_correctly(client, sample_service, data, email_access_validated_at):
sample_user = sample_service.users[0] sample_user = sample_service.users[0]
sample_user.email_access_validated_at = datetime(2020, 2, 13, 12, 0)
new_password = '1234567890' new_password = '1234567890'
data = {
'_password': new_password
}
auth_header = create_authorization_header() auth_header = create_authorization_header()
headers = [('Content-Type', 'application/json'), auth_header] headers = [('Content-Type', 'application/json'), auth_header]
resp = client.post( resp = client.post(
@@ -716,6 +727,7 @@ def test_update_user_password_saves_correctly(client, sample_service):
data=json.dumps(data), data=json.dumps(data),
headers=headers) headers=headers)
assert resp.status_code == 200 assert resp.status_code == 200
assert sample_user.email_access_validated_at == email_access_validated_at
json_resp = json.loads(resp.get_data(as_text=True)) json_resp = json.loads(resp.get_data(as_text=True))
assert json_resp['data']['password_changed_at'] is not None assert json_resp['data']['password_changed_at'] is not None