- Timestamp:
- 16 Nov 2014, 23:05:04 (10 years ago)
- Location:
- main/waeup.ikoba/trunk/src/waeup/ikoba
- Files:
-
- 1 added
- 2 edited
-
browser/pages.py (modified) (2 diffs)
-
customers/browser_templates/mydatadropdowntabs.pt (added)
-
customers/tests/test_browser.py (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.ikoba/trunk/src/waeup/ikoba/browser/pages.py
r11954 r11975 271 271 self.request.principal.id] 272 272 rel_link = '/customers/%s' % self.request.principal.id 273 if customer.personal_data_expired:274 rel_link = '/customerss/%s/edit_personal' % (275 self.request.principal.id)276 self.flash(277 _('Your personal data record is outdated. Please update.'),278 type='warning')273 #if customer.personal_data_expired: 274 # rel_link = '/customers/%s/edit_personal' % ( 275 # self.request.principal.id) 276 # self.flash( 277 # _('Your personal data record is outdated. Please update.'), 278 # type='warning') 279 279 self.redirect(self.application_url() + rel_link) 280 280 return … … 284 284 self.redirect(self.camefrom) 285 285 return 286 # Display appropriate flash message if credentials are correct 287 # but customer has been deactivated or a temporary password 288 # has been set. 289 login = self.request.form['form.login'] 290 if len(login) == 8 and login in grok.getSite()['customers']: 291 customer = grok.getSite()['customers'][login] 292 password = self.request.form['form.password'] 293 passwordmanager = getUtility(IPasswordManager, 'SSHA') 294 if customer.password is not None and \ 295 passwordmanager.checkPassword(customer.password, password): 296 # The customer entered valid credentials. 297 # First we check if a temporary password has been set. 298 delta = timedelta(minutes=10) 299 now = datetime.utcnow() 300 temp_password_dict = getattr(customer, 'temp_password', None) 301 if temp_password_dict is not None and \ 302 now < temp_password_dict.get('timestamp', now) + delta: 303 self.flash( 304 _('Your account has been temporarily deactivated.'), 305 type='warning') 306 return 307 # Now we know that the customer is suspended. 308 comment = self._comment(customer) 309 if comment: 310 self.flash(comment, type='warning') 311 else: 312 self.flash(_('Your account has been deactivated.'), 313 type='warning') 314 return 286 315 self.flash(_('You entered invalid credentials.'), type='danger') 287 316 return -
main/waeup.ikoba/trunk/src/waeup/ikoba/customers/tests/test_browser.py
r11974 r11975 446 446 'K1000000 - account activated' in logcontent) 447 447 448 449 def test_login_as_customer(self): 450 # CustomerImpersonators can login as customer 451 # Create clearance officer 452 self.app['users'].addUser('mrofficer', 'mrofficersecret') 453 self.app['users']['mrofficer'].email = 'mrofficer@foo.ng' 454 self.app['users']['mrofficer'].title = 'Harry Actor' 455 prmglobal = IPrincipalRoleManager(self.app) 456 prmglobal.assignRoleToPrincipal('waeup.CustomerImpersonator', 'mrofficer') 457 prmglobal.assignRoleToPrincipal('waeup.CustomersManager', 'mrofficer') 458 # Login as customer impersonator 459 self.browser.open(self.login_path) 460 self.browser.getControl(name="form.login").value = 'mrofficer' 461 self.browser.getControl(name="form.password").value = 'mrofficersecret' 462 self.browser.getControl("Login").click() 463 self.assertMatches('...You logged in...', self.browser.contents) 464 self.browser.open(self.customer_path) 465 self.browser.getLink("Login as").click() 466 self.browser.getControl("Set password now").click() 467 temp_password = self.browser.getControl(name='form.password').value 468 self.browser.getControl("Login now").click() 469 self.assertMatches( 470 '...You successfully logged in as...', self.browser.contents) 471 # We are logged in as customer and can see the 'My Data' tab 472 self.assertMatches( 473 '...<a href="#" class="dropdown-toggle" data-toggle="dropdown">...', 474 self.browser.contents) 475 self.assertMatches( 476 '...My Data...', 477 self.browser.contents) 478 self.browser.getLink("Logout").click() 479 # The customer can't login with the original password ... 480 self.browser.open(self.login_path) 481 self.browser.getControl(name="form.login").value = self.customer_id 482 self.browser.getControl(name="form.password").value = 'spwd' 483 self.browser.getControl("Login").click() 484 self.assertMatches( 485 '...Your account has been temporarily deactivated...', 486 self.browser.contents) 487 # ... but with the temporary password 488 self.browser.open(self.login_path) 489 self.browser.getControl(name="form.login").value = self.customer_id 490 self.browser.getControl(name="form.password").value = temp_password 491 self.browser.getControl("Login").click() 492 self.assertMatches('...You logged in...', self.browser.contents) 493 # Creation of temp_password is properly logged 494 logfile = os.path.join( 495 self.app['datacenter'].storage, 'logs', 'customers.log') 496 logcontent = open(logfile).read() 497 self.assertTrue( 498 'mrofficer - customers.browser.LoginAsCustomerStep1 - K1000000 - ' 499 'temp_password generated: %s' % temp_password in logcontent)
Note: See TracChangeset for help on using the changeset viewer.
