Ignore:
Timestamp:
16 Nov 2014, 23:05:04 (10 years ago)
Author:
Henrik Bettermann
Message:

Add test for login as customer.

Location:
main/waeup.ikoba/trunk/src/waeup/ikoba
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.ikoba/trunk/src/waeup/ikoba/browser/pages.py

    r11954 r11975  
    271271                        self.request.principal.id]
    272272                    rel_link = '/customers/%s' % self.request.principal.id
    273                     if customer.personal_data_expired:
    274                         rel_link = '/customerss/%s/edit_personal' % (
    275                             self.request.principal.id)
    276                         self.flash(
    277                           _('Your personal data record is outdated. Please update.'),
    278                           type='warning')
     273                    #if customer.personal_data_expired:
     274                    #    rel_link = '/customers/%s/edit_personal' % (
     275                    #        self.request.principal.id)
     276                    #    self.flash(
     277                    #      _('Your personal data record is outdated. Please update.'),
     278                    #      type='warning')
    279279                    self.redirect(self.application_url() + rel_link)
    280280                    return
     
    284284                self.redirect(self.camefrom)
    285285                return
     286            # Display appropriate flash message if credentials are correct
     287            # but customer has been deactivated or a temporary password
     288            # has been set.
     289            login = self.request.form['form.login']
     290            if len(login) == 8 and login in grok.getSite()['customers']:
     291                customer = grok.getSite()['customers'][login]
     292                password = self.request.form['form.password']
     293                passwordmanager = getUtility(IPasswordManager, 'SSHA')
     294                if customer.password is not None and \
     295                    passwordmanager.checkPassword(customer.password, password):
     296                    # The customer entered valid credentials.
     297                    # First we check if a temporary password has been set.
     298                    delta = timedelta(minutes=10)
     299                    now = datetime.utcnow()
     300                    temp_password_dict = getattr(customer, 'temp_password', None)
     301                    if temp_password_dict is not None and \
     302                        now < temp_password_dict.get('timestamp', now) + delta:
     303                        self.flash(
     304                            _('Your account has been temporarily deactivated.'),
     305                            type='warning')
     306                        return
     307                    # Now we know that the customer is suspended.
     308                    comment = self._comment(customer)
     309                    if comment:
     310                        self.flash(comment, type='warning')
     311                    else:
     312                        self.flash(_('Your account has been deactivated.'),
     313                                   type='warning')
     314                    return
    286315            self.flash(_('You entered invalid credentials.'), type='danger')
    287316            return
  • main/waeup.ikoba/trunk/src/waeup/ikoba/customers/tests/test_browser.py

    r11974 r11975  
    446446                        'K1000000 - account activated' in logcontent)
    447447
     448
     449    def test_login_as_customer(self):
     450        # CustomerImpersonators can login as customer
     451        # Create clearance officer
     452        self.app['users'].addUser('mrofficer', 'mrofficersecret')
     453        self.app['users']['mrofficer'].email = 'mrofficer@foo.ng'
     454        self.app['users']['mrofficer'].title = 'Harry Actor'
     455        prmglobal = IPrincipalRoleManager(self.app)
     456        prmglobal.assignRoleToPrincipal('waeup.CustomerImpersonator', 'mrofficer')
     457        prmglobal.assignRoleToPrincipal('waeup.CustomersManager', 'mrofficer')
     458        # Login as customer impersonator
     459        self.browser.open(self.login_path)
     460        self.browser.getControl(name="form.login").value = 'mrofficer'
     461        self.browser.getControl(name="form.password").value = 'mrofficersecret'
     462        self.browser.getControl("Login").click()
     463        self.assertMatches('...You logged in...', self.browser.contents)
     464        self.browser.open(self.customer_path)
     465        self.browser.getLink("Login as").click()
     466        self.browser.getControl("Set password now").click()
     467        temp_password = self.browser.getControl(name='form.password').value
     468        self.browser.getControl("Login now").click()
     469        self.assertMatches(
     470            '...You successfully logged in as...', self.browser.contents)
     471        # We are logged in as customer and can see the 'My Data' tab
     472        self.assertMatches(
     473            '...<a href="#" class="dropdown-toggle" data-toggle="dropdown">...',
     474            self.browser.contents)
     475        self.assertMatches(
     476            '...My Data...',
     477            self.browser.contents)
     478        self.browser.getLink("Logout").click()
     479        # The customer can't login with the original password ...
     480        self.browser.open(self.login_path)
     481        self.browser.getControl(name="form.login").value = self.customer_id
     482        self.browser.getControl(name="form.password").value = 'spwd'
     483        self.browser.getControl("Login").click()
     484        self.assertMatches(
     485            '...Your account has been temporarily deactivated...',
     486            self.browser.contents)
     487        # ... but with the temporary password
     488        self.browser.open(self.login_path)
     489        self.browser.getControl(name="form.login").value = self.customer_id
     490        self.browser.getControl(name="form.password").value = temp_password
     491        self.browser.getControl("Login").click()
     492        self.assertMatches('...You logged in...', self.browser.contents)
     493        # Creation of temp_password is properly logged
     494        logfile = os.path.join(
     495            self.app['datacenter'].storage, 'logs', 'customers.log')
     496        logcontent = open(logfile).read()
     497        self.assertTrue(
     498            'mrofficer - customers.browser.LoginAsCustomerStep1 - K1000000 - '
     499            'temp_password generated: %s' % temp_password in logcontent)
Note: See TracChangeset for help on using the changeset viewer.