Changeset 15287 for main/waeup.kofa/trunk/src/waeup/kofa/browser
- Timestamp:
- 9 Jan 2019, 21:17:08 (6 years ago)
- Location:
- main/waeup.kofa/trunk/src/waeup/kofa/browser
- Files:
-
- 3 edited
-
pages.py (modified) (4 diffs)
-
tests/test_browser.py (modified) (13 diffs)
-
tests/test_permissions.py (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py
r15286 r15287 430 430 return 431 431 # Display appropriate flash message if credentials are correct 432 # but officer has been deactivated. 432 # but the stored password is insecure or officer has been 433 # deactivated. 433 434 login = self.request.form['form.login'] 434 435 if login in grok.getSite()['users']: … … 438 439 if user.password is not None and \ 439 440 passwordmanager.checkPassword(user.password, password): 441 # Check first if the stored password might have 442 # been the reason 443 validator = getUtility(IPasswordValidator) 444 errors = validator.validate_secure_password( 445 password, password) 446 if errors: 447 msg1 = translate(_( 448 'Your user name and password are correct ' 449 'but your password is not considered ' 450 'secure. ')) 451 msg2 = translate(_( 452 ' Your account has been temporarily ' 453 'deactivated. ' 454 'Please request a new password.')) 455 self.flash( msg1 + ' '.join(errors) + msg2, type="danger") 456 self.redirect(self.application_url() + '/changepw') 457 return 440 458 self.flash(_('Your user name and password are correct ' 441 'but yo r account has been temporarily '459 'but your account has been temporarily ' 442 460 'deactivated.'), 443 461 type='warning') … … 859 877 if password: 860 878 validator = getUtility(IPasswordValidator) 861 errors = validator.validate_secure d_password(password, password_ctl)879 errors = validator.validate_secure_password(password, password_ctl) 862 880 if errors: 863 881 self.flash( ' '.join(errors), type='danger') … … 903 921 if password: 904 922 validator = getUtility(IPasswordValidator) 905 errors = validator.validate_secure d_password(password, password_ctl)923 errors = validator.validate_secure_password(password, password_ctl) 906 924 if errors: 907 925 self.flash( ' '.join(errors), type='danger') -
main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_browser.py
r15163 r15287 37 37 from waeup.kofa.university.faculty import Faculty 38 38 from waeup.kofa.university.department import Department 39 from waeup.kofa.tests.test_authentication import SECRET 39 40 40 41 SAMPLE_FILE = os.path.join(os.path.dirname(__file__), 'test_file.csv') … … 359 360 def test_export_accesscodes(self): 360 361 # Create portal manager and an ExportManager 361 self.app['users'].addUser('mrportal', 'mrportalsecret')362 self.app['users'].addUser('mrportal', SECRET) 362 363 self.app['users']['mrportal'].email = 'mrportal@foo.ng' 363 364 self.app['users']['mrportal'].title = 'Carlo Pitter' … … 365 366 prmlocal = IPrincipalRoleManager(self.app) 366 367 prmlocal.assignRoleToPrincipal('waeup.PortalManager', 'mrportal') 367 self.app['users'].addUser('mrexporter', 'mrexportersecret')368 self.app['users'].addUser('mrexporter', SECRET) 368 369 self.app['users']['mrexporter'].email = 'mrexporter@foo.ng' 369 370 self.app['users']['mrexporter'].title = 'Carlos Potter' … … 374 375 self.browser.open('http://localhost/app/login') 375 376 self.browser.getControl(name="form.login").value = 'mrportal' 376 self.browser.getControl(name="form.password").value = 'mrportalsecret'377 self.browser.getControl(name="form.password").value = SECRET 377 378 self.browser.getControl("Login").click() 378 379 … … 401 402 self.browser.open('http://localhost/app/login') 402 403 self.browser.getControl(name="form.login").value = 'mrexporter' 403 self.browser.getControl(name="form.password").value = 'mrexportersecret'404 self.browser.getControl(name="form.password").value = SECRET 404 405 self.browser.getControl("Login").click() 405 406 … … 501 502 login_path = 'http://localhost/app/login' 502 503 # Create officer 503 self.app['users'].addUser('officer', 'officersecret')504 self.app['users'].addUser('officer', SECRET) 504 505 self.app['users']['officer'].email = 'mrofficer@foo.ng' 505 506 self.app['users']['officer'].title = 'Carlo Pitter' … … 510 511 self.browser.open(login_path) 511 512 self.browser.getControl(name="form.login").value = 'officer' 512 self.browser.getControl(name="form.password").value = 'officersecret'513 self.browser.getControl(name="form.password").value = SECRET 513 514 self.browser.getControl("Login").click() 514 515 self.browser.open(upload_path) … … 562 563 def test_suspended_officer(self): 563 564 self.app['users'].addUser( 564 'officer', 'secret', title='Bob Officer', email='bob@abcd.ng')565 'officer', SECRET, title='Bob Officer', email='bob@abcd.ng') 565 566 # Officer can't login if their password is not set. 566 567 self.app['users']['officer'].password = None 567 568 self.browser.open('http://localhost/app/login') 568 569 self.browser.getControl(name="form.login").value = 'officer' 569 self.browser.getControl(name="form.password").value = 'secret'570 self.browser.getControl(name="form.password").value = SECRET 570 571 self.browser.getControl("Login").click() 571 572 self.assertTrue( … … 573 574 # We set the password again. 574 575 IUserAccount( 575 self.app['users']['officer']).setPassword( 'secret')576 self.app['users']['officer']).setPassword(SECRET) 576 577 # Officers can't login if their account is suspended/deactivated. 577 578 self.app['users']['officer'].suspended = True 578 579 self.browser.open('http://localhost/app/login') 579 580 self.browser.getControl(name="form.login").value = 'officer' 580 self.browser.getControl(name="form.password").value = 'secret'581 self.browser.getControl(name="form.password").value = SECRET 581 582 self.browser.getControl("Login").click() 582 583 self.assertMatches( 583 '...but yo r account has been temporarily deactivated...',584 '...but your account has been temporarily deactivated...', 584 585 self.browser.contents) 585 586 # Officer is really not logged in. … … 588 589 self.browser.open('http://localhost/app/login') 589 590 self.browser.getControl(name="form.login").value = 'officer' 590 self.browser.getControl(name="form.password").value = 'secret'591 self.browser.getControl(name="form.password").value = SECRET 591 592 self.browser.getControl("Login").click() 592 593 # Yeah, officer logged in. … … 618 619 config = grok.getSite()['configuration'] 619 620 self.app['users'].addUser( 620 'officer', 'secret', title='Bob Officer', email='bob@abcd.ng')621 'officer', SECRET, title='Bob Officer', email='bob@abcd.ng') 621 622 self.browser.open('http://localhost/app/login') 622 623 self.browser.getControl(name="form.login").value = 'officer' 623 self.browser.getControl(name="form.password").value = 'secret'624 self.browser.getControl(name="form.password").value = SECRET 624 625 self.browser.getControl("Login").click() 625 626 # Officer logged in. … … 636 637 # Officers really can't login if maintenance mode is enabled. 637 638 self.browser.getControl(name="form.login").value = 'officer' 638 self.browser.getControl(name="form.password").value = 'secret'639 self.browser.getControl(name="form.password").value = SECRET 639 640 self.browser.getControl("Login").click() 640 641 # A second warning is raised. … … 645 646 config.maintmode_enabled_by = u'officer' 646 647 self.browser.getControl(name="form.login").value = 'officer' 647 self.browser.getControl(name="form.password").value = 'secret'648 self.browser.getControl(name="form.password").value = SECRET 648 649 self.browser.getControl("Login").click() 649 650 self.assertTrue('You logged in' in self.browser.contents) -
main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_permissions.py
r14526 r15287 37 37 remove_logger) 38 38 from waeup.kofa.tests.test_async import FunctionalAsyncTestCase 39 39 from waeup.kofa.tests.test_authentication import SECRET 40 40 41 41 … … 157 157 def testReportsPermissions(self): 158 158 # Create reports officer 159 self.app['users'].addUser('mrofficer', 'mrofficer')159 self.app['users'].addUser('mrofficer', SECRET) 160 160 self.app['users']['mrofficer'].email = 'mrofficer@foo.ng' 161 161 self.app['users']['mrofficer'].title = 'Otto Report' … … 163 163 prmglobal.assignRoleToPrincipal('waeup.ReportsOfficer', 'mrofficer') 164 164 # Create reports manager 165 self.app['users'].addUser('mrmanager', 'mrmanager')165 self.app['users'].addUser('mrmanager', SECRET) 166 166 self.app['users']['mrmanager'].email = 'mrmanager@foo.ng' 167 167 self.app['users']['mrmanager'].title = 'Manfred Report' … … 171 171 self.browser.open('http://localhost/app/login') 172 172 self.browser.getControl(name="form.login").value = 'mrofficer' 173 self.browser.getControl(name="form.password").value = 'mrofficer'173 self.browser.getControl(name="form.password").value = SECRET 174 174 self.browser.getControl("Login").click() 175 175 self.trigger_report_creation('2004') … … 184 184 self.browser.open('http://localhost/app/login') 185 185 self.browser.getControl(name="form.login").value = 'mrmanager' 186 self.browser.getControl(name="form.password").value = 'mrmanager'186 self.browser.getControl(name="form.password").value = SECRET 187 187 self.browser.getControl("Login").click() 188 188 self.trigger_report_creation('2005') … … 199 199 self.browser.open('http://localhost/app/login') 200 200 self.browser.getControl(name="form.login").value = 'mrofficer' 201 self.browser.getControl(name="form.password").value = 'mrofficer'201 self.browser.getControl(name="form.password").value = SECRET 202 202 self.browser.getControl("Login").click() 203 203 self.browser.open('http://localhost/app/reports')
Note: See TracChangeset for help on using the changeset viewer.
