← Back to branch summary

~sumanah/mailman/mailman

« back to all changes in this revision

Viewing changes to src/mailman/rest/tests/test_users.py

  • Committer: Sumana Harihareswara
  • Date: 2015-01-08 21:35:58 UTC
  • mfrom: (7273.2.15 3.0)
  • Revision ID: sumanah@panix.com-20150108213558-65ym6553zj256z8p
mergeĀ fromĀ master

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/mailman/rest/tests/test_users.py
1
 
# Copyright (C) 2011-2014 by the Free Software Foundation, Inc.
 
1
# Copyright (C) 2011-2015 by the Free Software Foundation, Inc.
2
2
#
3
3
# This file is part of GNU Mailman.
4
4
#
17
17
 
18
18
"""REST user tests."""
19
19
 
20
 
from __future__ import absolute_import, print_function, unicode_literals
21
 
 
22
 
__metaclass__ = type
23
20
__all__ = [
24
21
    'TestLP1074374',
25
22
    'TestLogin',
30
27
import os
31
28
import unittest
32
29
 
33
 
from urllib2 import HTTPError
34
 
from zope.component import getUtility
35
 
 
36
30
from mailman.app.lifecycle import create_list
37
31
from mailman.config import config
38
32
from mailman.database.transaction import transaction
39
33
from mailman.interfaces.usermanager import IUserManager
40
34
from mailman.testing.helpers import call_api, configuration
41
35
from mailman.testing.layers import RESTLayer
 
36
from urllib.error import HTTPError
 
37
from zope.component import getUtility
42
38
 
43
39
 
44
40
 
108
104
                     method='DELETE')
109
105
        self.assertEqual(cm.exception.code, 404)
110
106
 
 
107
    def test_delete_user_twice(self):
 
108
        # You cannot DELETE a user twice, either by address or user id.
 
109
        with transaction():
 
110
            anne = getUtility(IUserManager).create_user(
 
111
                'anne@example.com', 'Anne Person')
 
112
            user_id = anne.user_id
 
113
        content, response = call_api(
 
114
            'http://localhost:9001/3.0/users/anne@example.com',
 
115
            method='DELETE')
 
116
        self.assertEqual(response.status, 204)
 
117
        with self.assertRaises(HTTPError) as cm:
 
118
            call_api('http://localhost:9001/3.0/users/anne@example.com',
 
119
                     method='DELETE')
 
120
        self.assertEqual(cm.exception.code, 404)
 
121
        with self.assertRaises(HTTPError) as cm:
 
122
            call_api('http://localhost:9001/3.0/users/{}'.format(user_id),
 
123
                     method='DELETE')
 
124
        self.assertEqual(cm.exception.code, 404)
 
125
 
 
126
    def test_get_after_delete(self):
 
127
        # You cannot GET a user record after deleting them.
 
128
        with transaction():
 
129
            anne = getUtility(IUserManager).create_user(
 
130
                'anne@example.com', 'Anne Person')
 
131
            user_id = anne.user_id
 
132
        # You can still GET the user record.
 
133
        content, response = call_api(
 
134
            'http://localhost:9001/3.0/users/anne@example.com')
 
135
        self.assertEqual(response.status, 200)
 
136
        # Delete the user.
 
137
        content, response = call_api(
 
138
            'http://localhost:9001/3.0/users/anne@example.com',
 
139
            method='DELETE')
 
140
        self.assertEqual(response.status, 204)
 
141
        # The user record can no longer be retrieved.
 
142
        with self.assertRaises(HTTPError) as cm:
 
143
            call_api('http://localhost:9001/3.0/users/anne@example.com')
 
144
        self.assertEqual(cm.exception.code, 404)
 
145
        with self.assertRaises(HTTPError) as cm:
 
146
            call_api('http://localhost:9001/3.0/users/{}'.format(user_id))
 
147
        self.assertEqual(cm.exception.code, 404)
 
148
 
111
149
    def test_existing_user_error(self):
112
150
        # Creating a user twice results in an error.
113
151
        call_api('http://localhost:9001/3.0/users', {
120
158
                     })
121
159
        self.assertEqual(cm.exception.code, 400)
122
160
        self.assertEqual(cm.exception.reason,
123
 
                         'Address already exists: anne@example.com')
 
161
                         b'Address already exists: anne@example.com')
124
162
 
125
163
    def test_addresses_of_missing_user_id(self):
126
164
        # Trying to get the /addresses of a missing user id results in error.
251
289
                'anne@example.com', 'Anne Person')
252
290
            self.anne.password = config.password_context.encrypt('abc123')
253
291
 
 
292
    def test_login_with_cleartext_password(self):
 
293
        # A user can log in with the correct clear text password.
 
294
        content, response = call_api(
 
295
            'http://localhost:9001/3.0/users/anne@example.com/login', {
 
296
                'cleartext_password': 'abc123',
 
297
                }, method='POST')
 
298
        self.assertEqual(response.status, 204)
 
299
        # But the user cannot log in with an incorrect password.
 
300
        with self.assertRaises(HTTPError) as cm:
 
301
            call_api(
 
302
                'http://localhost:9001/3.0/users/anne@example.com/login', {
 
303
                    'cleartext_password': 'not-the-password',
 
304
                    }, method='POST')
 
305
        self.assertEqual(cm.exception.code, 403)
 
306
 
254
307
    def test_wrong_parameter(self):
255
308
        # A bad request because it is mistyped the required attribute.
256
309
        with self.assertRaises(HTTPError) as cm: