Merge pull request #1040 from pixelated/email-recovery-code

[#927] Implements sending recovery code by email.
author: thaissiqueira <thais.siqueira@thoughtworks.com> 2017-03-31 18:00:43 -0300
committer: GitHub <noreply@github.com> 2017-03-31 18:00:43 -0300
commit: f40808a147d1135e8bbee6d78306a598cf5ca647 (patch)
tree: 58d15414134ef5554e947348179e92e248df433b /service
parent: dadf39c1574d53612410371b8b639a159841eaf5 (diff)
parent: 304215fe36666c8401bd9fa01a50cab61ddc10ca (diff)
4 files changed, 97 insertions, 16 deletions
diff --git a/service/pixelated/account_recovery.py b/service/pixelated/account_recovery.py
index 234bb1fe..c0a18792 100644
--- a/service/pixelated/account_recovery.py
+++ b/service/pixelated/account_recovery.py
@@ -13,23 +13,52 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
+
 from twisted.internet.defer import inlineCallbacks, returnValue
 from twisted.logger import Logger
+from twisted.mail import smtp
+
+from email.mime.text import MIMEText
+
 
 log = Logger()
 
 
 class AccountRecovery(object):
-    def __init__(self, session, soledad):
+    def __init__(self, session, soledad, smtp_config, backup_email):
         self._bonafide_session = session
         self._soledad = soledad
+        self._smtp_config = smtp_config
+        self._backup_email = backup_email
 
     @inlineCallbacks
     def update_recovery_code(self):
         try:
             code = self._soledad.create_recovery_code()
             response = yield self._bonafide_session.update_recovery_code(code)
+            yield self._send_mail(code, self._backup_email)
+
             returnValue(response)
+
+        except Exception as e:
+            log.error('Something went wrong when trying to save the recovery code')
+            log.error(e)
+            raise e
+
+    @inlineCallbacks
+    def _send_mail(self, code, backup_email):
+        msg = MIMEText('Your code %s' % code)
+        msg['Subject'] = 'Recovery Code'
+        msg['From'] = 'team@pixelated-project.org'
+        msg['To'] = backup_email
+
+        try:
+            send_mail_result = yield smtp.sendmail(
+                str(self._smtp_config.remote_smtp_host),
+                'team@pixelated-project.org',
+                [backup_email],
+                msg.as_string())
+            returnValue(send_mail_result)
         except Exception as e:
-            log.warn('Something went wrong when trying to save the recovery code')
-            raise
+            log.error('Failed trying to send the email with the recovery code')
+            raise e
diff --git a/service/pixelated/resources/backup_account_resource.py b/service/pixelated/resources/backup_account_resource.py
index b752b4c7..f51ac2ec 100644
--- a/service/pixelated/resources/backup_account_resource.py
+++ b/service/pixelated/resources/backup_account_resource.py
@@ -15,6 +15,8 @@
 # along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
 
 import os
+import json
+
 from xml.sax import SAXParseException
 
 from pixelated.resources import BaseResource
@@ -51,7 +53,9 @@ class BackupAccountResource(BaseResource):
     def render_POST(self, request):
         account_recovery = AccountRecovery(
             self._authenticator.bonafide_session,
-            self.soledad(request))
+            self.soledad(request),
+            self._service(request, '_leap_session').smtp_config,
+            self._get_backup_email(request))
 
         def update_response(response):
             request.setResponseCode(NO_CONTENT)
@@ -64,3 +68,6 @@ class BackupAccountResource(BaseResource):
         d = account_recovery.update_recovery_code()
         d.addCallbacks(update_response, error_response)
         return NOT_DONE_YET
+
+    def _get_backup_email(self, request):
+        return json.loads(request.content.getvalue()).get('backupEmail')
diff --git a/service/test/unit/resources/test_backup_account_resource.py b/service/test/unit/resources/test_backup_account_resource.py
index 2b68dd1b..e5e2793a 100644
--- a/service/test/unit/resources/test_backup_account_resource.py
+++ b/service/test/unit/resources/test_backup_account_resource.py
@@ -50,12 +50,16 @@ class TestBackupAccountResource(unittest.TestCase):
         mock_account_recovery.update_recovery_code.return_value = defer.succeed("Success")
         request = DummyRequest(['/backup-account'])
         request.method = 'POST'
+        request.content = MagicMock()
+        request.content.getvalue.return_value = '{"email": "test@test.com"}'
         d = self.web.get(request)
 
         def assert_update_recovery_code_called(_):
             mock_account_recovery_init.assert_called_with(
                 self.resource._authenticator.bonafide_session,
-                self.resource.soledad(request))
+                self.resource.soledad(request),
+                self.resource._service(request, '_leap_session').smtp_config,
+                self.resource._get_backup_email(request))
             mock_account_recovery.update_recovery_code.assert_called()
 
         d.addCallback(assert_update_recovery_code_called)
@@ -66,6 +70,8 @@ class TestBackupAccountResource(unittest.TestCase):
         mock_update_recovery_code.return_value = defer.succeed("Success")
         request = DummyRequest(['/backup-account'])
         request.method = 'POST'
+        request.content = MagicMock()
+        request.content.getvalue.return_value = '{"email": "test@test.com"}'
         d = self.web.get(request)
 
         def assert_successful_response(_):
@@ -79,6 +85,8 @@ class TestBackupAccountResource(unittest.TestCase):
         mock_update_recovery_code.return_value = defer.fail(Exception)
         request = DummyRequest(['/backup-account'])
         request.method = 'POST'
+        request.content = MagicMock()
+        request.content.getvalue.return_value = '{"email": "test@test.com"}'
         d = self.web.get(request)
 
         def assert_successful_response(_):
@@ -86,3 +94,9 @@ class TestBackupAccountResource(unittest.TestCase):
 
         d.addCallback(assert_successful_response)
         return d
+
+    def test_get_backup_email_from_request(self):
+        request = MagicMock()
+        request.content.getvalue.return_value = '{"backupEmail": "test@test.com"}'
+
+        self.assertEqual(self.resource._get_backup_email(request), 'test@test.com')
diff --git a/service/test/unit/test_account_recovery.py b/service/test/unit/test_account_recovery.py
index af14814a..f113169a 100644
--- a/service/test/unit/test_account_recovery.py
+++ b/service/test/unit/test_account_recovery.py
@@ -13,24 +13,55 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
+from email.mime.text import MIMEText
 
-from twisted.internet.defer import inlineCallbacks
+from twisted.internet import defer
 from twisted.trial import unittest
+from twisted.mail import smtp
 
-from mock import patch, Mock
+from mock import patch, Mock, MagicMock
+from mockito import mock, when, any as ANY
 
 from pixelated.account_recovery import AccountRecovery
 
 
 class AccountRecoveryTest(unittest.TestCase):
+    def setUp(self):
+        self.generated_code = '4645a2f8997e5d0d'
+        self.mock_bonafide_session = Mock()
+        self.mock_soledad = Mock()
+        self.mock_smtp_config = Mock()
+        self.keymanager = Mock()
+        self.mock_smtp_config.remote_smtp_host = 'test.com'
+        self.mock_soledad.create_recovery_code.return_value = self.generated_code
+        self.backup_email = 'test@test.com'
+        self.account_recovery = AccountRecovery(
+            self.mock_bonafide_session,
+            self.mock_soledad,
+            self.mock_smtp_config,
+            self.backup_email)
+        self.mock_smtp = Mock()
 
-    @inlineCallbacks
+    @defer.inlineCallbacks
     def test_update_recovery_code(self):
-        generated_code = '4645a2f8997e5d0d'
-        mock_bonafide_session = Mock()
-        mock_soledad = Mock()
-        mock_soledad.create_recovery_code.return_value = generated_code
-        account_recovery = AccountRecovery(mock_bonafide_session, mock_soledad)
-
-        yield account_recovery.update_recovery_code()
-        mock_bonafide_session.update_recovery_code.assert_called_once_with(generated_code)
+        when(self.account_recovery)._send_mail(ANY).thenReturn(defer.succeed(None))
+        response = yield self.account_recovery.update_recovery_code()
+        self.mock_bonafide_session.update_recovery_code.assert_called_once_with(self.generated_code)
+
+    @defer.inlineCallbacks
+    def test_send_recovery_code_by_email(self):
+        msg = MIMEText('Your code %s' % self.generated_code)
+        msg['Subject'] = 'Recovery Code'
+        msg['From'] = 'team@pixelated-project.org'
+        msg['To'] = self.backup_email
+
+        result = MagicMock()
+        deferred_sendmail = defer.succeed(result)
+        with patch.object(smtp, 'sendmail', return_value=deferred_sendmail) as mock_sendmail:
+            response = yield self.account_recovery._send_mail(self.generated_code, self.backup_email)
+
+        mock_sendmail.assert_called_with(
+            'test.com',
+            'team@pixelated-project.org',
+            [self.backup_email],
+            msg.as_string())
author	thaissiqueira <thais.siqueira@thoughtworks.com>	2017-03-31 18:00:43 -0300
committer	GitHub <noreply@github.com>	2017-03-31 18:00:43 -0300
commit	f40808a147d1135e8bbee6d78306a598cf5ca647 (patch)
tree	58d15414134ef5554e947348179e92e248df433b /service
parent	dadf39c1574d53612410371b8b639a159841eaf5 (diff)
parent	304215fe36666c8401bd9fa01a50cab61ddc10ca (diff)