2 files changed, 45 insertions, 26 deletions

diff --git a/service/pixelated/resources/account_recovery_resource.py b/service/pixelated/resources/account_recovery_resource.py
index 6e80f360..209a7693 100644
--- a/service/pixelated/resources/account_recovery_resource.py
+++ b/service/pixelated/resources/account_recovery_resource.py
@@ -66,19 +66,22 @@ class AccountRecoveryResource(BaseResource):
             request.setResponseCode(INTERNAL_SERVER_ERROR)
             request.finish()
 
-        d = self._validate_password(request)
+        d = self._handle_post(request)
         d.addCallbacks(success_response, error_response)
         return NOT_DONE_YET
 
     def _get_post_form(self, request):
         return json.loads(request.content.getvalue())
 
-    def _validate_password(self, request):
+    def _validate_password(self, password, confirm_password):
+        return password == confirm_password and len(password) >= 8 and len(password) <= 9999
+
+    def _handle_post(self, request):
         form = self._get_post_form(request)
         password = form.get('password')
-        confirmPassword = form.get('confirmPassword')
+        confirm_password = form.get('confirmPassword')
 
-        if password == confirmPassword and len(password) >= 8 and len(password) <= 9999:
-            return defer.succeed('Done!')
+        if not self._validate_password(password, confirm_password):
+            return defer.fail(InvalidPasswordError('The user entered an invalid password or confirmation'))
 
-        return defer.fail(InvalidPasswordError('The user entered an invalid password or confirmation'))
+        return defer.succeed('Done!')
diff --git a/service/test/unit/resources/test_account_recovery_resource.py b/service/test/unit/resources/test_account_recovery_resource.py
index bdae15b6..4e26fc5b 100644
--- a/service/test/unit/resources/test_account_recovery_resource.py
+++ b/service/test/unit/resources/test_account_recovery_resource.py
@@ -44,8 +44,8 @@ class TestAccountRecoveryResource(unittest.TestCase):
     def test_post_returns_successfully(self):
         request = DummyRequest(['/account-recovery'])
         request.method = 'POST'
-        request.content = MagicMock()
-        request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "12345678"}'
+        self.resource._handle_post = MagicMock(return_value=defer.succeed(None))
+
         d = self.web.get(request)
 
         def assert_successful_response(_):
@@ -54,20 +54,25 @@ class TestAccountRecoveryResource(unittest.TestCase):
         d.addCallback(assert_successful_response)
         return d
 
-    def test_get_post_form(self):
-        request = MagicMock()
-        request.content.getvalue.return_value = '{"userCode": "abc", "password": "123", "confirmPassword": "456"}'
-        form = self.resource._get_post_form(request)
+    def test_post_returns_failure(self):
+        request = DummyRequest(['/account-recovery'])
+        request.method = 'POST'
+        self.resource._handle_post = MagicMock(return_value=defer.fail(InvalidPasswordError))
 
-        self.assertEqual(form.get('userCode'), 'abc')
-        self.assertEqual(form.get('password'), '123')
-        self.assertEqual(form.get('confirmPassword'), '456')
+        d = self.web.get(request)
 
-    def test_validate_password_successfully(self):
+        def assert_error_response(_):
+            self.assertEqual(500, request.responseCode)
+
+        d.addCallback(assert_error_response)
+        return d
+
+    def test_handle_post_successfully(self):
         request = MagicMock()
-        request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "12345678"}'
+        self.resource._get_post_form = MagicMock()
+        self.resource._validate_password = MagicMock(return_value=True)
 
-        d = self.resource._validate_password(request)
+        d = self.resource._handle_post(request)
 
         def assert_successful(success):
             self.assertEqual(success, 'Done!')
@@ -76,17 +81,28 @@ class TestAccountRecoveryResource(unittest.TestCase):
         return d
 
     @defer.inlineCallbacks
-    def test_validate_password_failed_by_confirmation(self):
+    def test_handle_post_failed(self):
         request = MagicMock()
-        request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "1234"}'
+        self.resource._get_post_form = MagicMock()
+        self.resource._validate_password = MagicMock(return_value=False)
 
         with self.assertRaises(InvalidPasswordError):
-            yield self.resource._validate_password(request)
+            yield self.resource._handle_post(request)
 
-    @defer.inlineCallbacks
-    def test_validate_password_failed_by_length(self):
+    def test_get_post_form(self):
         request = MagicMock()
-        request.content.getvalue.return_value = '{"password": "1234", "confirmPassword": "1234"}'
+        request.content.getvalue.return_value = '{"userCode": "abc", "password": "123", "confirmPassword": "456"}'
+        form = self.resource._get_post_form(request)
 
-        with self.assertRaises(InvalidPasswordError):
-            yield self.resource._validate_password(request)
+        self.assertEqual(form.get('userCode'), 'abc')
+        self.assertEqual(form.get('password'), '123')
+        self.assertEqual(form.get('confirmPassword'), '456')
+
+    def test_validate_password_successfully(self):
+        self.assertTrue(self.resource._validate_password('12345678', '12345678'))
+
+    def test_validate_password_failed_by_confirmation(self):
+        self.assertFalse(self.resource._validate_password('12345678', '1234'))
+
+    def test_validate_password_failed_by_length(self):
+        self.assertFalse(self.resource._validate_password('1234', '1234'))