diff options
-rw-r--r-- | service/pixelated/resources/account_recovery_resource.py | 31 | ||||
-rw-r--r-- | service/test/unit/resources/test_account_recovery_resource.py | 43 |
2 files changed, 67 insertions, 7 deletions
diff --git a/service/pixelated/resources/account_recovery_resource.py b/service/pixelated/resources/account_recovery_resource.py index 6781f209..6e80f360 100644 --- a/service/pixelated/resources/account_recovery_resource.py +++ b/service/pixelated/resources/account_recovery_resource.py @@ -15,14 +15,23 @@ # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. import os +import json -from pixelated.resources import BaseResource from twisted.python.filepath import FilePath -from pixelated.resources import get_public_static_folder from twisted.web.http import OK, INTERNAL_SERVER_ERROR from twisted.web.template import Element, XMLFile, renderElement from twisted.web.server import NOT_DONE_YET from twisted.internet import defer +from twisted.logger import Logger + +from pixelated.resources import BaseResource +from pixelated.resources import get_public_static_folder + +log = Logger() + + +class InvalidPasswordError(Exception): + pass class AccountRecoveryPage(Element): @@ -52,10 +61,24 @@ class AccountRecoveryResource(BaseResource): request.setResponseCode(OK) request.finish() - def error_response(response): + def error_response(failure): + log.warn(failure) request.setResponseCode(INTERNAL_SERVER_ERROR) request.finish() - d = defer.succeed('Done!') + d = self._validate_password(request) d.addCallbacks(success_response, error_response) return NOT_DONE_YET + + def _get_post_form(self, request): + return json.loads(request.content.getvalue()) + + def _validate_password(self, request): + form = self._get_post_form(request) + password = form.get('password') + confirmPassword = form.get('confirmPassword') + + if password == confirmPassword and len(password) >= 8 and len(password) <= 9999: + return defer.succeed('Done!') + + return defer.fail(InvalidPasswordError('The user entered an invalid password or confirmation')) diff --git a/service/test/unit/resources/test_account_recovery_resource.py b/service/test/unit/resources/test_account_recovery_resource.py index cd9acae7..bdae15b6 100644 --- a/service/test/unit/resources/test_account_recovery_resource.py +++ b/service/test/unit/resources/test_account_recovery_resource.py @@ -14,14 +14,12 @@ # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. -import os - from mock import MagicMock from twisted.trial import unittest from twisted.web.test.requesthelper import DummyRequest from twisted.internet import defer -from pixelated.resources.account_recovery_resource import AccountRecoveryResource +from pixelated.resources.account_recovery_resource import AccountRecoveryResource, InvalidPasswordError from test.unit.resources import DummySite @@ -46,6 +44,8 @@ class TestAccountRecoveryResource(unittest.TestCase): def test_post_returns_successfully(self): request = DummyRequest(['/account-recovery']) request.method = 'POST' + request.content = MagicMock() + request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "12345678"}' d = self.web.get(request) def assert_successful_response(_): @@ -53,3 +53,40 @@ class TestAccountRecoveryResource(unittest.TestCase): d.addCallback(assert_successful_response) return d + + def test_get_post_form(self): + request = MagicMock() + request.content.getvalue.return_value = '{"userCode": "abc", "password": "123", "confirmPassword": "456"}' + form = self.resource._get_post_form(request) + + self.assertEqual(form.get('userCode'), 'abc') + self.assertEqual(form.get('password'), '123') + self.assertEqual(form.get('confirmPassword'), '456') + + def test_validate_password_successfully(self): + request = MagicMock() + request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "12345678"}' + + d = self.resource._validate_password(request) + + def assert_successful(success): + self.assertEqual(success, 'Done!') + + d.addCallback(assert_successful) + return d + + @defer.inlineCallbacks + def test_validate_password_failed_by_confirmation(self): + request = MagicMock() + request.content.getvalue.return_value = '{"password": "12345678", "confirmPassword": "1234"}' + + with self.assertRaises(InvalidPasswordError): + yield self.resource._validate_password(request) + + @defer.inlineCallbacks + def test_validate_password_failed_by_length(self): + request = MagicMock() + request.content.getvalue.return_value = '{"password": "1234", "confirmPassword": "1234"}' + + with self.assertRaises(InvalidPasswordError): + yield self.resource._validate_password(request) |