allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From john...@apache.org
Subject [05/14] git commit: [#6783] ticket:463 some code refactoring
Date Thu, 07 Nov 2013 21:07:18 GMT
[#6783] ticket:463 some code refactoring


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/7bee93b3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/7bee93b3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/7bee93b3

Branch: refs/heads/master
Commit: 7bee93b379babfb796fdaf8eeada9cb20b0d5e1b
Parents: c80b0cd
Author: coldmind <sokandpal@yandex.ru>
Authored: Thu Oct 31 14:30:17 2013 +0200
Committer: Cory Johns <cjohns@slashdotmedia.com>
Committed: Thu Nov 7 21:05:03 2013 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/auth.py           | 10 ++--
 Allura/allura/lib/plugin.py                 | 11 +---
 Allura/allura/lib/widgets/__init__.py       |  2 +-
 Allura/allura/lib/widgets/auth_widgets.py   | 22 +------
 Allura/allura/lib/widgets/forms.py          | 17 ++++--
 Allura/allura/tests/functional/test_auth.py | 73 ++++++++++++++++++++++-
 Allura/allura/tests/model/test_auth.py      | 75 +-----------------------
 Allura/development.ini                      |  4 +-
 8 files changed, 100 insertions(+), 114 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 700db60..42a9420 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -41,7 +41,6 @@ from allura.lib.widgets import (
     OAuthApplicationForm,
     OAuthRevocationForm,
     LoginForm,
-    RecoverPasswordChangeForm,
     ForgottenPasswordForm)
 from allura.lib.widgets import forms
 from allura.lib import exceptions as exc
@@ -65,7 +64,7 @@ OID_PROVIDERS=[
 
 class F(object):
     login_form = LoginForm()
-    recover_password_change_form = RecoverPasswordChangeForm()
+    recover_password_change_form = forms.PasswordChangeBase()
     forgotten_password_form = ForgottenPasswordForm()
     subscription_form=SubscriptionForm()
     registration_form = forms.RegistrationForm(action='/auth/save_new')
@@ -159,7 +158,8 @@ class AuthController(BaseController):
 
     @expose('jinja:allura:templates/forgotten_password.html')
     def forgotten_password(self, hash=None, **kw):
-        if not plugin.LocalAuthenticationProvider.forgotten_password_process:
+        provider = plugin.AuthenticationProvider.get(request)
+        if not provider:
             redirect('/')
         if not hash:
             c.forgotten_password_form = F.forgotten_password_form
@@ -175,7 +175,7 @@ class AuthController(BaseController):
                 redirect('/')
             if request.method == 'POST':
                 ap = plugin.AuthenticationProvider.get(request)
-                ap.recovery_set_password(user_record, kw['pw'])
+                ap.set_password(user_record, None, kw['pw'])
                 user_record.set_tool_data('AuthPasswordReset', hash='', hash_expiry='')
                 flash('Password changed')
                 redirect('/auth/')
@@ -192,7 +192,7 @@ class AuthController(BaseController):
         user_record.set_tool_data('AuthPasswordReset',
                                   hash=hash,
                                   hash_expiry=datetime.datetime.utcnow() +
-                                  datetime.timedelta(hours=int(config['auth.recovery_hash_expiry_period'])))
+                                  datetime.timedelta(seconds=int(config.get('auth.recovery_hash_expiry_period',
600))))
 
         log.info('Sending password recovery link to %s', email)
         text = '''

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index cd92cf3..0c6c3b1 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -66,9 +66,10 @@ class AuthenticationProvider(object):
     Then in your .ini file, set ``auth.method=myprovider``
     '''
 
+    forgotten_password_process = False
+
     def __init__(self, request):
         self.request = request
-    forgotten_password_process = False
 
     @classmethod
     def get(cls, request):
@@ -84,10 +85,6 @@ class AuthenticationProvider(object):
     def session(self):
         return self.request.environ['beaker.session']
 
-    @LazyProperty
-    def forgotten_password(self):
-        return self.forgotten_password_process
-
     def authenticate_request(self):
         from allura import model as M
         user = M.User.query.get(_id=self.session.get('userid', None))
@@ -218,6 +215,7 @@ class LocalAuthenticationProvider(AuthenticationProvider):
     Stores user passwords on the User model, in mongo.  Uses per-user salt and
     SHA-256 encryption.
     '''
+
     forgotten_password_process = True
 
     def register_user(self, user_doc):
@@ -252,9 +250,6 @@ class LocalAuthenticationProvider(AuthenticationProvider):
     def set_password(self, user, old_password, new_password):
         user.password = self._encode_password(new_password)
 
-    def recovery_set_password(self, user, new_password):
-        user.password = self._encode_password(new_password)
-
     def _encode_password(self, password, salt=None):
         from allura import model as M
         if salt is None:

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/lib/widgets/__init__.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/__init__.py b/Allura/allura/lib/widgets/__init__.py
index 516a3d8..cef0d29 100644
--- a/Allura/allura/lib/widgets/__init__.py
+++ b/Allura/allura/lib/widgets/__init__.py
@@ -18,5 +18,5 @@
 from .discuss import Post, Thread, Discussion
 from .subscriptions import SubscriptionForm
 from .oauth_widgets import OAuthApplicationForm, OAuthRevocationForm
-from .auth_widgets import LoginForm, ForgottenPasswordForm, RecoverPasswordChangeForm
+from .auth_widgets import LoginForm, ForgottenPasswordForm
 from .vote import VoteForm

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/lib/widgets/auth_widgets.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/auth_widgets.py b/Allura/allura/lib/widgets/auth_widgets.py
index 8a4dba3..5b9bf2b 100644
--- a/Allura/allura/lib/widgets/auth_widgets.py
+++ b/Allura/allura/lib/widgets/auth_widgets.py
@@ -64,31 +64,15 @@ class ForgottenPasswordForm(ForgeForm):
     def validate(self, value, state=None):
         email = value['email']
         record = M.EmailAddress.query.find({'_id': email}).first()
-        if not record:
+        if not record or not record.confirmed:
             raise Invalid(
                 "Email doesn't exists",
                 dict(email=value['email']),
                 None)
-        user_record = M.User.query.find({'_id': record.claimed_by_user_id}).first()
-        if not record.confirmed or not user_record or user_record.disabled:
+        user_record = M.User.by_email_address(email)
+        if not user_record or user_record.disabled:
             raise Invalid(
                 "Email doesn't verified or user record disabled",
                 dict(email=value['email']),
                 None)
         return value
-
-class RecoverPasswordChangeForm(ForgeForm):
-    class fields(ew_core.NameList):
-        pw = ew.PasswordField(
-            label='New Password',
-            validator=validators.UnicodeString(not_empty=True, min=6))
-        pw2 = ew.PasswordField(
-            label='New Password (again)',
-            validator=validators.UnicodeString(not_empty=True))
-
-    @validator
-    def to_python(self, value, state):
-        d = super(RecoverPasswordChangeForm, self).to_python(value, state)
-        if d['pw'] != d['pw2']:
-            raise Invalid('Passwords must match', value, state)
-        return d

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/lib/widgets/forms.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/widgets/forms.py b/Allura/allura/lib/widgets/forms.py
index de90d39..91dd070 100644
--- a/Allura/allura/lib/widgets/forms.py
+++ b/Allura/allura/lib/widgets/forms.py
@@ -123,10 +123,8 @@ class ForgeForm(ew.SimpleForm):
             display = "%s<div class='error'>%s</div>" % (display, ctx['errors'])
         return display
 
-class PasswordChangeForm(ForgeForm):
+class PasswordChangeBase(ForgeForm):
     class fields(ew_core.NameList):
-        oldpw = ew.PasswordField(
-            label='Old Password', validator=fev.UnicodeString(not_empty=True))
         pw = ew.PasswordField(
             label='New Password',
             validator=fev.UnicodeString(not_empty=True, min=6))
@@ -136,11 +134,22 @@ class PasswordChangeForm(ForgeForm):
 
     @ew_core.core.validator
     def to_python(self, value, state):
-        d = super(PasswordChangeForm, self).to_python(value, state)
+        d = super(PasswordChangeBase, self).to_python(value, state)
         if d['pw'] != d['pw2']:
             raise formencode.Invalid('Passwords must match', value, state)
         return d
 
+class PasswordChangeForm(PasswordChangeBase):
+    class fields(ew_core.NameList):
+        oldpw = ew.PasswordField(
+            label='Old Password', validator=fev.UnicodeString(not_empty=True))
+        pw = ew.PasswordField(
+            label='New Password',
+            validator=fev.UnicodeString(not_empty=True, min=6))
+        pw2 = ew.PasswordField(
+            label='New Password (again)',
+            validator=fev.UnicodeString(not_empty=True))
+
 class PersonalDataForm(ForgeForm):
     class fields(ew_core.NameList):
         sex = ew.SingleSelectField(

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index a945c1a..52f24fe 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -22,18 +22,22 @@ from urlparse import urlparse, parse_qs
 
 import mock
 from nose.tools import (
+        assert_equal,
         assert_not_equal,
         assert_is_none,
         assert_is_not_none,
         assert_in
     )
-from datadiff.tools import assert_equal
 from pylons import tmpl_context as c
 from allura.tests import TestController
 from allura.tests import decorators as td
 from allura import model as M
 from ming.orm.ormsession import ThreadLocalORMSession, session
 from allura.lib import oid_helper
+from allura.lib.helpers import push_config
+from tg import config
+from mock import patch
+import datetime
 
 
 def unentity(s):
@@ -705,6 +709,73 @@ class TestPreferences(TestController):
         user = M.User.query.get(username='test-admin')
         assert len(user.skills) == 0
 
+    @patch('allura.tasks.mail_tasks.sendmail')
+    @patch('allura.lib.helpers.gen_message_id')
+    def test_forgot_password_reset(self, gen_message_id, sendmail):
+        user = M.User.query.get(username='test-admin')
+        password1 = user.password
+
+        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
+        email.confirmed = False
+        user.disabled = True
+        ThreadLocalORMSession.flush_all()
+        r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+        hash = user.get_tool_data('AuthPasswordReset', 'hash')
+        assert hash is None
+
+        user = M.User.query.get(username='test-admin')
+        user.disabled = True
+        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
+        email.confirmed = True
+        ThreadLocalORMSession.flush_all()
+        r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+        hash = user.get_tool_data('AuthPasswordReset', 'hash')
+        assert hash is None
+
+        user = M.User.query.get(username='test-admin')
+        user.disabled = False
+        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
+        email.confirmed = True
+        ThreadLocalORMSession.flush_all()
+        with push_config(config, **{'auth.recovery_hash_expiry_period': '600'}):
+            r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+            hash = user.get_tool_data('AuthPasswordReset', 'hash')
+            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+            assert hash is not None
+            assert hash_expiry is not None
+
+            r = self.app.post('/auth/forgotten_password/%s' % hash, {'pw': 154321, 'pw2':
154321})
+            user = M.User.query.get(username='test-admin')
+            password2 = user.password
+            assert_not_equal(password1, password2)
+
+            text = '''
+To reset your password on %s, please visit the following URL:
+
+%s/auth/forgotten_password/%s
+
+''' % (config['site_name'], config['base_url'], hash)
+
+            sendmail.post.assert_called_once_with(
+                destinations=[email._id],
+                fromaddr=config['forgemail.return_path'],
+                reply_to='',
+                subject='Password recovery',
+                message_id=gen_message_id(),
+                text=text)
+            user = M.User.query.get(username='test-admin')
+            hash = user.get_tool_data('AuthPasswordReset', 'hash')
+            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+            assert_equal(hash, '')
+            assert_equal(hash_expiry, '')
+
+            r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+            hash = user.get_tool_data('AuthPasswordReset', 'hash')
+            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+            user.set_tool_data('AuthPasswordReset', hash_expiry=hash_expiry-datetime.timedelta(seconds=600))
+            r = self.app.post('/auth/forgotten_password/%s' % hash, {'pw': 154321, 'pw2':
154321})
+            assert_equal(r.status, '302 Found')
+
 
 class TestOAuth(TestController):
 

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/allura/tests/model/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/model/test_auth.py b/Allura/allura/tests/model/test_auth.py
index 027ae01..f8e7ed8 100644
--- a/Allura/allura/tests/model/test_auth.py
+++ b/Allura/allura/tests/model/test_auth.py
@@ -20,7 +20,7 @@
 """
 Model tests for auth
 """
-from nose.tools import with_setup, assert_equal, assert_not_equal
+from nose.tools import with_setup, assert_equal
 from pylons import tmpl_context as c, app_globals as g
 from webob import Request
 from mock import patch
@@ -32,11 +32,6 @@ from allura import model as M
 from allura.lib import plugin
 from allura.tests import decorators as td
 from alluratest.controller import setup_basic_test, setup_global_objects
-from allura.tests import TestController
-from allura.lib.helpers import push_config
-from tg import config
-from mock import patch
-import datetime
 
 
 def setUp():
@@ -230,71 +225,3 @@ def test_user_projects_by_role():
     g.credentials.clear()
     assert_equal(set(p.shortname for p in c.user.my_projects()), set(['test', 'test2', 'u/test-admin',
'adobe-1', '--init--']))
     assert_equal(set(p.shortname for p in c.user.my_projects('Admin')), set(['test', 'u/test-admin',
'adobe-1', '--init--']))
-
-
-class TestForgotPassword(TestController):
-
-    @patch('allura.tasks.mail_tasks.sendmail')
-    @patch('allura.lib.helpers.gen_message_id')
-    def test_forgot_password_reset(self, gen_message_id, sendmail):
-        user = M.User.query.get(username='test-admin')
-        password1 = user.password
-        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
-        email.confirmed = False
-        user.disabled = True
-
-        r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
-        hash = user.get_tool_data('AuthPasswordReset', 'hash')
-        assert hash is None
-
-        user = M.User.query.get(username='test-admin')
-        user.disabled = True
-        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
-        email.confirmed = True
-        r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
-        hash = user.get_tool_data('AuthPasswordReset', 'hash')
-        assert hash is None
-
-        user = M.User.query.get(username='test-admin')
-        user.disabled = False
-        email = M.EmailAddress.query.find({'claimed_by_user_id': user._id}).first()
-        email.confirmed = True
-
-        with push_config(config, **{'auth.recovery_hash_expiry_period': '1'}):
-            r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
-            hash = user.get_tool_data('AuthPasswordReset', 'hash')
-            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
-            assert hash is not None
-            assert hash_expiry is not None
-
-            r = self.app.post('/auth/forgotten_password/%s' % hash, {'pw': 154321, 'pw2':
154321})
-            user = M.User.query.get(username='test-admin')
-            password2 = user.password
-            assert_not_equal(password1, password2)
-
-            text = '''
-To reset your password on %s, please visit the following URL:
-
-%s/auth/forgotten_password/%s
-
-''' % (config['site_name'], config['base_url'], hash)
-
-            sendmail.post.assert_called_once_with(
-                destinations=[email._id],
-                fromaddr=config['forgemail.return_path'],
-                reply_to='',
-                subject='Password recovery',
-                message_id=gen_message_id(),
-                text=text)
-            user = M.User.query.get(username='test-admin')
-            hash = user.get_tool_data('AuthPasswordReset', 'hash')
-            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
-            assert_equal(hash, '')
-            assert_equal(hash_expiry, '')
-
-            r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
-            hash = user.get_tool_data('AuthPasswordReset', 'hash')
-            hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
-            user.set_tool_data('AuthPasswordReset', hash_expiry=hash_expiry-datetime.timedelta(hours=1))
-            r = self.app.post('/auth/forgotten_password/%s' % hash, {'pw': 154321, 'pw2':
154321})
-            assert_equal(r.status, '302 Found')

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/7bee93b3/Allura/development.ini
----------------------------------------------------------------------
diff --git a/Allura/development.ini b/Allura/development.ini
index 98e251b..4a96528 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -86,8 +86,8 @@ auth.ldap.admin_dn = cn=admin,dc=localdomain
 auth.ldap.admin_password = secret
 auth.ldap.schroot_name = scm
 
-# In hours
-auth.recovery_hash_expiry_period = 1
+# In seconds
+auth.recovery_hash_expiry_period = 600
 
 # Set the locations of some static resources
 #  script_name is the path that is handled by the application


Mime
View raw message