From 1df1c89ea01a8822899d8eabcf2170f33815c335 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89loi=20Rivard?= Date: Sat, 24 Dec 2022 02:52:05 +0100 Subject: [PATCH] unit tests: user creation without password --- canaille/account.py | 19 +++++++++++-------- canaille/models.py | 1 - tests/test_profile.py | 16 ++++++++++++++++ 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/canaille/account.py b/canaille/account.py index 995566f7..aab2a411 100644 --- a/canaille/account.py +++ b/canaille/account.py @@ -382,9 +382,11 @@ def profile_create(current_app, form): for group in groups: group.add_member(user) - if not form["password1"].data or user.set_password(form["password1"].data): - flash(_("User account creation succeed."), "success") - user.save() + if form["password1"].data: + user.set_password(form["password1"].data) + + flash(_("User account creation succeed."), "success") + user.save() return user @@ -491,11 +493,11 @@ def profile_edit(editor, username): user["jpegPhoto"] = None if ( - "password1" not in request.form - or not form["password1"].data - or user.set_password(form["password1"].data) - ) and request.form["action"] == "edit": - flash(_("Profile updated successfuly."), "success") + "password1" in request.form + and form["password1"].data + and request.form["action"] == "edit" + ): + user.set_password(form["password1"].data) if ( "preferredLanguage" in request.form @@ -503,6 +505,7 @@ def profile_edit(editor, username): ): user.preferredLanguage = None + flash(_("Profile updated successfuly."), "success") user.save() return redirect(url_for("account.profile_edition", username=username)) diff --git a/canaille/models.py b/canaille/models.py index 61f481cc..b9b72fb2 100644 --- a/canaille/models.py +++ b/canaille/models.py @@ -100,7 +100,6 @@ class User(LDAPObject): None, password.encode("utf-8"), ) - return True @property def name(self): diff --git a/tests/test_profile.py b/tests/test_profile.py index 6a2febb9..273d93da 100644 --- a/tests/test_profile.py +++ b/tests/test_profile.py @@ -258,6 +258,7 @@ def test_user_creation_edition_and_deletion( # User have been created res = res.form.submit(name="action", value="edit", status=302).follow(status=200) + assert "User account creation succeed." in res george = User.get("george") george.load_groups() foo_group.reload() @@ -295,6 +296,21 @@ def test_user_creation_edition_and_deletion( assert "george" not in res.text +def test_user_creation_without_password(testclient, logged_moderator): + res = testclient.get("/profile", status=200) + res.form["uid"] = "george" + res.form["sn"] = "Abitbol" + res.form["mail"] = "george@abitbol.com" + + res = res.form.submit(name="action", value="edit", status=302).follow(status=200) + assert "User account creation succeed." in res + george = User.get("george") + assert george.uid[0] == "george" + assert not george.userPassword + + george.delete() + + def test_user_creation_form_validation_failed( testclient, logged_moderator, foo_group, bar_group ):