-
Notifications
You must be signed in to change notification settings - Fork 965
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
14 changed files
with
439 additions
and
122 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -28,7 +28,7 @@ | |
NoRecoveryCodes, | ||
TooManyFailedLogins, | ||
) | ||
from warehouse.accounts.models import DisableReason | ||
from warehouse.accounts.models import DisableReason, ProhibitedEmailDomain | ||
from warehouse.captcha import recaptcha | ||
from warehouse.events.tags import EventTag | ||
from warehouse.utils.webauthn import AuthenticationRejectedError | ||
|
@@ -399,6 +399,9 @@ def test_validate(self): | |
) | ||
|
||
form = forms.RegistrationForm( | ||
request=pretend.stub( | ||
db=pretend.stub(query=lambda *a: pretend.stub(scalar=lambda: False)) | ||
), | ||
formdata=MultiDict( | ||
{ | ||
"username": "myusername", | ||
|
@@ -419,6 +422,7 @@ def test_validate(self): | |
|
||
def test_password_confirm_required_error(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"password_confirm": ""}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: pretend.stub()) | ||
|
@@ -435,6 +439,7 @@ def test_passwords_mismatch_error(self, pyramid_config): | |
find_userid_by_email=pretend.call_recorder(lambda _: pretend.stub()) | ||
) | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict( | ||
{"new_password": "password", "password_confirm": "mismatch"} | ||
), | ||
|
@@ -454,6 +459,7 @@ def test_passwords_match_success(self): | |
find_userid_by_email=pretend.call_recorder(lambda _: pretend.stub()) | ||
) | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict( | ||
{ | ||
"new_password": "MyStr0ng!shPassword", | ||
|
@@ -471,6 +477,7 @@ def test_passwords_match_success(self): | |
|
||
def test_email_required_error(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"email": ""}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: pretend.stub()) | ||
|
@@ -483,8 +490,9 @@ def test_email_required_error(self): | |
assert form.email.errors.pop() == "This field is required." | ||
|
||
@pytest.mark.parametrize("email", ["bad", "foo][email protected]", "</body></html>"]) | ||
def test_invalid_email_error(self, pyramid_config, email): | ||
def test_invalid_email_error(self, pyramid_request, email): | ||
form = forms.RegistrationForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": email}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: None) | ||
|
@@ -500,6 +508,9 @@ def test_invalid_email_error(self, pyramid_config, email): | |
|
||
def test_exotic_email_success(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub( | ||
db=pretend.stub(query=lambda *a: pretend.stub(scalar=lambda: False)) | ||
), | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: None) | ||
|
@@ -511,8 +522,12 @@ def test_exotic_email_success(self): | |
form.validate() | ||
assert len(form.email.errors) == 0 | ||
|
||
def test_email_exists_error(self, pyramid_config): | ||
def test_email_exists_error(self, pyramid_request): | ||
pyramid_request.db = pretend.stub( | ||
query=lambda *a: pretend.stub(scalar=lambda: False) | ||
) | ||
form = forms.RegistrationForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: pretend.stub()) | ||
|
@@ -528,8 +543,9 @@ def test_email_exists_error(self, pyramid_config): | |
"Use a different email." | ||
) | ||
|
||
def test_prohibited_email_error(self, pyramid_config): | ||
def test_disposable_email_error(self, pyramid_request): | ||
form = forms.RegistrationForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: None) | ||
|
@@ -545,8 +561,30 @@ def test_prohibited_email_error(self, pyramid_config): | |
"different email." | ||
) | ||
|
||
def test_prohibited_email_error(self, db_request): | ||
domain = ProhibitedEmailDomain(domain="wutang.net") | ||
db_request.db.add(domain) | ||
|
||
form = forms.RegistrationForm( | ||
request=db_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_service=pretend.stub( | ||
find_userid_by_email=pretend.call_recorder(lambda _: None) | ||
), | ||
captcha_service=pretend.stub(enabled=True), | ||
breach_service=pretend.stub(check_password=lambda pw, tags=None: False), | ||
) | ||
|
||
assert not form.validate() | ||
assert ( | ||
str(form.email.errors.pop()) | ||
== "You can't use an email address from this domain. Use a " | ||
"different email." | ||
) | ||
|
||
def test_recaptcha_disabled(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"g_recpatcha_response": ""}), | ||
user_service=pretend.stub(), | ||
captcha_service=pretend.stub( | ||
|
@@ -562,6 +600,7 @@ def test_recaptcha_disabled(self): | |
|
||
def test_recaptcha_required_error(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"g_recaptcha_response": ""}), | ||
user_service=pretend.stub(), | ||
captcha_service=pretend.stub( | ||
|
@@ -575,6 +614,7 @@ def test_recaptcha_required_error(self): | |
|
||
def test_recaptcha_error(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"g_recaptcha_response": "asd"}), | ||
user_service=pretend.stub(), | ||
captcha_service=pretend.stub( | ||
|
@@ -588,6 +628,7 @@ def test_recaptcha_error(self): | |
|
||
def test_username_exists(self, pyramid_config): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"username": "foo"}), | ||
user_service=pretend.stub( | ||
find_userid=pretend.call_recorder(lambda name: 1), | ||
|
@@ -608,6 +649,7 @@ def test_username_exists(self, pyramid_config): | |
|
||
def test_username_prohibted(self, pyramid_config): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"username": "foo"}), | ||
user_service=pretend.stub( | ||
username_is_prohibited=lambda a: True, | ||
|
@@ -628,6 +670,7 @@ def test_username_prohibted(self, pyramid_config): | |
@pytest.mark.parametrize("username", ["_foo", "bar_", "foo^bar", "boo\0far"]) | ||
def test_username_is_valid(self, username, pyramid_config): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"username": username}), | ||
user_service=pretend.stub( | ||
find_userid=pretend.call_recorder(lambda _: None), | ||
|
@@ -656,6 +699,7 @@ def test_password_strength(self): | |
) | ||
for pwd, valid in cases: | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"new_password": pwd, "password_confirm": pwd}), | ||
user_service=pretend.stub(), | ||
captcha_service=pretend.stub( | ||
|
@@ -669,6 +713,7 @@ def test_password_strength(self): | |
|
||
def test_password_breached(self): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"new_password": "password"}), | ||
user_service=pretend.stub( | ||
find_userid=pretend.call_recorder(lambda _: None) | ||
|
@@ -693,6 +738,7 @@ def test_password_breached(self): | |
|
||
def test_name_too_long(self, pyramid_config): | ||
form = forms.RegistrationForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"full_name": "hello " * 50}), | ||
user_service=pretend.stub( | ||
find_userid=pretend.call_recorder(lambda _: None) | ||
|
@@ -720,6 +766,7 @@ class TestRequestPasswordResetForm: | |
) | ||
def test_validate(self, form_input): | ||
form = forms.RequestPasswordResetForm( | ||
request=pretend.stub(), | ||
formdata=MultiDict({"username_or_email": form_input}), | ||
) | ||
assert form.validate() | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -173,6 +173,9 @@ def test_validate(self): | |
user_id = pretend.stub() | ||
user_service = pretend.stub(find_userid_by_email=lambda _: None) | ||
form = forms.AddEmailForm( | ||
request=pretend.stub( | ||
db=pretend.stub(query=lambda *a: pretend.stub(scalar=lambda: False)) | ||
), | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_id=user_id, | ||
user_service=user_service, | ||
|
@@ -182,9 +185,13 @@ def test_validate(self): | |
assert form.user_service is user_service | ||
assert form.validate(), str(form.errors) | ||
|
||
def test_email_exists_error(self, pyramid_config): | ||
def test_email_exists_error(self, pyramid_request): | ||
pyramid_request.db = pretend.stub( | ||
query=lambda *a: pretend.stub(scalar=lambda: False) | ||
) | ||
user_id = pretend.stub() | ||
form = forms.AddEmailForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_id=user_id, | ||
user_service=pretend.stub(find_userid_by_email=lambda _: user_id), | ||
|
@@ -197,8 +204,12 @@ def test_email_exists_error(self, pyramid_config): | |
"Use a different email." | ||
) | ||
|
||
def test_email_exists_other_account_error(self, pyramid_config): | ||
def test_email_exists_other_account_error(self, pyramid_request): | ||
pyramid_request.db = pretend.stub( | ||
query=lambda *a: pretend.stub(scalar=lambda: False) | ||
) | ||
form = forms.AddEmailForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_id=pretend.stub(), | ||
user_service=pretend.stub(find_userid_by_email=lambda _: pretend.stub()), | ||
|
@@ -211,8 +222,12 @@ def test_email_exists_other_account_error(self, pyramid_config): | |
"Use a different email." | ||
) | ||
|
||
def test_prohibited_email_error(self, pyramid_config): | ||
def test_prohibited_email_error(self, pyramid_request): | ||
pyramid_request.db = pretend.stub( | ||
query=lambda *a: pretend.stub(scalar=lambda: False) | ||
) | ||
form = forms.AddEmailForm( | ||
request=pyramid_request, | ||
formdata=MultiDict({"email": "[email protected]"}), | ||
user_service=pretend.stub(find_userid_by_email=lambda _: None), | ||
user_id=pretend.stub(), | ||
|
@@ -227,6 +242,9 @@ def test_prohibited_email_error(self, pyramid_config): | |
|
||
def test_email_too_long_error(self, pyramid_config): | ||
form = forms.AddEmailForm( | ||
request=pretend.stub( | ||
db=pretend.stub(query=lambda *a: pretend.stub(scalar=lambda: False)) | ||
), | ||
formdata=MultiDict({"email": f"{'x' * 300}@bar.com"}), | ||
user_service=pretend.stub(find_userid_by_email=lambda _: None), | ||
user_id=pretend.stub(), | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.