existing test all passing now

3 files changed, 194 insertions, 121 deletions

diff --git a/mediagoblin/tests/basic_auth_appconfig.ini b/mediagoblin/tests/basic_auth_appconfig.ini
new file mode 100644
index 00000000..b15ae1fb
--- /dev/null
+++ b/mediagoblin/tests/basic_auth_appconfig.ini
@@ -0,0 +1,28 @@
+[mediagoblin]
+direct_remote_path = /test_static/
+email_sender_address = "notice@mediagoblin.example.org"
+email_debug_mode = true
+no_auth = false
+
+# TODO: Switch to using an in-memory database
+sql_engine = "sqlite:///%(here)s/test_user_dev/mediagoblin.db"
+
+# Celery shouldn't be set up by the application as it's setup via
+# mediagoblin.init.celery.from_celery
+celery_setup_elsewhere = true
+
+[storage:publicstore]
+base_dir = %(here)s/test_user_dev/media/public
+base_url = /mgoblin_media/
+
+[storage:queuestore]
+base_dir = %(here)s/test_user_dev/media/queue
+
+[celery]
+CELERY_ALWAYS_EAGER = true
+CELERY_RESULT_DBURI = "sqlite:///%(here)s/test_user_dev/celery.db"
+BROKER_HOST = "sqlite:///%(here)s/test_user_dev/kombu.db"
+
+[plugins]
+[[mediagoblin.plugins.basic_auth]]
+
diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py
index 755727f9..a9165340 100644
--- a/mediagoblin/tests/test_auth.py
+++ b/mediagoblin/tests/test_auth.py
@@ -15,54 +15,13 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import urlparse
-import datetime
 
 from mediagoblin import mg_globals
-from mediagoblin.auth import lib as auth_lib
 from mediagoblin.db.models import User
 from mediagoblin.tests.tools import fixture_add_user
 from mediagoblin.tools import template, mail
 
 
-########################
-# Test bcrypt auth funcs
-########################
-
-def test_bcrypt_check_password():
-    # Check known 'lollerskates' password against check function
-    assert auth_lib.bcrypt_check_password(
-        'lollerskates',
-        '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
-
-    assert not auth_lib.bcrypt_check_password(
-        'notthepassword',
-        '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
-
-    # Same thing, but with extra fake salt.
-    assert not auth_lib.bcrypt_check_password(
-        'notthepassword',
-        '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6',
-        '3><7R45417')
-
-
-def test_bcrypt_gen_password_hash():
-    pw = 'youwillneverguessthis'
-
-    # Normal password hash generation, and check on that hash
-    hashed_pw = auth_lib.bcrypt_gen_password_hash(pw)
-    assert auth_lib.bcrypt_check_password(
-        pw, hashed_pw)
-    assert not auth_lib.bcrypt_check_password(
-        'notthepassword', hashed_pw)
-
-    # Same thing, extra salt.
-    hashed_pw = auth_lib.bcrypt_gen_password_hash(pw, '3><7R45417')
-    assert auth_lib.bcrypt_check_password(
-        pw, hashed_pw, '3><7R45417')
-    assert not auth_lib.bcrypt_check_password(
-        'notthepassword', hashed_pw, '3><7R45417')
-
-
 def test_register_views(test_app):
     """
     Massive test function that all our registration-related views all work.
@@ -210,86 +169,6 @@ def test_register_views(test_app):
 
     ## TODO: Also check for double instances of an email address?
 
-    ### Oops, forgot the password
-    # -------------------
-    template.clear_test_template_context()
-    response = test_app.post(
-        '/auth/forgot_password/',
-        {'username': u'happygirl'})
-    response.follow()
-
-    ## Did we redirect to the proper page?  Use the right template?
-    assert urlparse.urlsplit(response.location)[2] == '/auth/login/'
-    assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT
-
-    ## Make sure link to change password is sent by email
-    assert len(mail.EMAIL_TEST_INBOX) == 1
-    message = mail.EMAIL_TEST_INBOX.pop()
-    assert message['To'] == 'happygrrl@example.org'
-    email_context = template.TEMPLATE_TEST_CONTEXT[
-        'mediagoblin/auth/fp_verification_email.txt']
-    #TODO - change the name of verification_url to something forgot-password-ish
-    assert email_context['verification_url'] in message.get_payload(decode=True)
-
-    path = urlparse.urlsplit(email_context['verification_url'])[2]
-    get_params = urlparse.urlsplit(email_context['verification_url'])[3]
-    assert path == u'/auth/forgot_password/verify/'
-    parsed_get_params = urlparse.parse_qs(get_params)
-
-    # user should have matching parameters
-    new_user = mg_globals.database.User.find_one({'username': u'happygirl'})
-    assert parsed_get_params['userid'] == [unicode(new_user.id)]
-    assert parsed_get_params['token'] == [new_user.fp_verification_key]
-
-    ### The forgotten password token should be set to expire in ~ 10 days
-    # A few ticks have expired so there are only 9 full days left...
-    assert (new_user.fp_token_expire - datetime.datetime.now()).days == 9
-
-    ## Try using a bs password-changing verification key, shouldn't work
-    template.clear_test_template_context()
-    response = test_app.get(
-        "/auth/forgot_password/verify/?userid=%s&token=total_bs" % unicode(
-            new_user.id), status=404)
-    assert response.status.split()[0] == u'404' # status="404 NOT FOUND"
-
-    ## Try using an expired token to change password, shouldn't work
-    template.clear_test_template_context()
-    new_user = mg_globals.database.User.find_one({'username': u'happygirl'})
-    real_token_expiration = new_user.fp_token_expire
-    new_user.fp_token_expire = datetime.datetime.now()
-    new_user.save()
-    response = test_app.get("%s?%s" % (path, get_params), status=404)
-    assert response.status.split()[0] == u'404' # status="404 NOT FOUND"
-    new_user.fp_token_expire = real_token_expiration
-    new_user.save()
-
-    ## Verify step 1 of password-change works -- can see form to change password
-    template.clear_test_template_context()
-    response = test_app.get("%s?%s" % (path, get_params))
-    assert 'mediagoblin/auth/change_fp.html' in template.TEMPLATE_TEST_CONTEXT
-
-    ## Verify step 2.1 of password-change works -- report success to user
-    template.clear_test_template_context()
-    response = test_app.post(
-        '/auth/forgot_password/verify/', {
-            'userid': parsed_get_params['userid'],
-            'password': 'iamveryveryhappy',
-            'token': parsed_get_params['token']})
-    response.follow()
-    assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT
-
-    ## Verify step 2.2 of password-change works -- login w/ new password success
-    template.clear_test_template_context()
-    response = test_app.post(
-        '/auth/login/', {
-            'username': u'happygirl',
-            'password': 'iamveryveryhappy'})
-
-    # User should be redirected
-    response.follow()
-    assert urlparse.urlsplit(response.location)[2] == '/'
-    assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
-
 
 def test_authentication_views(test_app):
     """
diff --git a/mediagoblin/tests/test_basic_auth.py b/mediagoblin/tests/test_basic_auth.py
new file mode 100644
index 00000000..20098ab7
--- /dev/null
+++ b/mediagoblin/tests/test_basic_auth.py
@@ -0,0 +1,166 @@
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+import urlparse
+import datetime
+import pkg_resources
+import pytest
+
+from mediagoblin.plugins.basic_auth import lib as auth_lib
+from mediagoblin import mg_globals
+from mediagoblin.tools import template, mail
+from mediagoblin.tests.tools import get_app, fixture_add_user
+from mediagoblin.tools.testing import _activate_testing
+
+_activate_testing()
+
+
+########################
+# Test bcrypt auth funcs
+########################
+
+
+def test_bcrypt_check_password():
+    # Check known 'lollerskates' password against check function
+    assert auth_lib.bcrypt_check_password(
+        'lollerskates',
+        '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
+
+    assert not auth_lib.bcrypt_check_password(
+        'notthepassword',
+        '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
+
+    # Same thing, but with extra fake salt.
+    assert not auth_lib.bcrypt_check_password(
+        'notthepassword',
+        '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6',
+        '3><7R45417')
+
+
+def test_bcrypt_gen_password_hash():
+    pw = 'youwillneverguessthis'
+
+    # Normal password hash generation, and check on that hash
+    hashed_pw = auth_lib.bcrypt_gen_password_hash(pw)
+    assert auth_lib.bcrypt_check_password(
+        pw, hashed_pw)
+    assert not auth_lib.bcrypt_check_password(
+        'notthepassword', hashed_pw)
+
+    # Same thing, extra salt.
+    hashed_pw = auth_lib.bcrypt_gen_password_hash(pw, '3><7R45417')
+    assert auth_lib.bcrypt_check_password(
+        pw, hashed_pw, '3><7R45417')
+    assert not auth_lib.bcrypt_check_password(
+        'notthepassword', hashed_pw, '3><7R45417')
+
+
+@pytest.fixture()
+def context_modified_app(request):
+    return get_app(
+        request,
+        mgoblin_config=pkg_resources.resource_filename(
+            'mediagoblin.tests', 'basic_auth_appconfig.ini'))
+
+
+def test_fp_view(context_modified_app):
+    ### Oops, forgot the password
+    # -------------------
+    ## Register a user
+    fixture_add_user(active_user=True)
+
+    template.clear_test_template_context()
+    response = context_modified_app.post(
+        '/auth/forgot_password/',
+        {'username': u'chris'})
+    response.follow()
+
+    ## Did we redirect to the proper page?  Use the right template?
+    assert urlparse.urlsplit(response.location)[2] == '/auth/login/'
+    assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT
+
+    ## Make sure link to change password is sent by email
+    assert len(mail.EMAIL_TEST_INBOX) == 1
+    message = mail.EMAIL_TEST_INBOX.pop()
+    assert message['To'] == 'chris@example.com'
+    email_context = template.TEMPLATE_TEST_CONTEXT[
+        'mediagoblin/auth/fp_verification_email.txt']
+    #TODO - change the name of verification_url to something
+    # forgot-password-ish
+    assert email_context['verification_url'] in \
+        message.get_payload(decode=True)
+
+    path = urlparse.urlsplit(email_context['verification_url'])[2]
+    get_params = urlparse.urlsplit(email_context['verification_url'])[3]
+    assert path == u'/auth/forgot_password/verify/'
+    parsed_get_params = urlparse.parse_qs(get_params)
+
+    # user should have matching parameters
+    new_user = mg_globals.database.User.find_one({'username': u'chris'})
+    assert parsed_get_params['userid'] == [unicode(new_user.id)]
+    assert parsed_get_params['token'] == [new_user.fp_verification_key]
+
+    ### The forgotten password token should be set to expire in ~ 10 days
+    # A few ticks have expired so there are only 9 full days left...
+    assert (new_user.fp_token_expire - datetime.datetime.now()).days == 9
+
+    ## Try using a bs password-changing verification key, shouldn't work
+    template.clear_test_template_context()
+    response = context_modified_app.get(
+        "/auth/forgot_password/verify/?userid=%s&token=total_bs" % unicode(
+            new_user.id), status=404)
+    assert response.status.split()[0] == u'404'  # status="404 NOT FOUND"
+
+    ## Try using an expired token to change password, shouldn't work
+    template.clear_test_template_context()
+    new_user = mg_globals.database.User.find_one({'username': u'chris'})
+    real_token_expiration = new_user.fp_token_expire
+    new_user.fp_token_expire = datetime.datetime.now()
+    new_user.save()
+    response = context_modified_app.get("%s?%s" % (path, get_params),
+                                        status=404)
+    assert response.status.split()[0] == u'404'  # status="404 NOT FOUND"
+    new_user.fp_token_expire = real_token_expiration
+    new_user.save()
+
+    ## Verify step 1 of password-change works -- can see form to
+    ## change password
+    template.clear_test_template_context()
+    response = context_modified_app.get("%s?%s" % (path, get_params))
+    assert 'mediagoblin/plugins/basic_auth/change_fp.html' \
+            in template.TEMPLATE_TEST_CONTEXT
+
+    ## Verify step 2.1 of password-change works -- report success to user
+    template.clear_test_template_context()
+    response = context_modified_app.post(
+        '/auth/forgot_password/verify/', {
+            'userid': parsed_get_params['userid'],
+            'password': 'iamveryveryhappy',
+            'token': parsed_get_params['token']})
+    response.follow()
+    assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT
+
+    ## Verify step 2.2 of password-change works -- login w/ new password
+    ## success
+    template.clear_test_template_context()
+    response = context_modified_app.post(
+        '/auth/login/', {
+            'username': u'chris',
+            'password': 'iamveryveryhappy'})
+
+    # User should be redirected
+    response.follow()
+    assert urlparse.urlsplit(response.location)[2] == '/'
+    assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT