2 files changed, 76 insertions, 36 deletions
diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py
index 755727f9..48b148dd 100644
--- a/mediagoblin/tests/test_auth.py
+++ b/mediagoblin/tests/test_auth.py
@@ -156,20 +156,15 @@ def test_register_views(test_app):
     assert path == u'/auth/verify_email/'
     parsed_get_params = urlparse.parse_qs(get_params)
 
-    ### user should have these same parameters
-    assert parsed_get_params['userid'] == [
-        unicode(new_user.id)]
-    assert parsed_get_params['token'] == [
-        new_user.verification_key]
-
     ## Try verifying with bs verification key, shouldn't work
     template.clear_test_template_context()
     response = test_app.get(
-        "/auth/verify_email/?userid=%s&token=total_bs" % unicode(
-            new_user.id))
+        "/auth/verify_email/?token=total_bs")
     response.follow()
-    context = template.TEMPLATE_TEST_CONTEXT[
-        'mediagoblin/user_pages/user.html']
+
+    # Correct redirect?
+    assert urlparse.urlsplit(response.location)[2] == '/'
+
     # assert context['verification_successful'] == True
     # TODO: Would be good to test messages here when we can do so...
     new_user = mg_globals.database.User.find_one(
@@ -233,35 +228,17 @@ def test_register_views(test_app):
 
     path = urlparse.urlsplit(email_context['verification_url'])[2]
     get_params = urlparse.urlsplit(email_context['verification_url'])[3]
-    assert path == u'/auth/forgot_password/verify/'
     parsed_get_params = urlparse.parse_qs(get_params)
-
-    # user should have matching parameters
-    new_user = mg_globals.database.User.find_one({'username': u'happygirl'})
-    assert parsed_get_params['userid'] == [unicode(new_user.id)]
-    assert parsed_get_params['token'] == [new_user.fp_verification_key]
-
-    ### The forgotten password token should be set to expire in ~ 10 days
-    # A few ticks have expired so there are only 9 full days left...
-    assert (new_user.fp_token_expire - datetime.datetime.now()).days == 9
+    assert path == u'/auth/forgot_password/verify/'
 
     ## Try using a bs password-changing verification key, shouldn't work
     template.clear_test_template_context()
     response = test_app.get(
-        "/auth/forgot_password/verify/?userid=%s&token=total_bs" % unicode(
-            new_user.id), status=404)
-    assert response.status.split()[0] == u'404' # status="404 NOT FOUND"
+        "/auth/forgot_password/verify/?token=total_bs")
+    response.follow()
 
-    ## Try using an expired token to change password, shouldn't work
-    template.clear_test_template_context()
-    new_user = mg_globals.database.User.find_one({'username': u'happygirl'})
-    real_token_expiration = new_user.fp_token_expire
-    new_user.fp_token_expire = datetime.datetime.now()
-    new_user.save()
-    response = test_app.get("%s?%s" % (path, get_params), status=404)
-    assert response.status.split()[0] == u'404' # status="404 NOT FOUND"
-    new_user.fp_token_expire = real_token_expiration
-    new_user.save()
+    # Correct redirect?
+    assert urlparse.urlsplit(response.location)[2] == '/'
 
     ## Verify step 1 of password-change works -- can see form to change password
     template.clear_test_template_context()
@@ -272,7 +249,6 @@ def test_register_views(test_app):
     template.clear_test_template_context()
     response = test_app.post(
         '/auth/forgot_password/verify/', {
-            'userid': parsed_get_params['userid'],
             'password': 'iamveryveryhappy',
             'token': parsed_get_params['token']})
     response.follow()
diff --git a/mediagoblin/tests/test_edit.py b/mediagoblin/tests/test_edit.py
index 08b4f8cf..2afc519a 100644
--- a/mediagoblin/tests/test_edit.py
+++ b/mediagoblin/tests/test_edit.py
@@ -15,14 +15,14 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import urlparse
-import pytest
 
 from mediagoblin import mg_globals
 from mediagoblin.db.models import User
 from mediagoblin.tests.tools import fixture_add_user
-from mediagoblin.tools import template
+from mediagoblin.tools import template, mail
 from mediagoblin.auth.lib import bcrypt_check_password
 
+
 class TestUserEdit(object):
     def setup(self):
         # set up new user
@@ -141,4 +141,68 @@ class TestUserEdit(object):
         assert form.url.errors == [
             u'This address contains errors']
 
+    def test_email_change(self, test_app):
+        self.login(test_app)
+
+        # Test email already in db
+        template.clear_test_template_context()
+        test_app.post(
+            '/edit/account/', {
+                'new_email': 'chris@example.com',
+                'password': 'toast'})
+
+        # Check form errors
+        context = template.TEMPLATE_TEST_CONTEXT[
+            'mediagoblin/edit/edit_account.html']
+        assert context['form'].new_email.errors == [
+            u'Sorry, a user with that email address already exists.']
+
+        # Test successful email change
+        template.clear_test_template_context()
+        res = test_app.post(
+            '/edit/account/', {
+                'new_email': 'new@example.com',
+                'password': 'toast'})
+        res.follow()
+
+        # Correct redirect?
+        assert urlparse.urlsplit(res.location)[2] == '/u/chris/'
+
+        # Make sure we get email verification and try verifying
+        assert len(mail.EMAIL_TEST_INBOX) == 1
+        message = mail.EMAIL_TEST_INBOX.pop()
+        assert message['To'] == 'new@example.com'
+        email_context = template.TEMPLATE_TEST_CONTEXT[
+            'mediagoblin/edit/verification.txt']
+        assert email_context['verification_url'] in \
+            message.get_payload(decode=True)
+
+        path = urlparse.urlsplit(email_context['verification_url'])[2]
+        assert path == u'/edit/verify_email/'
+
+        ## Try verifying with bs verification key, shouldn't work
+        template.clear_test_template_context()
+        res = test_app.get(
+            "/edit/verify_email/?token=total_bs")
+        res.follow()
+
+        # Correct redirect?
+        assert urlparse.urlsplit(res.location)[2] == '/'
+
+        # Email shouldn't be saved
+        email_in_db = mg_globals.database.User.find_one(
+            {'email': 'new@example.com'})
+        email = User.query.filter_by(username='chris').first().email
+        assert email_in_db is None
+        assert email == 'chris@example.com'
+
+        # Verify email activation works
+        template.clear_test_template_context()
+        get_params = urlparse.urlsplit(email_context['verification_url'])[3]
+        res = test_app.get('%s?%s' % (path, get_params))
+        res.follow()
+
+        # New email saved?
+        email = User.query.filter_by(username='chris').first().email
+        assert email == 'new@example.com'
 # test changing the url inproperly