controller.Users.remove_group() now resets the removed user's rate plan to 0. Also fixed broken controller.Users.signup().
Updated unit tests.
This commit is contained in:
parent
71a3b29709
commit
7ee838d46e
|
@ -308,7 +308,7 @@ class Users( object ):
|
||||||
@raise Signup_error: passwords don't match or the username is unavailable
|
@raise Signup_error: passwords don't match or the username is unavailable
|
||||||
@raise Validation_error: one of the arguments is invalid
|
@raise Validation_error: one of the arguments is invalid
|
||||||
"""
|
"""
|
||||||
( user, notebook ) = self.__create_user( username, password, password_repeat, email_bddress )
|
( user, notebook ) = self.__create_user( username, password, password_repeat, email_address )
|
||||||
self.__database.commit()
|
self.__database.commit()
|
||||||
|
|
||||||
# if there's an invite_id, then redeem that invite and redirect to the invite's notebook
|
# if there's an invite_id, then redeem that invite and redirect to the invite's notebook
|
||||||
|
@ -317,7 +317,7 @@ class Users( object ):
|
||||||
if not invite:
|
if not invite:
|
||||||
raise Signup_error( u"The invite is unknown." )
|
raise Signup_error( u"The invite is unknown." )
|
||||||
|
|
||||||
self.convert_invite_to_access( invite, user_id )
|
self.convert_invite_to_access( invite, user.object_id )
|
||||||
redirect = u"/notebooks/%s" % invite.notebook_id
|
redirect = u"/notebooks/%s" % invite.notebook_id
|
||||||
# if there's a requested rate plan, then redirect to the PayPal subscribe page
|
# if there's a requested rate plan, then redirect to the PayPal subscribe page
|
||||||
elif rate_plan and rate_plan > 0:
|
elif rate_plan and rate_plan > 0:
|
||||||
|
@ -751,7 +751,8 @@ class Users( object ):
|
||||||
)
|
)
|
||||||
def remove_group( self, user_id_to_remove, group_id, user_id = None ):
|
def remove_group( self, user_id_to_remove, group_id, user_id = None ):
|
||||||
"""
|
"""
|
||||||
Remove a user's membership from the given group.
|
Remove a user's membership from the given group. For now, this also sets them to the lowest
|
||||||
|
rate plan.
|
||||||
|
|
||||||
@type user_id_to_remove: unicode
|
@type user_id_to_remove: unicode
|
||||||
@param user_id_to_remove: id of the user to remove from the group
|
@param user_id_to_remove: id of the user to remove from the group
|
||||||
|
@ -771,6 +772,11 @@ class Users( object ):
|
||||||
|
|
||||||
self.__database.execute( user.sql_remove_group( group_id ) )
|
self.__database.execute( user.sql_remove_group( group_id ) )
|
||||||
|
|
||||||
|
# setting the user's rate plan to 0 upon group removal prevents a group admin from creating
|
||||||
|
# an unlimited number of users with high-end rate plans
|
||||||
|
user.rate_plan = 0
|
||||||
|
self.__database.save( user )
|
||||||
|
|
||||||
return dict(
|
return dict(
|
||||||
message = u"Group membership for %s has been revoked." % user.username,
|
message = u"Group membership for %s has been revoked." % user.username,
|
||||||
)
|
)
|
||||||
|
|
|
@ -769,9 +769,12 @@ class Test_users( Test_controller ):
|
||||||
|
|
||||||
assert membership is True
|
assert membership is True
|
||||||
|
|
||||||
def test_check_remove_group( self ):
|
def test_remove_group( self ):
|
||||||
self.login2()
|
self.login2()
|
||||||
|
|
||||||
|
self.user.rate_plan = 1
|
||||||
|
self.database.save( self.user )
|
||||||
|
|
||||||
result = self.http_post( "/users/remove_group", dict(
|
result = self.http_post( "/users/remove_group", dict(
|
||||||
user_id_to_remove = self.user.object_id,
|
user_id_to_remove = self.user.object_id,
|
||||||
group_id = self.group.object_id,
|
group_id = self.group.object_id,
|
||||||
|
@ -780,9 +783,15 @@ class Test_users( Test_controller ):
|
||||||
assert u"revoked" in result[ u"message" ]
|
assert u"revoked" in result[ u"message" ]
|
||||||
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == False
|
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == False
|
||||||
|
|
||||||
def test_check_remove_group_without_access( self ):
|
user = self.database.load( User, self.user.object_id )
|
||||||
|
assert user.rate_plan == 0
|
||||||
|
|
||||||
|
def test_remove_group_without_access( self ):
|
||||||
self.login2()
|
self.login2()
|
||||||
|
|
||||||
|
self.user.rate_plan = 1
|
||||||
|
self.database.save( self.user )
|
||||||
|
|
||||||
result = self.http_post( "/users/remove_group", dict(
|
result = self.http_post( "/users/remove_group", dict(
|
||||||
user_id_to_remove = self.user.object_id,
|
user_id_to_remove = self.user.object_id,
|
||||||
group_id = self.group2.object_id,
|
group_id = self.group2.object_id,
|
||||||
|
@ -791,9 +800,15 @@ class Test_users( Test_controller ):
|
||||||
assert u"access" in result[ u"error" ]
|
assert u"access" in result[ u"error" ]
|
||||||
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
||||||
|
|
||||||
def test_check_remove_group_without_admin_access( self ):
|
user = self.database.load( User, self.user.object_id )
|
||||||
|
assert user.rate_plan == 1
|
||||||
|
|
||||||
|
def test_remove_group_without_admin_access( self ):
|
||||||
self.login()
|
self.login()
|
||||||
|
|
||||||
|
self.user.rate_plan = 1
|
||||||
|
self.database.save( self.user )
|
||||||
|
|
||||||
result = self.http_post( "/users/remove_group", dict(
|
result = self.http_post( "/users/remove_group", dict(
|
||||||
user_id_to_remove = self.user.object_id,
|
user_id_to_remove = self.user.object_id,
|
||||||
group_id = self.group.object_id,
|
group_id = self.group.object_id,
|
||||||
|
@ -802,9 +817,15 @@ class Test_users( Test_controller ):
|
||||||
assert u"access" in result[ u"error" ]
|
assert u"access" in result[ u"error" ]
|
||||||
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
||||||
|
|
||||||
def test_check_remove_group_with_unknown_group( self ):
|
user = self.database.load( User, self.user.object_id )
|
||||||
|
assert user.rate_plan == 1
|
||||||
|
|
||||||
|
def test_remove_group_with_unknown_group( self ):
|
||||||
self.login2()
|
self.login2()
|
||||||
|
|
||||||
|
self.user.rate_plan = 1
|
||||||
|
self.database.save( self.user )
|
||||||
|
|
||||||
result = self.http_post( "/users/remove_group", dict(
|
result = self.http_post( "/users/remove_group", dict(
|
||||||
user_id_to_remove = self.user.object_id,
|
user_id_to_remove = self.user.object_id,
|
||||||
group_id = u"unknowngroupid",
|
group_id = u"unknowngroupid",
|
||||||
|
@ -813,9 +834,15 @@ class Test_users( Test_controller ):
|
||||||
assert u"access" in result[ u"error" ]
|
assert u"access" in result[ u"error" ]
|
||||||
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
||||||
|
|
||||||
def test_check_remove_group_with_unknown_user( self ):
|
user = self.database.load( User, self.user.object_id )
|
||||||
|
assert user.rate_plan == 1
|
||||||
|
|
||||||
|
def test_remove_group_with_unknown_user( self ):
|
||||||
self.login2()
|
self.login2()
|
||||||
|
|
||||||
|
self.user.rate_plan = 1
|
||||||
|
self.database.save( self.user )
|
||||||
|
|
||||||
result = self.http_post( "/users/remove_group", dict(
|
result = self.http_post( "/users/remove_group", dict(
|
||||||
user_id_to_remove = u"unknownuserid",
|
user_id_to_remove = u"unknownuserid",
|
||||||
group_id = self.group.object_id,
|
group_id = self.group.object_id,
|
||||||
|
@ -824,6 +851,9 @@ class Test_users( Test_controller ):
|
||||||
assert u"access" in result[ u"error" ]
|
assert u"access" in result[ u"error" ]
|
||||||
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
|
||||||
|
|
||||||
|
user = self.database.load( User, self.user.object_id )
|
||||||
|
assert user.rate_plan == 1
|
||||||
|
|
||||||
def test_send_reset( self ):
|
def test_send_reset( self ):
|
||||||
# trick send_reset() into using a fake SMTP server
|
# trick send_reset() into using a fake SMTP server
|
||||||
Stub_smtp.reset()
|
Stub_smtp.reset()
|
||||||
|
|
Reference in New Issue
Block a user