Skip to content

Commit ec9fb5a

Browse files
ewdurbinewdurbin
committed
push this a bit more forward 🥚🐣
1 parent c8d399e commit ec9fb5a

File tree

5 files changed

+538
-49
lines changed

5 files changed

+538
-49
lines changed

tests/unit/manage/test_views.py

Lines changed: 49 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -126,9 +126,11 @@ def test_default_response(self, monkeypatch, public_email, expected_public_email
126126
change_pass_cls = pretend.call_recorder(lambda **kw: change_pass_obj)
127127
monkeypatch.setattr(views, "ChangePasswordForm", change_pass_cls)
128128

129-
view = views.ManageAccountViews(request)
129+
view = views.ManageVerifiedAccountViews(request)
130130

131-
monkeypatch.setattr(views.ManageAccountViews, "active_projects", pretend.stub())
131+
monkeypatch.setattr(
132+
views.ManageVerifiedAccountViews, "active_projects", pretend.stub()
133+
)
132134

133135
assert view.default_response == {
134136
"save_account_form": save_account_obj,
@@ -183,7 +185,7 @@ def test_active_projects(self, db_request):
183185
RoleFactory.create(user=user, project=not_an_owner, role_name="Maintainer")
184186
RoleFactory.create(user=another_user, project=not_an_owner, role_name="Owner")
185187

186-
view = views.ManageAccountViews(db_request)
188+
view = views.ManageVerifiedAccountViews(db_request)
187189

188190
assert view.active_projects == [with_sole_owner]
189191

@@ -194,9 +196,9 @@ def test_manage_account(self, monkeypatch):
194196
find_service=lambda *a, **kw: user_service, user=pretend.stub(name=name)
195197
)
196198
monkeypatch.setattr(
197-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
199+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
198200
)
199-
view = views.ManageAccountViews(request)
201+
view = views.ManageVerifiedAccountViews(request)
200202

201203
assert view.manage_account() == view.default_response
202204
assert view.request == request
@@ -224,9 +226,9 @@ def test_save_account(self, monkeypatch, pyramid_request):
224226
)
225227
monkeypatch.setattr(views, "SaveAccountForm", lambda *a, **kw: save_account_obj)
226228
monkeypatch.setattr(
227-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
229+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
228230
)
229-
view = views.ManageAccountViews(pyramid_request)
231+
view = views.ManageVerifiedAccountViews(pyramid_request)
230232

231233
assert isinstance(view.save_account(), HTTPSeeOther)
232234
assert pyramid_request.session.flash.calls == [
@@ -248,9 +250,9 @@ def test_save_account_validation_fails(self, monkeypatch):
248250
save_account_obj = pretend.stub(validate=lambda: False)
249251
monkeypatch.setattr(views, "SaveAccountForm", lambda *a, **kw: save_account_obj)
250252
monkeypatch.setattr(
251-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
253+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
252254
)
253-
view = views.ManageAccountViews(request)
255+
view = views.ManageVerifiedAccountViews(request)
254256

255257
assert view.save_account() == {
256258
**view.default_response,
@@ -298,9 +300,9 @@ def test_add_email(self, monkeypatch, pyramid_request):
298300
)
299301

300302
monkeypatch.setattr(
301-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
303+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
302304
)
303-
view = views.ManageAccountViews(pyramid_request)
305+
view = views.ManageVerifiedAccountViews(pyramid_request)
304306

305307
assert isinstance(view.add_email(), HTTPSeeOther)
306308
assert user_service.add_email.calls == [
@@ -351,9 +353,9 @@ def test_add_email_validation_fails(self, monkeypatch):
351353
monkeypatch.setattr(views, "Email", email_cls)
352354

353355
monkeypatch.setattr(
354-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
356+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
355357
)
356-
view = views.ManageAccountViews(request)
358+
view = views.ManageVerifiedAccountViews(request)
357359

358360
assert view.add_email() == {
359361
**view.default_response,
@@ -388,9 +390,9 @@ def test_delete_email(self, monkeypatch):
388390
path="request-path",
389391
)
390392
monkeypatch.setattr(
391-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
393+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
392394
)
393-
view = views.ManageAccountViews(request)
395+
view = views.ManageVerifiedAccountViews(request)
394396

395397
assert isinstance(view.delete_email(), HTTPSeeOther)
396398
assert request.session.flash.calls == [
@@ -423,9 +425,9 @@ def raise_no_result():
423425
session=pretend.stub(flash=pretend.call_recorder(lambda *a, **kw: None)),
424426
)
425427
monkeypatch.setattr(
426-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
428+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
427429
)
428-
view = views.ManageAccountViews(request)
430+
view = views.ManageVerifiedAccountViews(request)
429431

430432
assert view.delete_email() == view.default_response
431433
assert request.session.flash.calls == [
@@ -448,9 +450,9 @@ def test_delete_email_is_primary(self, monkeypatch):
448450
session=pretend.stub(flash=pretend.call_recorder(lambda *a, **kw: None)),
449451
)
450452
monkeypatch.setattr(
451-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
453+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
452454
)
453-
view = views.ManageAccountViews(request)
455+
view = views.ManageVerifiedAccountViews(request)
454456

455457
assert view.delete_email() == view.default_response
456458
assert request.session.flash.calls == [
@@ -471,9 +473,9 @@ def test_change_primary_email(self, monkeypatch, db_request):
471473
db_request.POST = {"primary_email_id": str(new_primary.id)}
472474
db_request.session.flash = pretend.call_recorder(lambda *a, **kw: None)
473475
monkeypatch.setattr(
474-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
476+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
475477
)
476-
view = views.ManageAccountViews(db_request)
478+
view = views.ManageVerifiedAccountViews(db_request)
477479

478480
send_email = pretend.call_recorder(lambda *a, **kw: None)
479481
monkeypatch.setattr(views, "send_primary_email_change_email", send_email)
@@ -509,9 +511,9 @@ def test_change_primary_email_without_current(self, monkeypatch, db_request):
509511
db_request.POST = {"primary_email_id": str(new_primary.id)}
510512
db_request.session.flash = pretend.call_recorder(lambda *a, **kw: None)
511513
monkeypatch.setattr(
512-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
514+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
513515
)
514-
view = views.ManageAccountViews(db_request)
516+
view = views.ManageVerifiedAccountViews(db_request)
515517

516518
send_email = pretend.call_recorder(lambda *a: None)
517519
monkeypatch.setattr(views, "send_primary_email_change_email", send_email)
@@ -542,9 +544,9 @@ def test_change_primary_email_not_found(self, monkeypatch, db_request):
542544
db_request.POST = {"primary_email_id": str(missing_email_id)}
543545
db_request.session.flash = pretend.call_recorder(lambda *a, **kw: None)
544546
monkeypatch.setattr(
545-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
547+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
546548
)
547-
view = views.ManageAccountViews(db_request)
549+
view = views.ManageVerifiedAccountViews(db_request)
548550

549551
assert view.change_primary_email() == view.default_response
550552
assert db_request.session.flash.calls == [
@@ -582,9 +584,9 @@ def test_reverify_email(self, monkeypatch):
582584
send_email = pretend.call_recorder(lambda *a: None)
583585
monkeypatch.setattr(views, "send_email_verification_email", send_email)
584586
monkeypatch.setattr(
585-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
587+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
586588
)
587-
view = views.ManageAccountViews(request)
589+
view = views.ManageVerifiedAccountViews(request)
588590

589591
assert isinstance(view.reverify_email(), HTTPSeeOther)
590592
assert request.session.flash.calls == [
@@ -628,9 +630,9 @@ def test_reverify_email_ratelimit_exceeded(self, monkeypatch):
628630
send_email = pretend.call_recorder(lambda *a: None)
629631
monkeypatch.setattr(views, "send_email_verification_email", send_email)
630632
monkeypatch.setattr(
631-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
633+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
632634
)
633-
view = views.ManageAccountViews(request)
635+
view = views.ManageVerifiedAccountViews(request)
634636

635637
assert isinstance(view.reverify_email(), HTTPSeeOther)
636638
assert request.session.flash.calls == [
@@ -664,9 +666,9 @@ def raise_no_result():
664666
send_email = pretend.call_recorder(lambda *a: None)
665667
monkeypatch.setattr(views, "send_email_verification_email", send_email)
666668
monkeypatch.setattr(
667-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
669+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
668670
)
669-
view = views.ManageAccountViews(request)
671+
view = views.ManageVerifiedAccountViews(request)
670672

671673
assert view.reverify_email() == view.default_response
672674
assert request.session.flash.calls == [
@@ -692,9 +694,9 @@ def test_reverify_email_already_verified(self, monkeypatch):
692694
send_email = pretend.call_recorder(lambda *a: None)
693695
monkeypatch.setattr(views, "send_email_verification_email", send_email)
694696
monkeypatch.setattr(
695-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
697+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
696698
)
697-
view = views.ManageAccountViews(request)
699+
view = views.ManageVerifiedAccountViews(request)
698700

699701
assert isinstance(view.reverify_email(), HTTPSeeOther)
700702
assert request.session.flash.calls == [
@@ -743,9 +745,9 @@ def test_change_password(self, monkeypatch):
743745
send_email = pretend.call_recorder(lambda *a: None)
744746
monkeypatch.setattr(views, "send_password_change_email", send_email)
745747
monkeypatch.setattr(
746-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
748+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
747749
)
748-
view = views.ManageAccountViews(request)
750+
view = views.ManageVerifiedAccountViews(request)
749751

750752
assert isinstance(view.change_password(), HTTPSeeOther)
751753
assert request.session.flash.calls == [
@@ -792,9 +794,9 @@ def test_change_password_validation_fails(self, monkeypatch):
792794
send_email = pretend.call_recorder(lambda *a: None)
793795
monkeypatch.setattr(views, "send_password_change_email", send_email)
794796
monkeypatch.setattr(
795-
views.ManageAccountViews, "default_response", {"_": pretend.stub()}
797+
views.ManageVerifiedAccountViews, "default_response", {"_": pretend.stub()}
796798
)
797-
view = views.ManageAccountViews(request)
799+
view = views.ManageVerifiedAccountViews(request)
798800

799801
assert view.change_password() == {
800802
**view.default_response,
@@ -820,16 +822,16 @@ def test_delete_account(self, monkeypatch, db_request):
820822
monkeypatch.setattr(views, "ConfirmPasswordForm", confirm_password_cls)
821823

822824
monkeypatch.setattr(
823-
views.ManageAccountViews, "default_response", pretend.stub()
825+
views.ManageVerifiedAccountViews, "default_response", pretend.stub()
824826
)
825-
monkeypatch.setattr(views.ManageAccountViews, "active_projects", [])
827+
monkeypatch.setattr(views.ManageVerifiedAccountViews, "active_projects", [])
826828
send_email = pretend.call_recorder(lambda *a: None)
827829
monkeypatch.setattr(views, "send_account_deletion_email", send_email)
828830
logout_response = pretend.stub()
829831
logout = pretend.call_recorder(lambda *a: logout_response)
830832
monkeypatch.setattr(views, "logout", logout)
831833

832-
view = views.ManageAccountViews(db_request)
834+
view = views.ManageVerifiedAccountViews(db_request)
833835

834836
assert view.delete_account() == logout_response
835837

@@ -853,10 +855,10 @@ def test_delete_account_no_confirm(self, monkeypatch):
853855
)
854856

855857
monkeypatch.setattr(
856-
views.ManageAccountViews, "default_response", pretend.stub()
858+
views.ManageVerifiedAccountViews, "default_response", pretend.stub()
857859
)
858860

859-
view = views.ManageAccountViews(request)
861+
view = views.ManageVerifiedAccountViews(request)
860862

861863
assert view.delete_account() == view.default_response
862864
assert request.session.flash.calls == [
@@ -878,10 +880,10 @@ def test_delete_account_wrong_confirm(self, monkeypatch):
878880
monkeypatch.setattr(views, "ConfirmPasswordForm", confirm_password_cls)
879881

880882
monkeypatch.setattr(
881-
views.ManageAccountViews, "default_response", pretend.stub()
883+
views.ManageVerifiedAccountViews, "default_response", pretend.stub()
882884
)
883885

884-
view = views.ManageAccountViews(request)
886+
view = views.ManageVerifiedAccountViews(request)
885887

886888
assert view.delete_account() == view.default_response
887889
assert request.session.flash.calls == [
@@ -906,13 +908,13 @@ def test_delete_account_has_active_projects(self, monkeypatch):
906908
monkeypatch.setattr(views, "ConfirmPasswordForm", confirm_password_cls)
907909

908910
monkeypatch.setattr(
909-
views.ManageAccountViews, "default_response", pretend.stub()
911+
views.ManageVerifiedAccountViews, "default_response", pretend.stub()
910912
)
911913
monkeypatch.setattr(
912-
views.ManageAccountViews, "active_projects", [pretend.stub()]
914+
views.ManageVerifiedAccountViews, "active_projects", [pretend.stub()]
913915
)
914916

915-
view = views.ManageAccountViews(request)
917+
view = views.ManageVerifiedAccountViews(request)
916918

917919
assert view.delete_account() == view.default_response
918920
assert request.session.flash.calls == [

tests/unit/test_routes.py

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -211,7 +211,20 @@ def add_policy(name, filename):
211211
"/account/verify-project-role/",
212212
domain=warehouse,
213213
),
214+
pretend.call(
215+
"manage.unverified-account", "/manage/unverified-account/", domain=warehouse
216+
),
217+
pretend.call(
218+
"manage.unverified-account.reverify-email",
219+
"/manage/unverified-account/reverify-email",
220+
domain=warehouse,
221+
),
214222
pretend.call("manage.account", "/manage/account/", domain=warehouse),
223+
pretend.call(
224+
"manage.account.reverify-email",
225+
"/manage/account/reverify-email",
226+
domain=warehouse,
227+
),
215228
pretend.call(
216229
"manage.account.publishing", "/manage/account/publishing/", domain=warehouse
217230
),

warehouse/accounts/security_policy.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,8 @@ def _check_for_mfa(request, context) -> WarehouseDenied | None:
213213
"manage.account.totp-provision",
214214
"manage.account.two-factor",
215215
"manage.account.webauthn-provision",
216-
"manage.account.reverify-email",
216+
"manage.unverified-account",
217+
"manage.unverified-account.reverify-email",
217218
]
218219

219220
if (

0 commit comments

Comments
 (0)