Re: [pgAdmin4][RM2892] Handle password changes properly if error occurs during sending email

Harshal Dhumal Thu, 30 Nov 2017 05:04:42 -0800

Hi Dave,

Please find patch to fix testsuite.


Changes:
1. Set config parameters SECURITY_RECOVERABLE and SECURITY_CHANGEABLE to
True if SERVER_MODE is True
while running testsuite (Though we have set these parameters to True in
create_app function but regression testsuite
initialises (imports) browser module before the app instance is created.)

2. Updated new URL references in testsuite code.

3. Also I have changed URL */browser/forgot_password* to
*/browser/reset_password* to make it consistent
with flask-security URL (as there is no such URL /forgot in flask-security)


-- 
*Harshal Dhumal*
*Sr. Software Engineer*

EnterpriseDB India: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

On Thu, Nov 30, 2017 at 5:09 PM, Harshal Dhumal <
[email protected]> wrote:

> sure Dave, looking in it now.
>
> --
> *Harshal Dhumal*
> *Sr. Software Engineer*
>
> EnterpriseDB India: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
> On Thu, Nov 30, 2017 at 5:01 PM, Dave Page <[email protected]> wrote:
>
>> Oh, nuts - turns out this breaks the regression tests (the Python API
>> tests) if they're run with SERVER_MODE = True. Can you take a look ASAP
>> please?
>>
>> Traceback (most recent call last):
>>   File "regression/runtests.py", line 325, in <module>
>>     test_utils.login_tester_account(test_client)
>>   File 
>> "/Users/dpage/git/pgadmin4/web/regression/python_test_utils/test_utils.py",
>> line 53, in login_tester_account
>>     follow_redirects=True)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 772, in post
>>     return self.open(*args, **kw)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/testing.py",
>> line 113, in open
>>     follow_redirects=follow_redirects)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 751, in open
>>     environ, buffered=buffered)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 691, in resolve_redirect
>>     buffered=buffered)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/testing.py",
>> line 113, in open
>>     follow_redirects=follow_redirects)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 736, in open
>>     response = self.run_wsgi_app(environ, buffered=buffered)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 659, in run_wsgi_app
>>     rv = run_wsgi_app(self.application, environ, buffered=buffered)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/test.py",
>> line 855, in run_wsgi_app
>>     app_iter = app(environ, start_response)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 2000, in __call__
>>     return self.wsgi_app(environ, start_response)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1991, in wsgi_app
>>     response = self.make_response(self.handle_exception(e))
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1567, in handle_exception
>>     reraise(exc_type, exc_value, tb)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1988, in wsgi_app
>>     response = self.full_dispatch_request()
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1641, in full_dispatch_request
>>     rv = self.handle_user_exception(e)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1544, in handle_user_exception
>>     reraise(exc_type, exc_value, tb)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1639, in full_dispatch_request
>>     rv = self.dispatch_request()
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1625, in dispatch_request
>>     return self.view_functions[rule.endpoint](**req.view_args)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask_login.py",
>> line 792, in decorated_view
>>     return func(*args, **kwargs)
>>   File "/Users/dpage/git/pgadmin4/web/pgadmin/browser/__init__.py", line
>> 527, in index
>>     _=gettext
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/templating.py",
>> line 134, in render_template
>>     context, ctx.app)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/templating.py",
>> line 116, in _render
>>     rv = template.render(context)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/jinja2/environment.py",
>> line 969, in render
>>     return self.environment.handle_exception(exc_info, True)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/jinja2/environment.py",
>> line 742, in handle_exception
>>     reraise(exc_type, exc_value, tb)
>>   File 
>> "/Users/dpage/git/pgadmin4/web/pgadmin/browser/templates/browser/index.html",
>> line 1, in top-level template code
>>     {% extends "base.html" %}
>>   File "/Users/dpage/git/pgadmin4/web/pgadmin/templates/base.html", line
>> 66, in top-level template code
>>     {% block body %}{% endblock %}
>>   File 
>> "/Users/dpage/git/pgadmin4/web/pgadmin/browser/templates/browser/index.html",
>> line 175, in block "body"
>>     '{{ url_for('browser.change_password') }}'
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/helpers.py",
>> line 332, in url_for
>>     return appctx.app.handle_url_build_error(error, endpoint, values)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/app.py",
>> line 1811, in handle_url_build_error
>>     reraise(exc_type, exc_value, tb)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/flask/helpers.py",
>> line 322, in url_for
>>     force_external=external)
>>   File 
>> "/Users/dpage/.virtualenvs/pgadmin4/lib/python2.7/site-packages/werkzeug/routing.py",
>> line 1616, in build
>>     raise BuildError(endpoint, values, method)
>> werkzeug.routing.BuildError: ('browser.change_password', {}, None)
>> make: *** [check-python] Error 1
>>
>> On Thu, Nov 30, 2017 at 11:17 AM, Dave Page <[email protected]> wrote:
>>
>>> Thanks - applied with minor changes to localise the messages and make it
>>> clear to the user that their password wasn't changed if there was an error.
>>>
>>> On Thu, Nov 30, 2017 at 6:11 AM, Harshal Dhumal <
>>> [email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> Unlike flask login-manager flask-security does not provide facility to
>>>> pass custom view
>>>> function to any of callbacks like change/reset/forgot password. So we
>>>> cannot
>>>> handle any exceptions occurred during changing/resetting password.
>>>> Only way we can handle such exceptions is writing our own routes for
>>>> these callbacks and
>>>> add addition code to handle such exceptions.
>>>>
>>>> --
>>>> *Harshal Dhumal*
>>>> *Sr. Software Engineer*
>>>>
>>>> EnterpriseDB India: http://www.enterprisedb.com
>>>> The Enterprise PostgreSQL Company
>>>>
>>>
>>>
>>>
>>> --
>>> Dave Page
>>> Blog: http://pgsnake.blogspot.com
>>> Twitter: @pgsnake
>>>
>>> EnterpriseDB UK: http://www.enterprisedb.com
>>> The Enterprise PostgreSQL Company
>>>
>>
>>
>>
>> --
>> Dave Page
>> Blog: http://pgsnake.blogspot.com
>> Twitter: @pgsnake
>>
>> EnterpriseDB UK: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company
>>
>
>

diff --git a/web/pgadmin/browser/__init__.py b/web/pgadmin/browser/__init__.py
index 459d0d9..608949a 100644
--- a/web/pgadmin/browser/__init__.py
+++ b/web/pgadmin/browser/__init__.py
@@ -769,7 +769,7 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
             user=user, token=token)
 
 
-    @blueprint.route("/forgot_password", endpoint="forgot_password",
+    @blueprint.route("/reset_password", endpoint="forgot_password",
                      methods=['GET', 'POST'])
     @anonymous_user_required
     def forgot_password():
@@ -819,10 +819,10 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
 
 
     # We are not in app context so cannot use url_for('browser.forgot_password')
-    # So hard code the url '/browser/forgot_password' while passing as
+    # So hard code the url '/browser/reset_password' while passing as
     # parameter to slash_url_suffix function.
-    @blueprint.route('/forgot_password' + slash_url_suffix(
-        '/browser/forgot_password', '<token>'),
+    @blueprint.route('/reset_password' + slash_url_suffix(
+        '/browser/reset_password', '<token>'),
                      methods=['GET', 'POST'],
                      endpoint='reset_password')
     @anonymous_user_required
diff --git a/web/pgadmin/browser/tests/test_reset_password.py b/web/pgadmin/browser/tests/test_reset_password.py
index f703498..c17c5e7 100644
--- a/web/pgadmin/browser/tests/test_reset_password.py
+++ b/web/pgadmin/browser/tests/test_reset_password.py
@@ -45,11 +45,11 @@ class ResetPasswordTestCase(BaseTestGenerator):
     def runTest(self):
         """This function checks reset password functionality."""
 
-        response = self.tester.get('/reset')
+        response = self.tester.get('/browser/reset_password')
         self.assertTrue('Recover pgAdmin 4 Password' in response.data.decode(
             'utf-8'))
         response = self.tester.post(
-            '/reset', data=dict(email=self.email),
+            '/browser/reset_password', data=dict(email=self.email),
             follow_redirects=True)
         self.assertTrue(self.respdata in response.data.decode('utf-8'))
 
diff --git a/web/pgadmin/browser/tests/utils.py b/web/pgadmin/browser/tests/utils.py
index 538f39c..3510618 100644
--- a/web/pgadmin/browser/tests/utils.py
+++ b/web/pgadmin/browser/tests/utils.py
@@ -8,11 +8,11 @@
 ##########################################################################
 
 def change_password(self):
-    response = self.tester.get('/change', follow_redirects=True)
+    response = self.tester.get('/browser/change_password', follow_redirects=True)
     self.assertTrue('pgAdmin 4 Password Change' in response.data.decode(
         'utf-8'))
 
-    response = self.tester.post('/change', data=dict(
+    response = self.tester.post('/browser/change_password', data=dict(
         password=self.password,
         new_password=self.new_password,
         new_password_confirm=self.new_password_confirm),
diff --git a/web/regression/runtests.py b/web/regression/runtests.py
index b2f7d9b..abc7f22 100644
--- a/web/regression/runtests.py
+++ b/web/regression/runtests.py
@@ -51,6 +51,12 @@ if sys.path[0] != root:
 
 from pgadmin import create_app
 import config
+
+if config.SERVER_MODE is True:
+    config.SECURITY_RECOVERABLE = True
+    config.SECURITY_CHANGEABLE = True
+    config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password'
+
 from regression import test_setup
 from regression.feature_utils.app_starter import AppStarter

Re: [pgAdmin4][RM2892] Handle password changes properly if error occurs during sending email

Reply via email to