e_dict = {'password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('password_confirmation'):

                try:

                    value['password_confirmation'] = \

                        get_crypt_password(value['password_confirmation'])

                except UnicodeEncodeError:

                    e_dict = {'password_confirmation':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('new_password'):

                try:

                    value['new_password'] = \

                        get_crypt_password(value['new_password'])

                except UnicodeEncodeError:

                    e_dict = {'new_password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            return value

class ValidPasswordsMatch(formencode.validators.FancyValidator):

    def validate_python(self, value, state):

            e_dict = {'password_confirmation':

                   _('Passwords do not match')}

            raise formencode.Invalid('', value, state, error_dict=e_dict)

class ValidAuth(formencode.validators.FancyValidator):

    messages = {

        'invalid_password':_('invalid password'),

        'invalid_login':_('invalid user name'),

        'disabled_account':_('Your account is disabled')

    }

    # error mapping

    e_dict = {'username':messages['invalid_login'],

              'password':messages['invalid_password']}

    e_dict_disable = {'username':messages['disabled_account']}

    def validate_python(self, value, state):

        password = value['password']

        username = value['username']

        user = User.get_by_username(username)

        if authenticate(username, password):

            return value

        else:

#===============================================================================

# FORMS

#===============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

    username = UnicodeString(

                             strip=True,

                             min=1,

                             not_empty=True,

                             messages={

                                'empty':_('Please enter a login'),

                                'tooShort':_('Enter a value %(min)i characters long or more')}

                            )

    password = UnicodeString(

                            strip=True,

                            min=3,

                            not_empty=True,

                            messages={

                                'empty':_('Please enter a password'),

                                'tooShort':_('Enter %(min)i characters or more')}

                                )

    chained_validators = [ValidAuth]

def UserForm(edit=False, old_data={}):

    class _UserForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsername(edit, old_data))

        if edit:

            new_password = All(UnicodeString(strip=True, min=6, not_empty=False))

            admin = StringBoolean(if_missing=False)

        else:

            password = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

    return _UserForm

def UsersGroupForm(edit=False, old_data={}, available_members=[]):

    class _UsersGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsersGroup(edit, old_data))

        users_group_active = StringBoolean(if_missing=False)

        if edit:

            users_group_members = OneOf(available_members, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

    return _UsersGroupForm

def ReposGroupForm(edit=False, old_data={}, available_groups=[]):

    class _ReposGroupForm(formencode.Schema):

        allow_extra_fields = True

        ${self.breadcrumbs()}       

    </div>

    <!-- end box / title -->

    ${h.form(url('users'))}

    <div class="form">

        <!-- fields -->

        <div class="fields">

             <div class="field">

                <div class="label">

                    <label for="username">${_('Username')}:</label>

                </div>

                <div class="input">

                    ${h.text('username',class_='small')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="password">${_('Password')}:</label>

                </div>

                <div class="input">

                    ${h.password('password',class_='small')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="name">${_('First Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('name',class_='small')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="lastname">${_('Last Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('lastname',class_='small')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="email">${_('Email')}:</label>

                </div>

                <div class="input">

                    ${h.text('email',class_='small')}

                    <label for="username">${_('Username')}:</label>

                </div>

                <div class="input">

                    ${h.text('username',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="ldap_dn">${_('LDAP DN')}:</label>

                </div>

                <div class="input">

                    ${h.text('ldap_dn',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="new_password">${_('New password')}:</label>

                </div>

                <div class="input">

                    ${h.password('new_password',class_='medium',autocomplete="off")}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="name">${_('First Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('name',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="lastname">${_('Last Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('lastname',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="email">${_('Email')}:</label>

                </div>

                <div class="input">

                    ${h.text('email',class_='medium')}

             </div>   	    

	        <div class="field">

	            <div class="label">

	                <label>${_('API key')}</label> ${c.user.api_key}

	            </div>

	        </div>	    

	        <div class="fields">

	             <div class="field">

	                <div class="label">

	                    <label for="username">${_('Username')}:</label>

	                </div>

	                <div class="input">

	                    ${h.text('username',class_="medium")}

	                </div>

	             </div>

	             <div class="field">

	                <div class="label">

	                    <label for="new_password">${_('New password')}:</label>

	                </div>

	                <div class="input">

	                    ${h.password('new_password',class_="medium",autocomplete="off")}

	                </div>

	             </div>

	             <div class="field">

	                <div class="label">

	                    <label for="name">${_('First Name')}:</label>

	                </div>

	                <div class="input">

	                    ${h.text('name',class_="medium")}

	                </div>

	             </div>

	             <div class="field">

	                <div class="label">

	                    <label for="lastname">${_('Last Name')}:</label>

	                </div>

	                <div class="input">

	                    ${h.text('lastname',class_="medium")}

	                </div>

	             </div>

	             <div class="field">

	                <div class="label">

	                    <label for="email">${_('Email')}:</label>

	                </div>

	                <div class="input">

	                    ${h.text('email',class_="medium")}

		             %if repo['dbrepo']['private']:

		                <img class="icon" alt="${_('private')}" src="${h.url("/images/icons/lock.png")}"/>

		             %else:

		                <img class="icon" alt="${_('public')}" src="${h.url("/images/icons/lock_open.png")}"/>

		             %endif

		            ${h.link_to(repo['name'], h.url('summary_home',repo_name=repo['name']),class_="repo_name")}

		            %if repo['dbrepo_fork']:

		            	<a href="${h.url('summary_home',repo_name=repo['dbrepo_fork']['repo_name'])}">

		            	<img class="icon" alt="${_('public')}"

		            	title="${_('Fork of')} ${repo['dbrepo_fork']['repo_name']}" 

		            	src="${h.url('/images/icons/arrow_divide.png')}"/></a>

		            %endif		            

		            </td> 

		            <td><span class="tooltip" title="${repo['last_change']}">${("r%s:%s") % (repo['rev'],h.short_id(repo['tip']))}</span></td>

		            <td><a href="${h.url('repo_settings_home',repo_name=repo['name'])}" title="${_('edit')}"><img class="icon" alt="${_('private')}" src="${h.url('/images/icons/application_form_edit.png')}"/></a></td>

		            <td>

	                  ${h.form(url('repo_settings_delete', repo_name=repo['name']),method='delete')}

	                    ${h.submit('remove_%s' % repo['name'],'',class_="delete_icon action_button",onclick="return confirm('Confirm to delete this repository');")}

	                  ${h.end_form()}	            

		            </td>

		        </tr>

		     %endfor

	     %else:

	     	${_('No repositories yet')} 

	     	%if h.HasPermissionAny('hg.admin','hg.create.repository')():

	     	%endif

	     %endif

	     </tbody>

	     </table>

    </div>

</div>

    <script type="text/javascript">

     var D = YAHOO.util.Dom;

     var E = YAHOO.util.Event;

     var S = YAHOO.util.Selector;

     var q_filter = D.get('q_filter');

     var F = YAHOO.namespace('q_filter'); 

     E.on(q_filter,'click',function(){

        q_filter.value = '';

     });

     F.filterTimeout = null;

     F.updateFilter  = function() { 

        // Reset timeout 

        F.filterTimeout = null;

            response = response.follow()

            self.assertTrue("""<h1><a href="/">%s</a></h1>""" % new_title

                        in response.body)

    def test_my_account(self):

        self.log_user()

        response = self.app.get(url('admin_settings_my_account'))

        self.assertTrue('value="test_admin' in response.body)

    def test_my_account_update(self):

        self.log_user()

        new_email = 'new@mail.pl'

        new_name = 'NewName'

        new_lastname = 'NewLastname'

        new_password = 'test123'

        response = self.app.post(url('admin_settings_my_account_update'),

                                 params=dict(_method='put',

                                             username='test_admin',

                                             new_password=new_password,

                                             password='',

                                             name=new_name,

                                             lastname=new_lastname,

                                             email=new_email,))

        response.follow()

        assert 'Your account was updated successfully' in response.session['flash'][0][1], 'no flash message about success of change'

        user = self.sa.query(User).filter(User.username == 'test_admin').one()

        assert user.email == new_email , 'incorrect user email after update got %s vs %s' % (user.email, new_email)

        assert user.name == new_name, 'updated field mismatch %s vs %s' % (user.name, new_name)

        assert user.lastname == new_lastname, 'updated field mismatch %s vs %s' % (user.lastname, new_lastname)

        assert check_password(new_password, user.password) is True, 'password field mismatch %s vs %s' % (user.password, new_password)

        #bring back the admin settings

        old_email = 'test_admin@mail.com'

        old_name = 'RhodeCode'

        old_lastname = 'Admin'

        old_password = 'test12'

        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

                                                            _method='put',

                                                            username='test_admin',

                                                            new_password=old_password,

                                                            password='',

                                                            name=old_name,

                                                            lastname=old_lastname,

                                                            email=old_email,))

        response.follow()

        self.checkSessionFlash(response,

                               'Your account was updated successfully')

        user = self.sa.query(User).filter(User.username == 'test_admin').one()

        assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)

        assert user.email == old_email , 'incorrect user email after update got %s vs %s' % (user.email, old_email)

        assert user.name == old_name, 'updated field mismatch %s vs %s' % (user.name, old_name)

        assert user.lastname == old_lastname, 'updated field mismatch %s vs %s' % (user.lastname, old_lastname)

        assert check_password(old_password, user.password) is True , 'password updated field mismatch %s vs %s' % (user.password, old_password)

    def test_my_account_update_err_email_exists(self):

        self.log_user()

        new_email = 'test_regular@mail.com'#already exisitn email

        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

                                                            _method='put',

                                                            username='test_admin',

                                                            new_password='test12',

                                                            name='NewName',

                                                            lastname='NewLastname',

                                                            email=new_email,))

        assert 'This e-mail address is already taken' in response.body, 'Missing error message about existing email'

    def test_my_account_update_err(self):

        self.log_user('test_regular2', 'test12')

        new_email = 'newmail.pl'

        response = self.app.post(url('admin_settings_my_account_update'), params=dict(

                                                            _method='put',

                                                            username='test_admin',

                                                            new_password='test12',

                                                            name='NewName',

                                                            lastname='NewLastname',

                                                            email=new_email,))

        assert 'An email address must contain a single @' in response.body, 'Missing error message about wrong email'

        assert 'This username already exists' in response.body, 'Missing error message about existing user'

from rhodecode.tests import *

from rhodecode.model.db import User

from rhodecode.lib.auth import check_password

from sqlalchemy.orm.exc import NoResultFound

class TestAdminUsersController(TestController):

    def test_index(self):

        response = self.app.get(url('users'))

        # Test response...

    def test_index_as_xml(self):

        response = self.app.get(url('formatted_users', format='xml'))

    def test_create(self):

        self.log_user()

        username = 'newtestuser'

        password = 'test12'

        name = 'name'

        lastname = 'lastname'

        email = 'mail@mail.com'

        response = self.app.post(url('users'), {'username':username,

                                               'password':password,

                                               'name':name,

                                               'active':True,

                                               'lastname':lastname,

                                               'email':email})

        assert '''created user %s''' % (username) in response.session['flash'][0], 'No flash message about new user'

        new_user = self.sa.query(User).filter(User.username == username).one()

        assert new_user.username == username, 'wrong info about username'

        assert check_password(password, new_user.password) == True , 'wrong info about password'

        assert new_user.name == name, 'wrong info about name'

        assert new_user.lastname == lastname, 'wrong info about lastname'

        assert new_user.email == email, 'wrong info about email'

        response.follow()

        response = response.follow()

        assert """edit">newtestuser</a>""" in response.body

    def test_create_err(self):

        self.log_user()

        self.assertRaises(NoResultFound, get_user), 'found user in database'

    def test_new(self):

        response = self.app.get(url('new_user'))

    def test_new_as_xml(self):

        response = self.app.get(url('formatted_new_user', format='xml'))

    def test_update(self):

        response = self.app.put(url('user', id=1))

    def test_update_browser_fakeout(self):

        response = self.app.post(url('user', id=1), params=dict(_method='put'))

    def test_delete(self):

        self.log_user()

        username = 'newtestuserdeleteme'

        password = 'test12'

        name = 'name'

        lastname = 'lastname'

        email = 'todeletemail@mail.com'

        response = self.app.post(url('users'), {'username':username,

                                               'password':password,

                                               'name':name,

                                               'active':True,

                                               'lastname':lastname,

                                               'email':email})

        response = response.follow()

        new_user = self.sa.query(User).filter(User.username == username).one()

        response = self.app.delete(url('user', id=new_user.user_id))

        assert """successfully deleted user""" in response.session['flash'][0], 'No info about user deletion'

    def test_delete_browser_fakeout(self):

        response = self.app.post(url('user', id=1), params=dict(_method='delete'))

    def test_show(self):

        response = self.app.get(url('user', id=1))

    def test_show_as_xml(self):

        response = self.app.get(url('formatted_user', id=1, format='xml'))

    def test_edit(self):

        response = self.app.get(url('edit_user', id=1))