def save(self, *args, **kwargs):
# Get existing person to add Cambridge record to
person = Person.objects.get(pk = self.pk)
# Create CambridgeMember and append person data
myCM = CambridgeMember(
crsid = self.crsid,
subject = self.cleaned_data['subject'],
type = self.cleaned_data['type'],
**person.as_dict())
myCM.save()
if self.cleaned_data.get('college'):
Membership.objects.create(person = person, group = self.cleaned_data['college'], assoctype = "MEM")
def setUp(self):
# Reqd so that PREPEND_WWW in settings doesn't cause all view tests to fail
self.host = "www.testhost"
self.client = Client(HTTP_HOST = self.host)
self.fergus = User.objects.create(
firstname="Fergus",
lastname="Ferrier",
email="*****@*****.**",
password="******",
membershipstatus="OK",
activationlinkkey="imokay")
self.fergus.UpdatePassword(self.fergus.password)
self.fergusperson = Person.objects.get(pk = self.fergus.pk)
self.cambridgeuser = CambridgeMember(
crsid = "gg221",
**self.fergusperson.as_dict())
self.cambridgeuser.save()
self.usertwo = User.objects.create(
firstname="E",
lastname="Parkinson",
email="*****@*****.**",
password="******",
membershipstatus="EP",
activationlinkkey="heythere")
self.usertwo.UpdatePassword(self.usertwo.password)
self.dauser = User.objects.create(
firstname="E",
lastname="Parkinson",
email="*****@*****.**",
membershipstatus="DA",
password="******",
activationlinkkey="imnowhere")
self.dauser.UpdatePassword(self.dauser.password)
class CreationTestCase(TestCase):
def setUp(self):
# Reqd so that PREPEND_WWW in settings doesn't cause all view tests to fail
self.host = "www.testhost"
self.client = Client(HTTP_HOST = self.host)
self.fergus = User.objects.create(
firstname="Fergus",
lastname="Ferrier",
email="*****@*****.**",
password="******",
membershipstatus="OK",
activationlinkkey="imokay")
self.fergus.UpdatePassword(self.fergus.password)
self.fergusperson = Person.objects.get(pk = self.fergus.pk)
self.cambridgeuser = CambridgeMember(
crsid = "gg221",
**self.fergusperson.as_dict())
self.cambridgeuser.save()
self.usertwo = User.objects.create(
firstname="E",
lastname="Parkinson",
email="*****@*****.**",
password="******",
membershipstatus="EP",
activationlinkkey="heythere")
self.usertwo.UpdatePassword(self.usertwo.password)
self.dauser = User.objects.create(
firstname="E",
lastname="Parkinson",
email="*****@*****.**",
membershipstatus="DA",
password="******",
activationlinkkey="imnowhere")
self.dauser.UpdatePassword(self.dauser.password)
# Log in
def test_login(self):
''' One can reach the page '''
response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""]))
self.assertEquals(response.status_code, 200)
self.assertEquals(len(response.cookies), 0)
def test_login_crsid(self):
''' Log in with Raven done '''
# Make sure we get a session cookie
response = self.client.get(reverse('MyPidge.Users.views.Account'))
from django.contrib.sessions.models import Session
# Do lots of faffing to set session!
mysessioncookie = self.client.cookies['sessionid']
mysessionid = mysessioncookie.value
mysession = Session.objects.get(pk = mysessionid)
mysessiondict = mysession.get_decoded()
mysessiondict['raven-crsid'] = self.cambridgeuser.crsid
Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10")
response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""]))
self.assertRedirects(response, reverse('homepage'), host = self.host)
self.assert_('loggedin' in self.client.session)
self.assertEquals(bool(response.cookies.get('spsettings', False)), True)
self.assertEquals(bool(response.cookies.get('sessionid', False)), True)
def test_login_correct(self):
''' Correct auth > a redirect and cookies '''
old_response = self.client.get(reverse('homepage'))
self.assertEquals(len(old_response.cookies), 0)
self.assert_('loggedin' not in self.client.session)
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.fergus.email, 'password': "******"})
self.assertRedirects(response, reverse('homepage'), host = self.host)
self.assert_('loggedin' in self.client.session)
self.assertEquals(bool(response.cookies.get('spsettings', False)), True)
self.assertEquals(bool(response.cookies.get('sessionid', False)), True)
def test_login_correct_redirect(self):
''' Correct auth > a redirect to a specific page and cookies '''
redirecturl = "/HelpMe/Holle/"
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[redirecturl]),
{'email': self.fergus.email, 'password': "******"})
self.assertRedirects(
response,
redirecturl,
target_status_code=404,
host = self.host)
self.assertEquals(bool(response.cookies.get('spsettings', False)), True)
self.assertEquals(bool(response.cookies.get('sessionid', False)), True)
self.assert_('loggedin' in self.client.session)
def test_login_fail(self):
''' Bad credentials > an error message. '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': "*****@*****.**", 'password': "******"})
self.assertContains(response, "Email or password incorrect.", count=1, status_code=200)
def test_login_form(self):
''' Incomplete credentials > an error message. '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'password': "******"})
self.assertContains(response, "This field is required.", count=1, status_code=200)
# self.assertFormError(response, "loginform", None, "This field is required.")
def test_login_already(self):
''' Already logged in just redirects away '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.fergus.email, 'password': "******"})
response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""]))
self.assertRedirects(response, reverse('homepage'), host = self.host)
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.fergus.email, 'password': "******"})
self.assertRedirects(response, reverse('homepage'), host = self.host)
self.assert_('loggedin' in self.client.session)
def test_login_not_activated(self):
''' Correct creds but user not activated '''
self.assert_('activationuserid' not in self.client.session)
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.usertwo.email, 'password': "******"})
self.assertContains(response, "You must activate your account.", count=1, status_code=200)
self.assert_('activationuserid' in self.client.session)
self.assert_('loggedin' not in self.client.session)
def test_login_deactivated(self):
''' Correct creds but user deactivated '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.dauser.email, 'password': "******"})
self.assertContains(response, "This account has been deactivated.", count=1, status_code=200)
self.assert_('loggedin' not in self.client.session)
def test_login_must_login(self):
''' Redirected from a page that requires login '''
# Make sure we get a session cookie
response = self.client.get(reverse('MyPidge.Users.views.Account'))
from django.contrib.sessions.models import Session
# Do lots of faffing to set session!
mysessioncookie = self.client.cookies['sessionid']
mysessionid = mysessioncookie.value
mysession = Session.objects.get(pk = mysessionid)
mysessiondict = mysession.get_decoded()
mysessiondict['login_message'] = "You must log in."
Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10")
response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""]))
self.assertContains(response, mysessiondict['login_message'], count=1, status_code=200)
self.assert_('loggedin' not in self.client.session)
def test_login_already_active(self):
''' Tried activating an already active account. '''
response = self.client.get(
reverse('MyPidge.Users.views.Login', args=[""]),
{'alreadyactive': '1'})
self.assertContains(response, "This account has already been activated.", count=1, status_code=200)
self.assert_('loggedin' not in self.client.session)
# Logout
def test_logout_no_cookies(self):
''' Logout adds a default spsetting cookie, but no session cookie '''
response = self.client.get(reverse('Logout', args=[""]))
self.assertRedirects(response, reverse('homepage'), host = self.host)
self.assert_(bool(response.cookies.get('spsettings', False)))
def test_logout_with_cookies(self):
''' Logout affects server-side session, and leaves a session cookie. '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.fergus.email, 'password': "******"})
self.assertEquals(bool(response.cookies.get('spsettings', False)), True)
self.assertEquals(bool(response.cookies.get('sessionid', False)), True)
response = self.client.get(reverse('Logout', args=[""]))
self.assert_('loggedin' not in self.client.session)
self.assertRedirects(response, reverse('homepage'), host = self.host)
self.assertEquals(bool(response.cookies.get('spsettings', False)), True)
self.assertEquals(bool(response.cookies.get('sessionid', False)), True)
def test_logout_odd_redirect(self):
redirecturl = "/Randommmager/"
response = self.client.get(reverse('Logout', args=[redirecturl]))
self.assertRedirects(response, redirecturl, target_status_code=404, host = self.host)
# Register Form
def test_register(self):
''' One can reach the register page '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails'))
self.assertEquals(response.status_code, 200)
def test_register_post(self):
''' Page with blank post '''
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'))
self.assertEquals(response.status_code, 200)
def test_register_logged_in(self):
''' We're already signed in '''
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.fergus.email, 'password': "******"})
response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails'))
self.assertRedirects(response, reverse('homepage'), host = self.host)
def test_register_crsid_set(self):
''' Register after Raven login '''
# Set User CRSID
response = self.client.get(reverse('MyPidge.Users.views.Account'))
from django.contrib.sessions.models import Session
# Do lots of faffing to set session!
mysessioncookie = self.client.cookies['sessionid']
mysessionid = mysessioncookie.value
mysession = Session.objects.get(pk = mysessionid)
mysessiondict = mysession.get_decoded()
mysessiondict['raven-crsid'] = "ot213"
Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10")
response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails'))
# Includes likely user email
self.assertContains(response, "*****@*****.**", status_code = 200)
self.assertContains(response, "ot213", count = 2, status_code = 200)
def test_register_crsid_data(self):
''' Person already in our system then registers '''
# Create person already
existing = CambridgeMember.objects.create(
firstname = "Fergus",
lastname = "Ferrier",
email = "*****@*****.**",
crsid = "ot213",
subject = "FIN",
type = "U1")
# Set User CRSID
response = self.client.get(reverse('MyPidge.Users.views.Account'))
from django.contrib.sessions.models import Session
# Do lots of faffing to set session!
mysessioncookie = self.client.cookies['sessionid']
mysessionid = mysessioncookie.value
mysession = Session.objects.get(pk = mysessionid)
mysessiondict = mysession.get_decoded()
mysessiondict['raven-crsid'] = "ot213"
Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10")
response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails'))
# Includes likely user email and other data
self.assertContains(response, "*****@*****.**", status_code = 200)
self.assertContains(response, "ot213", count = 2, status_code = 200)
self.assertContains(response, "Fergus", count = 1, status_code = 200)
self.assertContains(response, "Ferrier", count = 1, status_code = 200)
self.assertContains(response, '<option value="FIN" selected="selected">', count = 1, status_code = 200)
self.assertContains(response, '<option value="U1" selected="selected">', count = 1, status_code = 200)
# Post new data
newdata = {
'firstname': "Fergus2",
'lastname': "Ferrier3",
'email': "*****@*****.**",
'password_one': "blowme",
'password_again': "blowme",
'subject': 'NEU',
'type': 'PHD'}
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), newdata)
self.assertEquals(len(mail.outbox), 1)
self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host)
newuser = User.objects.get(email = "*****@*****.**")
self.assertEquals(newuser.firstname, newdata['firstname'])
self.assertEquals(newuser.lastname, newdata['lastname'])
self.assertEquals(newuser.email, newdata['email'])
self.assertEquals(newuser.membershipstatus, "EP")
cammem = newuser.person_ptr.cambridgemember
self.assertEquals(cammem.subject, newdata['subject'])
self.assertEquals(cammem.type, newdata['type'])
# Original Person is now this one - email changed
self.assertRaises(Person.DoesNotExist, Person.objects.get, email = "*****@*****.**")
def test_register_normal(self):
''' Registration without CRSID '''
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), {
'firstname': "Fergus",
'lastname': "Ferrier",
'email': "*****@*****.**",
'password_one': "blowme",
'password_again': "blowme",
})
self.assertEquals(len(mail.outbox), 1)
self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host)
def test_register_all(self):
''' Registration without CRSID - all parameters '''
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), {
'firstname': "Fergus",
'lastname': "Ferrier",
'email': "*****@*****.**",
'password_one': "blowme",
'password_again': "blowme",
'college': 1,
'subject': "FIN",
'boatie': True
})
# Interests not listed
self.assertEquals(len(mail.outbox), 1)
self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host)
def test_register_password_error(self):
''' Mismatching passwords '''
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), {
'firstname': "Fergus",
'lastname': "Ferrier",
'email': "*****@*****.**",
'password_one': "blowme",
'password_again': "blow2me",
'college': 1,
'subject': "FIN",
'boatie': True
})
self.assertContains(response, "The passwords are not the same.", count=1, status_code=200)
def test_register_email_duplicate(self):
''' Mismatching passwords '''
response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), {
'firstname': "Fergus",
'lastname': "Ferrier",
'email': "*****@*****.**",
'password_one': "blowme",
'password_again': "blowme",
'college': 1,
'subject': "FIN",
'boatie': True
})
self.assertContains(response, "User with this Email address already exists.", count=1, status_code=200)
# Resend Activation Email
def test_resend_activation_no_session(self):
''' When there is no session['activationuserid'] '''
response = self.client.post(reverse('MyPidge.Users.views.ResendActivation'))
self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), host = self.host)
def test_resend_activation_session(self):
''' When there is valid session['activationuserid'] '''
response = self.client.post(reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"})
response = self.client.post(reverse('MyPidge.Users.views.ResendActivation'))
self.assertEquals(response.status_code, 200)
self.assertEquals(len(mail.outbox), 1)
def test_resend_activation_not_pending(self):
''' Where user is not in state EP '''
# Sets session activationid
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.usertwo.email, 'password': "******"})
# Now we "activate" the user
self.usertwo.membershipstatus = "OK"
self.usertwo.save()
response = self.client.post(reverse('MyPidge.Users.views.ResendActivation'))
self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), host = self.host)
def test_resend_activation_logged_in(self):
''' Where user is not in state EP and logged in! '''
# Sets session activationid
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.usertwo.email, 'password': "******"})
# Now we "activate" the user
self.usertwo.membershipstatus = "OK"
self.usertwo.save()
response = self.client.post(
reverse('MyPidge.Users.views.Login', args=[""]),
{'email': self.usertwo.email, 'password': "******"})
response = self.client.post(reverse('MyPidge.Users.views.ResendActivation'))
self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), target_status_code=302, host = self.host)
# Activation
def test_activate_blank(self):
''' Blank linkkey > redirect to Activate-Failure '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=[""]))
self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host)
def test_activate_false(self):
''' Linkkey not found > redirect to Activate-Failure '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["nexisthidy"]))
self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host)
def test_activate_active(self):
''' Linkkey for user in OK > redirect to Login page with message '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["imokay"]))
self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=["?alreadyactive"]), host = self.host)
def test_activate_deactive(self):
''' Linkkey for user not in OK or EP > redirect to Activate-Failure '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["imnowhere"]))
self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host)
def test_activate_okay(self):
''' Linkkey for user in EP > activation + login + redirect to Activate-Success '''
response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["heythere"]))
self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationSuccess'), host = self.host)
self.assertEquals(len(mail.outbox), 1)
self.assert_('loggedin' in self.client.session)
# Reset Password
def test_reset(self):
''' Reset Password Renders okay '''
response = self.client.get(reverse('MyPidge.Users.views.ResetPassword'))
self.assertEquals(response.status_code, 200)
def test_reset_real(self):
''' Post real email > email+1, page contains '''
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email})
self.assertContains(response, "Assuming that you entered the email address of a user on our system, a message has been sent to your email address with a link to enable you to reset your password.", count=1, status_code=200)
self.assertEquals(len(mail.outbox), 1)
# Account is still active
self.fergus = User.objects.get(email=self.fergus.email)
self.assertEquals(self.fergus.CheckPassword("password"), True)
def test_reset_false(self):
''' Post false email '''
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': "*****@*****.**"})
self.assertContains(response, "Assuming that you entered the email address of a user on our system, a message has been sent to your email address with a link to enable you to reset your password.", count=1, status_code=200)
self.assertEquals(len(mail.outbox), 0)
def test_reset_logged(self):
''' Logged in > redirects homepage '''
response = self.client.post(reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"})
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email})
self.assertRedirects(response, reverse('homepage'), host = self.host)
# Do password reset
def test_do_reset_none(self):
''' No reset password key '''
response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=[""]))
# Shows bad key page
self.assertContains(response, "I'm afraid that request was invalid. ", count = 1, status_code = 200)
def test_do_reset_bad(self):
''' Bad reset password key '''
response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=["randabidozi"]))
# Shows bad key page
self.assertContains(response, "I'm afraid that request was invalid. ", count = 1, status_code = 200)
def test_do_reset_good(self):
''' Do the password reset thing '''
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email})
# Reload fergus
self.fergus = User.objects.get(email = self.fergus.email)
response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key]))
self.assertContains(response, "Please choose a new password", count = 1, status_code = 200)
def test_do_reset_duplicate(self):
''' Password reset with unmatching passwords '''
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email})
# Reload fergus
self.fergus = User.objects.get(email = self.fergus.email)
response = self.client.post(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key]), {'new_password': "******", 'new_password_again': "huhuhu"})
self.assertContains(response, "The new passwords are not the same", count = 1, status_code = 200)
# Good key + post of new password > log in and redirect to confirmation page and key removed
def test_do_reset_reset(self):
''' Password reset done '''
response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email})
# Reload fergus
self.fergus = User.objects.get(email = self.fergus.email)
response = self.client.post(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key]), {'new_password': "******", 'new_password_again': "hello"})
self.assertRedirects(response, reverse('MyPidge.Users.views.DonePasswordReset'), host = self.host)
# Reload fergus
self.fergus = User.objects.get(email = self.fergus.email)
self.assert_(self.fergus.CheckPassword("hello"))
self.assert_('loggedin' in self.client.session)
