def test_new_user_created_and_invitation_accepted(self):
"""
When SsoBackend creates a new user and an invitation is present, that
invitation should add the user to the invited project
space and accept the invitation
"""
admin_role = StaticRole.domain_admin(self.domain.name)
invitation = Invitation(
domain=self.domain.name,
email='*****@*****.**',
invited_by=self.user.couch_id,
invited_on=datetime.datetime.utcnow(),
role=admin_role.get_qualified_id(),
)
invitation.save()
AsyncSignupRequest.create_from_invitation(invitation)
generator.store_full_name_in_saml_user_data(self.request, 'Isa',
'Baas')
user = auth.authenticate(
request=self.request,
username=invitation.email,
idp_slug=self.idp.slug,
is_handshake_successful=True,
)
self.assertIsNotNone(user)
self.assertEqual(user.username, invitation.email)
self.assertEqual(user.first_name, 'Isa')
self.assertEqual(user.last_name, 'Baas')
self.assertEqual(self.request.sso_new_user_messages['success'], [
f'User account for {invitation.email} created.',
f'You have been added to the "{invitation.domain}" project space.',
])
def test_new_user_created_and_expired_invitation_declined(self):
"""
When SsoBackend creates a new user and an EXPIRED invitation is present,
a new user should still be created, but the invitation should be declined.
"""
invitation = Invitation(
domain=self.domain.name,
email='*****@*****.**',
invited_by=self.user.couch_id,
invited_on=datetime.datetime.utcnow() - relativedelta(months=2),
)
invitation.save()
AsyncSignupRequest.create_from_invitation(invitation)
generator.store_full_name_in_saml_user_data(self.request, 'Zee', 'Bos')
user = auth.authenticate(
request=self.request,
username=invitation.email,
idp_slug=self.idp.slug,
is_handshake_successful=True,
)
self.assertIsNotNone(user)
self.assertEqual(user.username, invitation.email)
self.assertEqual(user.first_name, 'Zee')
self.assertEqual(user.last_name, 'Bos')
self.assertEqual(self.request.sso_new_user_messages['success'], [
f'User account for {invitation.email} created.',
])
self.assertEqual(self.request.sso_new_user_messages['error'], [
'Could not accept invitation because it is expired.',
])
def test_new_user_created_and_data_is_saved(self):
"""
SsoBackend should create a new user if the username passed to does
not exist and the email domain matches an AuthenticatedEmailDomain
for the given IdentityProvider. It should also ensure that any
user data from a registration form and/or the samlUserdata are all
properly saved to the User model.
"""
username = '******'
reg_form = RegisterWebUserForm()
reg_form.cleaned_data = {
'email': username,
'phone_number': '+15555555555',
'project_name': 'test-vault',
'persona': 'Other',
'persona_other': "for tests",
}
generator.store_full_name_in_saml_user_data(self.request, 'Maarten',
'van der Berg')
AsyncSignupRequest.create_from_registration_form(reg_form)
user = auth.authenticate(
request=self.request,
username=username,
idp_slug=self.idp.slug,
is_handshake_successful=True,
)
self.assertIsNotNone(user)
self.assertEqual(user.username, username)
self.assertEqual(user.first_name, 'Maarten')
self.assertEqual(user.last_name, 'van der Berg')
web_user = WebUser.get_by_username(user.username)
self.assertEqual(web_user.phone_numbers[0], '+15555555555')
self.assertEqual(self.request.sso_new_user_messages['success'],
["User account for [email protected] created."])
def test_new_user_with_no_async_signup_request_creates_new_user(self):
"""
There is a use case where brand new users can click on the CommCare HQ
App icon right from their Active Directory home screen. In this case,
we want to create the user's account and then present them with any
project invitations once they have logged in.
"""
username = '******'
generator.store_full_name_in_saml_user_data(self.request, 'Aart',
'Janssen')
user = auth.authenticate(
request=self.request,
username=username,
idp_slug=self.idp.slug,
is_handshake_successful=True,
)
self.assertIsNotNone(user)
self.assertEqual(user.username, username)
self.assertEqual(user.first_name, 'Aart')
self.assertEqual(user.last_name, 'Janssen')
self.assertEqual(self.request.sso_new_user_messages['success'], [
f'User account for {username} created.',
])
def test_new_user_with_capitals_in_username(self):
"""
It is possible for the Identity Provider to supply a username with
uppercase characters in it, which we do not support. If the username
is not made lowercase, a BadValueError and a User.DoesNotExist error
will be thrown during the user creation process. This test ensures
that we process the username correctly.
"""
username = '******'
generator.store_full_name_in_saml_user_data(self.request, 'Hello',
'World')
user = auth.authenticate(
request=self.request,
username=username,
idp_slug=self.idp.slug,
is_handshake_successful=True,
)
self.assertIsNotNone(user)
self.assertEqual(user.username, username.lower())
self.assertEqual(user.first_name, 'Hello')
self.assertEqual(user.last_name, 'World')
self.assertEqual(self.request.sso_new_user_messages['success'], [
f'User account for {username.lower()} created.',
])
