def setUp(self): super().setUp() self.user = create_user(username="******", email="*****@*****.**") self.superuser = create_user( username="******", email="*****@*****.**", is_superuser=True, is_staff=True, )
def setUp(self): self.base_url = reverse("user-list") self.user = create_user(username="******", email="*****@*****.**") self.superuser = create_user( username="******", email="*****@*****.**", is_superuser=True, is_staff=True, )
def test_post_not_set_new_username_if_exists(self): username = "******" create_user(username=username) user = create_user(username="******") data = {"new_username": username, "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) user.refresh_from_db() self.assertNotEqual(user.username, username)
def test_dont_resend_activation_when_no_password(self): user = create_user(is_active=False, password=None) data = {"email": user.email} response = self.client.post(self.base_url, data) self.assert_emails_in_mailbox(0) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
def test_resend_activation_view(self): user = create_user(is_active=False) data = {"email": user.email} response = self.client.post(self.base_url, data) self.assert_email_exists(to=[user.email]) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT)
def test_post_should_not_login_if_user_is_not_active(self): """ In Django >= 1.10 authenticate() returns None if user is inactive, while in Django < 1.10 authenticate() succeeds if user is inactive. """ user = create_user() data = {"username": user.username, "password": user.raw_password} user.is_active = False user.save() user_logged_in.connect(self.signal_receiver) response = self.client.post(self.base_url, data) if django.VERSION >= (1, 10): expected_errors = [ settings.CONSTANTS.messages.INVALID_CREDENTIALS_ERROR ] else: expected_errors = [ settings.CONSTANTS.messages.INACTIVE_ACCOUNT_ERROR ] self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data["non_field_errors"], expected_errors) self.assertFalse(self.signal_sent)
def test_options(self): user = create_user() login_user(self.client, user) response = self.client.options(self.base_url) self.assert_status_equal(response, status.HTTP_200_OK)
def test_resend_activation_view_custom_user(self): user = create_user(use_custom_data=True, is_active=False) data = {"custom_email": get_user_email(user)} response = self.client.post(self.base_url, data) self.assert_emails_in_mailbox(1) self.assert_email_exists(to=[get_user_email(user)]) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT)
def test_post_not_set_new_password_if_wrong_current_password(self): user = create_user() data = {"new_password": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
def test_post_send_email_to_user_with_request_domain_and_site_name(self): user = create_user() data = {"email": user.email} response = self.client.post(self.base_url, data) request = response.wsgi_request self.assertIn(request.get_host(), mail.outbox[0].body)
def test_patch_cant_edit_others_attribute(self): user = create_user() another_user = create_user(**{ "username": "******", "password": "******", "email": "*****@*****.**" }) login_user(self.client, user) response = self.client.patch( path=reverse("user-detail", args=(another_user.pk, )), data={"email": "*****@*****.**"}, ) self.assert_status_equal(response, status.HTTP_404_NOT_FOUND) another_user.refresh_from_db() self.assertTrue(another_user.email == "*****@*****.**")
def test_post_not_set_new_username_if_same(self): user = create_user() data = {"new_username": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) self.assertTrue(user.is_active)
def test_not_delete_if_fails_password_validation(self): user = create_user() self.assert_instance_exists(User, username="******") data = {"current_password": "******"} login_user(self.client, user) response = self.client.delete(self.base_url, data=data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data, {"current_password": ["Invalid password."]})
def test_none_token_model_results_in_no_operation(self): user = create_user() user_logged_out.connect(self.signal_receiver) login_user(self.client, user) response = self.client.post(self.base_url) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) self.assertEqual(response.data, None) self.assertFalse(self.signal_sent)
def test_post_set_new_custom_username(self): user = create_user(use_custom_data=True) data = {"new_custom_username": "******", "current_password": "******"} self.client.force_authenticate(user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) user.refresh_from_db() self.assertEqual(data["new_custom_username"], user.get_username())
def test_post_should_logout_logged_in_user(self): user = create_user() user_logged_out.connect(self.signal_receiver) login_user(self.client, user) response = self.client.post(self.base_url) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) self.assertEqual(response.data, None) self.assertTrue(self.signal_sent)
def test_post_logout_after_password_change(self): user = create_user() data = {"new_password": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) is_logged = Token.objects.filter(user=user).exists() self.assertFalse(is_logged)
def test_post_set_new_username(self): user = create_user() data = {"new_username": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) user.refresh_from_db() self.assertEqual(data["new_username"], user.username)
def test_post_update_username_and_send_activation_email(self): user = create_user() data = {"new_username": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) self.assert_emails_in_mailbox(1) self.assert_email_exists(to=[user.email])
def test_delete_user_if_logged_in(self): user = create_user() self.assert_instance_exists(User, username="******") data = {"current_password": "******"} login_user(self.client, user) response = self.client.delete(self.base_url, data=data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) self.assert_instance_does_not_exist(User, username="******")
def test_post_set_new_password(self): user = create_user() data = {"new_password": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) user.refresh_from_db() self.assertTrue(user.check_password(data["new_password"])) self.assert_emails_in_mailbox(0)
def test_put_cant_edit_others_attribute(self): user = create_user() another_user_data = { "username": "******", "password": "******", "email": "*****@*****.**", } another_user = create_user(**another_user_data) another_user_data["password"] = "******" another_user_data["email"] = "*****@*****.**" login_user(self.client, user) response = self.client.patch(path=reverse("user-detail", args=(another_user.pk, )), data=another_user_data) self.assert_status_equal(response, status.HTTP_404_NOT_FOUND) another_user.refresh_from_db() assert another_user.email, "*****@*****.**"
def test_post_not_set_new_username_if_wrong_current_password(self): user = create_user() orig_username = user.get_username() data = {"new_username": "******", "current_password": "******"} login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) user.refresh_from_db() self.assertEqual(orig_username, user.username)
def test_post_should_send_email_to_user_with_password_reset_link(self): user = create_user() data = {"email": user.email} response = self.client.post(self.base_url, data) request = response.wsgi_request self.assert_status_equal(response, status.HTTP_204_NO_CONTENT) self.assert_emails_in_mailbox(1) self.assert_email_exists(to=[user.email]) site = get_current_site(request) self.assertIn(site.domain, mail.outbox[0].body) self.assertIn(site.name, mail.outbox[0].body)
def test_post_should_not_login_if_invalid_credentials(self): user = create_user() data = {"username": user.username, "password": "******"} user_login_failed.connect(self.signal_receiver) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) self.assertEqual( response.data["non_field_errors"], [settings.CONSTANTS.messages.INVALID_CREDENTIALS_ERROR], ) self.assertTrue(self.signal_sent)
def test_post_not_reset_if_fails_username_validation(self): user = create_user() data = { "uid": djoser.utils.encode_uid(user.pk), "token": default_token_generator.make_token(user), "new_username": "******", "re_new_username": "******", } response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) user.refresh_from_db() self.assertNotEqual(user.username, data["new_username"])
def test_login_using_email(self): user = create_user() previous_last_login = user.last_login data = {"email": user.email, "password": user.raw_password} user_logged_in.connect(self.signal_receiver) response = self.client.post(self.base_url, data) user.refresh_from_db() self.assert_status_equal(response, status.HTTP_200_OK) self.assertEqual(response.data["auth_token"], user.auth_token.key) self.assertNotEqual(user.last_login, previous_last_login) self.assertTrue(self.signal_sent)
def test_post_not_set_new_username_if_invalid(self): user = create_user() data = { "new_username": "******", "current_password": "******" } login_user(self.client, user) response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) user.refresh_from_db() self.assertNotEqual(user.username, data["new_username"])
def test_patch_edits_user_attribute(self): user = create_user() login_user(self.client, user) response = self.client.patch( path=reverse("user-detail", args=(user.pk, )), data={"email": "*****@*****.**"}, ) self.assert_status_equal(response, status.HTTP_200_OK) self.assertTrue("email" in response.data) user.refresh_from_db() self.assertTrue(user.email == "*****@*****.**")
def test_post_not_set_new_password_if_user_does_not_exist(self): user = create_user() data = { "uid": djoser.utils.encode_uid(user.pk + 1), "token": default_token_generator.make_token(user), "new_password": "******", } response = self.client.post(self.base_url, data) self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST) self.assertIn("uid", response.data) user.refresh_from_db() self.assertFalse(user.check_password(data["new_password"]))