def test_request_password_change_inactive_user(self): # Create an account, but do not activate it create_account(self.USERNAME, self.PASSWORD, self.EMAIL) request_password_change(self.EMAIL, self.IS_SECURE) # Verify that the activation email was still sent self.assertEqual(len(mail.outbox), 1)
def test_request_password_change_inactive_user(self): # Create an account, but do not activate it create_account(self.USERNAME, self.PASSWORD, self.EMAIL) request_password_change(self.EMAIL, self.IS_SECURE) # Verify that the activation email was still sent self.assertEqual(len(mail.outbox), 1)
def test_unicode_usernames(self, unicode_username): with patch.dict(settings.FEATURES, {'ENABLE_UNICODE_USERNAME': False}): with self.assertRaises(AccountUsernameInvalid): create_account(unicode_username, self.PASSWORD, self.EMAIL) # Feature is disabled, therefore invalid. with patch.dict(settings.FEATURES, {'ENABLE_UNICODE_USERNAME': True}): try: create_account(unicode_username, self.PASSWORD, self.EMAIL) except AccountUsernameInvalid: self.fail(u'The API should accept Unicode username `{unicode_username}`.'.format( unicode_username=unicode_username, ))
def test_request_password_change_inactive_user(self): # Create an account, but do not activate it create_account(self.USERNAME, self.PASSWORD, self.EMAIL) request = RequestFactory().post('/password') request.user = Mock() request.site = SiteFactory() with patch('crum.get_current_request', return_value=request): request_password_change(self.EMAIL, self.IS_SECURE) # Verify that the activation email was still sent self.assertEqual(len(mail.outbox), 1)
def test_normalize_password(self): """ Test that unicode normalization on passwords is happening when a user is created. """ # Set user password to NFKD format so that we can test that it is normalized to # NFKC format upon account creation. create_account(self.USERNAME, unicodedata.normalize('NFKD', u'Ṗŕệṿïệẅ Ṯệẍt'), self.EMAIL) user = User.objects.get(username=self.USERNAME) salt_val = user.password.split('$')[1] expected_user_password = make_password(unicodedata.normalize('NFKC', u'Ṗŕệṿïệẅ Ṯệẍt'), salt_val) self.assertEqual(expected_user_password, user.password)
def test_password_change_inactive_user(self): # Log out the user created during test setup self.client.logout() # Create a second user, but do not activate it create_account(self.ALTERNATE_USERNAME, self.OLD_PASSWORD, self.NEW_EMAIL) # Send the view the email address tied to the inactive user response = self._change_password(email=self.NEW_EMAIL) # Expect that the activation email is still sent, # since the user may have lost the original activation email. self.assertEqual(response.status_code, 200) self.assertEqual(len(mail.outbox), 1)
def test_activate_account_prevent_auth_user_writes(self): activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) with pytest.raises(UserAPIInternalError, message=SYSTEM_MAINTENANCE_MSG): with waffle().override(PREVENT_AUTH_USER_WRITES, True): activate_account(activation_key)
def test_create_account(self): # Create a new account, which should have empty account settings by default. create_account(self.USERNAME, self.PASSWORD, self.EMAIL) # Retrieve the account settings user = User.objects.get(username=self.USERNAME) request = RequestFactory().get("/api/user/v1/accounts/") request.user = user account_settings = get_account_settings(request)[0] # Expect a date joined field but remove it to simplify the following comparison self.assertIsNotNone(account_settings['date_joined']) del account_settings['date_joined'] # Expect all the values to be defaulted self.assertEqual( account_settings, { 'username': self.USERNAME, 'email': self.EMAIL, 'name': u'', 'gender': None, 'goals': None, 'is_active': False, 'level_of_education': None, 'mailing_address': None, 'year_of_birth': None, 'country': None, 'social_links': [], 'bio': None, 'profile_image': { 'has_image': False, 'image_url_full': request.build_absolute_uri('/static/default_50.png'), 'image_url_small': request.build_absolute_uri('/static/default_10.png'), }, 'requires_parental_consent': True, 'language_proficiencies': [], 'account_privacy': PRIVATE_VISIBILITY, 'accomplishments_shared': False, 'extended_profile': [], 'secondary_email': None, 'time_zone': None, 'course_certificates': None, })
def test_login_and_registration_form_already_authenticated(self, url_name): # Create/activate a new account and log in activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) activate_account(activation_key) result = self.client.login(username=self.USERNAME, password=self.PASSWORD) self.assertTrue(result) # Verify that we're redirected to the dashboard response = self.client.get(reverse(url_name)) self.assertRedirects(response, reverse("dashboard"))
def setUp(self): super(StudentAccountUpdateTest, self).setUp() # Create/activate a new account activation_key = create_account(self.USERNAME, self.OLD_PASSWORD, self.OLD_EMAIL) activate_account(activation_key) # Login result = self.client.login(username=self.USERNAME, password=self.OLD_PASSWORD) self.assertTrue(result)
def test_login_and_registration_form_already_authenticated(self, url_name): # Create/activate a new account and log in activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) activate_account(activation_key) result = self.client.login(username=self.USERNAME, password=self.PASSWORD) self.assertTrue(result) # Verify that we're redirected to the dashboard response = self.client.get(reverse(url_name)) self.assertRedirects(response, reverse("dashboard"))
def setUp(self): super(StudentAccountUpdateTest, self).setUp() # Create/activate a new account activation_key = create_account(self.USERNAME, self.OLD_PASSWORD, self.OLD_EMAIL) activate_account(activation_key) # Login result = self.client.login(username=self.USERNAME, password=self.OLD_PASSWORD) self.assertTrue(result)
def test_create_account(self): # Create a new account, which should have empty account settings by default. create_account(self.USERNAME, self.PASSWORD, self.EMAIL) # Retrieve the account settings user = User.objects.get(username=self.USERNAME) request = RequestFactory().get("/api/user/v1/accounts/") request.user = user account_settings = get_account_settings(request)[0] # Expect a date joined field but remove it to simplify the following comparison self.assertIsNotNone(account_settings['date_joined']) del account_settings['date_joined'] # Expect all the values to be defaulted self.assertEqual(account_settings, { 'username': self.USERNAME, 'email': self.EMAIL, 'name': u'', 'gender': None, 'goals': None, 'is_active': False, 'level_of_education': None, 'mailing_address': None, 'year_of_birth': None, 'country': None, 'social_links': [], 'bio': None, 'profile_image': { 'has_image': False, 'image_url_full': request.build_absolute_uri('/static/default_50.png'), 'image_url_small': request.build_absolute_uri('/static/default_10.png'), }, 'requires_parental_consent': True, 'language_proficiencies': [], 'account_privacy': PRIVATE_VISIBILITY, 'accomplishments_shared': False, 'extended_profile': [], 'secondary_email': None, 'time_zone': None, 'course_certificates': None, })
def test_create_account_duplicate_email(django_db_use_migrations): """ Test case for duplicate email constraint Email uniqueness constraints were introduced in a database migration, which we disable in the unit tests to improve the speed of the test suite This test only runs if migrations have been run. django_db_use_migrations is a pytest_django fixture which tells us whether migrations are being used. """ password = '******' email = '*****@*****.**' if django_db_use_migrations: create_account('zappadappadoo', password, email) with pytest.raises( AccountUserAlreadyExists, message='Migrations are being used, but creating an account with duplicate email succeeded!' ): create_account('different_user', password, email)
def test_request_password_change(self): # Create and activate an account activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) activate_account(activation_key) # Request a password change request_password_change(self.EMAIL, self.IS_SECURE) # Verify that one email message has been sent self.assertEqual(len(mail.outbox), 1) # Verify that the body of the message contains something that looks # like an activation link email_body = mail.outbox[0].body result = re.search(r'(?P<url>https?://[^\s]+)', email_body) self.assertIsNot(result, None)
def setUp(self): super(UserAccountUpdateTest, self).setUp() # Create/activate a new account activation_key = create_account(self.USERNAME, self.OLD_PASSWORD, self.OLD_EMAIL) activate_account(activation_key) self.account_recovery = AccountRecoveryFactory.create(user=User.objects.get(email=self.OLD_EMAIL)) self.enable_account_recovery_switch = Switch.objects.create( name=ENABLE_SECONDARY_EMAIL_FEATURE_SWITCH, active=True ) # Login result = self.client.login(username=self.USERNAME, password=self.OLD_PASSWORD) self.assertTrue(result)
def test_activate_account(self): # Create the account, which is initially inactive activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) user = User.objects.get(username=self.USERNAME) request = RequestFactory().get("/api/user/v1/accounts/") request.user = user account = get_account_settings(request)[0] self.assertEqual(self.USERNAME, account["username"]) self.assertEqual(self.EMAIL, account["email"]) self.assertFalse(account["is_active"]) # Activate the account and verify that it is now active activate_account(activation_key) account = get_account_settings(request)[0] self.assertTrue(account['is_active'])
def test_request_password_change(self): # Create and activate an account activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) activate_account(activation_key) # Request a password change request_password_change(self.EMAIL, self.IS_SECURE) # Verify that one email message has been sent self.assertEqual(len(mail.outbox), 1) # Verify that the body of the message contains something that looks # like an activation link email_body = mail.outbox[0].body result = re.search(r'(?P<url>https?://[^\s]+)', email_body) self.assertIsNot(result, None)
def test_request_password_change(self): # Create and activate an account activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) activate_account(activation_key) request = RequestFactory().post('/password') request.user = Mock() request.site = SiteFactory() with patch('crum.get_current_request', return_value=request): # Request a password change request_password_change(self.EMAIL, self.IS_SECURE) # Verify that one email message has been sent self.assertEqual(len(mail.outbox), 1) # Verify that the body of the message contains something that looks # like an activation link email_body = mail.outbox[0].body result = re.search(r'(?P<url>https?://[^\s]+)', email_body) self.assertIsNot(result, None)
def test_create_account_invalid_username(self, invalid_username): create_account(invalid_username, self.PASSWORD, self.EMAIL)
def test_activate_account_prevent_auth_user_writes(self): activation_key = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) with pytest.raises(UserAPIInternalError, message=SYSTEM_MAINTENANCE_MSG): with waffle().override(PREVENT_AUTH_USER_WRITES, True): activate_account(activation_key)
def test_create_account_invalid_username(self, invalid_username): with pytest.raises(AccountRequestError): create_account(invalid_username, self.PASSWORD, self.EMAIL)
def test_create_account_username_password_equal(self): # Username and password cannot be the same create_account(self.USERNAME, self.USERNAME, self.EMAIL)
def test_create_account_duplicate_email(self): create_account(self.USERNAME, self.PASSWORD, self.EMAIL) with self.assertRaises(AccountUserAlreadyExists): create_account('different_user', self.PASSWORD, self.EMAIL)
def test_create_account_invalid_password(self, invalid_password): create_account(self.USERNAME, invalid_password, self.EMAIL)
def test_username_too_long(self): long_username = '******' * (USERNAME_MAX_LENGTH + 1) with self.assertRaises(AccountUsernameInvalid): create_account(long_username, self.PASSWORD, self.EMAIL)
def test_create_account_duplicate_username(self): create_account(self.USERNAME, self.PASSWORD, self.EMAIL) with self.assertRaises(AccountUserAlreadyExists): create_account(self.USERNAME, self.PASSWORD, '*****@*****.**')
def test_create_account_invalid_email(self, invalid_email): create_account(self.USERNAME, self.PASSWORD, invalid_email)
def test_create_account_invalid_password(self, invalid_password): create_account(self.USERNAME, invalid_password, self.EMAIL)
def test_create_account_not_allowed(self): """ Test case to check user creation is forbidden when ALLOW_PUBLIC_ACCOUNT_CREATION feature flag is turned off """ response = create_account(self.USERNAME, self.PASSWORD, self.EMAIL) self.assertEqual(response.status_code, 403)
def test_create_account_invalid_email(self, invalid_email): with pytest.raises(AccountEmailInvalid): create_account(self.USERNAME, self.PASSWORD, invalid_email)
def test_create_account_username_password_equal(self): # Username and password cannot be the same create_account(self.USERNAME, self.USERNAME, self.EMAIL)
def test_create_account_invalid_password(self, invalid_password): with pytest.raises(AccountPasswordInvalid): create_account(self.USERNAME, invalid_password, self.EMAIL)
def test_create_account_invalid_email(self, invalid_email): create_account(self.USERNAME, self.PASSWORD, invalid_email)
def test_create_account_username_password_equal(self): # Username and password cannot be the same with pytest.raises(AccountPasswordInvalid): create_account(self.USERNAME, self.USERNAME, self.EMAIL)
def test_create_account_duplicate_email(self): create_account(self.USERNAME, self.PASSWORD, self.EMAIL) with self.assertRaises(AccountUserAlreadyExists): create_account('different_user', self.PASSWORD, self.EMAIL)
def test_create_account_invalid_username(self, invalid_username): create_account(invalid_username, self.PASSWORD, self.EMAIL)