Ejemplo n.º 1
0
    def test_delete_all_deactivated_user_sessions(self) -> None:

        # Test that no exception is thrown with a logged-out session
        self.login("othello")
        self.assertIn("_auth_user_id", self.client.session)
        self.client_post("/accounts/logout/")
        delete_all_deactivated_user_sessions()
        result = self.client_get("/")
        self.check_rendered_web_public_visitor(result)

        # Test nothing happens to an active user's session
        self.login("othello")
        self.assertIn("_auth_user_id", self.client.session)
        delete_all_deactivated_user_sessions()
        self.assertIn("_auth_user_id", self.client.session)

        # Test that a deactivated session gets logged out
        user_profile_3 = self.example_user("cordelia")
        self.login_user(user_profile_3)
        self.assertIn("_auth_user_id", self.client.session)
        change_user_is_active(user_profile_3, False)
        with self.assertLogs(level="INFO") as info_logs:
            delete_all_deactivated_user_sessions()
        self.assertEqual(
            info_logs.output,
            ["INFO:root:Deactivating session for deactivated user 8"])
        result = self.client_get("/")
        self.check_rendered_web_public_visitor(result)
Ejemplo n.º 2
0
    def create_non_active_user(self, realm: Realm, email: str, name: str) -> UserProfile:
        user = do_create_user(
            email=email, password="******", realm=realm, full_name=name, acting_user=None
        )

        # Doing a full-stack deactivation would be expensive here,
        # and we really only need to flip the flag to get a valid
        # test.
        change_user_is_active(user, False)
        return user
Ejemplo n.º 3
0
def generate_all_emails(request: HttpRequest) -> HttpResponse:
    if not settings.TEST_SUITE:  # nocoverage
        # It's really convenient to automatically inline the email CSS
        # here, since that saves a step when testing out changes to
        # the email CSS.  But we don't run this inside the test suite,
        # because by role, the tests shouldn't be doing a provision-like thing.
        subprocess.check_call(["./scripts/setup/inline_email_css.py"])

    # We import the Django test client inside the view function,
    # because it isn't needed in production elsewhere, and not
    # importing it saves ~50ms of unnecessary manage.py startup time.

    from django.test import Client

    client = Client()

    # write fake data for all variables
    registered_email = "*****@*****.**"
    unregistered_email_1 = "*****@*****.**"
    unregistered_email_2 = "*****@*****.**"
    invite_expires_in_days = settings.INVITATION_LINK_VALIDITY_DAYS
    realm = get_realm("zulip")
    other_realm = Realm.objects.exclude(string_id="zulip").first()
    user = get_user_by_delivery_email(registered_email, realm)
    host_kwargs = {"HTTP_HOST": realm.host}

    # Password reset emails
    # active account in realm
    result = client.post("/accounts/password/reset/",
                         {"email": registered_email}, **host_kwargs)
    assert result.status_code == 302
    # deactivated user
    change_user_is_active(user, False)
    result = client.post("/accounts/password/reset/",
                         {"email": registered_email}, **host_kwargs)
    assert result.status_code == 302
    change_user_is_active(user, True)
    # account on different realm
    assert other_realm is not None
    result = client.post("/accounts/password/reset/",
                         {"email": registered_email},
                         HTTP_HOST=other_realm.host)
    assert result.status_code == 302
    # no account anywhere
    result = client.post("/accounts/password/reset/",
                         {"email": unregistered_email_1}, **host_kwargs)
    assert result.status_code == 302

    # Confirm account email
    result = client.post("/accounts/home/", {"email": unregistered_email_1},
                         **host_kwargs)
    assert result.status_code == 302

    # Find account email
    result = client.post("/accounts/find/", {"emails": registered_email},
                         **host_kwargs)
    assert result.status_code == 302

    # New login email
    logged_in = client.login(dev_auth_username=registered_email, realm=realm)
    assert logged_in

    # New user invite and reminder emails
    stream = get_realm_stream("Denmark", user.realm.id)
    result = client.post(
        "/json/invites",
        {
            "invitee_emails": unregistered_email_2,
            "invite_expires_in_days": invite_expires_in_days,
            "stream_ids": orjson.dumps([stream.id]).decode(),
        },
        **host_kwargs,
    )
    assert result.status_code == 200

    # Verification for new email
    result = client.patch(
        "/json/settings",
        urllib.parse.urlencode({"email": "*****@*****.**"}),
        **host_kwargs)
    assert result.status_code == 200

    # Email change successful
    key = Confirmation.objects.filter(
        type=Confirmation.EMAIL_CHANGE).latest("id").confirmation_key
    url = confirmation_url(key, realm, Confirmation.EMAIL_CHANGE)
    user_profile = get_user_by_delivery_email(registered_email, realm)
    result = client.get(url)
    assert result.status_code == 200

    # Reset the email value so we can run this again
    do_change_user_delivery_email(user_profile, registered_email)

    # Follow up day1 day2 emails for normal user
    enqueue_welcome_emails(user_profile)

    # Follow up day1 day2 emails for admin user
    enqueue_welcome_emails(get_user_by_delivery_email("*****@*****.**", realm),
                           realm_creation=True)

    # Realm reactivation email
    do_send_realm_reactivation_email(realm, acting_user=None)

    return redirect(email_page)