def test_404_already_logged_in(self): """The login buttons should not display on the 404 page when the user is logged in""" client = LocalizingClient() # View page as a logged in user client.login(username='******', password='******') response = client.get('/something-doesnt-exist', follow=True) doc = pq(response.content) login_block = doc.find('.socialaccount_providers') eq_(len(login_block), 0) eq_(404, response.status_code) client.logout()
class LoginTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_request_properties(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' r = RequestFactory().get('/users/login', {'next': '/demos/submit'}, HTTP_REFERER='referer-trumped-by-get') eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().post('/users/login', {'next': '/demos/submit'}) eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit') eq_('/demos/submit', _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_no_self_redirects(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' for next in [settings.LOGIN_URL, settings.LOGOUT_URL]: r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_invalid_next_parameter(self, get_current): '''_clean_next_url cleans invalid urls''' get_current.return_value.domain = 'dev.mo.org' for next in self._invalid_nexts(): r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) def _invalid_nexts(self): return ['http://foobar.com/evil/', '//goo.gl/y-bad']
def test_ban_permission(self): """The ban permission controls access to the ban view.""" client = LocalizingClient() admin = User.objects.get(username='******') testuser = User.objects.get(username='******') # testuser doesn't have ban permission, can't ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': admin.id}) resp = client.get(ban_url) eq_(302, resp.status_code) ok_(str(settings.LOGIN_URL) in resp['Location']) client.logout() # admin has ban permission, can ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id}) resp = client.get(ban_url) eq_(200, resp.status_code)
def test_ban_permission(self): """The ban permission controls access to the ban view.""" client = LocalizingClient() admin = User.objects.get(username='******') testuser = User.objects.get(username='******') # testuser doesn't have ban permission, can't ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': admin.id}) resp = client.get(ban_url) eq_(302, resp.status_code) ok_(settings.LOGIN_URL in resp['Location']) client.logout() # admin has ban permission, can ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id}) resp = client.get(ban_url) eq_(200, resp.status_code)
class LoginTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug @mock.patch_object(Site.objects, 'get_current') def test_bad_login_fails_both_backends(self, get_current): get_current.return_value.domain = 'dev.mo.org' self.assertRaises(User.DoesNotExist, User.objects.get, username='******') response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) self.assertContains(response, 'Please enter a correct username and ' 'password.') @mock.patch_object(Site.objects, 'get_current') def test_django_login(self, get_current): get_current.return_value.domain = 'dev.mo.org' response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) doc = pq(response.content) eq_('testuser', doc.find('ul.user-state a:first').text()) @mock.patch_object(Site.objects, 'get_current') def test_django_login_wont_redirect_to_login(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, {'username': '******', 'password': '******', 'next': login_uri}, follow=True) eq_(200, response.status_code) for redirect_url, code in response.redirect_chain: ok_(login_uri not in redirect_url, "Found %s in redirect_chain" % login_uri) doc = pq(response.content) eq_('testuser', doc.find('ul.user-state a:first').text()) @mock.patch_object(Site.objects, 'get_current') def test_logged_in_message(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) response = self.client.get(login_uri, follow=True) eq_(200, response.status_code) doc = pq(response.content) eq_("You are already logged in.", doc.find('article').text()) @mock.patch_object(Site.objects, 'get_current') def test_django_login_redirects_to_next(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) response = self.client.get(login_uri, {'next': '/en-US/demos/submit'}, follow=True) eq_('http://testserver/en-US/demos/submit', response.redirect_chain[0][0]) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_request_properties(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' r = RequestFactory().get('/users/login', {'next': '/demos/submit'}, HTTP_REFERER='referer-trumped-by-get') eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().post('/users/login', {'next': '/demos/submit'}) eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit') eq_('/demos/submit', _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_no_self_redirects(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' for next in [settings.LOGIN_URL, settings.LOGOUT_URL]: r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_invalid_next_parameter(self, get_current): '''_clean_next_url cleans invalid urls''' get_current.return_value.domain = 'dev.mo.org' for next in self._invalid_nexts(): r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_login_invalid_next_parameter(self, get_current): '''Test with an invalid ?next=http://example.com parameter.''' get_current.return_value.domain = 'testserver.com' valid_next = reverse('home', locale=settings.LANGUAGE_CODE) for invalid_next in self._invalid_nexts(): # Verify that _valid_ next parameter is set in form hidden field. response = self.client.get(urlparams(reverse('users.login'), next=invalid_next)) eq_(200, response.status_code) doc = pq(response.content) eq_(valid_next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******', 'next': invalid_next}) eq_(302, response.status_code) eq_('http://testserver' + valid_next, response['location']) self.client.logout() def _invalid_nexts(self): return ['http://foobar.com/evil/', '//goo.gl/y-bad']
class ProfileViewsTest(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'irc_nickname', 'bio', 'interests', 'country', 'format'): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() form['country'] = 'us' form['format'] = 'html' return form @attr('docs_activity') def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find('#profile-head.vcard .nickname').text()) eq_(profile.fullname, doc.find('#profile-head.vcard .fn').text()) eq_(profile.title, doc.find('#profile-head.vcard .title').text()) eq_(profile.organization, doc.find('#profile-head.vcard .org').text()) eq_(profile.location, doc.find('#profile-head.vcard .loc').text()) eq_('IRC: ' + profile.irc_nickname, doc.find('#profile-head.vcard .irc').text()) eq_(profile.bio, doc.find('#profile-head.vcard .bio').text()) def test_my_profile_view(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get('/profile/') eq_(302, resp.status_code) ok_(reverse('users.profile', args=(u.username,)) in resp['Location']) def test_bug_698971(self): """A non-numeric page number should not cause an error""" (user, profile) = create_profile() url = '%s?page=asdf' % reverse('users.profile', args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find('#profile-head .edit .button').length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find('#profile-head .edit #edit-profile') eq_(1, edit_button.length) url = edit_button.attr('href') r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="irc_nickname"]').val()) new_attrs = dict( email='*****@*****.**', fullname="Another Name", title="Another title", organization="Another org", country="us", format="html" ) r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) eq_(new_attrs['fullname'], doc.find('#profile-head .main .fn').text()) eq_(new_attrs['title'], doc.find('#profile-head .info .title').text()) eq_(new_attrs['organization'], doc.find('#profile-head .info .org').text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs['fullname'], profile.fullname) eq_(new_attrs['title'], profile.title) eq_(new_attrs['organization'], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get('/profile/edit') eq_(302, resp.status_code) ok_(reverse('users.profile_edit', args=(u.username,)) in resp['Location']) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find('input#id_beta').attr('checked')) form = self._get_current_form_field_values(doc) form['beta'] = True r = self.client.post(url, form, follow=True) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_('checked', doc.find('input#id_beta').attr('checked')) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u'website': u'http://example.com/', u'twitter': u'http://twitter.com/lmorchard', u'github': u'http://github.com/lmorchard', u'stackoverflow': u'http://stackoverflow.com/users/lmorchard', u'linkedin': u'https://www.linkedin.com/in/testuser', u'mozillians': u'https://mozillians.org/u/testuser', u'facebook': u'https://www.facebook.com/test.user' } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(('websites_%s' % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u'website': u'HAHAHA WHAT IS A WEBSITE', u'twitter': u'http://facebook.com/lmorchard', u'stackoverflow': u'http://overqueueblah.com/users/lmorchard', } form.update(dict(('websites_%s' % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-edit').length) tmpl = '#profile-edit #elsewhere .%s .errorlist' for n in ('website', 'twitter', 'stackoverflow'): eq_(1, doc.find(tmpl % n).length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing'] form = self._get_current_form_field_values(doc) form['interests'] = ', '.join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:interest:', '') for t in p.tags.all_ns('profile:interest:')] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ['css', 'canvas'] form['expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:expertise:', '') for t in p.tags.all_ns('profile:expertise')] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ['css', 'canvas', 'mobile', 'movies'] form['expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('.error #id_expertise').length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,' u'vector,meme,heuristics,harmony,mathesis universalis,' u'symmetry,mathematics,computer graphics,field,chemistry,' u'religion,astronomy,physics,biology,literature,' u'spirituality,Art,Philosophy,Psychology,Business,Music,' u'Computer Science'] form = self._get_current_form_field_values(doc) form['interests'] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find('ul.errorlist li').length) assert ('Ensure this value has at most 255 characters' in doc.find('ul.errorlist li').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context['form'].fields: # if label is localized it's a lazy proxy object ok_(not isinstance( r.context['form'].fields[field].label, basestring), 'Field %s is a string!' % field) def _break(self, url, r): logging.debug("URL %s" % url) logging.debug("STAT %s" % r.status_code) logging.debug("HEAD %s" % r.items()) logging.debug("CONT %s" % r.content) ok_(False) def test_bug_811751_banned_profile(self): """A banned user's profile should not be viewable""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) # Profile viewable if not banned response = self.client.get(url, follow=True) self.assertNotEqual(response.status_code, 403) # Ban User admin = User.objects.get(username='******') testuser = User.objects.get(username='******') ban = UserBan(user=testuser, by=admin, reason='Banned by unit test.', is_active=True) ban.save() # Profile not viewable if banned response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 403) # Admin can view banned user's profile self.client.login(username='******', password='******') response = self.client.get(url, follow=True) self.assertNotEqual(response.status_code, 403)
class ProfileViewsTest(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'irc_nickname', 'bio', 'interests'): form[fn] = doc.find('#profile-edit *[name="profile-%s"]' % fn).val() form['country'] = 'us' form['format'] = 'html' return form @attr('docs_activity') def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find('#profile-head.vcard .nickname').text()) eq_(profile.fullname, doc.find('#profile-head.vcard .fn').text()) eq_(profile.title, doc.find('#profile-head.vcard .title').text()) eq_(profile.organization, doc.find('#profile-head.vcard .org').text()) eq_(profile.location, doc.find('#profile-head.vcard .loc').text()) eq_('IRC: ' + profile.irc_nickname, doc.find('#profile-head.vcard .irc').text()) eq_(profile.bio, doc.find('#profile-head.vcard .bio').text()) def test_my_profile_view(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get(reverse('users.my_profile')) eq_(302, resp.status_code) ok_(reverse('users.profile', args=(u.username,)) in resp['Location']) def test_bug_698971(self): """A non-numeric page number should not cause an error""" user = User.objects.get(username='******') url = '%s?page=asdf' % reverse('users.profile', args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find('#profile-head .edit .button').length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find('#profile-head .edit #edit-profile') eq_(1, edit_button.length) url = edit_button.attr('href') r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="profile-fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="profile-title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="profile-organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="profile-location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="profile-irc_nickname"]').val()) new_attrs = { 'profile-email': '*****@*****.**', 'profile-fullname': "Another Name", 'profile-title': "Another title", 'profile-organization': "Another org", 'profile-country': "us", 'profile-format': "html" } r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) eq_(new_attrs['profile-fullname'], doc.find('#profile-head .main .fn').text()) eq_(new_attrs['profile-title'], doc.find('#profile-head .info .title').text()) eq_(new_attrs['profile-organization'], doc.find('#profile-head .info .org').text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs['profile-fullname'], profile.fullname) eq_(new_attrs['profile-title'], profile.title) eq_(new_attrs['profile-organization'], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get(reverse('users.my_profile_edit')) eq_(302, resp.status_code) ok_(reverse('users.profile_edit', args=(u.username,)) in resp['Location']) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find('input#id_profile-beta').attr('checked')) form = self._get_current_form_field_values(doc) form['profile-beta'] = True r = self.client.post(url, form, follow=True) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_('checked', doc.find('input#id_profile-beta').attr('checked')) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u'website': u'http://example.com/', u'twitter': u'http://twitter.com/lmorchard', u'github': u'http://github.com/lmorchard', u'stackoverflow': u'http://stackoverflow.com/users/lmorchard', u'linkedin': u'https://www.linkedin.com/in/testuser', u'mozillians': u'https://mozillians.org/u/testuser', u'facebook': u'https://www.facebook.com/test.user' } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(('profile-websites_%s' % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="profile-websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u'website': u'HAHAHA WHAT IS A WEBSITE', u'twitter': u'http://facebook.com/lmorchard', u'stackoverflow': u'http://overqueueblah.com/users/lmorchard', } form.update(dict(('profile-websites_%s' % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-edit').length) tmpl = '#profile-edit #profiles .%s .errorlist' for n in ('website', 'twitter', 'stackoverflow'): eq_(1, doc.find(tmpl % n).length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing'] form = self._get_current_form_field_values(doc) form['profile-interests'] = ', '.join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:interest:', '') for t in p.tags.all_ns('profile:interest:')] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ['css', 'canvas'] form['profile-expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:expertise:', '') for t in p.tags.all_ns('profile:expertise')] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ['css', 'canvas', 'mobile', 'movies'] form['profile-expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('.error #id_profile-expertise').length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,' u'vector,meme,heuristics,harmony,mathesis universalis,' u'symmetry,mathematics,computer graphics,field,chemistry,' u'religion,astronomy,physics,biology,literature,' u'spirituality,Art,Philosophy,Psychology,Business,Music,' u'Computer Science'] form = self._get_current_form_field_values(doc) form['profile-interests'] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find('ul.errorlist li').length) assert ('Ensure this value has at most 255 characters' in doc.find('ul.errorlist li').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context['profile_form'].fields: # if label is localized it's a lazy proxy object ok_(not isinstance( r.context['profile_form'].fields[field].label, basestring), 'Field %s is a string!' % field)
class ProfileViewsTest(TestCase): fixtures = ["test_users.json"] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ( "email", "fullname", "title", "organization", "location", "irc_nickname", "bio", "interests", "country", "format", ): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() form["country"] = "us" form["format"] = "html" return form @attr("docs_activity") def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username="******") user = profile.user url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find("#profile-head.vcard .nickname").text()) eq_(profile.fullname, doc.find("#profile-head.vcard .fn").text()) eq_(profile.title, doc.find("#profile-head.vcard .title").text()) eq_(profile.organization, doc.find("#profile-head.vcard .org").text()) eq_(profile.location, doc.find("#profile-head.vcard .loc").text()) eq_("IRC: " + profile.irc_nickname, doc.find("#profile-head.vcard .irc").text()) eq_(profile.bio, doc.find("#profile-head.vcard .bio").text()) def test_my_profile_view(self): u = User.objects.get(username="******") self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get("/profile/") eq_(302, resp.status_code) ok_(reverse("devmo.views.profile_view", args=(u.username,)) in resp["Location"]) def test_bug_698971(self): """A non-numeric page number should not cause an error""" (user, profile) = create_profile() url = "%s?page=asdf" % reverse("devmo.views.profile_view", args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username="******") user = profile.user url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find("#profile-head .edit .button").length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find("#profile-head .edit #edit-profile") eq_(1, edit_button.length) url = edit_button.attr("href") r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="irc_nickname"]').val()) new_attrs = dict( email="*****@*****.**", fullname="Another Name", title="Another title", organization="Another org", country="us", format="html", ) r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) eq_(new_attrs["fullname"], doc.find("#profile-head .main .fn").text()) eq_(new_attrs["title"], doc.find("#profile-head .info .title").text()) eq_(new_attrs["organization"], doc.find("#profile-head .info .org").text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs["fullname"], profile.fullname) eq_(new_attrs["title"], profile.title) eq_(new_attrs["organization"], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username="******") self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get("/profile/edit") eq_(302, resp.status_code) ok_(reverse("devmo.views.profile_edit", args=(u.username,)) in resp["Location"]) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find("input#id_beta").attr("checked")) form = self._get_current_form_field_values(doc) form["beta"] = True r = self.client.post(url, form, follow=True) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_("checked", doc.find("input#id_beta").attr("checked")) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u"website": u"http://example.com/", u"twitter": u"http://twitter.com/lmorchard", u"github": u"http://github.com/lmorchard", u"stackoverflow": u"http://stackoverflow.com/users/lmorchard", u"linkedin": u"https://www.linkedin.com/in/testuser", u"mozillians": u"https://mozillians.org/u/testuser", u"facebook": u"https://www.facebook.com/test.user", } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(("websites_%s" % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u"website": u"HAHAHA WHAT IS A WEBSITE", u"twitter": u"http://facebook.com/lmorchard", u"stackoverflow": u"http://overqueueblah.com/users/lmorchard", } form.update(dict(("websites_%s" % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-edit").length) tmpl = "#profile-edit #elsewhere .%s .errorlist" for n in ("website", "twitter", "stackoverflow"): eq_(1, doc.find(tmpl % n).length) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ["javascript", "css", "canvas", "html", "homebrewing"] form = self._get_current_form_field_values(doc) form["interests"] = ", ".join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace("profile:interest:", "") for t in p.tags.all_ns("profile:interest:")] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ["css", "canvas"] form["expertise"] = ", ".join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace("profile:expertise:", "") for t in p.tags.all_ns("profile:expertise")] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ["css", "canvas", "mobile", "movies"] form["expertise"] = ", ".join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find(".error #id_expertise").length) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [ u"science,Technology,paradox,knowledge,modeling,big data," u"vector,meme,heuristics,harmony,mathesis universalis," u"symmetry,mathematics,computer graphics,field,chemistry," u"religion,astronomy,physics,biology,literature," u"spirituality,Art,Philosophy,Psychology,Business,Music," u"Computer Science" ] form = self._get_current_form_field_values(doc) form["interests"] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find("ul.errorlist li").length) assert "Ensure this value has at most 255 characters" in doc.find("ul.errorlist li").text() @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context["form"].fields: # if label is localized it's a lazy proxy object ok_(not isinstance(r.context["form"].fields[field].label, basestring), "Field %s is a string!" % field) def _break(self, url, r): logging.debug("URL %s" % url) logging.debug("STAT %s" % r.status_code) logging.debug("HEAD %s" % r.items()) logging.debug("CONT %s" % r.content) ok_(False)
class LoginTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug @mock.patch_object(Site.objects, 'get_current') def test_bad_login_fails_both_backends(self, get_current): get_current.return_value.domain = 'dev.mo.org' self.assertRaises(User.DoesNotExist, User.objects.get, username='******') response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) self.assertContains(response, 'Please enter a correct username and ' 'password.') @mock.patch_object(Site.objects, 'get_current') def test_django_login(self, get_current): get_current.return_value.domain = 'dev.mo.org' response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) doc = pq(response.content) eq_('testuser', doc.find('ul.user-state a:first').text()) @mock.patch_object(Site.objects, 'get_current') def test_django_login_wont_redirect_to_login(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, { 'username': '******', 'password': '******', 'next': login_uri }, follow=True) eq_(200, response.status_code) for redirect_url, code in response.redirect_chain: ok_(login_uri not in redirect_url, "Found %s in redirect_chain" % login_uri) doc = pq(response.content) eq_('testuser', doc.find('ul.user-state a:first').text()) @mock.patch_object(Site.objects, 'get_current') def test_logged_in_message(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) response = self.client.get(login_uri, follow=True) eq_(200, response.status_code) doc = pq(response.content) eq_("You are already logged in.", doc.find('article').text()) @mock.patch_object(Site.objects, 'get_current') def test_django_login_redirects_to_next(self, get_current): get_current.return_value.domain = 'dev.mo.org' login_uri = reverse('users.login') response = self.client.post(login_uri, { 'username': '******', 'password': '******' }, follow=True) eq_(200, response.status_code) response = self.client.get(login_uri, {'next': '/en-US/demos/submit'}, follow=True) eq_('http://testserver/en-US/demos/submit', response.redirect_chain[0][0]) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_request_properties(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' r = RequestFactory().get('/users/login', {'next': '/demos/submit'}, HTTP_REFERER='referer-trumped-by-get') eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().post('/users/login', {'next': '/demos/submit'}) eq_('/demos/submit', _clean_next_url(r)) r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit') eq_('/demos/submit', _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_no_self_redirects(self, get_current): '''_clean_next_url checks POST, GET, and REFERER''' get_current.return_value.domain = 'dev.mo.org' for next in [settings.LOGIN_URL, settings.LOGOUT_URL]: r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_clean_next_url_invalid_next_parameter(self, get_current): '''_clean_next_url cleans invalid urls''' get_current.return_value.domain = 'dev.mo.org' for next in self._invalid_nexts(): r = RequestFactory().get('/users/login', {'next': next}) eq_(None, _clean_next_url(r)) @mock.patch_object(Site.objects, 'get_current') def test_login_invalid_next_parameter(self, get_current): '''Test with an invalid ?next=http://example.com parameter.''' get_current.return_value.domain = 'testserver.com' valid_next = reverse('home', locale=settings.LANGUAGE_CODE) for invalid_next in self._invalid_nexts(): # Verify that _valid_ next parameter is set in form hidden field. response = self.client.get( urlparams(reverse('users.login'), next=invalid_next)) eq_(200, response.status_code) doc = pq(response.content) eq_(valid_next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post( reverse('users.login'), { 'username': '******', 'password': '******', 'next': invalid_next }) eq_(302, response.status_code) eq_('http://testserver' + valid_next, response['location']) self.client.logout() def _invalid_nexts(self): return ['http://foobar.com/evil/', '//goo.gl/y-bad']