def save(self, *args, **kwargs): # Get existing person to add Cambridge record to person = Person.objects.get(pk = self.pk) # Create CambridgeMember and append person data myCM = CambridgeMember( crsid = self.crsid, subject = self.cleaned_data['subject'], type = self.cleaned_data['type'], **person.as_dict()) myCM.save() if self.cleaned_data.get('college'): Membership.objects.create(person = person, group = self.cleaned_data['college'], assoctype = "MEM")
class CreationTestCase(TestCase): def setUp(self): # Reqd so that PREPEND_WWW in settings doesn't cause all view tests to fail self.host = "www.testhost" self.client = Client(HTTP_HOST = self.host) self.fergus = User.objects.create( firstname="Fergus", lastname="Ferrier", email="*****@*****.**", password="******", membershipstatus="OK", activationlinkkey="imokay") self.fergus.UpdatePassword(self.fergus.password) self.fergusperson = Person.objects.get(pk = self.fergus.pk) self.cambridgeuser = CambridgeMember( crsid = "gg221", **self.fergusperson.as_dict()) self.cambridgeuser.save() self.usertwo = User.objects.create( firstname="E", lastname="Parkinson", email="*****@*****.**", password="******", membershipstatus="EP", activationlinkkey="heythere") self.usertwo.UpdatePassword(self.usertwo.password) self.dauser = User.objects.create( firstname="E", lastname="Parkinson", email="*****@*****.**", membershipstatus="DA", password="******", activationlinkkey="imnowhere") self.dauser.UpdatePassword(self.dauser.password) # Log in def test_login(self): ''' One can reach the page ''' response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""])) self.assertEquals(response.status_code, 200) self.assertEquals(len(response.cookies), 0) def test_login_crsid(self): ''' Log in with Raven done ''' # Make sure we get a session cookie response = self.client.get(reverse('MyPidge.Users.views.Account')) from django.contrib.sessions.models import Session # Do lots of faffing to set session! mysessioncookie = self.client.cookies['sessionid'] mysessionid = mysessioncookie.value mysession = Session.objects.get(pk = mysessionid) mysessiondict = mysession.get_decoded() mysessiondict['raven-crsid'] = self.cambridgeuser.crsid Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10") response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""])) self.assertRedirects(response, reverse('homepage'), host = self.host) self.assert_('loggedin' in self.client.session) self.assertEquals(bool(response.cookies.get('spsettings', False)), True) self.assertEquals(bool(response.cookies.get('sessionid', False)), True) def test_login_correct(self): ''' Correct auth > a redirect and cookies ''' old_response = self.client.get(reverse('homepage')) self.assertEquals(len(old_response.cookies), 0) self.assert_('loggedin' not in self.client.session) response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) self.assertRedirects(response, reverse('homepage'), host = self.host) self.assert_('loggedin' in self.client.session) self.assertEquals(bool(response.cookies.get('spsettings', False)), True) self.assertEquals(bool(response.cookies.get('sessionid', False)), True) def test_login_correct_redirect(self): ''' Correct auth > a redirect to a specific page and cookies ''' redirecturl = "/HelpMe/Holle/" response = self.client.post( reverse('MyPidge.Users.views.Login', args=[redirecturl]), {'email': self.fergus.email, 'password': "******"}) self.assertRedirects( response, redirecturl, target_status_code=404, host = self.host) self.assertEquals(bool(response.cookies.get('spsettings', False)), True) self.assertEquals(bool(response.cookies.get('sessionid', False)), True) self.assert_('loggedin' in self.client.session) def test_login_fail(self): ''' Bad credentials > an error message. ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': "*****@*****.**", 'password': "******"}) self.assertContains(response, "Email or password incorrect.", count=1, status_code=200) def test_login_form(self): ''' Incomplete credentials > an error message. ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'password': "******"}) self.assertContains(response, "This field is required.", count=1, status_code=200) # self.assertFormError(response, "loginform", None, "This field is required.") def test_login_already(self): ''' Already logged in just redirects away ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""])) self.assertRedirects(response, reverse('homepage'), host = self.host) response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) self.assertRedirects(response, reverse('homepage'), host = self.host) self.assert_('loggedin' in self.client.session) def test_login_not_activated(self): ''' Correct creds but user not activated ''' self.assert_('activationuserid' not in self.client.session) response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"}) self.assertContains(response, "You must activate your account.", count=1, status_code=200) self.assert_('activationuserid' in self.client.session) self.assert_('loggedin' not in self.client.session) def test_login_deactivated(self): ''' Correct creds but user deactivated ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.dauser.email, 'password': "******"}) self.assertContains(response, "This account has been deactivated.", count=1, status_code=200) self.assert_('loggedin' not in self.client.session) def test_login_must_login(self): ''' Redirected from a page that requires login ''' # Make sure we get a session cookie response = self.client.get(reverse('MyPidge.Users.views.Account')) from django.contrib.sessions.models import Session # Do lots of faffing to set session! mysessioncookie = self.client.cookies['sessionid'] mysessionid = mysessioncookie.value mysession = Session.objects.get(pk = mysessionid) mysessiondict = mysession.get_decoded() mysessiondict['login_message'] = "You must log in." Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10") response = self.client.get(reverse('MyPidge.Users.views.Login', args=[""])) self.assertContains(response, mysessiondict['login_message'], count=1, status_code=200) self.assert_('loggedin' not in self.client.session) def test_login_already_active(self): ''' Tried activating an already active account. ''' response = self.client.get( reverse('MyPidge.Users.views.Login', args=[""]), {'alreadyactive': '1'}) self.assertContains(response, "This account has already been activated.", count=1, status_code=200) self.assert_('loggedin' not in self.client.session) # Logout def test_logout_no_cookies(self): ''' Logout adds a default spsetting cookie, but no session cookie ''' response = self.client.get(reverse('Logout', args=[""])) self.assertRedirects(response, reverse('homepage'), host = self.host) self.assert_(bool(response.cookies.get('spsettings', False))) def test_logout_with_cookies(self): ''' Logout affects server-side session, and leaves a session cookie. ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) self.assertEquals(bool(response.cookies.get('spsettings', False)), True) self.assertEquals(bool(response.cookies.get('sessionid', False)), True) response = self.client.get(reverse('Logout', args=[""])) self.assert_('loggedin' not in self.client.session) self.assertRedirects(response, reverse('homepage'), host = self.host) self.assertEquals(bool(response.cookies.get('spsettings', False)), True) self.assertEquals(bool(response.cookies.get('sessionid', False)), True) def test_logout_odd_redirect(self): redirecturl = "/Randommmager/" response = self.client.get(reverse('Logout', args=[redirecturl])) self.assertRedirects(response, redirecturl, target_status_code=404, host = self.host) # Register Form def test_register(self): ''' One can reach the register page ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails')) self.assertEquals(response.status_code, 200) def test_register_post(self): ''' Page with blank post ''' response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails')) self.assertEquals(response.status_code, 200) def test_register_logged_in(self): ''' We're already signed in ''' response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails')) self.assertRedirects(response, reverse('homepage'), host = self.host) def test_register_crsid_set(self): ''' Register after Raven login ''' # Set User CRSID response = self.client.get(reverse('MyPidge.Users.views.Account')) from django.contrib.sessions.models import Session # Do lots of faffing to set session! mysessioncookie = self.client.cookies['sessionid'] mysessionid = mysessioncookie.value mysession = Session.objects.get(pk = mysessionid) mysessiondict = mysession.get_decoded() mysessiondict['raven-crsid'] = "ot213" Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10") response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails')) # Includes likely user email self.assertContains(response, "*****@*****.**", status_code = 200) self.assertContains(response, "ot213", count = 2, status_code = 200) def test_register_crsid_data(self): ''' Person already in our system then registers ''' # Create person already existing = CambridgeMember.objects.create( firstname = "Fergus", lastname = "Ferrier", email = "*****@*****.**", crsid = "ot213", subject = "FIN", type = "U1") # Set User CRSID response = self.client.get(reverse('MyPidge.Users.views.Account')) from django.contrib.sessions.models import Session # Do lots of faffing to set session! mysessioncookie = self.client.cookies['sessionid'] mysessionid = mysessioncookie.value mysession = Session.objects.get(pk = mysessionid) mysessiondict = mysession.get_decoded() mysessiondict['raven-crsid'] = "ot213" Session.objects.save(mysessionid, mysessiondict, "2009-10-10 10:10:10") response = self.client.get(reverse('MyPidge.Users.views.RegisterDetails')) # Includes likely user email and other data self.assertContains(response, "*****@*****.**", status_code = 200) self.assertContains(response, "ot213", count = 2, status_code = 200) self.assertContains(response, "Fergus", count = 1, status_code = 200) self.assertContains(response, "Ferrier", count = 1, status_code = 200) self.assertContains(response, '<option value="FIN" selected="selected">', count = 1, status_code = 200) self.assertContains(response, '<option value="U1" selected="selected">', count = 1, status_code = 200) # Post new data newdata = { 'firstname': "Fergus2", 'lastname': "Ferrier3", 'email': "*****@*****.**", 'password_one': "blowme", 'password_again': "blowme", 'subject': 'NEU', 'type': 'PHD'} response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), newdata) self.assertEquals(len(mail.outbox), 1) self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host) newuser = User.objects.get(email = "*****@*****.**") self.assertEquals(newuser.firstname, newdata['firstname']) self.assertEquals(newuser.lastname, newdata['lastname']) self.assertEquals(newuser.email, newdata['email']) self.assertEquals(newuser.membershipstatus, "EP") cammem = newuser.person_ptr.cambridgemember self.assertEquals(cammem.subject, newdata['subject']) self.assertEquals(cammem.type, newdata['type']) # Original Person is now this one - email changed self.assertRaises(Person.DoesNotExist, Person.objects.get, email = "*****@*****.**") def test_register_normal(self): ''' Registration without CRSID ''' response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), { 'firstname': "Fergus", 'lastname': "Ferrier", 'email': "*****@*****.**", 'password_one': "blowme", 'password_again': "blowme", }) self.assertEquals(len(mail.outbox), 1) self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host) def test_register_all(self): ''' Registration without CRSID - all parameters ''' response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), { 'firstname': "Fergus", 'lastname': "Ferrier", 'email': "*****@*****.**", 'password_one': "blowme", 'password_again': "blowme", 'college': 1, 'subject': "FIN", 'boatie': True }) # Interests not listed self.assertEquals(len(mail.outbox), 1) self.assertRedirects(response, reverse('MyPidge.Users.views.RegisterEmailSent'), host = self.host) def test_register_password_error(self): ''' Mismatching passwords ''' response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), { 'firstname': "Fergus", 'lastname': "Ferrier", 'email': "*****@*****.**", 'password_one': "blowme", 'password_again': "blow2me", 'college': 1, 'subject': "FIN", 'boatie': True }) self.assertContains(response, "The passwords are not the same.", count=1, status_code=200) def test_register_email_duplicate(self): ''' Mismatching passwords ''' response = self.client.post(reverse('MyPidge.Users.views.RegisterDetails'), { 'firstname': "Fergus", 'lastname': "Ferrier", 'email': "*****@*****.**", 'password_one': "blowme", 'password_again': "blowme", 'college': 1, 'subject': "FIN", 'boatie': True }) self.assertContains(response, "User with this Email address already exists.", count=1, status_code=200) # Resend Activation Email def test_resend_activation_no_session(self): ''' When there is no session['activationuserid'] ''' response = self.client.post(reverse('MyPidge.Users.views.ResendActivation')) self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), host = self.host) def test_resend_activation_session(self): ''' When there is valid session['activationuserid'] ''' response = self.client.post(reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"}) response = self.client.post(reverse('MyPidge.Users.views.ResendActivation')) self.assertEquals(response.status_code, 200) self.assertEquals(len(mail.outbox), 1) def test_resend_activation_not_pending(self): ''' Where user is not in state EP ''' # Sets session activationid response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"}) # Now we "activate" the user self.usertwo.membershipstatus = "OK" self.usertwo.save() response = self.client.post(reverse('MyPidge.Users.views.ResendActivation')) self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), host = self.host) def test_resend_activation_logged_in(self): ''' Where user is not in state EP and logged in! ''' # Sets session activationid response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"}) # Now we "activate" the user self.usertwo.membershipstatus = "OK" self.usertwo.save() response = self.client.post( reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.usertwo.email, 'password': "******"}) response = self.client.post(reverse('MyPidge.Users.views.ResendActivation')) self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=[""]), target_status_code=302, host = self.host) # Activation def test_activate_blank(self): ''' Blank linkkey > redirect to Activate-Failure ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=[""])) self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host) def test_activate_false(self): ''' Linkkey not found > redirect to Activate-Failure ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["nexisthidy"])) self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host) def test_activate_active(self): ''' Linkkey for user in OK > redirect to Login page with message ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["imokay"])) self.assertRedirects(response, reverse('MyPidge.Users.views.Login', args=["?alreadyactive"]), host = self.host) def test_activate_deactive(self): ''' Linkkey for user not in OK or EP > redirect to Activate-Failure ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["imnowhere"])) self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationFailure'), host = self.host) def test_activate_okay(self): ''' Linkkey for user in EP > activation + login + redirect to Activate-Success ''' response = self.client.get(reverse('MyPidge.Users.views.RegisterActivate', args=["heythere"])) self.assertRedirects(response, reverse('MyPidge.Users.views.ActivationSuccess'), host = self.host) self.assertEquals(len(mail.outbox), 1) self.assert_('loggedin' in self.client.session) # Reset Password def test_reset(self): ''' Reset Password Renders okay ''' response = self.client.get(reverse('MyPidge.Users.views.ResetPassword')) self.assertEquals(response.status_code, 200) def test_reset_real(self): ''' Post real email > email+1, page contains ''' response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email}) self.assertContains(response, "Assuming that you entered the email address of a user on our system, a message has been sent to your email address with a link to enable you to reset your password.", count=1, status_code=200) self.assertEquals(len(mail.outbox), 1) # Account is still active self.fergus = User.objects.get(email=self.fergus.email) self.assertEquals(self.fergus.CheckPassword("password"), True) def test_reset_false(self): ''' Post false email ''' response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': "*****@*****.**"}) self.assertContains(response, "Assuming that you entered the email address of a user on our system, a message has been sent to your email address with a link to enable you to reset your password.", count=1, status_code=200) self.assertEquals(len(mail.outbox), 0) def test_reset_logged(self): ''' Logged in > redirects homepage ''' response = self.client.post(reverse('MyPidge.Users.views.Login', args=[""]), {'email': self.fergus.email, 'password': "******"}) response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email}) self.assertRedirects(response, reverse('homepage'), host = self.host) # Do password reset def test_do_reset_none(self): ''' No reset password key ''' response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=[""])) # Shows bad key page self.assertContains(response, "I'm afraid that request was invalid. ", count = 1, status_code = 200) def test_do_reset_bad(self): ''' Bad reset password key ''' response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=["randabidozi"])) # Shows bad key page self.assertContains(response, "I'm afraid that request was invalid. ", count = 1, status_code = 200) def test_do_reset_good(self): ''' Do the password reset thing ''' response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email}) # Reload fergus self.fergus = User.objects.get(email = self.fergus.email) response = self.client.get(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key])) self.assertContains(response, "Please choose a new password", count = 1, status_code = 200) def test_do_reset_duplicate(self): ''' Password reset with unmatching passwords ''' response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email}) # Reload fergus self.fergus = User.objects.get(email = self.fergus.email) response = self.client.post(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key]), {'new_password': "******", 'new_password_again': "huhuhu"}) self.assertContains(response, "The new passwords are not the same", count = 1, status_code = 200) # Good key + post of new password > log in and redirect to confirmation page and key removed def test_do_reset_reset(self): ''' Password reset done ''' response = self.client.post(reverse('MyPidge.Users.views.ResetPassword'), {'email': self.fergus.email}) # Reload fergus self.fergus = User.objects.get(email = self.fergus.email) response = self.client.post(reverse('MyPidge.Users.views.DoResetPassword', args=[self.fergus.password_reset_key]), {'new_password': "******", 'new_password_again': "hello"}) self.assertRedirects(response, reverse('MyPidge.Users.views.DonePasswordReset'), host = self.host) # Reload fergus self.fergus = User.objects.get(email = self.fergus.email) self.assert_(self.fergus.CheckPassword("hello")) self.assert_('loggedin' in self.client.session)