def test_for_request__code__authed_other_authed(self):
"""An authenticated user can't access orders created by anyone else."""
event = EventFactory()
person = PersonFactory()
person2 = PersonFactory()
order = OrderFactory(event=event, person=person2)
request = self.factory.get('/')
self._add_session(request)
Order.objects._set_session_code(request, event, order.code)
request.user = person
with self.assertRaises(Order.DoesNotExist):
Order.objects.for_request(event, request, create=False)
def test_send_digest__owner__two_events(self):
owner = PersonFactory(notify_new_purchases=Person.NOTIFY_DAILY)
organization = OrganizationFactory()
OrganizationMember.objects.create(
person=owner,
organization=organization,
role=OrganizationMember.OWNER,
)
event1 = EventFactory(organization=organization)
event2 = EventFactory(organization=organization)
TransactionFactory(event=event1, transaction_type=Transaction.PURCHASE)
TransactionFactory(event=event2, transaction_type=Transaction.PURCHASE)
self.assertEqual(len(mail.outbox), 0)
self.command.send_digest(owner)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject,
'[Dancerfly] New purchases for your events!')
self.assertIn(event1.name, mail.outbox[0].body)
self.assertIn(event1.name, mail.outbox[0].alternatives[0][0])
self.assertIn(event2.name, mail.outbox[0].body)
self.assertIn(event2.name, mail.outbox[0].alternatives[0][0])
def test_for_request__authed(self):
"""An authenticated user will automatically get their own order."""
event = EventFactory()
person = PersonFactory()
order = OrderFactory(event=event, person=person)
request = self.factory.get('/')
request.user = person
fetched, created = Order.objects.for_request(event,
request,
create=False)
self.assertFalse(created)
self.assertEqual(fetched, order)
def test_for_request__code__authed_anon(self):
"""Authenticated users cannot access orders created by anonymous users
without the code stored in the session.
"""
event = EventFactory()
person = PersonFactory()
OrderFactory(event=event, person=None)
request = self.factory.get('/')
self._add_session(request)
request.user = person
with self.assertRaises(Order.DoesNotExist):
Order.objects.for_request(event, request, create=False)
def setUp(self):
self.factory = RequestFactory()
self.view = MergeOrderView()
event = EventFactory(collect_housing_data=True)
item = ItemFactory(event=event)
item_option = ItemOptionFactory(price=100, item=item)
self.person = PersonFactory()
self.order1 = OrderFactory(event=event, person=self.person)
self.order2 = OrderFactory(event=event,
person=None,
email=self.person.email)
self.tr1 = TransactionFactory(event=event, order=self.order1)
self.tr2 = TransactionFactory(event=event, order=self.order2)
self.order1.add_to_cart(item_option)
self.order1.mark_cart_paid(self.tr1)
self.order2.add_to_cart(item_option)
self.order2.add_to_cart(item_option)
self.order2.mark_cart_paid(self.tr2)
self.att1 = AttendeeFactory(
order=self.order1,
bought_items=self.order1.bought_items.all(),
email='*****@*****.**')
self.att2 = AttendeeFactory(
order=self.order2,
bought_items=self.order2.bought_items.all(),
email='*****@*****.**')
self.housing2 = EventHousingFactory(
event=event,
order=self.order2,
contact_name='Picard',
contact_email='*****@*****.**',
contact_phone='111-111-1111',
public_transit_access=True,
person_prefer='Dr. Crusher',
person_avoid='Wesley Crusher')
self.attendee1 = AttendeeFactory(order=self.order1)
self.attendee2 = AttendeeFactory(order=self.order2)
self.view.request = self.factory.post('/', {'pk': self.order2.pk})
self.view.request.user = self.person
setattr(self.view.request, 'session', 'session')
messages = FallbackStorage(self.view.request)
setattr(self.view.request, '_messages', messages)
def setUp(self):
stripe_prep(TEST)
self.event = EventFactory()
self.order = OrderFactory()
self.factory = RequestFactory()
self.view = StripeWebhookView.as_view()
self.data = json.dumps({'id': 'evt_123_event_id'})
self.request = self.factory.post(path='/',
content_type='application/json',
data=self.data)
def test_subject_apostrophe(self):
event = EventFactory(name="Han & Leia's Wedding")
self.event_name = event.name
self.order = OrderFactory(event=event, person=self.person)
transaction = TransactionFactory(event=event, order=self.order,
amount=130)
self.mailer = OrderReceiptMailer(transaction, site='dancerfly.com',
secure=True)
subject = self.mailer.render_subject(self.mailer.get_context_data())
expected_subject = ('[{event_name}] Receipt for order {order_code}'
.format(event_name=self.event_name,
order_code=self.order.code))
self.assertEqual(subject, expected_subject)
def test_for_request__session__anon_anon(self):
"""An anonymous user can have their order stored in the session."""
event = EventFactory()
order = OrderFactory(event=event, person=None)
request = self.factory.get('/')
self._add_session(request)
Order.objects._set_session_code(request, event, order.code)
request.user = AnonymousUser()
fetched, created = Order.objects.for_request(event,
request,
create=False)
self.assertFalse(created)
self.assertEqual(fetched, order)
def test_subject__event(self):
event = EventFactory(name="Conan's Show")
request = self.factory.get('/')
request.user = PersonFactory()
invite, created = EventInvite.get_or_create(
request=request,
email='*****@*****.**',
content=event,
)
self.assertEqual(len(mail.outbox), 0)
invite.send()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(
mail.outbox[0].subject,
"You've been invited to attend {}!".format(event.name))
def test_summary_data__items_no_transaction(self):
"""
Items without transactions are included in summary data.
"""
event = EventFactory()
order = OrderFactory(event=event)
item = ItemFactory(event=event)
item_option = ItemOptionFactory(price=100, item=item)
order.add_to_cart(item_option)
summary_data = order.get_summary_data()
self.assertEqual(summary_data['gross_cost'], 100)
self.assertEqual(summary_data['total_savings'], 0)
self.assertEqual(summary_data['net_cost'], 100)
def test_send_digest__event_editor(self):
editor = PersonFactory(notify_new_purchases=Person.NOTIFY_DAILY)
event = EventFactory()
EventMember.objects.create(
person=editor,
event=event,
role=EventMember.EDIT,
)
TransactionFactory(event=event, transaction_type=Transaction.PURCHASE)
self.assertEqual(len(mail.outbox), 0)
self.command.send_digest(editor)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject,
'[Dancerfly] New purchases for your events!')
self.assertIn(event.name, mail.outbox[0].body)
self.assertIn(event.name, mail.outbox[0].alternatives[0][0])
def test_subject__event_view_apostrophe(self):
event = EventFactory(name="James's Test Event")
request = self.factory.get('/')
request.user = PersonFactory(first_name="Conan", last_name="O'Brien")
invite, created = EventViewInvite.get_or_create(
request=request,
email='*****@*****.**',
content=event,
)
self.assertEqual(len(mail.outbox), 0)
invite.send()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(
mail.outbox[0].subject,
"{} has invited you to collaborate on {}".format(
request.user.get_full_name(), event.name))
def test_for_request__create__anon(self):
"""
An anonymous user will get a new order back if no code is provided
and no session code is available, but create is True.
"""
event = EventFactory()
request = self.factory.get('/')
request.user = AnonymousUser()
self._add_session(request)
fetched, created = Order.objects.for_request(event,
request,
create=True)
self.assertTrue(created)
self.assertEqual(fetched.code,
Order.objects._get_session_code(request, event))
self.assertIsNone(fetched.person)
def test_for_request__create__authed(self):
"""
An authenticated user will get a new order back if no code is provided
and no session code is available, but create is True.
"""
event = EventFactory()
person = PersonFactory()
request = self.factory.get('/')
request.user = person
self._add_session(request)
fetched, created = Order.objects.for_request(event,
request,
create=True)
self.assertTrue(created)
self.assertIsNone(Order.objects._get_session_code(request, event))
self.assertEqual(fetched.person_id, person.id)
def test_subject__event_view(self):
event = EventFactory()
request = self.factory.get('/')
request.user = PersonFactory()
invite, created = EventViewInvite.get_or_create(
request=request,
email='*****@*****.**',
content=event,
)
self.assertEqual(len(mail.outbox), 0)
invite.send()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(
mail.outbox[0].subject,
"{} has invited you to collaborate on {}".format(
request.user.get_full_name(), event.name))
def test_subject__organization_owner(self):
event = EventFactory()
request = self.factory.get('/')
request.user = PersonFactory()
invite, created = OrganizationOwnerInvite.get_or_create(
request=request,
email='*****@*****.**',
content=event.organization,
)
self.assertEqual(len(mail.outbox), 0)
invite.send()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(
mail.outbox[0].subject,
"{} has invited you to help manage {}".format(
request.user.get_full_name(), event.organization.name))
def set_up_view(self, orderer=None, is_confirmed=False):
organization = OrganizationFactory(check_payment_allowed=True)
OrganizationMember.objects.create(
person=PersonFactory(),
organization=organization,
role=OrganizationMember.OWNER,
)
event = EventFactory(
collect_housing_data=False,
organization=organization,
check_postmark_cutoff=timezone.now().date() + timedelta(1),
)
item = ItemFactory(event=event)
item_option = ItemOptionFactory(price=100, item=item)
receiver = PersonFactory()
order_kwargs = dict(event=event)
if orderer:
order_kwargs['person'] = orderer
order = OrderFactory(**order_kwargs)
order.add_to_cart(item_option)
transaction = TransactionFactory(event=event,
order=order,
is_confirmed=is_confirmed)
order.mark_cart_paid(transaction)
# The BoughtItem should be in the correct state if we've set up this
# test Order correctly.
self.assertEqual(order.bought_items.first().status, BoughtItem.BOUGHT)
view = TransferView()
view.kwargs = dict(
event_slug=event.slug,
organization_slug=organization.slug,
)
view.request = self.factory.post(
'/',
dict(
bought_item=order.bought_items.first().pk,
email=receiver.email,
))
view.request.user = orderer if orderer else AnonymousUser()
view.event = event
view.order = order
view.workflow = RegistrationWorkflow(order=order, event=event)
view.current_step = view.workflow.steps.get(view.current_step_slug)
return view
def test_subject_apostrophe(self):
event = EventFactory(name="Han & Leia's Wedding!")
self.person = PersonFactory(first_name="Ma'ayan", last_name="Plaut")
self.event_name = event.name
self.order = OrderFactory(event=event, person=self.person)
transaction = TransactionFactory(event=event,
order=self.order,
amount=130)
self.mailer = OrderAlertMailer(transaction,
site='dancerfly.com',
secure=True)
subject = self.mailer.render_subject(self.mailer.get_context_data())
expected_subject = (
'[{event_name}] New purchase by {person_name}'.format(
event_name=self.event_name,
person_name=self.person.get_full_name()))
self.assertEqual(subject, expected_subject)
def test_event__edit(self):
person = PersonFactory()
event = EventFactory()
EventMember.objects.create(
person=person,
event=event,
role=EventMember.EDIT,
)
with self.assertNumQueries(2):
self.assertEqual(
person.get_all_permissions(event),
set(('view', 'edit')),
)
with self.assertNumQueries(0):
self.assertTrue(person.has_perm('view', event))
self.assertTrue(person.has_perm('edit', event))
self.assertFalse(person.has_perm('change_permissions', event))
def test_subject__organization_view_apostrophe(self):
event = EventFactory(organization=OrganizationFactory(
name="Conan's Show"))
request = self.factory.get('/')
request.user = PersonFactory(first_name="Conan", last_name="O'Brien")
invite, created = OrganizationViewInvite.get_or_create(
request=request,
email='*****@*****.**',
content=event.organization,
)
self.assertEqual(len(mail.outbox), 0)
invite.send()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(
mail.outbox[0].subject,
"{} has invited you to help manage {}".format(
request.user.get_full_name(), event.organization.name))
def test_organization__view(self):
person = PersonFactory()
event = EventFactory()
OrganizationMember.objects.create(
person=person,
organization=event.organization,
role=OrganizationMember.VIEW,
)
with self.assertNumQueries(2):
self.assertEqual(
person.get_all_permissions(event),
set(('view',)),
)
with self.assertNumQueries(0):
self.assertTrue(person.has_perm('view', event))
self.assertFalse(person.has_perm('edit', event))
self.assertFalse(person.has_perm('change_permissions', event))
def test_event__view(self):
person = PersonFactory()
event = EventFactory()
EventMember.objects.create(
person=person,
event=event,
role=EventMember.VIEW,
)
with self.assertNumQueries(1):
self.assertEqual(
person.get_all_permissions(event.organization),
set(),
)
with self.assertNumQueries(0):
self.assertFalse(person.has_perm('view', event.organization))
self.assertFalse(person.has_perm('edit', event.organization))
self.assertFalse(person.has_perm('change_permissions', event.organization))
def test_send_digest__owner__transactions_older_than_one_day(self):
owner = PersonFactory(notify_new_purchases=Person.NOTIFY_DAILY)
organization = OrganizationFactory()
OrganizationMember.objects.create(
person=owner,
organization=organization,
role=OrganizationMember.OWNER,
)
event = EventFactory(organization=organization)
TransactionFactory(
event=event,
transaction_type=Transaction.PURCHASE,
timestamp=timezone.now() - timedelta(days=2),
)
self.assertEqual(len(mail.outbox), 0)
self.command.send_digest(owner)
self.assertEqual(len(mail.outbox), 0)
def test_queryset_distinct(self):
"""
For authenticated users, make sure the qs is distinct.
Specifically, having multiple additional editors on
the event shouldn't cause duplication issues.
"""
person = PersonFactory()
editor1 = PersonFactory()
editor2 = PersonFactory()
editor3 = PersonFactory()
event = EventFactory(collect_housing_data=False)
EventMember.objects.create(
person=editor1,
event=event,
role=EventMember.EDIT,
)
EventMember.objects.create(
person=editor2,
event=event,
role=EventMember.EDIT,
)
EventMember.objects.create(
person=editor3,
event=event,
role=EventMember.EDIT,
)
order = OrderFactory(event=event, person=person)
# Set up three attendees to trigger duplication.
AttendeeFactory(order=order)
AttendeeFactory(order=order)
AttendeeFactory(order=order)
item = ItemFactory(event=event)
item_option = ItemOptionFactory(price=100, item=item)
order.add_to_cart(item_option)
order.add_to_cart(item_option)
viewset = BoughtItemViewSet()
viewset.request = self.factory.get('/')
viewset.request.user = person
qs = viewset.get_queryset()
self.assertEqual(len(qs), 2)
self.assertEqual(set(qs), set(order.bought_items.all()))
def test_needs_housing(self):
event = EventFactory(collect_housing_data=False)
order = OrderFactory(event=event)
transaction = TransactionFactory(event=event, order=order)
item = ItemFactory(event=event)
item_option = ItemOptionFactory(price=100, item=item)
order.add_to_cart(item_option)
order.add_to_cart(item_option)
order.mark_cart_paid(transaction)
a1 = AttendeeFactory(order=order,
bought_items=order.bought_items.all(),
housing_status=Attendee.NEED)
a2 = AttendeeFactory(order=order,
bought_items=order.bought_items.all())
self.assertTrue(a1.needs_housing())
self.assertFalse(a2.needs_housing())
def test_for_request__session__authed_anon(self):
"""
An authenticated user can auto-claim a session-stored order.
"""
event = EventFactory()
person = PersonFactory()
order = OrderFactory(event=event, person=None)
request = self.factory.get('/')
self._add_session(request)
Order.objects._set_session_code(request, event, order.code)
request.user = person
fetched, created = Order.objects.for_request(event,
request,
create=False)
self.assertFalse(created)
self.assertEqual(fetched, order)
self.assertEqual(fetched.person_id, person.id)
def test_charge__negative_amount(self):
event = EventFactory(api_type=TEST,
application_fee_percent=Decimal('2.5'))
order = OrderFactory(event=event)
stripe_prep(TEST)
stripe.api_key = event.organization.stripe_test_access_token
token = stripe.Token.create(card={
"number": '4242424242424242',
"exp_month": 12,
"exp_year": 2050,
"cvc": '123'
}, )
with self.assertRaises(InvalidAmountException):
stripe_charge(token,
amount=Decimal('-9.01'),
order=order,
event=event)
def test_attendee_invites_on_save(self):
emails = ['*****@*****.**', '*****@*****.**']
event = EventFactory()
data = model_to_dict(event)
data['invite_attendees'] = ','.join(emails)
request = RequestFactory().get('/')
request.user = PersonFactory()
form = EventRegistrationForm(request,
event.organization,
instance=event,
data=data)
self.assertTrue(form.is_valid())
self.assertTrue(form.cleaned_data.get('invite_attendees'))
self.assertEqual(EventInvite.get_invites(event).count(), 0)
self.assertEqual(len(mail.outbox), 0)
form.save()
self.assertEqual(EventInvite.get_invites(event).count(), 2)
self.assertEqual(len(mail.outbox), 2)
def setUp(self):
stripe_prep(TEST)
self.event = EventFactory()
self.order = OrderFactory(event=self.event)
self.factory = RequestFactory()
self.view = StripeWebhookView.as_view()
self.stripe_event = {'id': 'evt_123_event_id'}
self.data = json.dumps(self.stripe_event)
self.request = self.factory.post(path='/',
content_type='application/json',
data=self.data)
item = ItemFactory(event=self.event)
item_option = ItemOptionFactory(price=60, item=item)
self.order.add_to_cart(item_option)
token = stripe.Token.create(card={
'number': '4242424242424242',
'exp_month': 12,
'exp_year': 2017,
'cvc': '123'
}, )
charge = stripe_charge(token, 100, self.order, self.event)
self.txn = Transaction.from_stripe_charge(
charge,
event=self.event,
order=self.order,
api_type=self.event.api_type,
)
self.refund = stripe_refund(self.order, self.event, charge.id, 100)
data = mock.Mock(object=mock.Mock(name='charge', id=charge.id))
self.mock_event = mock.Mock(
data=data,
type='charge.refunded',
livemode=False,
)
self.order.mark_cart_paid(self.txn)
def test_for_request__session__authed_anon__with_order(self):
"""
An authenticated user's own order will take precedence over
a session order.
"""
event = EventFactory()
person = PersonFactory()
order = OrderFactory(event=event, person=None)
order2 = OrderFactory(event=event, person=person)
request = self.factory.get('/')
self._add_session(request)
Order.objects._set_session_code(request, event, order.code)
request.user = person
fetched, created = Order.objects.for_request(event,
request,
create=False)
self.assertFalse(created)
self.assertEqual(fetched, order2)
