def test_can_set_and_revoke_admin(self):
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 0
resp = self.client.post(self.url)
self.assertEqual(302, resp.status_code)
assert 'Success' in parse_cookie(resp.cookies)['messages']
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 1
resp = self.client.post(self.url)
self.assertEqual(302, resp.status_code)
assert 'Success' in parse_cookie(resp.cookies)['messages']
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 0
def test_can_set_and_revoke_admin(self):
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 0
resp = self.client.post(self.url)
self.assertEqual(302, resp.status_code)
assert 'Success' in parse_cookie(resp.cookies)['messages']
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 1
resp = self.client.post(self.url)
self.assertEqual(302, resp.status_code)
assert 'Success' in parse_cookie(resp.cookies)['messages']
assert len(InstitutionAdmin.objects.filter(institution=self.inst)) == 0
def test_can_remove(self):
# create one user
username = self.user.username
resp = self.client.post(reverse("user_remove", args=[username]))
self.assertEqual(302, resp.status_code)
assert "Successfully deleted %s" % username in parse_cookie(resp.cookies)["messages"]
assert len(ccnet_threaded_rpc.search_emailusers("DB", username, -1, -1)) == 0
def test_can_remove(self):
# create one user
username = self.user.username
resp = self.client.post(reverse('user_remove', args=[username]))
self.assertEqual(302, resp.status_code)
assert 'Successfully deleted %s' % username in parse_cookie(
resp.cookies)['messages']
assert len(ccnet_threaded_rpc.search_emailusers(
'DB', username, -1, -1)) == 0
def test_can_batch_add(self):
for e in self.new_users:
try:
r = User.objects.get(e)
except User.DoesNotExist:
r = None
assert r is None
with open(self.csv_file) as f:
resp = self.client.post(reverse('batch_add_user'), {'file': f})
self.assertEqual(302, resp.status_code)
assert 'Import succeeded' in parse_cookie(resp.cookies)['messages']
for e in self.new_users:
assert User.objects.get(e) is not None
def test_can_remove(self):
self.client.post(reverse('auth_login'), {
'username': self.admin.username,
'password': '******'
})
# create one user
username = self.user.username
resp = self.client.get(reverse('user_remove', args=[username]))
assert 'Successfully deleted %s' % username in parse_cookie(
resp.cookies)['messages']
assert len(ccnet_threaded_rpc.search_emailusers(
'DB', username, -1, -1)) == 0
def test_can_batch_add(self):
for e in self.new_users:
try:
r = User.objects.get(e)
except User.DoesNotExist:
r = None
assert r is None
with open(self.csv_file) as f:
resp = self.client.post(reverse("batch_add_user"), {"file": f})
self.assertEqual(302, resp.status_code)
assert "Import succeeded" in parse_cookie(resp.cookies)["messages"]
for e in self.new_users:
assert User.objects.get(e) is not None
def test_can_remove(self):
self.client.post(
reverse('auth_login'), {'username': self.admin.username,
'password': '******'}
)
# create one user
username = self.user.username
resp = self.client.get(
reverse('user_remove', args=[username])
)
assert 'Successfully deleted %s' % username in parse_cookie(resp.cookies)['messages']
assert len(ccnet_threaded_rpc.search_emailusers('DB', username, -1, -1)) == 0
def test_can_send_reset_email_to_contact_email(self):
p = Profile.objects.add_or_update(self.user.username, '')
p.contact_email = '*****@*****.**'
p.save()
self.assertEqual(len(mail.outbox), 0)
resp = self.client.post(reverse('user_reset', args=[self.user.email]))
self.assertEqual(302, resp.status_code)
assert 'email has been sent to [email protected]' in parse_cookie(
resp.cookies)['messages']
self.assertEqual(len(mail.outbox), 1)
assert mail.outbox[0].to[0] != self.user.username
assert mail.outbox[0].to[0] == '*****@*****.**'
self.assertEqual(len(mail.outbox), 1)
def test_cookies(self):
client = HttpClient()
client.set_cookie('foo', 'not-bar')
client.set_cookie('foo', 'bar')
client.set_cookie('qux', 'qu;x')
# Django's interpretation of the serialized cookie.
cookie_dict = parse_cookie(client.headers['cookie'].decode('ascii'))
self.assertEqual(client.get_cookies(),
cookie_dict)
self.assertEqual({'foo': 'bar',
'qux': 'qu;x',
'sessionid': client.get_cookies()['sessionid']},
cookie_dict)
def __call__(self, scope):
try:
headers = dict(scope["headers"])
cookies = headers[b"cookie"]
cookie_dict = parse_cookie(cookies.decode('utf-8'))
auth_token = cookie_dict["authToken"]
token_obj = AuthToken.objects.filter(
token_key=auth_token[:CONSTANTS.TOKEN_KEY_LENGTH])
if token_obj.exists() and token_obj.latest("pk").user.is_active:
scope["user"] = token_obj.latest("pk").user
return self.inner(scope)
scope["user"] = AnonymousUser()
return self.inner(scope)
except Exception:
import traceback
traceback.print_exc()
def test_can_not_batch_add_if_user_over_limit(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = True
for e in self.new_users:
try:
r = User.objects.get(e)
except User.DoesNotExist:
r = None
assert r is None
with open(self.csv_file) as f:
resp = self.client.post(reverse('batch_add_user'), {
'file': f
})
self.assertEqual(302, resp.status_code)
assert 'users exceeds the limit' in parse_cookie(resp.cookies)['messages']
def test_can_not_batch_add_if_user_over_limit(self,
mock_user_number_over_limit):
mock_user_number_over_limit.return_value = True
for e in self.new_users:
try:
r = User.objects.get(e)
except User.DoesNotExist:
r = None
assert r is None
with open(self.csv_file) as f:
resp = self.client.post(reverse('batch_add_user'), {'file': f})
self.assertEqual(302, resp.status_code)
assert 'users exceeds the limit' in parse_cookie(
resp.cookies)['messages']
async def __call__(self, receive, send):
headers = dict(self.scope['headers'])
if self.HEADER in headers:
token_name, _token_key = headers[self.HEADER].decode().split(':')
token_key = _token_key.lstrip()
if token_name == self.HEADER_TOKEN_KEY:
self.scope['user'] = await get_user(token_key)
elif b'cookie' in headers:
cookies = parse_cookie(headers[b'cookie'].decode())
cookies_lower = {k.lower(): v for k, v in cookies.items()}
token_key = cookies_lower.get(self.COOKIE_TOKEN_KEY)
if token_key:
self.scope['user'] = await get_user(token_key)
inner = self.inner(self.scope)
return await inner(receive, send)
def ws_connect(message):
headers = dict(message.content.get('headers', ''))
message.reply_channel.send({"accept": True})
message.content['method'] = 'FAKE'
if message.user.is_authenticated():
message.reply_channel.send(
{"text": json.dumps({"accept": True, "user": message.user.id})}
)
# store the valid CSRF token from the cookie so we can compare it later
# on ws_receive
cookie_token = parse_cookie(
smart_str(headers.get(b'cookie'))
).get('csrftoken')
if cookie_token:
message.channel_session[XRF_KEY] = cookie_token
else:
logger.error("Request user is not authenticated to use websocket.")
message.reply_channel.send({"close": True})
return None
def test_can_batch_add_when_pwd_change_not_required(self):
config.FORCE_PASSWORD_CHANGE = 0
for e in self.new_users:
assert len(UserOptions.objects.filter(
email=e, option_key=KEY_FORCE_PASSWD_CHANGE)) == 0
for e in self.new_users:
try:
r = User.objects.get(e)
except User.DoesNotExist:
r = None
assert r is None
with open(self.csv_file) as f:
resp = self.client.post(reverse('batch_add_user'), {
'file': f
})
self.assertEqual(302, resp.status_code)
assert 'Import succeeded' in parse_cookie(resp.cookies)['messages']
for e in self.new_users:
assert User.objects.get(e) is not None
assert not UserOptions.objects.passwd_change_required(e)
def test_can_set_to_zh(self):
resp = self.client.get(reverse('i18n') + '?lang=zh-cn')
self.assertEqual(302, resp.status_code)
assert parse_cookie(resp.cookies)['django_language'] == 'zh-cn'
def onConnect(self, request):
origin = request.headers.get('origin', '')
# self.check_origin(origin)
cookie = parse_cookie(request.headers.get('cookie', ''))
# self.check_auth(cookie)
return super().onConnect(request)
def test_can_set_to_zh(self):
resp = self.client.get(reverse('i18n') + '?lang=zh-cn')
self.assertEqual(302, resp.status_code)
assert parse_cookie(resp.cookies)['django_language'] == 'zh-cn'
def test_wrong_lang_code(self):
resp = self.client.get(reverse('i18n') + '?lang=zh_CN')
self.assertEqual(302, resp.status_code)
assert parse_cookie(resp.cookies)['django_language'] == 'en'
def test_wrong_lang_code(self):
resp = self.client.get(reverse('i18n') + '?lang=zh_CN')
self.assertEqual(302, resp.status_code)
assert parse_cookie(resp.cookies)['django_language'] == 'en'