def setUpTestData(cls):
cls.admin_user = f.UserFactory(is_staff=True)
cls.restaurant_admin_user = f.UserFactory()
cls.test_user = f.UserFactory()
cls.test_restaurant = \
f.RestaurantFactory(admin_users=[cls.restaurant_admin_user])
cls.current_test_url = reverse(
'restaurants:restaurant_delete',
kwargs={'restaurant_slug': cls.test_restaurant.slug})
def test_inactive_user_login(self):
"""
What happens when an unconfirmed, or banned, user tries to log in?
- Users with no last_login are treated as not-yet-activated,
and will receive a message telling them to use the emailed link.
- Users with a last_login are considered to be banned, and will
behave normally, ie. return bad username/password ValidationError
"""
unconfirmed_user = f.UserFactory(is_active=False)
banned_user = f.UserFactory(is_active=False, last_login=timezone.now())
# ensure that the unconfirmed user receives the correct message
self.response = self.client.post(
self.current_test_url, {
'username': unconfirmed_user.username,
'password': c.TEST_USER_PASSWORD,
'captcha_0': 'test',
'captcha_1': 'PASSED'
})
self.assertEquals(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn(c.USER_IS_UNCONFIRMED_MESSAGE, self.html)
# ensure that the banned user receives the correct message
self.response = self.client.post(
self.current_test_url, {
'username': banned_user.username,
'password': c.TEST_USER_PASSWORD,
'captcha_0': 'test',
'captcha_1': 'PASSED'
})
self.assertEquals(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn("Please enter a correct username and password.",
self.html)
# try unbanning the above user to ensure that the ValidationError
# above was not due to bad inputs
banned_user.is_active = True
banned_user.save()
self.response = self.client.post(self.current_test_url, {
'username': banned_user.username,
'password': c.TEST_USER_PASSWORD,
'captcha_0': 'test',
'captcha_1': 'PASSED'
},
follow=True)
self.assertEquals(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn(c.USER_LOGIN_SUCCESS_MESSAGE, self.html)
def setUpTestData(cls):
cls.test_permission = UserHasRestaurantPermissionsMixin()
cls.request = RequestFactory().get('/')
# create users
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
cls.admin_user = f.UserFactory(is_staff=True)
# create restaurant objects
cls.test_restaurant = \
f.RestaurantFactory(admin_users=[cls.restaurant_admin_user])
cls.test_menu = f.MenuFactory(restaurant=cls.test_restaurant)
cls.test_menusection = f.MenuSectionFactory(menu=cls.test_menu)
cls.test_menuitem = f.MenuItemFactory(menusection=cls.test_menusection)
def setUpTestData(cls):
cls.view = views.MenuList
# create model objects
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
cls.test_restaurant = f.RestaurantFactory()
cls.test_menus = f.MenuFactory.create_batch(
size=3,
restaurant=cls.test_restaurant,
admin_users=[cls.restaurant_admin_user])
# generate test url
cls.kwargs = {'restaurant_pk': cls.test_menus[0].pk}
cls.current_test_url = reverse('api:menu_list', kwargs=cls.kwargs)
def setUpTestData(cls):
cls.test_permission = HasRestaurantPermissionsOrReadOnly()
cls.factory = APIRequestFactory()
# create users
cls.unprivileged_user = f.UserFactory(username='******')
cls.permitted_user = f.UserFactory(username='******')
cls.admin_user = f.UserFactory(username='******', is_staff=True)
# create restaurant objects and add permitted user to admin_users
cls.test_restaurant = f.RestaurantFactory(
admin_users=[cls.permitted_user])
cls.test_menu = f.MenuFactory(restaurant=cls.test_restaurant)
cls.test_menusection = f.MenuSectionFactory(menu=cls.test_menu)
cls.test_menuitem = f.MenuItemFactory(menusection=cls.test_menusection)
def test_banned_user_with_valid_url(self):
with self.settings(EMAIL_CONFIRMATION_REQUIRED=True):
# create banned user
banned_user = f.UserFactory(is_active=False,
last_login=timezone.now())
# generate welcome email url
self.current_test_url = self.form_instance.send_new_user_email(
banned_user, get_path=True)
# attempt to activate account
self.response = self.user_activation_post_data(
username=banned_user.username)
self.assertEqual(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn("Please enter a correct username and password.",
self.html)
# user is still banned
banned_user.refresh_from_db()
self.assertFalse(banned_user.is_active)
# sanity check - unban the user, allow them to log in
banned_user.is_active = True
banned_user.save()
self.response = \
self.user_activation_post_data(username=banned_user.username)
self.assertEqual(self.response.status_code, 302)
self.assertEqual(self.response.wsgi_request.user, banned_user)
def setUpTestData(cls):
cls.serializer = serializers.MenuItemSerializer
# create objects
cls.restaurant_admin_user = f.UserFactory()
cls.test_menusection = \
f.MenuSectionFactory(admin_users=[cls.restaurant_admin_user])
def setUpTestData(cls):
# create restaurant_admin_user
cls.restaurant_admin_user = f.UserFactory()
# create test_restaurant
cls.test_restaurant = \
Restaurant.objects.create(name=c.TEST_RESTAURANT_NAME)
cls.test_restaurant.admin_users.add(cls.restaurant_admin_user)
def setUp(self):
self.test_user = f.UserFactory()
self.client.login(username=self.test_user.username,
password=c.TEST_USER_PASSWORD)
self.current_test_url = reverse('users:password_change')
self.response = self.client.get(self.current_test_url)
self.view = self.response.context['view']
def setUp(self):
self.test_user = f.UserFactory()
self.client.login(username=self.test_user.username,
password=c.TEST_USER_PASSWORD)
self.current_test_url = reverse('users:user_update')
self.response = self.client.get(self.current_test_url)
self.html = unescape(self.response.content.decode('utf-8'))
self.view = self.response.context['view']
def setUpTestData(cls):
cls.view = views.RestaurantList
# create model objects
cls.restaurant_admin_user = f.UserFactory()
cls.test_restaurants = f.RestaurantFactory.create_batch(3)
# generate test url
cls.current_test_url = reverse('api:restaurant_list')
def setUpTestData(cls):
cls.restaurant_admin_user = f.UserFactory()
cls.test_restaurant = \
f.RestaurantFactory(admin_users=[cls.restaurant_admin_user])
cls.test_menu = \
f.MenuFactory(restaurant=cls.test_restaurant)
cls.current_test_url = reverse(
'restaurants:restaurant_detail',
kwargs={'restaurant_slug': cls.test_restaurant.slug})
def setUpTestData(cls):
cls.view = views.MenuSectionList
# create model objects
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
cls.test_menu = f.MenuFactory()
cls.test_menusections = f.MenuSectionFactory.create_batch(
size=3,
menu=cls.test_menu,
admin_users=[cls.restaurant_admin_user])
# generate test url
cls.kwargs = {
'restaurant_pk': cls.test_menu.restaurant.pk,
'menu_pk': cls.test_menu.pk
}
cls.current_test_url = \
reverse('api:menusection_list', kwargs=cls.kwargs)
def setUp(self):
self.authenticated_user = f.UserFactory(username='******')
self.form_instance = NewUserCreationForm()
self.test_uid = self.form_instance.send_new_user_email(
self.authenticated_user, get_uid=True)
self.test_token = self.form_instance.send_new_user_email(
self.authenticated_user, get_token=True)
self.current_test_url = reverse('users:user_activation',
kwargs={
'uidb64': self.test_uid,
'token': self.test_token
})
self.response = self.client.get(self.current_test_url)
self.view = self.response.context['view']
def test_active_user_uses_activation_view_to_log_in(self):
active_user = f.UserFactory()
self.client.login(username=active_user, password=c.TEST_USER_PASSWORD)
self.response = self.client.get(self.current_test_url)
self.assertEqual(self.response.status_code, 302)
self.assertEqual(self.response.url,
reverse(settings.LOGIN_REDIRECT_URL))
# user has successfully logged in
self.assertEqual(self.response.wsgi_request.user, active_user)
# user is redirected and template contains
# c.USER_LOGIN_ALREADY_AUTHENTICATED_MESSAGE
self.response = self.client.get(self.response.url)
self.assertEqual(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn(c.USER_LOGIN_ALREADY_AUTHENTICATED_MESSAGE, self.html)
def test_welcome_email(self):
test_user = f.UserFactory()
# url is valid
with self.settings(EMAIL_CONFIRMATION_REQUIRED=False):
user_activation_url = \
self.form_instance.send_new_user_email(test_user, get_url=True)
self.response = self.client.get(user_activation_url)
self.assertEqual(self.response.status_code, 200)
self.assertTemplateUsed(self.response, 'users/login.html')
# confirmation email sent and contains expected text
self.form_instance.send_new_user_email(test_user)
self.assertEqual(len(mail.outbox), 1)
self.assertIn(f"Welcome to {c.PROJECT_NAME}!",
mail.outbox[0].subject)
self.assertIn("You can login to your account", mail.outbox[0].body)
def setUpTestData(cls):
cls.serializer = serializers.MenuSectionSerializer
cls.restaurant_admin_user = f.UserFactory()
cls.test_menu = f.MenuFactory(admin_users=[cls.restaurant_admin_user])
def setUpTestData(cls):
cls.view = views.MenuItemDetail
# create model objects
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
def setUpTestData(cls):
cls.view = views.is_email_available
# create model objects
cls.test_user = f.UserFactory()
def setUpTestData(cls):
cls.serializer = serializers.RestaurantSerializer
cls.restaurant_admin_user = f.UserFactory()
def setUpTestData(cls):
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
def setUpTestData(cls):
cls.serializer = serializers.MenuSerializer
cls.restaurant_admin_user = f.UserFactory()
cls.test_restaurant = \
f.RestaurantFactory(admin_users=[cls.restaurant_admin_user])
def setUpTestData(cls):
cls.restaurant_admin_user = f.UserFactory()
cls.current_test_url = reverse('restaurants:restaurant_create')
def setUpTestData(cls):
cls.test_user = f.UserFactory()
cls.current_test_url = reverse('users:logout')
def setUpTestData(cls):
cls.test_user = f.UserFactory()
cls.restaurant_admin_user = f.UserFactory()
cls.current_test_url = reverse('users:user_detail')
def setUpTestData(cls):
cls.test_user = f.UserFactory()
cls.current_test_url = reverse('users:user_delete')
def setUpTestData(cls):
cls.test_user = f.UserFactory()
cls.current_test_url = reverse('users:login')
cls.next_url = reverse('restaurants:restaurant_list')
def test_method_send_new_user_email(self):
"""
This method is an abominable hack that should be moved out of
the form and into its own functions. However, it is tightly
coupled to Django's native password reset function, and may
benefit from any improvements that are made to it.
"""
test_user = f.UserFactory()
other_user = f.UserFactory()
with self.settings(EMAIL_CONFIRMATION_REQUIRED=True):
# uid matches self.test_user.pk
uid = \
self.form_instance.send_new_user_email(test_user, get_uid=True)
self.assertEqual(int(urlsafe_base64_decode(uid)), test_user.pk)
# token is valid
test_user_token = self.form_instance.send_new_user_email(
test_user, get_token=True)
self.assertTrue(
default_token_generator.check_token(test_user,
test_user_token))
# check_token - token returned by the method always returns True
self.form_instance.send_new_user_email(test_user, check_token=True)
# check_token - a manually-entered token
# for the same user always returns True
self.assertTrue(
self.form_instance.send_new_user_email(test_user,
check_token=True,
token=test_user_token))
# check_token - a manually-entered token for
# a different user always returns False
other_user_token = self.form_instance.send_new_user_email(
other_user, get_token=True)
self.assertFalse(
self.form_instance.send_new_user_email(test_user,
check_token=True,
token=other_user_token))
# url is valid
user_activation_url = \
self.form_instance.send_new_user_email(test_user, get_url=True)
self.response = self.client.get(user_activation_url)
self.assertEqual(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn(c.USER_ACTIVATION_VIEW_MESSAGE, self.html)
# path is valid
user_activation_path = self.form_instance.send_new_user_email(
test_user, get_path=True)
self.response = self.client.get(user_activation_path)
self.assertEqual(self.response.status_code, 200)
self.html = unescape(self.response.content.decode('utf-8'))
self.assertIn(c.USER_ACTIVATION_VIEW_MESSAGE, self.html)
# confirmation email sent and contains expected text
self.form_instance.send_new_user_email(test_user)
self.assertEqual(len(mail.outbox), 1)
self.assertIn("Confirm your account", mail.outbox[0].subject)
self.assertIn("confirm your account", mail.outbox[0].body)
# email does not contain next kwarg
self.assertNotIn("?next=", mail.outbox[0].body)
# clear the outbox before doing the tests for next_url
del mail.outbox
# next_url
next_url = reverse('restaurants:restaurant_list')
# url contains next_url
user_activation_url_with_next_kwarg = \
self.form_instance.send_new_user_email(
test_user, next_url=next_url, get_url=True)
self.assertIn(f'?next={next_url}',
user_activation_url_with_next_kwarg)
# path contains next_url
user_activation_path_with_next_kwarg = \
self.form_instance.send_new_user_email(
test_user, next_url=next_url, get_path=True)
self.assertIn(f'?next={next_url}',
user_activation_path_with_next_kwarg)
# confirmation email sent and contains expected text
self.form_instance.send_new_user_email(test_user,
next_url=next_url)
self.assertEqual(len(mail.outbox), 1)
self.assertIn("Confirm your account", mail.outbox[0].subject)
self.assertIn("confirm your account", mail.outbox[0].body)
self.assertIn(f'?next={next_url}', mail.outbox[0].body)
def setUpTestData(cls):
cls.authenticated_user = f.UserFactory(username='******')
cls.current_test_url = reverse('users:register')
cls.next_url = reverse('restaurants:restaurant_list')
