def test_change_password(self):
"""Change the current user's password."""
# Create a user.
token = create_and_login()
# Try changing the password.
response = self.client.post(
PASSWORD_URL,
json.dumps({"current_password": TEST_USER[2],
"new_password": "******"}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_200_OK)
# Test logging in using the new password.
login(TEST_USER[0], "boom")
# Verify that we can't log in using the old password.
response = self.client.post(LOGIN_URL,
{"username": TEST_USER[0],
"password": TEST_USER[2]})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
def test_change_password(self):
"""Change the current user's password."""
# Create a user.
token = create_and_login()
# Try changing the password.
response = self.client.post(PASSWORD_URL,
json.dumps({
"current_password": TEST_USER[2],
"new_password": "******"
}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_200_OK)
# Test logging in using the new password.
login(TEST_USER[0], "boom")
# Verify that we can't log in using the old password.
response = self.client.post(LOGIN_URL, {
"username": TEST_USER[0],
"password": TEST_USER[2]
})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
def test_bad_token(self):
"""The change password request has a bad authentication token."""
# Create a user and log them in.
create_and_login()
# Try changing the password.
response = \
self.client.post(
PASSWORD_URL,
json.dumps({"username": TEST_USER[0],
"current_password": TEST_USER[2],
"new_password": "******"}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % BAD_TOKEN)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
# Test logging in using the old password.
login(TEST_USER[0], TEST_USER[2])
# Verify that we can't log in using the new password.
response = self.client.post(LOGIN_URL, {
"username": TEST_USER[0],
"password": "******"
})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
def test_bad_token(self):
"""The change password request has a bad authentication token."""
# Create a user and log them in.
create_and_login()
# Try changing the password.
response = \
self.client.post(
PASSWORD_URL,
json.dumps({"username": TEST_USER[0],
"current_password": TEST_USER[2],
"new_password": "******"}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % BAD_TOKEN)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
# Test logging in using the old password.
login(TEST_USER[0], TEST_USER[2])
# Verify that we can't log in using the new password.
response = self.client.post(LOGIN_URL,
{"username": TEST_USER[0],
"password": "******"})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
def test_login_already_logged_in(self): # pylint: disable=R0201
"""Logging in when the user is already logged in.
The user should remain logged in.
"""
create_and_login()
login(TEST_USER[0], TEST_USER[2])
def test_login_already_logged_in(self): # pylint: disable=R0201
"""Logging in when the user is already logged in.
The user should remain logged in.
"""
create_and_login()
login(TEST_USER[0], TEST_USER[2])
def test_login_another_logged_in(self): # pylint: disable=R0201
"""Logging in when another user is logged in.
The second user should be logged in normally.
"""
# Create user 1 and user 2. User 2 is just user 1 with the username and
# password swapped.
create_and_login()
get_user_model().objects.create_user(TEST_USER[2], TEST_USER[1],
TEST_USER[0])
# Login user 1, then login user 2.
login(TEST_USER[0], TEST_USER[2])
login(TEST_USER[2], TEST_USER[0])
def test_login_another_logged_in(self): # pylint: disable=R0201
"""Logging in when another user is logged in.
The second user should be logged in normally.
"""
# Create user 1 and user 2. User 2 is just user 1 with the username and
# password swapped.
create_and_login()
get_user_model().objects.create_user(TEST_USER[2],
TEST_USER[1],
TEST_USER[0])
# Login user 1, then login user 2.
login(TEST_USER[0], TEST_USER[2])
login(TEST_USER[2], TEST_USER[0])
def test_not_logged_in(self):
"""The user isn't logged in.
The user shouldn't be able to change their password.
"""
# Create a user and log them out.
token = create_and_login()
response = self.client.post(LOGOUT_URL,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
self.assertContains(response, '', status_code=HTTP_200_OK)
# Now try changing the password.
response = self.client.post(PASSWORD_URL,
json.dumps({
"username":
TEST_USER_1[0],
"current_password":
TEST_USER_1[2],
"new_password":
"******"
}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
self.assertContains(response,
CONTENT_BAD_TOKEN,
status_code=HTTP_401_UNAUTHORIZED)
# Verify that we can't log in using the NEW password.
response = self.client.post(LOGIN_URL, {
"username": TEST_USER_1[0],
"password": "******"
})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
# We should be able to still log in using the old password.
login(TEST_USER_1[0], TEST_USER_1[2])
def test_put(self):
"""Change a tenant's attributes."""
# The expected result, sans uuid.
INITIAL_TENANT = {
"name": "tenant",
"owner": "John",
"owner_contact": "206.867.5309"
}
NEW_TENANT = {
"name": "TENant",
"owner": "Bob",
"owner_contact": "212.867.5309"
}
def get_tenant(token, expected):
"""Get the tenant using the token and check the response."""
response = self.client.get(
TENANTS_ID_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, expected)
# Make a tenant
tenant = Tenant.objects.create(**INITIAL_TENANT)
# Create a Django admin user, and a normal user who's a tenant_admin of
# the tenant.
token = create_and_login(is_superuser=True)
get_user_model().objects.create_user("a",
"*****@*****.**",
"a",
tenant=tenant,
tenant_admin=True)
# Test changing the tenant as a Django admin.
response = self.client.put(TENANTS_ID_URL % tenant.uuid,
json.dumps(NEW_TENANT),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
check_response_without_uuid(response, HTTP_200_OK, NEW_TENANT)
get_tenant(token, NEW_TENANT)
# Test changing the tenant as a tenant admin.
token = login('a', 'a')
response = self.client.put(TENANTS_ID_URL % tenant.uuid,
json.dumps(NEW_TENANT),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
check_response_without_uuid(response, HTTP_200_OK, NEW_TENANT)
get_tenant(token, NEW_TENANT)
def test_no_new_password(self):
"""The change password request doesn't have a new password."""
# Create a user and log them in.
token = create_and_login()
# Try changing the password.
response = self.client.post(
PASSWORD_URL,
json.dumps({"username": TEST_USER[0],
"current_password": TEST_USER[2]}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_400_BAD_REQUEST)
# Test logging in using the old password.
login(TEST_USER[0], TEST_USER[2])
def test_no_new_password(self):
"""The change password request doesn't have a new password."""
# Create a user and log them in.
token = create_and_login()
# Try changing the password.
response = self.client.post(PASSWORD_URL,
json.dumps({
"username": TEST_USER[0],
"current_password": TEST_USER[2]
}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_400_BAD_REQUEST)
# Test logging in using the old password.
login(TEST_USER[0], TEST_USER[2])
def test_put(self):
"""Change a tenant's attributes."""
# The expected result, sans uuid.
INITIAL_TENANT = {"name": "tenant",
"owner": "John",
"owner_contact": "206.867.5309"}
NEW_TENANT = {"name": "TENant",
"owner": "Bob",
"owner_contact": "212.867.5309"}
def get_tenant(token, expected):
"""Get the tenant using the token and check the response."""
response = self.client.get(
TENANTS_ID_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, expected)
# Make a tenant
tenant = Tenant.objects.create(**INITIAL_TENANT)
# Create a Django admin user, and a normal user who's a tenant_admin of
# the tenant.
token = create_and_login(is_superuser=True)
get_user_model().objects.create_user("a",
"*****@*****.**",
"a",
tenant=tenant,
tenant_admin=True)
# Test changing the tenant as a Django admin.
response = self.client.put(
TENANTS_ID_URL % tenant.uuid,
json.dumps(NEW_TENANT),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, NEW_TENANT)
get_tenant(token, NEW_TENANT)
# Test changing the tenant as a tenant admin.
token = login('a', 'a')
response = self.client.put(
TENANTS_ID_URL % tenant.uuid,
json.dumps(NEW_TENANT),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, NEW_TENANT)
get_tenant(token, NEW_TENANT)
def test_not_logged_in(self):
"""The user isn't logged in.
The user shouldn't be able to change their password.
"""
# Create a user and log them out.
token = create_and_login()
response = self.client.post(
LOGOUT_URL,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
self.assertContains(response, '', status_code=HTTP_200_OK)
# Now try changing the password.
response = self.client.post(
PASSWORD_URL,
json.dumps({"username": TEST_USER[0],
"current_password": TEST_USER[2],
"new_password": "******"}),
content_type="application/json",
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
self.assertContains(response,
CONTENT_BAD_TOKEN,
status_code=HTTP_401_UNAUTHORIZED)
# Verify that we can't log in using the NEW password.
response = self.client.post(LOGIN_URL,
{"username": TEST_USER[0],
"password": "******"})
self.assertContains(response,
CONTENT_NON_FIELD_ERRORS,
status_code=HTTP_400_BAD_REQUEST)
# We should be able to still log in using the old password.
login(TEST_USER[0], TEST_USER[2])
def test_get(self):
"""Get a tenant record."""
# The expected result, sans uuid.
EXPECTED_RESULT = {
"name": "tenant",
"owner": "John",
"owner_contact": "206.867.5309"
}
def get_tenant(token):
"""Get the tenant using the token, and check the response."""
response = self.client.get(
TENANTS_ID_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, EXPECTED_RESULT)
# Make a tenant
tenant = Tenant.objects.create(name='tenant',
owner='John',
owner_contact='206.867.5309')
# Create a Django admin user, and a normal user who's a tenant_admin of
# the tenant.
token = create_and_login(is_superuser=True)
get_user_model().objects.create_user("a",
"*****@*****.**",
"a",
tenant=tenant,
tenant_admin=True)
# Test getting the tenant as a Django admin, then as the tenant_admin
# of the tenant. Both should work.
get_tenant(token)
token = login('a', 'a')
get_tenant(token)
def test_get(self):
"""Get a tenant record."""
# The expected result, sans uuid.
EXPECTED_RESULT = {"name": "tenant",
"owner": "John",
"owner_contact": "206.867.5309"}
def get_tenant(token):
"""Get the tenant using the token, and check the response."""
response = self.client.get(
TENANTS_ID_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
check_response_without_uuid(response, HTTP_200_OK, EXPECTED_RESULT)
# Make a tenant
tenant = Tenant.objects.create(name='tenant',
owner='John',
owner_contact='206.867.5309')
# Create a Django admin user, and a normal user who's a tenant_admin of
# the tenant.
token = create_and_login(is_superuser=True)
get_user_model().objects.create_user("a",
"*****@*****.**",
"a",
tenant=tenant,
tenant_admin=True)
# Test getting the tenant as a Django admin, then as the tenant_admin
# of the tenant. Both should work.
get_tenant(token)
token = login('a', 'a')
get_tenant(token)
def test_get(self):
"""List a tenant's users."""
# The accounts in this test.
TENANT_USERS = [{"username": "******",
"email": "*****@*****.**",
"password": "******",
"tenant_admin": True},
{"username": "******", "email": "*****@*****.**", "password": "******"},
{"username": "******", "email": "*****@*****.**", "password": "******"},
]
USERS = [{"username": "******", "email": "*****@*****.**", "password": "******"},
{"username": "******", "email": "*****@*****.**", "password": "******"},
]
EXPECTED_RESULT = [{"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_name": "tennet",
"tenant_admin": True,
"is_superuser": False},
{"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_admin": False,
"is_superuser": False},
{"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_admin": False,
"is_superuser": False},
]
# Make a tenant
tenant = Tenant.objects.create(name='tennet',
owner='John',
owner_contact='206.867.5309')
# Create users belonging to this tenant. One will be the tenant_admin.
for user in TENANT_USERS:
user["tenant"] = tenant
get_user_model().objects.create_user(**user)
# Create users who don't belong to the tenant.
for user in USERS:
get_user_model().objects.create(**user)
# Log in as the tenant_admin.
tenant_admin = [x for x in TENANT_USERS if "tenant_admin" in x][0]
token = login(tenant_admin["username"], tenant_admin["password"])
# Get the tenant's user list and check the response. We do a partial
# check of the uuid, date_joined, and last_login keys. They must exist,
# and their values must be strings, and the UUID ought to be >= 32
# characters.
response = self.client.get(
TENANTS_ID_USERS_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD % token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_200_OK)
response_content = json.loads(response.content)
for entry in response_content["results"]:
self.assertIsInstance(entry["uuid"], basestring)
self.assertGreaterEqual(len(entry["uuid"]), 32)
self.assertIsInstance(entry["date_joined"], basestring)
# The tenant_admin has logged in, but the other two users have
# never logged in.
if entry["tenant_admin"]:
self.assertIsInstance(entry["last_login"], basestring)
else:
self.assertIsNone(entry["last_login"])
del entry["uuid"]
del entry["date_joined"]
del entry["last_login"]
self.assertItemsEqual(response_content["results"], EXPECTED_RESULT)
def test_get(self):
"""List a tenant's users."""
# The accounts in this test.
TENANT_USERS = [
{
"username": "******",
"email": "*****@*****.**",
"password": "******",
"tenant_admin": True
},
{
"username": "******",
"email": "*****@*****.**",
"password": "******"
},
{
"username": "******",
"email": "*****@*****.**",
"password": "******"
},
]
USERS = [
{
"username": "******",
"email": "*****@*****.**",
"password": "******"
},
{
"username": "******",
"email": "*****@*****.**",
"password": "******"
},
]
EXPECTED_RESULT = [
{
"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_name": "tennet",
"tenant_admin": True,
"is_superuser": False
},
{
"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_admin": False,
"is_superuser": False
},
{
"username": "******",
"first_name": '',
"last_name": '',
"email": "*****@*****.**",
"default_tenant_admin": False,
"tenant_admin": False,
"is_superuser": False
},
]
# Make a tenant
tenant = Tenant.objects.create(name='tennet',
owner='John',
owner_contact='206.867.5309')
# Create users belonging to this tenant. One will be the tenant_admin.
for user in TENANT_USERS:
user["tenant"] = tenant
get_user_model().objects.create_user(**user)
# Create users who don't belong to the tenant.
for user in USERS:
get_user_model().objects.create(**user)
# Log in as the tenant_admin.
tenant_admin = [x for x in TENANT_USERS if "tenant_admin" in x][0]
token = login(tenant_admin["username"], tenant_admin["password"])
# Get the tenant's user list and check the response. We do a partial
# check of the uuid, date_joined, and last_login keys. They must exist,
# and their values must be strings, and the UUID ought to be >= 32
# characters.
response = self.client.get(TENANTS_ID_USERS_URL % tenant.uuid,
HTTP_AUTHORIZATION=AUTHORIZATION_PAYLOAD %
token)
# pylint: disable=E1101
self.assertEqual(response.status_code, HTTP_200_OK)
response_content = json.loads(response.content)
for entry in response_content["results"]:
self.assertIsInstance(entry["uuid"], basestring)
self.assertGreaterEqual(len(entry["uuid"]), 32)
self.assertIsInstance(entry["date_joined"], basestring)
self.assertIsInstance(entry["last_login"], basestring)
del entry["uuid"]
del entry["date_joined"]
del entry["last_login"]
self.assertItemsEqual(response_content["results"], EXPECTED_RESULT)
