def test_authenticated_user_cannot_activate_another_account(self): """ Verify that if a user is authenticated and tries to activate another account, error message is shown. """ # create a new user and registration link second_user = UserFactory.create( username='******', email='*****@*****.**', password='******', is_active=False, ) registration = Registration() registration.register(second_user) registration.save() # Login first user self.login() # Try activating second user's account response = self.client.get(reverse('activate', args=[registration.activation_key]), follow=True) self.assertContains(response, 'Your account could not be activated') # verify that both users have their is_active state set to False self._assert_user_active_state(expected_active_state=False) second_user.refresh_from_db() assert second_user.is_active is False
class TestActivateAccount(TestCase): """Tests for account creation""" def setUp(self): super(TestActivateAccount, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments self.username = "******" self.email = "*****@*****.**" self.password = "******" self.user = UserFactory.create( username=self.username, email=self.email, password=self.password, is_active=False, ) # Set Up Registration self.registration = Registration() self.registration.register(self.user) self.registration.save() self.platform_name = configuration_helpers.get_value('PLATFORM_NAME', settings.PLATFORM_NAME) self.activation_email_support_link = configuration_helpers.get_value( 'ACTIVATION_EMAIL_SUPPORT_LINK', settings.ACTIVATION_EMAIL_SUPPORT_LINK ) or settings.SUPPORT_SITE_LINK def login(self): """ Login with test user. Since, only active users can login, so we must activate the user before login. This method does the following tasks in order, 1. Stores user's active/in-active status in a variable. 2. Makes sure user account is active. 3. Authenticated user with the client. 4. Reverts user's original active/in-active status. """ is_active = self.user.is_active # Make sure user is active before login self.user.is_active = True self.user.save() self.client.login(username=self.username, password=self.password) # Revert user activation status self.user.is_active = is_active self.user.save() def assert_no_tracking(self, mock_segment_identify): """ Assert that activate sets the flag but does not call segment. """ # Ensure that the user starts inactive self.assertFalse(self.user.is_active) # Until you explicitly activate it self.registration.activate() self.assertTrue(self.user.is_active) self.assertFalse(mock_segment_identify.called) @patch('common.djangoapps.student.models.USER_ACCOUNT_ACTIVATED') def test_activation_signal(self, mock_signal): """ Verify that USER_ACCOUNT_ACTIVATED is emitted upon account email activation. """ assert not self.user.is_active, 'Ensure that the user starts inactive' assert not mock_signal.send_robust.call_count, 'Ensure no signal is fired before activation' self.registration.activate() # Until you explicitly activate it assert self.user.is_active, 'Sanity check for .activate()' mock_signal.send_robust.assert_called_once_with(Registration, user=self.user) # Ensure the signal is emitted def test_account_activation_message(self): """ Verify that account correct activation message is displayed. If logged in user has not activated their account, make sure that an account activation message is displayed on dashboard sidebar. """ # Log in with test user. self.login() expected_message = ( u"Check your {email_start}{email}{email_end} inbox for an account activation link from " u"{platform_name}. If you need help, contact {link_start}{platform_name} Support{link_end}." ).format( platform_name=self.platform_name, email_start="<strong>", email_end="</strong>", email=self.user.email, link_start="<a target='_blank' href='{activation_email_support_link}'>".format( activation_email_support_link=self.activation_email_support_link, ), link_end="</a>", ) response = self.client.get(reverse('dashboard')) self.assertContains(response, expected_message) # Now make sure account activation message goes away when user activated the account self.user.is_active = True self.user.save() self.login() response = self.client.get(reverse('dashboard')) self.assertNotContains(response, expected_message) def _assert_user_active_state(self, expected_active_state): user = User.objects.get(username=self.user.username) self.assertEqual(user.is_active, expected_active_state) def test_account_activation_notification_on_logistration(self): """ Verify that logistration page displays success/error/info messages about account activation. """ login_page_url = "{login_url}?next={redirect_url}".format( login_url=reverse('signin_user'), redirect_url=reverse('dashboard'), ) self._assert_user_active_state(expected_active_state=False) # Access activation link, message should say that account has been activated. response = self.client.get(reverse('activate', args=[self.registration.activation_key]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'Success! You have activated your account.') self._assert_user_active_state(expected_active_state=True) # Access activation link again, message should say that account is already active. response = self.client.get(reverse('activate', args=[self.registration.activation_key]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'This account has already been activated.') self._assert_user_active_state(expected_active_state=True) # Open account activation page with an invalid activation link, # there should be an error message displayed. response = self.client.get(reverse('activate', args=[uuid4().hex]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'Your account could not be activated') @override_settings(FEATURES=FEATURES_WITH_AUTHN_MFE_ENABLED) @override_waffle_flag(REDIRECT_TO_AUTHN_MICROFRONTEND, active=True) def test_unauthenticated_user_redirects_to_mfe(self): """ Verify that if Authn MFE is enabled then authenticated user redirects to login page with correct query param. """ login_page_url = "{authn_mfe}/login?account_activation_status=".format( authn_mfe=settings.AUTHN_MICROFRONTEND_URL ) self._assert_user_active_state(expected_active_state=False) # Access activation link, the user is redirected to login page with success query param response = self.client.get(reverse('activate', args=[self.registration.activation_key])) self.assertEqual(response.url, login_page_url + 'success') # Access activation link again, the user is redirected to login page with info query param response = self.client.get(reverse('activate', args=[self.registration.activation_key])) self.assertEqual(response.url, login_page_url + 'info') # Open account activation page with an invalid activation link, the query param should contain error response = self.client.get(reverse('activate', args=[uuid4().hex])) self.assertEqual(response.url, login_page_url + 'error')
class TestActivateAccount(TestCase): """Tests for account creation""" def setUp(self): super().setUp() self.username = "******" self.email = "*****@*****.**" self.password = "******" self.user = UserFactory.create( username=self.username, email=self.email, password=self.password, is_active=False, ) # Set Up Registration self.registration = Registration() self.registration.register(self.user) self.registration.save() self.platform_name = configuration_helpers.get_value( 'PLATFORM_NAME', settings.PLATFORM_NAME) self.activation_email_support_link = configuration_helpers.get_value( 'ACTIVATION_EMAIL_SUPPORT_LINK', settings. ACTIVATION_EMAIL_SUPPORT_LINK) or settings.SUPPORT_SITE_LINK def login(self): """ Login with test user. Since, only active users can login, so we must activate the user before login. This method does the following tasks in order, 1. Stores user's active/in-active status in a variable. 2. Makes sure user account is active. 3. Authenticated user with the client. 4. Reverts user's original active/in-active status. """ is_active = self.user.is_active # Make sure user is active before login self.user.is_active = True self.user.save() self.client.login(username=self.username, password=self.password) # Revert user activation status self.user.is_active = is_active self.user.save() def assert_no_tracking(self, mock_segment_identify): """ Assert that activate sets the flag but does not call segment. """ # Ensure that the user starts inactive assert not self.user.is_active # Until you explicitly activate it self.registration.activate() assert self.user.is_active assert not mock_segment_identify.called @patch('common.djangoapps.student.models.USER_ACCOUNT_ACTIVATED') def test_activation_signal(self, mock_signal): """ Verify that USER_ACCOUNT_ACTIVATED is emitted upon account email activation. """ assert not self.user.is_active, 'Ensure that the user starts inactive' assert not mock_signal.send_robust.call_count, 'Ensure no signal is fired before activation' self.registration.activate() # Until you explicitly activate it assert self.user.is_active, 'Sanity check for .activate()' mock_signal.send_robust.assert_called_once_with( Registration, user=self.user) # Ensure the signal is emitted def test_activation_timestamp(self): """ Assert that activate sets the flag but does not call segment. """ # Ensure that the user starts inactive assert not self.user.is_active # Until you explicitly activate it timestamp_before_activation = datetime.utcnow() self.registration.activate() assert self.user.is_active assert self.registration.activation_timestamp > timestamp_before_activation def test_account_activation_message(self): """ Verify that account correct activation message is displayed. If logged in user has not activated their account, make sure that an account activation message is displayed on dashboard sidebar. """ # Log in with test user. self.login() expected_message = ( "Check your {email_start}{email}{email_end} inbox for an account activation link from " "{platform_name}. If you need help, contact {link_start}{platform_name} Support{link_end}." ).format( platform_name=self.platform_name, email_start="<strong>", email_end="</strong>", email=self.user.email, link_start= "<a target='_blank' href='{activation_email_support_link}'>". format(activation_email_support_link=self. activation_email_support_link, ), link_end="</a>", ) response = self.client.get(reverse('dashboard')) self.assertContains(response, expected_message) # Now make sure account activation message goes away when user activated the account self.user.is_active = True self.user.save() self.login() response = self.client.get(reverse('dashboard')) self.assertNotContains(response, expected_message) def _assert_user_active_state(self, expected_active_state): user = User.objects.get(username=self.user.username) assert user.is_active == expected_active_state def test_account_activation_notification_on_logistration(self): """ Verify that logistration page displays success/error/info messages about account activation. """ login_page_url = "{login_url}?next={redirect_url}".format( login_url=reverse('signin_user'), redirect_url=reverse('dashboard'), ) self._assert_user_active_state(expected_active_state=False) # Access activation link, message should say that account has been activated. response = self.client.get(reverse( 'activate', args=[self.registration.activation_key]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'Success! You have activated your account.') self._assert_user_active_state(expected_active_state=True) # Access activation link again, message should say that account is already active. response = self.client.get(reverse( 'activate', args=[self.registration.activation_key]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'This account has already been activated.') self._assert_user_active_state(expected_active_state=True) # Open account activation page with an invalid activation link, # there should be an error message displayed. response = self.client.get(reverse('activate', args=[uuid4().hex]), follow=True) self.assertRedirects(response, login_page_url) self.assertContains(response, 'Your account could not be activated') @override_settings(LOGIN_REDIRECT_WHITELIST=['localhost:1991']) @override_settings(FEATURES={ **FEATURES_WITH_AUTHN_MFE_ENABLED, 'ENABLE_ENTERPRISE_INTEGRATION': True }) @override_waffle_flag(REDIRECT_TO_AUTHN_MICROFRONTEND, active=True) def test_authenticated_account_activation_with_valid_next_url(self): """ Verify that an activation link with a valid next URL will redirect the activated enterprise user to that next URL, even if the AuthN MFE is active and redirects to it are enabled. """ self._assert_user_active_state(expected_active_state=False) EnterpriseCustomerUserFactory(user_id=self.user.id) # Make sure the user is authenticated before activation. self.login() redirect_url = 'http://*****:*****@override_settings(LOGIN_REDIRECT_WHITELIST=['localhost:9876']) @override_settings(FEATURES=FEATURES_WITH_AUTHN_MFE_ENABLED) @override_waffle_flag(REDIRECT_TO_AUTHN_MICROFRONTEND, active=False) def test_account_activation_invalid_next_url_redirects_dashboard(self): """ Verify that an activation link with an invalid next URL (i.e. it's for a domain not in the allowed list of redirect destinations) will redirect the activated, but unauthenticated, user to a login URL that points to 'dashboard' as the next URL. """ self._assert_user_active_state(expected_active_state=False) redirect_url = 'http://localhost:1991/pied-piper/learn' base_activation_url = reverse('activate', args=[self.registration.activation_key]) activation_url = '{base}?{params}'.format( base=base_activation_url, params=urlencode({'next': redirect_url}), ) response = self.client.get(activation_url, follow=True, HTTP_ACCEPT='*/*') expected_destination = "{login_url}?next={redirect_url}".format( login_url=reverse('signin_user'), redirect_url=reverse('dashboard'), ) self.assertRedirects(response, expected_destination) self._assert_user_active_state(expected_active_state=True) @override_settings(FEATURES=FEATURES_WITH_AUTHN_MFE_ENABLED) @override_waffle_flag(REDIRECT_TO_AUTHN_MICROFRONTEND, active=True) def test_unauthenticated_user_redirects_to_mfe(self): """ Verify that if Authn MFE is enabled then authenticated user redirects to login page with correct query param. """ login_page_url = "{authn_mfe}/login?account_activation_status=".format( authn_mfe=settings.AUTHN_MICROFRONTEND_URL) self._assert_user_active_state(expected_active_state=False) # Access activation link, the user is redirected to login page with success query param response = self.client.get( reverse('activate', args=[self.registration.activation_key])) assert response.url == (login_page_url + 'success') # Access activation link again, the user is redirected to login page with info query param response = self.client.get( reverse('activate', args=[self.registration.activation_key])) assert response.url == (login_page_url + 'info') # Open account activation page with an invalid activation link, the query param should contain error response = self.client.get(reverse('activate', args=[uuid4().hex])) assert response.url == (login_page_url + 'error') @override_settings(LOGIN_REDIRECT_WHITELIST=['localhost:1991']) @override_settings(FEATURES=FEATURES_WITH_AUTHN_MFE_ENABLED) @override_waffle_flag(REDIRECT_TO_AUTHN_MICROFRONTEND, active=True) def test_unauthenticated_user_redirects_to_mfe_with_valid_next_url(self): """ Verify that if Authn MFE is enabled then authenticated user redirects to login page with correct account_activation_status param. Additionally, if a valid `next` redirect URL is provided to the activation URL, it should be included as a parameter in the login page the requesting user is redirected to. """ login_page_url = "{authn_mfe}/login?account_activation_status=".format( authn_mfe=settings.AUTHN_MICROFRONTEND_URL) self._assert_user_active_state(expected_active_state=False) redirect_url = 'http://*****:*****@fake.edx.org', password='******', is_active=False, ) registration = Registration() registration.register(second_user) registration.save() # Login first user self.login() # Try activating second user's account response = self.client.get(reverse('activate', args=[registration.activation_key]), follow=True) self.assertContains(response, 'Your account could not be activated') # verify that both users have their is_active state set to False self._assert_user_active_state(expected_active_state=False) second_user.refresh_from_db() assert second_user.is_active is False