class ResetPasswordTests(TestCase):
def setUp(self) -> None:
self.user_password = "******"
self.user = UserFactory()
self.user.set_password(self.user_password)
self.user.save()
self.url = self._generate_valid_reset_password_confirm_url()
def test_help_text_for_reused_password_should_display_in_template_response(self):
response = self.client.get(path=self.url)
self.assertContains(response, ValidatorsHelpText.PASSWORD_CANNOT_BE_THE_SAME_AS_PREVIOUS.value)
def test_that_new_password_cannot_be_the_same_as_previous_password(self):
response = self.client.post(
path=self.url, data={"new_password1": self.user_password, "new_password2": self.user_password}
)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context["form"].errors), 1)
self.assertContains(response, str(ValidationErrorText.VALIDATION_ERROR_NEW_PASSWORD_THE_SAME_AS_PREVIOUS))
def _generate_valid_reset_password_confirm_url(self):
reset_password_response = self.client.post(reverse("password_reset"), data={"email": self.user.email})
self.uid = reset_password_response.context["uid"]
token = reset_password_response.context["token"]
reset_password_confirm_response = self.client.post(
reverse("password_reset_confirm", kwargs={"uidb64": self.uid, "token": token})
)
return reset_password_confirm_response.url
def create_user_and_set_password(self, password=None):
if not password:
password = fake.password()
user = UserFactory()
user.set_password(password)
user.save()
return user, password
def test_update(self):
user = UserFactory(email='*****@*****.**')
self.assertEqual(User.objects.first().email, '*****@*****.**')
user.email = '*****@*****.**'
user.save()
self.assertEqual(User.objects.first().email, '*****@*****.**')
def auth_admin() -> UserFactory:
"""
SuperUser with simple password.
:return: UserFactory
"""
user = UserFactory(is_superuser=True, is_staff=True)
user.set_password('password')
user.save()
return user
def auth_user() -> UserFactory:
"""
User with simple password.
:return: UserFactory
"""
user = UserFactory()
user.set_password('password')
user.save()
return user
def handle(self, *args, **options):
model = get_user_model()
if not model.objects.filter(email="*****@*****.**"):
superuser = UserFactory(email="*****@*****.**",
is_staff=True,
is_superuser=True)
superuser.set_password("@Admin123")
superuser.save()
self.stdout.write(self.style.SUCCESS("Superuser created!"))
else:
self.stdout.write(self.style.ERROR("Superuser already created!"))
def test_can_employee_sign_in(self):
user = UserFactory(
email='*****@*****.**',
)
email_confirmation = EmailConfirmationFactory(user=user)
user.set_password('12345678')
user.save()
post_data = {
'email': '*****@*****.**',
'password': '******',
}
response = self.client.post(
self.sign_in_url,
data=post_data,
)
user.refresh_from_db()
data = self.parse_response(response.content)
self.assertEqual(response.status_code, 403)
self.assertEqual(
data['detail'],
'E-mail was not verified.'
)
email_confirmation.confirmed = True
email_confirmation.save()
email_confirmation.refresh_from_db()
response = self.client.post(
self.sign_in_url,
data=post_data,
)
data = self.parse_response(response.content)
self.assertEqual(response.status_code, 200)
self.assertEqual(
user.auth_token.key,
data['auth_token']
)
self.assertEqual(
data['detail'],
'Successfully authenticated.'
)
class TestReusedPreviousPasswordValidator(TestCase):
def setUp(self) -> None:
self.password_validator = ReusedPreviousPasswordValidator()
self.user = UserFactory()
self.password = "******"
self.user.set_password(self.password)
self.user.save()
def test_that_validator_raise_exception_when_new_password_is_the_same_as_previous_password(self):
with self.assertRaises(ValidationError) as exception:
self.password_validator.validate(password=self.password, user=self.user)
self.assertEqual(
exception.exception.messages, [ValidationErrorText.VALIDATION_ERROR_NEW_PASSWORD_THE_SAME_AS_PREVIOUS]
)
def test_that_validation_pass_when_new_password_is_different_than_previous(self):
new_different_password = "******"
try:
self.password_validator.validate(password=new_different_password, user=self.user)
except ValidationError:
self.fail()
class AuthTokenSerializerTest(APITestCase):
"""
Class for test AuthTokenSerializer
"""
def setUp(self):
self.password = '******'
self.user = UserFactory(password=self.password)
def test_validate_user_success(self):
"""
Validate user successful
"""
data = {
'email': self.user.email,
'password': self.password,
}
serializer = AuthTokenSerializer(data=data)
self.assertTrue(serializer.is_valid(raise_exception=True))
self.assertEqual(serializer.validated_data['user'], self.user)
def test_validate_user_inactive(self):
"""
Validate an inactive user
"""
self.user.is_active = False
self.user.save()
data = {
'email': self.user.email,
'password': self.password,
}
serializer = AuthTokenSerializer(data=data)
with self.assertRaises(ValidationError):
serializer.is_valid(raise_exception=True)
def test_validate_user_wrong_password(self):
"""
Validate a user with wrong password
"""
self.user.is_active = False
self.user.save()
data = {
'email': self.user.email,
'password': '******',
}
serializer = AuthTokenSerializer(data=data)
with self.assertRaises(ValidationError):
serializer.is_valid(raise_exception=True)
def test_validate_user_missig_data(self):
"""
Validate with missing data
"""
self.user.is_active = False
self.user.save()
data = {
'email': self.user.email,
}
serializer = AuthTokenSerializer(data=data)
with self.assertRaises(ValidationError):
serializer.is_valid(raise_exception=True)
class UserListTests(TestCase):
def setUp(self):
self.user_employee = UserFactory(user_type=CustomUser.UserType.EMPLOYEE.name)
self.user_employee.save()
self.user_admin = UserFactory(user_type=CustomUser.UserType.ADMIN.name)
self.user_admin.save()
self.user_manager = UserFactory(user_type=CustomUser.UserType.MANAGER.name)
self.user_manager.save()
self.url = reverse("custom-users-list")
self.queryset_active = CustomUser.objects.filter(is_active=True)
def test_user_list_view_should_display_users_list_on_get(self):
self.client.force_login(self.user_admin)
response = self.client.get(self.url)
self.assertEqual(response.status_code, 200)
self.assertContains(response, self.user_admin.get_user_type_display())
self.assertContains(response, self.user_admin.email)
self.assertContains(response, self.user_admin.first_name)
self.assertContains(response, self.user_admin.last_name)
def test_user_list_view_should_not_be_accessible_for_unauthenticated_user(self):
response = self.client.get(self.url)
self.assertEqual(response.status_code, 302)
def test_user_employee_should_not_get_list_of_all_employees(self):
self.client.force_login(self.user_employee)
response = self.client.get(self.url)
self.assertEqual(response.status_code, 302)
def test_user_manager_should_not_get_list_of_all_employees(self):
self.client.force_login(self.user_manager)
response = self.client.get(self.url)
self.assertEqual(response.status_code, 302)
def test_inactive_user_should_be_listed(self):
inactive_user = UserFactory(is_active=False)
self.client.force_login(self.user_admin)
response = self.client.get(self.url)
self.assertContains(response, inactive_user.email)
def test_get_users_by_user_type_method_should_filter_queryset_by_user_type(self):
queryset = UserList()._get_users_by_user_type(CustomUser.UserType.EMPLOYEE.name, self.queryset_active)
self.assertEqual(len(queryset), 1)
self.assertTrue(self.user_employee in queryset)
self.assertFalse(self.user_admin in queryset)
self.assertFalse(self.user_manager in queryset)
def test_get_ordered_list_of_users_should_order_users_by_hierarchy(self):
ordered_list = UserList()._get_ordered_list_of_users(self.queryset_active)
self.assertEqual(len(ordered_list), 3)
self.assertEqual(ordered_list[0], self.user_admin)
self.assertEqual(ordered_list[1], self.user_manager)
self.assertEqual(ordered_list[2], self.user_employee)
def test_that_user_list_should_redirect_on_post(self):
self.client.force_login(self.user_admin)
response = self.client.post(path=self.url)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, self.url)
def test_that_active_user_status_should_be_changed_on_post(self):
inactive_user = UserFactory(is_active=False)
self.client.force_login(self.user_admin)
response = self.client.post(path=self.url, data={"activate": inactive_user.id}, follow=True)
active_user_input = f'<input type="hidden" name=disable value="{inactive_user.id}">'
self.assertContains(response, active_user_input)
self.assertEqual(response.status_code, 200)
def test_that_inactive_user_status_should_be_changed_on_post(self):
self.client.force_login(self.user_admin)
response = self.client.post(path=self.url, data={"disable": self.user_employee.id}, follow=True)
inactive_user_input = f'<input type="hidden" name=activate value="{self.user_employee.id}">'
self.assertContains(response, inactive_user_input)
self.assertEqual(response.status_code, 200)
class UserUpdateByAdminTests(TestCase):
def setUp(self):
self.user = UserFactory()
self.user.save()
self.user_admin = AdminUserFactory()
self.client.force_login(self.user_admin)
self.data = {
"first_name": self.user.first_name,
"last_name": self.user.last_name,
"email": self.user.email,
"user_type": self.user.user_type,
}
self.correct_url = reverse("custom-user-update-by-admin", kwargs={"pk": self.user.pk})
self.expected_success_message = SuccessPopUpMessages.SUCCESSFULLY_CREATE_OR_UPDATE_USER.value.format(
email=self.user.email, action="updated"
)
def test_user_update_by_admin_view_should_display_user_details_on_get(self):
response = self.client.get(path=reverse("custom-user-update-by-admin", kwargs={"pk": self.user.pk}))
self.assertEqual(response.status_code, 200)
self.assertContains(response, self.user.email)
self.assertContains(response, self.user.first_name)
self.assertContains(response, self.user.last_name)
self.assertTemplateUsed("user_detail.html")
def test_user_update_by_admin_view_should_not_render_non_existing_user(self):
response = self.client.get(path=reverse("custom-user-update-by-admin", kwargs={"pk": 1000}))
self.assertEqual(response.status_code, 404)
def test_user_update_by_admin_view_should_update_user_on_post(self):
self.data["last_name"] = "NewLastName"
response = self.client.post(self.correct_url, self.data)
self.user.refresh_from_db()
self.assertEqual(response.status_code, 302)
self.assertEqual(self.data["last_name"], self.user.last_name)
def test_user_update_by_admin_view_should_not_update_user_on_post_if_form_is_invalid(self):
self.data["email"] = "*****@*****.**"
response = self.client.post(self.correct_url, self.data)
self.user.refresh_from_db()
self.assertEqual(response.status_code, 200)
def test_success_message_should_be_added_on_post_if_form_is_valid(self):
self.data["last_name"] = "NewLastName"
response = self.client.post(path=self.correct_url, data=self.data)
messages = list(get_messages(response.wsgi_request))
self.assertEqual(str(messages[0]), self.expected_success_message)
def test_that_success_message_should_be_displayed_in_template_on_get_after_user_update_by_admin_if_form_is_valid(
self
):
self.data["last_name"] = "NewLastName"
response = self.client.post(path=self.correct_url, data=self.data, follow=True)
self.assertContains(response, self.expected_success_message)
def test_that_success_message_should_not_be_added_if_form_is_invalid(self):
self.data["email"] = "*****@*****.**"
response = self.client.post(path=self.correct_url, data=self.data)
messages = list(get_messages(response.wsgi_request))
self.assertEqual(len(messages), 0)
class ViewTesCase(PlusTestCase):
def setUp(self):
self.user = UserFactory()
self.country = CountryFactory()
self.company_organisation = CompanyOrganisationFactory()
go_group, _created = Group.objects.get_or_create(name='GO Admins')
self.go_group = go_group
mo_group, _created = Group.objects.get_or_create(name='MO Admins')
self.mo_group = mo_group
def test_index_redirect(self):
url = '/accounts/login/'
uuid = '123123'
customer_role = f'{uuid}-admin'
self.user.profile.customer_role = customer_role
self.user.profile.save()
self.company_organisation.uuid = uuid
self.company_organisation.save()
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 200, response.status_code
response_countries_id = response.context[0]['companies'].values_list(
'id', flat=True)
assert self.company_organisation.id in response_countries_id
self.user.profile.customer_role = ''
self.user.profile.save()
response = self.client.get(url)
assert response.status_code == 200, response.status_code
companies = response.context[0].get('companies')
assert companies is None
def test_index(self):
url = self.reverse('BCM:index')
response = self.client.get(url)
assert response.status_code == 200, response.status_code
assert b'Activate is a service offered by' in response.content
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('profile')
self.user.groups.add(self.go_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:go_admin')
self.user.groups.all().delete()
self.user.groups.add(self.mo_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:mo_admin')
def test_after_login(self):
url = self.reverse('BCM:after_login')
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('profile')
def test_staff_member_register_view(self):
url = self.reverse('BCM:signup')
response = self.client.get(url)
assert response.status_code == 200, response.status_code
assert b'<title>GS1 Activate</title>' in response.content
self.user.groups.add(self.go_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:go_admin')
self.user.groups.all().delete()
self.user.groups.add(self.mo_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:mo_admin')
def test_staff_member_login_view(self):
url = self.reverse('BCM:login')
response = self.client.get(url)
assert response.status_code == 200, response.status_code
assert b'<title>GS1 Activate</title>' in response.content
password = '******'
self.user.set_password(password)
self.user.save()
data = {'username': self.user.username, 'password': password}
response = self.client.post(url, data=data)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('profile'), response.url
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('profile')
self.user.groups.add(self.go_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin_profile_js')
self.user.groups.all().delete()
self.user.groups.add(self.mo_group)
MemberOrganisationUserFactory(is_admin=True, user=self.user)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin_profile_js')
self.user.is_staff = True
self.user.save()
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:index')
def test_ss0_redirect_view(self):
url = self.reverse('BCM:sso_redirect')
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('BCM:index')
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('BCM:index'), response.url
self.user.groups.add(self.go_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:go_admin')
self.user.groups.all().delete()
self.user.groups.add(self.mo_group)
self.client.force_login(self.user)
response = self.client.get(url)
assert response.status_code == 302, response.status_code
assert response.url == self.reverse('admin:mo_admin')
def handle(self, *args, **options):
#
# Users
#
user_admin = User.objects.filter(email="*****@*****.**").first()
if user_admin is None:
user_admin = UserFactory(email="*****@*****.**",
user_type=User.UserType.ADMIN.name,
is_superuser=True,
is_staff=True)
user_admin.set_password("superuser") # pylint: disable=no-value-for-parameter
user_admin.save()
user_employee_1 = User.objects.filter(
email="*****@*****.**").first()
if user_employee_1 is None:
user_employee_1 = UserFactory(
email="*****@*****.**",
user_type=User.UserType.EMPLOYEE.name,
first_name="Mieczysław",
last_name="Mietkowiak",
)
user_employee_1.set_password("passwduser") # pylint: disable=no-value-for-parameter
user_employee_1.save()
user_employee_2 = User.objects.filter(
email="*****@*****.**").first()
if user_employee_2 is None:
user_employee_2 = UserFactory(
email="*****@*****.**",
user_type=User.UserType.EMPLOYEE.name,
first_name="Andromeda",
last_name="Adamiak",
)
user_employee_2.set_password("passwduser") # pylint: disable=no-value-for-parameter
user_employee_2.save()
user_manager_1 = User.objects.filter(
email="*****@*****.**").first()
if user_manager_1 is None:
user_manager_1 = UserFactory(
email="*****@*****.**",
user_type=User.UserType.MANAGER.name,
first_name="Jan",
last_name="Nowakowski",
)
user_manager_1.set_password("passwduser") # pylint: disable=no-value-for-parameter
user_manager_1.save()
user_manager_2 = User.objects.filter(
email="*****@*****.**").first()
if user_manager_2 is None:
user_manager_2 = UserFactory(
email="*****@*****.**",
user_type=User.UserType.MANAGER.name,
first_name="Anna",
last_name="Małomówna",
)
user_manager_2.set_password("passwduser") # pylint: disable=no-value-for-parameter
user_manager_2.save()
user_employee_3 = User.objects.filter(
email="*****@*****.**").first()
if user_employee_3 is None:
user_employee_3 = UserFactory(
email="*****@*****.**",
user_type=User.UserType.EMPLOYEE.name,
first_name="Kurt",
last_name="Schmidt",
)
user_employee_3.set_password("passwduser") # pylint: disable=no-value-for-parameter
user_employee_3.save()
#
# Projects
#
project_stopped = Project.objects.filter(name="Time monkey").first()
if project_stopped is None:
project_stopped = ProjectFactory(
name="Time monkey",
start_date=timezone.now() - timezone.timedelta(days=4 * 7),
stop_date=timezone.now() - timezone.timedelta(days=2 * 7),
)
self._add_manager_to_project_if_not_added_yet(project_stopped,
user_manager_1)
self._add_member_to_project_if_not_added_yet(project_stopped,
user_employee_1)
self._add_member_to_project_if_not_added_yet(project_stopped,
user_employee_2)
self._add_member_to_project_if_not_added_yet(project_stopped,
user_manager_1)
self._add_member_to_project_if_not_added_yet(project_stopped,
user_manager_2)
project_pending = Project.objects.filter(name="Sheet storm").first()
if project_pending is None:
project_pending = ProjectFactory(name="Sheet storm",
start_date=timezone.now() -
timezone.timedelta(days=2 * 7))
self._add_manager_to_project_if_not_added_yet(project_pending,
user_manager_1)
self._add_member_to_project_if_not_added_yet(project_pending,
user_employee_1)
self._add_member_to_project_if_not_added_yet(project_pending,
user_employee_2)
self._add_member_to_project_if_not_added_yet(project_pending,
user_manager_1)
project_suspended = Project.objects.filter(name="e_munchkin").first()
if project_suspended is None:
project_suspended = ProjectFactory(name="e_munchkin",
start_date=timezone.now() -
timezone.timedelta(days=7),
suspended=True)
self._add_manager_to_project_if_not_added_yet(project_suspended,
user_manager_1)
self._add_member_to_project_if_not_added_yet(project_suspended,
user_employee_2)
self._add_member_to_project_if_not_added_yet(project_suspended,
user_employee_3)
self._add_member_to_project_if_not_added_yet(project_suspended,
user_manager_1)
self._add_member_to_project_if_not_added_yet(project_suspended,
user_manager_2)
#
# Task activities
#
task_activity_review, _ = TaskActivityType.objects.get_or_create(
name="Review")
task_activity_backend_development, _ = TaskActivityType.objects.get_or_create(
name="Backend Development")
task_activity_frontend_development, _ = TaskActivityType.objects.get_or_create(
name="Frontend Development")
task_activity_meeting, _ = TaskActivityType.objects.get_or_create(
name="Meeting")
#
# Reports
#
ReportFactory(
date=timezone.now() - timezone.timedelta(days=2),
description=
"Some report\r\ncontaining multiple lines\r\\nin description.",
author=user_employee_1,
project=project_pending,
work_hours=timezone.timedelta(hours=8),
editable=True,
task_activities=task_activity_review,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report",
author=user_employee_1,
project=project_pending,
work_hours=timezone.timedelta(hours=4),
editable=True,
task_activities=task_activity_review,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report on the same day as other.",
author=user_employee_1,
project=project_stopped,
work_hours=timezone.timedelta(hours=4),
editable=True,
task_activities=task_activity_review,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report",
author=user_employee_2,
project=project_pending,
work_hours=timezone.timedelta(hours=6),
editable=True,
task_activities=task_activity_review,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=2),
description="Some report containing hours with fraction",
author=user_employee_2,
project=project_suspended,
work_hours=timezone.timedelta(hours=8, minutes=30),
editable=True,
task_activities=task_activity_backend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=2),
description=
"Some report containing:\r\n- multiple lines\\ in description\r\n- time with fraction",
author=user_manager_1,
project=project_pending,
work_hours=timezone.timedelta(hours=7, minutes=59),
editable=True,
task_activities=task_activity_backend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report",
author=user_manager_1,
project=project_pending,
work_hours=timezone.timedelta(hours=2),
editable=True,
task_activities=task_activity_backend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report containing time with fraction.",
author=user_manager_2,
project=project_stopped,
work_hours=timezone.timedelta(hours=7, minutes=1),
editable=True,
task_activities=task_activity_frontend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=2),
description="Some report",
author=user_manager_2,
project=project_suspended,
work_hours=timezone.timedelta(hours=8),
editable=True,
task_activities=task_activity_frontend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report on the same day as other",
author=user_manager_1,
project=project_stopped,
work_hours=timezone.timedelta(hours=2),
editable=True,
task_activities=task_activity_frontend_development,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report on the same day as other two",
author=user_manager_1,
project=project_suspended,
work_hours=timezone.timedelta(hours=4),
editable=True,
task_activities=task_activity_meeting,
)
ReportFactory(
date=timezone.now() - timezone.timedelta(days=1),
description="Some report",
author=user_employee_3,
project=project_suspended,
work_hours=timezone.timedelta(hours=8),
editable=True,
task_activities=task_activity_meeting,
)
def test_creates_one_token_only(self):
user = UserFactory()
user.save()
self.assertEqual(Token.objects.filter(user=user).count(), 1)
