def test_cannot_allow_the_creation_of_subscription_if_the_plan_limit_has_been_reached( self): # Setup plan = JournalManagementPlanFactory.create(code='test', max_accounts=3) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) JournalAccessSubscriptionFactory.create(user=self.user, journal=self.journal) token_1 = AccountActionTokenFactory.create(content_object=self.journal) token_2 = AccountActionTokenFactory.create( content_object=self.journal) # noqa token_1.consume(self.user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription. codename) self.client.login(username='******', password='******') url = reverse('userspace:journal:subscription:create', kwargs={'journal_pk': self.journal.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 302)
def test_can_indicate_if_it_is_consumed(self): # Setup user = User.objects.create_user( username='******', password='******', email='*****@*****.**') token_1 = AccountActionTokenFactory.create() token_2 = AccountActionTokenFactory.create(user=user, consumption_date=timezone.now()) # Run & check assert not token_1.is_consumed assert token_2.is_consumed
def test_cannot_validate_if_the_email_is_already_used_by_another_subscription_token(self): # Setup AccountActionTokenFactory.create( action=IndividualSubscriptionAction.name, content_object=self.journal, email="*****@*****.**" ) form_data = {"email": "*****@*****.**", "first_name": faker.first_name(), "last_name": faker.last_name()} form = JournalAccessSubscriptionCreateForm(form_data, journal=self.journal) # Run & check self.assertFalse(form.is_valid()) self.assertTrue("email" in form.errors)
def test_can_return_the_consumed_account_actions(self): # Setup user = User.objects.create_user( username='******', password='******', email='*****@*****.**') token_1 = AccountActionTokenFactory.create() AccountActionTokenFactory.create() token_1.consume(user) # Run tokens = AccountActionToken.consumed_objects.all() # Check assert list(tokens) == [token_1, ]
def test_can_indicate_if_it_is_expired(self): # Setup token_1 = AccountActionTokenFactory.create() token_2 = AccountActionTokenFactory.create() token_2._meta.get_field('created').auto_now_add = False token_2.created = timezone.now() - dt.timedelta(days=100) token_2.save() token_2._meta.get_field('created').auto_now_add = True # Run & check assert not token_1.is_expired assert token_2.is_expired
def test_can_indicate_if_it_is_consumed(self): # Setup user = User.objects.create_user(username='******', password='******', email='*****@*****.**') token_1 = AccountActionTokenFactory.create() token_2 = AccountActionTokenFactory.create( user=user, consumption_date=timezone.now()) # Run & check assert not token_1.is_consumed assert token_2.is_consumed
def test_can_return_the_pending_account_actions(self): # Setup token_1 = AccountActionTokenFactory.create() token_2 = AccountActionTokenFactory.create() token_2._meta.get_field('created').auto_now_add = False token_2.created = timezone.now() - dt.timedelta(days=100) token_2.save() token_2._meta.get_field('created').auto_now_add = True # Run tokens = AccountActionToken.pending_objects.all() # Check assert list(tokens) == [token_1, ]
def test_cannot_validate_if_the_email_is_already_used_by_another_token(self): # Setup AccountActionTokenFactory.create( action=OrganisationMembershipAction.name, content_object=self.organisation, email='*****@*****.**') form_data = { 'email': '*****@*****.**', 'first_name': faker.first_name(), 'last_name': faker.last_name(), } form = OrganisationMembershipTokenCreateForm(form_data, organisation=self.organisation) # Run & check self.assertFalse(form.is_valid()) self.assertTrue('email' in form.errors)
def test_can_initialize_the_last_name_using_the_token(self): # Setup token = AccountActionTokenFactory.create(last_name='bar') # Run form = AccountActionRegisterForm(token=token) # Check self.assertEqual(form.fields['last_name'].initial, 'bar')
def test_can_initialize_the_email_address_using_the_token(self): # Setup token = AccountActionTokenFactory.create(email='*****@*****.**') # Run form = AccountActionRegisterForm(token=token) # Check self.assertEqual(form.fields['email'].initial, '*****@*****.**')
def test_can_return_its_expiration_date(self): # Setup token = AccountActionTokenFactory.create() # Run & check assert token.expiration_date == ( token.created + dt.timedelta(days=account_actions_settings.ACTION_TOKEN_VALIDITY_DURATION))
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription. codename) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) token = AccountActionTokenFactory.create(content_object=self.journal) self.client.login(username='******', password='******') url = reverse('userspace:journal:subscription:cancel', kwargs={ 'journal_pk': self.journal.pk, 'pk': token.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) token = AccountActionTokenFactory.create( content_object=self.organisation) self.client.login(username='******', password='******') url = reverse('userspace:library:members:cancel', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': token.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_knows_that_a_consumed_token_cannot_be_consumed(self): # Setup user = User.objects.create_user( username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create() token.consume(user) # Run & check assert not token.can_be_consumed
def test_cannot_validate_if_the_email_is_already_used_by_another_subscription_token( self): # Setup AccountActionTokenFactory.create( action=IndividualSubscriptionAction.name, content_object=self.journal, email='*****@*****.**') form_data = { 'email': '*****@*****.**', 'first_name': faker.first_name(), 'last_name': faker.last_name(), } form = JournalAccessSubscriptionCreateForm(form_data, journal=self.journal) # Run & check self.assertFalse(form.is_valid()) self.assertTrue('email' in form.errors)
def test_can_be_consumed(self): # Setup user = User.objects.create_user( username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create() # Run & check token.consume(user) assert token.is_consumed
def test_return_an_http_404_error_if_the_token_action_is_not_registered(self): # Setup token = AccountActionTokenFactory.create() view = AccountActionLandingView.as_view() request = self.factory.get('/') # Run & check with pytest.raises(Http404): view(request, key=token.key)
def test_knows_that_an_expired_token_cannot_be_consumed(self): # Setup token = AccountActionTokenFactory.create() token._meta.get_field('created').auto_now_add = False token.created = timezone.now() - dt.timedelta(days=100) token.save() token._meta.get_field('created').auto_now_add = True # Run & check assert not token.can_be_consumed
def test_triggers_the_appropriate_signal_on_consumption(self): # Setup user = User.objects.create_user( username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create(action='test-signal-action') actions.register(TestSignalAction) # Run & check token.consume(user) assert test_signal == 1
def test_can_return_the_pending_account_actions(self): # Setup token_1 = AccountActionTokenFactory.create() token_2 = ExpiredAccountActionTokenFactory.create() # Run tokens = AccountActionToken.pending_objects.all() # Check assert token_1 in tokens assert token_2 not in tokens
def test_can_be_consumed(self): # Setup user = User.objects.create_user(username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create() # Run & check token.consume(user) assert token.is_consumed
def test_knows_that_a_consumed_token_cannot_be_consumed(self): # Setup user = User.objects.create_user(username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create() token.consume(user) # Run & check assert not token.can_be_consumed
def test_can_execute_the_action_after_consumption(self): # Setup actions.register(TestExecuteAction) token = AccountActionTokenFactory.create(action='test-execute') user = User.objects.create_user( username='******', password='******', email='*****@*****.**') # Run & check token.consume(user) assert execute_called
def test_triggers_the_appropriate_signal_on_consumption(self): # Setup user = User.objects.create_user(username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create(action='test-signal-action') actions.register(TestSignalAction) # Run & check token.consume(user) assert test_signal == 1
def test_cannot_be_accessed_by_a_user_who_cannot_manage_individual_subscriptions(self): # Setup token = AccountActionTokenFactory.create(content_object=self.journal) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:cancel", kwargs={"journal_pk": self.journal.pk, "pk": token.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_can_return_the_pending_account_actions_for_a_specific_object(self): # Setup user_1 = User.objects.create_user( username='******', password='******', email='*****@*****.**') user_2 = User.objects.create_user( username='******', password='******', email='*****@*****.**') token_1 = AccountActionTokenFactory.create(content_object=user_1) token_2 = AccountActionTokenFactory.create(content_object=user_1) token_2._meta.get_field('created').auto_now_add = False token_2.created = timezone.now() - dt.timedelta(days=100) token_2.save() token_2._meta.get_field('created').auto_now_add = True AccountActionTokenFactory.create(content_object=user_2) token_4 = AccountActionTokenFactory.create(content_object=user_2) token_4._meta.get_field('created').auto_now_add = False token_4.created = timezone.now() - dt.timedelta(days=100) token_4.save() token_4._meta.get_field('created').auto_now_add = True # Run tokens = AccountActionToken.pending_objects.get_for_object(user_1) # Check assert list(tokens) == [token_1, ]
def test_return_an_http_403_error_if_the_user_is_not_authenticated(self): # Setup actions.register(Action1) token = AccountActionTokenFactory.create(action='action-1') request = self.factory.post('/') request.user = AnonymousUser() view = AccountActionConsumeView.as_view() # Run & check with pytest.raises(PermissionDenied): view(request, key=token.key)
def test_return_an_http_403_error_if_the_user_is_already_authenticated(self): # Setup actions.register(TestAction) token = AccountActionTokenFactory.create(action='test-register') self.client.login(username='******', password='******') url = reverse('public:account_actions:register', kwargs={'key': token.key}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_cannot_be_accessed_by_a_user_who_cannot_manage_organisation_members(self): # Setup token = AccountActionTokenFactory.create(content_object=self.organisation) self.client.login(username='******', password='******') url = reverse('userspace:library:members:cancel', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': token.pk, }) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_return_an_http_403_error_if_the_token_cannot_be_consumed(self): # Setup actions.register(TestAction) token = AccountActionTokenFactory.create(action='test-register') token.consume(self.user) self.client.logout() url = reverse('public:account_actions:register', kwargs={'key': token.key}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_cannot_allow_the_creation_of_subscription_if_the_plan_limit_has_been_reached(self): # Setup plan = JournalManagementPlanFactory.create(code="test", max_accounts=3) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) JournalAccessSubscriptionFactory.create(user=self.user, journal=self.journal) token_1 = AccountActionTokenFactory.create(content_object=self.journal) token_2 = AccountActionTokenFactory.create(content_object=self.journal) # noqa token_1.consume(self.user) AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:create", kwargs={"journal_pk": self.journal.pk}) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 302)
def test_return_an_http_403_error_if_the_token_is_canceled(self): # Setup actions.register(Action1) token = AccountActionTokenFactory.create(action='action-1', is_canceled=True) user = User.objects.create_user( username='******', password='******', email='*****@*****.**') request = self.factory.post('/') request.user = user view = AccountActionConsumeView.as_view() # Run & check with pytest.raises(PermissionDenied): view(request, key=token.key)
def test_cannot_be_accessed_by_a_user_who_cannot_manage_individual_subscriptions( self): # Setup token = AccountActionTokenFactory.create(content_object=self.journal) self.client.login(username='******', password='******') url = reverse('userspace:journal:subscription:cancel', kwargs={ 'journal_pk': self.journal.pk, 'pk': token.pk, }) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_cannot_be_validated_if_a_user_with_the_same_email_address_already_exists(self): # Setup User.objects.create_user( username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create(email='*****@*****.**') form_data = { 'username': faker.simple_profile().get('username'), 'email': '*****@*****.**', 'first_name': faker.first_name(), 'last_name': faker.last_name(), 'password1': 'not_secret', 'password2': 'not_secret', } # Run form = AccountActionRegisterForm(form_data, token=token) # Check self.assertFalse(form.is_valid()) self.assertTrue('email' in form.errors)
def test_cannot_be_accessed_by_a_user_who_cannot_manage_organisation_members( self): # Setup token = AccountActionTokenFactory.create( content_object=self.organisation) self.client.login(username='******', password='******') url = reverse('userspace:library:members:cancel', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': token.pk, }) # Run response = self.client.get(url) # Check self.assertEqual(response.status_code, 403)
def test_can_properly_consume_the_token(self): # Setup actions.register(TestAction) token = AccountActionTokenFactory.create(action='test-consumed') form_data = { 'username': faker.simple_profile().get('username'), 'email': faker.email(), 'first_name': faker.first_name(), 'last_name': faker.last_name(), 'password1': 'not_secret', 'password2': 'not_secret', } # Run & check form = AccountActionRegisterForm(form_data, token=token) self.assertTrue(form.is_valid()) form.save() global consumed self.assertTrue(consumed)
def test_can_use_the_template_specified_in_the_action_configuration(self): # Setup actions.register(Action2) token = AccountActionTokenFactory.create(action='action-2') user = User.objects.create_user( username='******', password='******', email='*****@*****.**') request = self.factory.get('/') request.user = user view = AccountActionLandingView.as_view() # Run response = view(request, key=token.key) # Check assert response.status_code == 200 assert response.template_name == ['action-2.html', ]
def test_embeds_the_action_configuration_into_the_context(self): # Setup actions.register(Action1) token = AccountActionTokenFactory.create(action='action-1') user = User.objects.create_user( username='******', password='******', email='*****@*****.**') request = self.factory.get('/') request.user = user view = AccountActionLandingView.as_view() # Run response = view(request, key=token.key) # Check assert response.status_code == 200 assert isinstance(response.context_data['action'], Action1)
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.organisation), object_id=self.organisation.id, user=self.user, authorization_codename=AC.can_manage_organisation_members.codename) token = AccountActionTokenFactory.create(content_object=self.organisation) self.client.login(username='******', password='******') url = reverse('userspace:library:members:cancel', kwargs={ 'organisation_pk': self.organisation.pk, 'pk': token.pk, }) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_cannot_be_validated_if_a_user_with_the_same_email_address_already_exists( self): # Setup User.objects.create_user(username='******', password='******', email='*****@*****.**') token = AccountActionTokenFactory.create(email='*****@*****.**') form_data = { 'username': faker.simple_profile().get('username'), 'email': '*****@*****.**', 'first_name': faker.first_name(), 'last_name': faker.last_name(), 'password1': 'not_secret', 'password2': 'not_secret', } # Run form = AccountActionRegisterForm(form_data, token=token) # Check self.assertFalse(form.is_valid()) self.assertTrue('email' in form.errors)
def test_can_properly_create_a_user(self): # Setup token = AccountActionTokenFactory.create() form_data = { 'username': faker.simple_profile().get('username'), 'email': faker.email(), 'first_name': faker.first_name(), 'last_name': faker.last_name(), 'password1': 'not_secret', 'password2': 'not_secret', } # Run & check form = AccountActionRegisterForm(form_data, token=token) self.assertTrue(form.is_valid()) form.save() user = User.objects.first() self.assertEqual(user.username, form_data['username']) self.assertEqual(user.email, form_data['email']) self.assertEqual(user.first_name, form_data['first_name']) self.assertEqual(user.last_name, form_data['last_name']) self.assertTrue(user.check_password('not_secret'))
def test_can_return_the_consumed_account_actions_for_a_specific_object(self): # Setup user_1 = User.objects.create_user( username='******', password='******', email='*****@*****.**') user_2 = User.objects.create_user( username='******', password='******', email='*****@*****.**') token_1 = AccountActionTokenFactory.create(content_object=user_1) AccountActionTokenFactory.create(content_object=user_1) token_3 = AccountActionTokenFactory.create(content_object=user_2) AccountActionTokenFactory.create(content_object=user_2) token_1.consume(user_1) token_3.consume(user_2) # Run tokens = AccountActionToken.consumed_objects.get_for_object(user_1) # Check assert list(tokens) == [token_1, ]
def test_can_properly_create_a_new_user(self): # Setup actions.register(TestAction) token = AccountActionTokenFactory.create(action='test-register') post_data = { 'username': faker.simple_profile().get('username'), 'email': faker.email(), 'first_name': faker.first_name(), 'last_name': faker.last_name(), 'password1': 'not_secret', 'password2': 'not_secret', } self.client.logout() url = reverse('public:account_actions:register', kwargs={'key': token.key}) # Run response = self.client.post(url, post_data, follow=False) # Check self.assertEqual(response.status_code, 302) self.assertTrue(User.objects.filter(username=post_data['username']))
def test_can_cancel_an_action_token(self): # Setup AuthorizationFactory.create( content_type=ContentType.objects.get_for_model(self.journal), object_id=self.journal.id, user=self.user, authorization_codename=AC.can_manage_individual_subscription.codename, ) plan = JournalManagementPlanFactory.create(max_accounts=10) JournalManagementSubscriptionFactory.create(journal=self.journal, plan=plan) token = AccountActionTokenFactory.create(content_object=self.journal) self.client.login(username="******", password="******") url = reverse("userspace:journal:subscription:cancel", kwargs={"journal_pk": self.journal.pk, "pk": token.pk}) # Run response = self.client.post(url, follow=False) # Check self.assertEqual(response.status_code, 302) token.refresh_from_db() self.assertFalse(token.active)
def test_can_send_a_notification_on_token_creation(self): # Setup actions.register(TestEmailNotificationAction) # Run & check AccountActionTokenFactory.create(action='test-email-notification') assert email_sent
def test_knows_that_an_inactive_token_cannot_be_consumed(self): # Setup token = AccountActionTokenFactory.create(active=False) # Run & check assert not token.can_be_consumed
def test_knows_that_a_pending_token_can_be_consumed(self): # Setup token = AccountActionTokenFactory.create() # Run & check assert token.can_be_consumed