def test__update_account__offset_without_password(self): user = factories.UserFactory(email_is_verified=True) data = {'offset': 0} response = self._get_update_account_response(data, user) self.assertEqual(response.status_code, status.HTTP_200_OK)
def test__password_reset__confirm(self): user = factories.UserFactory(email_is_verified=True) args = (str(user.pk), user.generate_password_reset_token()) data = {'token': '|'.join(args), 'password': '******'} path = reverse('accounts_password_reset_confirm') self.assertFalse(user.check_password(data['password'])) request = self.factory.post(path, data=data) response = views.PasswordResetConfirmView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) user = models.User.objects.get(email=user.email) self.assertTrue(user.check_password(data['password'])) # Invalid password data = {'token': '|'.join(args), 'password': '******'} request = self.factory.post(path, data=data) response = views.PasswordResetConfirmView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # Invalid data separator args = (str(user.pk), user.generate_password_reset_token()) data = {'token': ','.join(args), 'password': '******'} request = self.factory.post(path, data=data) response = views.PasswordResetConfirmView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test__update_account__ok(self, emails): user = factories.UserFactory(email_is_verified=True) data_set = [ dict(email='*****@*****.**', old_password='******'), dict(password='******', old_password='******'), dict(offset=12 * 60, old_password='******'), dict(offset=-12 * 60), dict(), dict(email='*****@*****.**', password='******', old_password='******', offset=0), ] for data in data_set: response = self._get_update_account_response(data, user) fresh_user = models.User.objects.get(pk=user.pk) self.assertEqual(response.status_code, status.HTTP_200_OK, data) self.assertFalse(fresh_user.email_is_verified) self.assertDictEqual( response.data, serializers.UpdateUserSerializer(fresh_user).data, msg=data) self.assertEqual(emails.verification.call_count, 2)
def test__get_report_api_incorrect_request(self): site = factories.SiteFactory() begin_date, end_date = get_begin_end_date_timestamp() params = { 'begin_date': begin_date, 'end_date': end_date, 'events': 'clicks' } # Generate 400 (empty site id) url = '/api/v1/reports?%s' % urllib.urlencode(params) request = self.factory.get(url) self._authenticate_request(request, user=site.user) response = archive_views.GetReport.as_view()(request) self.assertEqual(response.status_code, 400) # Generate 404 (nonexistent site id) url = '/api/v1/reports?%s&site=404' % urllib.urlencode(params) request = self.factory.get(url) self._authenticate_request(request, user=site.user) response = archive_views.GetDigest.as_view()(request) self.assertEqual(response.status_code, 404) # Generate 403 (site's user != user) user = factories.UserFactory() url = '/api/v1/reports?%s&site=%s' % (urllib.urlencode(params), site.pk) request = self.factory.get(url) self._authenticate_request(request, user=user) response = archive_views.GetReport.as_view()(request) self.assertEqual(response.status_code, 403)
def test__obtain_token__ok(self): user = factories.UserFactory(email_is_verified=True) data = {'email': user.email, 'password': '******'} request = self.factory.post(reverse('accounts_token'), data=data) response = views.ObtainJSONWebToken.as_view()(request) self.assertEqual(response.status_code, status.HTTP_200_OK)
def test__obtain_token__invalid_pass(self): data = {'email': factories.UserFactory().email, 'password': '******'} request = self.factory.post(reverse('accounts_token'), data=data) response = views.ObtainJSONWebToken.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertNotIn('token', response.data)
def test__obtain_token_inactive_user(self): user = factories.UserFactory(is_active=False, email_is_verified=True) data = {'email': user.email, 'password': user.password} request = self.factory.post(reverse('accounts_token'), data=data) response = views.ObtainJSONWebToken.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertNotIn('token', response.data)
def test__obtain_token_not_email_verified_user(self): user = factories.UserFactory(is_active=True, email_is_verified=False) data = {'email': user.email, 'password': user.password} request = self.factory.post(reverse('accounts_token'), data=data) response = views.ObtainJSONWebToken.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data['non_field_errors'], ['Unable to login with provided credentials.'])
def test__update_account__wrong_offset(self): user = factories.UserFactory(email_is_verified=True) for offset in (15 * 60, -13 * 60): data = {'offset': offset} response = self._get_update_account_response(data, user) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data['offset'], ['Invalid timezone offset'])
def test__obtain_token_incomplete_credentials(self): user = factories.UserFactory(is_active=True, email_is_verified=True) data = {'email': user.email} request = self.factory.post(reverse('accounts_token'), data=data) response = views.ObtainJSONWebToken.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data, {'password': ['This field is required.']}) self.assertNotIn('token', response.data)
def test__password_reset__attempt(self, emails): user = factories.UserFactory(email_is_verified=True) data = {'email': user.email} path = reverse('accounts_password_reset_attempt') request = self.factory.post(path, data=data) response = views.PasswordResetAttemptView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) emails.password_reset_attempt.assert_called_once_with(user) # Case when password reset's data is invalid data = {'email': 'invalid_email'} request = self.factory.post(path, data=data) response = views.PasswordResetAttemptView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # email not found data = {'email': '*****@*****.**'} request = self.factory.post(path, data=data) response = views.PasswordResetAttemptView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # inactive user user = factories.UserFactory(is_active=False) data = {'email': user.email} request = self.factory.post(path, data=data) response = views.PasswordResetAttemptView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) # email verified == False user = factories.UserFactory(email_is_verified=False) data = {'email': user.email} request = self.factory.post(path, data=data) response = views.PasswordResetAttemptView.as_view()(request) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test__widgets__create__more_than_one_disallowed(self): user1 = factories.UserFactory() user2 = factories.UserFactory() site1 = factories.SiteFactory(user=user1) site2 = factories.SiteFactory(user=user1) site3 = factories.SiteFactory(user=user2) disallow_many_widgets = [ constants.WIDGET_CONFIGURATION_COPY_PASTE, constants.WIDGET_CONFIGURATION_NEWSLETTER, constants.WIDGET_CONFIGURATION_MOBILE, constants.WIDGET_CONFIGURATION_VERTICAL_FLOAT ] self.data.update({ 'position': constants.WIDGET_LEFT_POSITION, 'page_title': 'Page title', 'page_url': 'http://example.com', 'media_url': 'http://media.com', 'min_width': 0, }) for widget_type in disallow_many_widgets: self.data['type'] = widget_type # First creation response, _ = self._create_widget(site=site1) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Second creation fails for the same user and the same site self.data['name'] += '1' response, _ = self._create_widget(site=site1) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual( response.data['non_field_errors'], ['You can not create more than one widget of this type.']) # Second creation doesn't fail for the same user and another site self.data['name'] += '2' response, _ = self._create_widget(site=site2) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Second creation doesn't fail for another user self.data['name'] += '3' response, _ = self._create_widget(site=site3) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def test__update_account__wrong_password(self): user = factories.UserFactory(email_is_verified=True) data = { 'email': user.email + '.info', 'password': '******', 'old_password': '******' } response = self._get_update_account_response(data, user) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.data['old_password'], ['Password is incorrect'])
def test__widgets__create__more_than_one_allowed(self): user1 = factories.UserFactory() user2 = factories.UserFactory() site1 = factories.SiteFactory(user=user1) site2 = factories.SiteFactory(user=user1) site3 = factories.SiteFactory(user=user2) allow_many_widgets = [ constants.WIDGET_CONFIGURATION_SHARING_BUTTONS, constants.WIDGET_CONFIGURATION_ORIGIN_BUTTONS, constants.WIDGET_CONFIGURATION_FOLLOW ] self.data.update({ 'position': constants.WIDGET_LEFT_POSITION, 'page_title': 'Page title', 'page_url': 'http://example.com', 'media_url': 'http://media.com', 'min_width': 0, }) for widget_type in allow_many_widgets: self.data['type'] = widget_type # First creation response, _ = self._create_widget(site=site1) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Second creation for the same user and the same site self.data['name'] += '1' response, _ = self._create_widget(site=site1) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Second creation for the same user and another site self.data['name'] += '2' response, _ = self._create_widget(site=site2) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # Second creation for another user self.data['name'] += '3' response, _ = self._create_widget(site=site3) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def test__verify_email(self): user = factories.UserFactory() user.email_is_verified = False self.assertFalse(user.email_is_verified) args = (user.generate_email_token(), ) path = reverse('accounts_email_verification', args=args) request = self.factory.get(path) response = views.EmailVerificationView.as_view()(request, *args) self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT) self.assertTrue(models.User.objects.get(pk=user.pk).email_is_verified) # validate_email_token == False with patch('addnow.apps.accounts.models.User.validate_email_token', MagicMock(return_value=False)): request = self.factory.get(path) response = views.EmailVerificationView.as_view()(request, *args) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test__encouraging_email(self, send_email): user = factories.UserFactory() encouraging_email(user, 'template_name') send_email.assert_called_once()
def test__password_reset_attempt(self, send_email): user = factories.UserFactory() password_reset_attempt(user) send_email.assert_called_once()
def test__verification(self, send_email): user = factories.UserFactory() verification(user) send_email.assert_called_once()
def test__update_account__email_without_password(self, emails): user = factories.UserFactory(email_is_verified=True) data = {'email': '*****@*****.**'} response = self._get_update_account_response(data, user) self.assertEqual(response.status_code, status.HTTP_200_OK)
def _authenticate_request(self, request, user=None): user = user or factories.UserFactory(email_is_verified=True) token = factories.ApiTokenFactory(user=user) force_authenticate(request, user=token['user'], token=token) return token