class DemoListViewsTest(test_utils.TestCase): fixtures = ["test_users.json"] def setUp(self): self.user, self.admin_user, self.other_user = make_users() self.client = LocalizingClient() def test_all_demos_includes_hidden_for_staff(self): build_submission(self.user) build_hidden_submission(self.user) r = self.client.get(reverse("demos_all")) count = pq(r.content)("h2.count").text() eq_(count, "1 Demo") self.client.login(username=self.admin_user.username, password="******") r = self.client.get(reverse("demos_all")) count = pq(r.content)("h2.count").text() eq_(count, "2 Demos") @attr("bug882709") def test_search_view(self): try: self.client.get(reverse("demos_search")) except: self.fail("Search should not ISE.")
class AccountEmailTests(test_utils.TestCase): fixtures = ['test_users.json'] def setUp(self): self.client = LocalizingClient() def test_account_email_page_requires_signin(self): url = reverse('account_email') r = self.client.get(url, follow=True) eq_(200, r.status_code) ok_(len(r.redirect_chain) > 0) ok_('Sign In' in r.content) def test_account_email_page(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) url = reverse('account_email') r = self.client.get(url) test_strings = ['Make Primary', 'Re-send Verification', 'Remove', 'Add Email', 'Edit profile'] eq_(200, r.status_code) for test_string in test_strings: ok_(test_string in r.content)
class SocialAccountConnectionsTests(test_utils.TestCase): fixtures = ['test_users.json'] def setUp(self): self.client = LocalizingClient() def test_account_connections_page_requires_signin(self): url = reverse('socialaccount_connections') r = self.client.get(url, follow=True) eq_(200, r.status_code) ok_(len(r.redirect_chain) > 0) ok_('Sign In' in r.content) def test_account_connections_page(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) url = reverse('socialaccount_connections') r = self.client.get(url) test_strings = ['Disconnect', 'Connect a new account', 'Edit profile'] eq_(200, r.status_code) for test_string in test_strings: ok_(test_string in r.content, msg="Expected %s in content" % test_string)
def test_404_already_logged_in(self): """The login buttons should not display on the 404 page when the user is logged in""" client = LocalizingClient() # View page as a logged in user client.login(username='******', password='******') response = client.get('/something-doesnt-exist', follow=True) doc = pq(response.content) login_block = doc.find('.socialaccount_providers') eq_(len(login_block), 0) eq_(404, response.status_code) client.logout()
def test_ban_middleware(self): """Ban middleware functions correctly.""" client = LocalizingClient() client.login(username='******', password='******') resp = client.get('/') self.assertTemplateNotUsed(resp, 'users/user_banned.html') admin = User.objects.get(username='******') testuser = User.objects.get(username='******') ban = UserBan(user=testuser, by=admin, reason='Banned by unit test.', is_active=True) ban.save() resp = client.get('/') self.assertTemplateUsed(resp, 'users/user_banned.html')
def test_ban_view(self): testuser = User.objects.get(username='******') admin = User.objects.get(username='******') client = LocalizingClient() client.login(username='******', password='******') data = {'reason': 'Banned by unit test.'} ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id}) resp = client.post(ban_url, data) eq_(302, resp.status_code) ok_(testuser.get_absolute_url() in resp['Location']) testuser_banned = User.objects.get(username='******') ok_(not testuser_banned.is_active) bans = UserBan.objects.filter(user=testuser, by=admin, reason='Banned by unit test.') ok_(bans.count())
def test_ban_permission(self): """The ban permission controls access to the ban view.""" client = LocalizingClient() admin = User.objects.get(username='******') testuser = User.objects.get(username='******') # testuser doesn't have ban permission, can't ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': admin.id}) resp = client.get(ban_url) eq_(302, resp.status_code) ok_(settings.LOGIN_URL in resp['Location']) client.logout() # admin has ban permission, can ban. client.login(username='******', password='******') ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id}) resp = client.get(ban_url) eq_(200, resp.status_code)
class BrowserIDTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): # Ensure @ssl_required goes unenforced. settings.DEBUG = True # Set up some easily-testable redirects. settings.LOGIN_REDIRECT_URL = 'SUCCESS' settings.LOGIN_REDIRECT_URL_FAILURE = 'FAILURE' # BrowserID will squawk if this isn't set settings.SITE_URL = 'http://testserver' self.client = LocalizingClient() # TODO: upgrade mock to 0.8.0 so we can do this. """ self.lookup = mock.patch('basket.lookup_user') self.subscribe = mock.patch('basket.subscribe') self.unsubscribe = mock.patch('basket.unsubscribe') self.lookup.return_value = mock_lookup_user() self.subscribe.return_value = True self.unsubscribe.return_value = True self.lookup.start() self.subscribe.start() self.unsubscribe.start() def tearDown(self): self.lookup.stop() self.subscribe.stop() self.unsubscribe.stop() """ def test_invalid_post(self): resp = self.client.post(reverse('users.browserid_verify', locale='en-US')) eq_(302, resp.status_code) ok_('FAILURE' in resp['Location']) @mock.patch('users.views._verify_browserid') def test_invalid_assertion(self, _verify_browserid): _verify_browserid.return_value = None resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'bad data'}) eq_(302, resp.status_code) ok_('FAILURE' in resp['Location']) @mock.patch('users.views._verify_browserid') def test_valid_assertion_with_django_user(self, _verify_browserid): _verify_browserid.return_value = {'email': '*****@*****.**'} # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) @mock.patch('users.views._verify_browserid') def test_explain_popup(self, _verify_browserid): _verify_browserid.return_value = {'email': '*****@*****.**'} resp = self.client.get(reverse('home', locale='en-US')) # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_('1', resp.cookies.get('browserid_explained').value) resp = self.client.get(reverse('users.logout'), locale='en-US') # even after logout, cookie should prevent the toggle resp = self.client.get(reverse('home', locale='en-US')) eq_('1', self.client.cookies.get('browserid_explained').value) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') @override_settings(CELERY_ALWAYS_EAGER=True) def test_valid_assertion_with_new_account_creation(self, _verify_browserid, unsubscribe, subscribe, lookup_user): Switch.objects.create(name='welcome_email', active=True) new_username = '******' new_email = '*****@*****.**' lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': new_email} try: user = User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass # Sign in with a verified email, but with no existing account resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#create_user') eq_(1, form.length) # There should be no error lists on first load eq_(0, page.find('.errorlist').length) # Submit the create_user form, with a chosen username resp = self.client.post(redir_url, {'username': '******', 'action': 'register', 'country': 'us', 'format': 'html'}) # The submission should result in a redirect to the session's redirect # value eq_(302, resp.status_code) redir_url = resp['Location'] ok_('SUCCESS' in redir_url) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # Ensure that the user was created, and with the submitted username and # verified email address try: user = User.objects.get(email=new_email) eq_(new_username, user.username) eq_(new_email, user.email) except User.DoesNotExist: ok_(False, "New user should have been created") # Ensure the user was sent a welcome email welcome_email = mail.outbox[0] expected_subject = u'Take the next step to get involved on MDN!' expected_to = [new_email] eq_(expected_subject, welcome_email.subject) eq_(expected_to, welcome_email.to) ok_(u'Hi %s' % new_username in welcome_email.body) @mock.patch('users.views._verify_browserid') def test_valid_assertion_with_existing_account_login(self, _verify_browserid): """ Removed the existing user form: we don't auth the password with MindTouch anymore """ new_email = '*****@*****.**' _verify_browserid.return_value = {'email': new_email} try: User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass # Sign in with a verified email, but with no existing account resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#existing_user') eq_(0, form.length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') def test_valid_assertion_changing_email(self, _verify_browserid, unsubscribe, subscribe, lookup_user): # just need to be authenticated, not necessarily BrowserID self.client.login(username='******', password='******') lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': '*****@*****.**'} resp = self.client.post(reverse('users.browserid_change_email', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('profiles/testuser/edit' in resp['Location']) resp = self.client.get(reverse('devmo_profile_edit', locale='en-US', args=['testuser', ])) eq_(200, resp.status_code) doc = pq(resp.content) ok_('*****@*****.**' in doc.find('li#field_email').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') def test_valid_assertion_doesnt_steal_email(self, _verify_browserid, unsubscribe, subscribe, lookup_user): # just need to be authenticated, not necessarily BrowserID self.client.login(username='******', password='******') lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': '*****@*****.**'} # doesn't change email if the new email already belongs to another user resp = self.client.post(reverse('users.browserid_change_email', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('change_email' in resp['Location']) resp = self.client.get(reverse('devmo_profile_edit', locale='en-US', args=['testuser', ])) eq_(200, resp.status_code) doc = pq(resp.content) ok_('*****@*****.**' in doc.find('li#field_email').text())
class ChangeEmailTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): self.client = LocalizingClient() @mock.patch_object(Site.objects, 'get_current') def test_user_change_email(self, get_current): """Send email to change user's email and then change it.""" get_current.return_value.domain = 'su.mo.com' self.client.login(username='******', password='******') # Attempt to change email. response = self.client.post(reverse('users.change_email'), {'email': '*****@*****.**'}, follow=True) eq_(200, response.status_code) # Be notified to click a confirmation link. eq_(1, len(mail.outbox)) assert mail.outbox[0].subject.find('Please confirm your') == 0 ec = EmailChange.objects.all()[0] assert ec.activation_key in mail.outbox[0].body eq_('*****@*****.**', ec.email) # Visit confirmation link to change email. response = self.client.get(reverse('users.confirm_email', args=[ec.activation_key])) eq_(200, response.status_code) u = User.objects.get(username='******') eq_('*****@*****.**', u.email) def test_user_change_email_same(self): """Changing to same email shows validation error.""" self.client.login(username='******', password='******') user = User.objects.get(username='******') user.email = '*****@*****.**' user.save() response = self.client.post(reverse('users.change_email'), {'email': user.email}) eq_(200, response.status_code) doc = pq(response.content) eq_('This is your current email.', doc('ul.errorlist').text()) def test_user_change_email_duplicate(self): """Changing to same email shows validation error.""" self.client.login(username='******', password='******') email = '*****@*****.**' response = self.client.post(reverse('users.change_email'), {'email': email}) eq_(200, response.status_code) doc = pq(response.content) eq_('A user with that email address already exists.', doc('ul.errorlist').text()) @mock.patch_object(Site.objects, 'get_current') def test_user_confirm_email_duplicate(self, get_current): """If we detect a duplicate email when confirming an email change, don't change it and notify the user.""" get_current.return_value.domain = 'su.mo.com' self.client.login(username='******', password='******') old_email = User.objects.get(username='******').email new_email = '*****@*****.**' response = self.client.post(reverse('users.change_email'), {'email': new_email}) eq_(200, response.status_code) assert mail.outbox[0].subject.find('Please confirm your') == 0 ec = EmailChange.objects.all()[0] # Before new email is confirmed, give the same email to a user other_user = User.objects.filter(username='******')[0] other_user.email = new_email other_user.save() # Visit confirmation link and verify email wasn't changed. response = self.client.get(reverse('users.confirm_email', args=[ec.activation_key])) eq_(200, response.status_code) doc = pq(response.content) eq_('Unable to change email for user testuser', doc('article h1').text()) u = User.objects.get(username='******') eq_(old_email, u.email)
class ProfileViewsTest(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'irc_nickname', 'bio', 'interests', 'country', 'format'): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() form['country'] = 'us' form['format'] = 'html' return form @attr('docs_activity') def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find('#profile-head.vcard .nickname').text()) eq_(profile.fullname, doc.find('#profile-head.vcard .fn').text()) eq_(profile.title, doc.find('#profile-head.vcard .title').text()) eq_(profile.organization, doc.find('#profile-head.vcard .org').text()) eq_(profile.location, doc.find('#profile-head.vcard .loc').text()) eq_('IRC: ' + profile.irc_nickname, doc.find('#profile-head.vcard .irc').text()) eq_(profile.bio, doc.find('#profile-head.vcard .bio').text()) def test_my_profile_view(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get('/profile/') eq_(302, resp.status_code) ok_(reverse('users.profile', args=(u.username,)) in resp['Location']) def test_bug_698971(self): """A non-numeric page number should not cause an error""" (user, profile) = create_profile() url = '%s?page=asdf' % reverse('users.profile', args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find('#profile-head .edit .button').length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find('#profile-head .edit #edit-profile') eq_(1, edit_button.length) url = edit_button.attr('href') r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="irc_nickname"]').val()) new_attrs = dict( email='*****@*****.**', fullname="Another Name", title="Another title", organization="Another org", country="us", format="html" ) r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) eq_(new_attrs['fullname'], doc.find('#profile-head .main .fn').text()) eq_(new_attrs['title'], doc.find('#profile-head .info .title').text()) eq_(new_attrs['organization'], doc.find('#profile-head .info .org').text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs['fullname'], profile.fullname) eq_(new_attrs['title'], profile.title) eq_(new_attrs['organization'], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get('/profile/edit') eq_(302, resp.status_code) ok_(reverse('users.profile_edit', args=(u.username,)) in resp['Location']) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find('input#id_beta').attr('checked')) form = self._get_current_form_field_values(doc) form['beta'] = True r = self.client.post(url, form, follow=True) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_('checked', doc.find('input#id_beta').attr('checked')) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u'website': u'http://example.com/', u'twitter': u'http://twitter.com/lmorchard', u'github': u'http://github.com/lmorchard', u'stackoverflow': u'http://stackoverflow.com/users/lmorchard', u'linkedin': u'https://www.linkedin.com/in/testuser', u'mozillians': u'https://mozillians.org/u/testuser', u'facebook': u'https://www.facebook.com/test.user' } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(('websites_%s' % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u'website': u'HAHAHA WHAT IS A WEBSITE', u'twitter': u'http://facebook.com/lmorchard', u'stackoverflow': u'http://overqueueblah.com/users/lmorchard', } form.update(dict(('websites_%s' % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-edit').length) tmpl = '#profile-edit #elsewhere .%s .errorlist' for n in ('website', 'twitter', 'stackoverflow'): eq_(1, doc.find(tmpl % n).length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing'] form = self._get_current_form_field_values(doc) form['interests'] = ', '.join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:interest:', '') for t in p.tags.all_ns('profile:interest:')] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ['css', 'canvas'] form['expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:expertise:', '') for t in p.tags.all_ns('profile:expertise')] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ['css', 'canvas', 'mobile', 'movies'] form['expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('.error #id_expertise').length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,' u'vector,meme,heuristics,harmony,mathesis universalis,' u'symmetry,mathematics,computer graphics,field,chemistry,' u'religion,astronomy,physics,biology,literature,' u'spirituality,Art,Philosophy,Psychology,Business,Music,' u'Computer Science'] form = self._get_current_form_field_values(doc) form['interests'] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find('ul.errorlist li').length) assert ('Ensure this value has at most 255 characters' in doc.find('ul.errorlist li').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context['form'].fields: # if label is localized it's a lazy proxy object ok_(not isinstance( r.context['form'].fields[field].label, basestring), 'Field %s is a string!' % field) def _break(self, url, r): logging.debug("URL %s" % url) logging.debug("STAT %s" % r.status_code) logging.debug("HEAD %s" % r.items()) logging.debug("CONT %s" % r.content) ok_(False) def test_bug_811751_banned_profile(self): """A banned user's profile should not be viewable""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) # Profile viewable if not banned response = self.client.get(url, follow=True) self.assertNotEqual(response.status_code, 403) # Ban User admin = User.objects.get(username='******') testuser = User.objects.get(username='******') ban = UserBan(user=testuser, by=admin, reason='Banned by unit test.', is_active=True) ban.save() # Profile not viewable if banned response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 403) # Admin can view banned user's profile self.client.login(username='******', password='******') response = self.client.get(url, follow=True) self.assertNotEqual(response.status_code, 403)
class ProfileViewsTest(TestCase): fixtures = ['test_users.json'] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ('email', 'fullname', 'title', 'organization', 'location', 'irc_nickname', 'bio', 'interests'): form[fn] = doc.find('#profile-edit *[name="profile-%s"]' % fn).val() form['country'] = 'us' form['format'] = 'html' return form @attr('docs_activity') def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find('#profile-head.vcard .nickname').text()) eq_(profile.fullname, doc.find('#profile-head.vcard .fn').text()) eq_(profile.title, doc.find('#profile-head.vcard .title').text()) eq_(profile.organization, doc.find('#profile-head.vcard .org').text()) eq_(profile.location, doc.find('#profile-head.vcard .loc').text()) eq_('IRC: ' + profile.irc_nickname, doc.find('#profile-head.vcard .irc').text()) eq_(profile.bio, doc.find('#profile-head.vcard .bio').text()) def test_my_profile_view(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get(reverse('users.my_profile')) eq_(302, resp.status_code) ok_(reverse('users.profile', args=(u.username,)) in resp['Location']) def test_bug_698971(self): """A non-numeric page number should not cause an error""" user = User.objects.get(username='******') url = '%s?page=asdf' % reverse('users.profile', args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username='******') user = profile.user url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find('#profile-head .edit .button').length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find('#profile-head .edit #edit-profile') eq_(1, edit_button.length) url = edit_button.attr('href') r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="profile-fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="profile-title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="profile-organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="profile-location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="profile-irc_nickname"]').val()) new_attrs = { 'profile-email': '*****@*****.**', 'profile-fullname': "Another Name", 'profile-title': "Another title", 'profile-organization': "Another org", 'profile-country': "us", 'profile-format': "html" } r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) eq_(new_attrs['profile-fullname'], doc.find('#profile-head .main .fn').text()) eq_(new_attrs['profile-title'], doc.find('#profile-head .info .title').text()) eq_(new_attrs['profile-organization'], doc.find('#profile-head .info .org').text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs['profile-fullname'], profile.fullname) eq_(new_attrs['profile-title'], profile.title) eq_(new_attrs['profile-organization'], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get(reverse('users.my_profile_edit')) eq_(302, resp.status_code) ok_(reverse('users.profile_edit', args=(u.username,)) in resp['Location']) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find('input#id_profile-beta').attr('checked')) form = self._get_current_form_field_values(doc) form['profile-beta'] = True r = self.client.post(url, form, follow=True) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_('checked', doc.find('input#id_profile-beta').attr('checked')) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u'website': u'http://example.com/', u'twitter': u'http://twitter.com/lmorchard', u'github': u'http://github.com/lmorchard', u'stackoverflow': u'http://stackoverflow.com/users/lmorchard', u'linkedin': u'https://www.linkedin.com/in/testuser', u'mozillians': u'https://mozillians.org/u/testuser', u'facebook': u'https://www.facebook.com/test.user' } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(('profile-websites_%s' % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="profile-websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u'website': u'HAHAHA WHAT IS A WEBSITE', u'twitter': u'http://facebook.com/lmorchard', u'stackoverflow': u'http://overqueueblah.com/users/lmorchard', } form.update(dict(('profile-websites_%s' % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-edit').length) tmpl = '#profile-edit #profiles .%s .errorlist' for n in ('website', 'twitter', 'stackoverflow'): eq_(1, doc.find(tmpl % n).length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing'] form = self._get_current_form_field_values(doc) form['profile-interests'] = ', '.join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:interest:', '') for t in p.tags.all_ns('profile:interest:')] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ['css', 'canvas'] form['profile-expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('#profile-head').length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace('profile:expertise:', '') for t in p.tags.all_ns('profile:expertise')] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ['css', 'canvas', 'mobile', 'movies'] form['profile-expertise'] = ', '.join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find('.error #id_profile-expertise').length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,' u'vector,meme,heuristics,harmony,mathesis universalis,' u'symmetry,mathematics,computer graphics,field,chemistry,' u'religion,astronomy,physics,biology,literature,' u'spirituality,Art,Philosophy,Psychology,Business,Music,' u'Computer Science'] form = self._get_current_form_field_values(doc) form['profile-interests'] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find('ul.errorlist li').length) assert ('Ensure this value has at most 255 characters' in doc.find('ul.errorlist li').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username='******') self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse('users.profile_edit', args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context['profile_form'].fields: # if label is localized it's a lazy proxy object ok_(not isinstance( r.context['profile_form'].fields[field].label, basestring), 'Field %s is a string!' % field)
class ProfileViewsTest(TestCase): fixtures = ["test_users.json"] def setUp(self): self.old_debug = settings.DEBUG settings.DEBUG = True self.client = LocalizingClient() self.client.logout() def tearDown(self): settings.DEBUG = self.old_debug def _get_current_form_field_values(self, doc): # Scrape out the existing significant form field values. form = dict() for fn in ( "email", "fullname", "title", "organization", "location", "irc_nickname", "bio", "interests", "country", "format", ): form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val() form["country"] = "us" form["format"] = "html" return form @attr("docs_activity") def test_profile_view(self): """A user profile can be viewed""" profile = UserProfile.objects.get(user__username="******") user = profile.user url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.user.username, doc.find("#profile-head.vcard .nickname").text()) eq_(profile.fullname, doc.find("#profile-head.vcard .fn").text()) eq_(profile.title, doc.find("#profile-head.vcard .title").text()) eq_(profile.organization, doc.find("#profile-head.vcard .org").text()) eq_(profile.location, doc.find("#profile-head.vcard .loc").text()) eq_("IRC: " + profile.irc_nickname, doc.find("#profile-head.vcard .irc").text()) eq_(profile.bio, doc.find("#profile-head.vcard .bio").text()) def test_my_profile_view(self): u = User.objects.get(username="******") self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get("/profile/") eq_(302, resp.status_code) ok_(reverse("devmo.views.profile_view", args=(u.username,)) in resp["Location"]) def test_bug_698971(self): """A non-numeric page number should not cause an error""" (user, profile) = create_profile() url = "%s?page=asdf" % reverse("devmo.views.profile_view", args=(user.username,)) try: self.client.get(url, follow=True) except PageNotAnInteger: ok_(False, "Non-numeric page number should not cause an error") @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True profile = UserProfile.objects.get(user__username="******") user = profile.user url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(0, doc.find("#profile-head .edit .button").length) self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_view", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) edit_button = doc.find("#profile-head .edit #edit-profile") eq_(1, edit_button.length) url = edit_button.attr("href") r = self.client.get(url, follow=True) doc = pq(r.content) eq_(profile.fullname, doc.find('#profile-edit input[name="fullname"]').val()) eq_(profile.title, doc.find('#profile-edit input[name="title"]').val()) eq_(profile.organization, doc.find('#profile-edit input[name="organization"]').val()) eq_(profile.location, doc.find('#profile-edit input[name="location"]').val()) eq_(profile.irc_nickname, doc.find('#profile-edit input[name="irc_nickname"]').val()) new_attrs = dict( email="*****@*****.**", fullname="Another Name", title="Another title", organization="Another org", country="us", format="html", ) r = self.client.post(url, new_attrs, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) eq_(new_attrs["fullname"], doc.find("#profile-head .main .fn").text()) eq_(new_attrs["title"], doc.find("#profile-head .info .title").text()) eq_(new_attrs["organization"], doc.find("#profile-head .info .org").text()) profile = UserProfile.objects.get(user__username=user.username) eq_(new_attrs["fullname"], profile.fullname) eq_(new_attrs["title"], profile.title) eq_(new_attrs["organization"], profile.organization) def test_my_profile_edit(self): u = User.objects.get(username="******") self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get("/profile/edit") eq_(302, resp.status_code) ok_(reverse("devmo.views.profile_edit", args=(u.username,)) in resp["Location"]) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_(None, doc.find("input#id_beta").attr("checked")) form = self._get_current_form_field_values(doc) form["beta"] = True r = self.client.post(url, form, follow=True) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) eq_("checked", doc.find("input#id_beta").attr("checked")) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_sites = { u"website": u"http://example.com/", u"twitter": u"http://twitter.com/lmorchard", u"github": u"http://github.com/lmorchard", u"stackoverflow": u"http://stackoverflow.com/users/lmorchard", u"linkedin": u"https://www.linkedin.com/in/testuser", u"mozillians": u"https://mozillians.org/u/testuser", u"facebook": u"https://www.facebook.com/test.user", } form = self._get_current_form_field_values(doc) # Fill out the form with websites. form.update(dict(("websites_%s" % k, v) for k, v in test_sites.items())) # Submit the form, verify redirect to profile detail r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) # Verify the websites are saved in the profile. eq_(test_sites, p.websites) # Verify the saved websites appear in the editing form url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) for k, v in test_sites.items(): eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val()) # Come up with some bad sites, either invalid URL or bad URL prefix bad_sites = { u"website": u"HAHAHA WHAT IS A WEBSITE", u"twitter": u"http://facebook.com/lmorchard", u"stackoverflow": u"http://overqueueblah.com/users/lmorchard", } form.update(dict(("websites_%s" % k, v) for k, v in bad_sites.items())) # Submit the form, verify errors for all of the bad sites r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-edit").length) tmpl = "#profile-edit #elsewhere .%s .errorlist" for n in ("website", "twitter", "stackoverflow"): eq_(1, doc.find(tmpl % n).length) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = ["javascript", "css", "canvas", "html", "homebrewing"] form = self._get_current_form_field_values(doc) form["interests"] = ", ".join(test_tags) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace("profile:interest:", "") for t in p.tags.all_ns("profile:interest:")] result_tags.sort() test_tags.sort() eq_(test_tags, result_tags) test_expertise = ["css", "canvas"] form["expertise"] = ", ".join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find("#profile-head").length) p = UserProfile.objects.get(user=user) result_tags = [t.name.replace("profile:expertise:", "") for t in p.tags.all_ns("profile:expertise")] result_tags.sort() test_expertise.sort() eq_(test_expertise, result_tags) # Now, try some expertise tags not covered in interests test_expertise = ["css", "canvas", "mobile", "movies"] form["expertise"] = ", ".join(test_expertise) r = self.client.post(url, form, follow=True) doc = pq(r.content) eq_(1, doc.find(".error #id_expertise").length) @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user): lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) doc = pq(r.content) test_tags = [ u"science,Technology,paradox,knowledge,modeling,big data," u"vector,meme,heuristics,harmony,mathesis universalis," u"symmetry,mathematics,computer graphics,field,chemistry," u"religion,astronomy,physics,biology,literature," u"spirituality,Art,Philosophy,Psychology,Business,Music," u"Computer Science" ] form = self._get_current_form_field_values(doc) form["interests"] = test_tags r = self.client.post(url, form, follow=True) eq_(200, r.status_code) doc = pq(r.content) eq_(1, doc.find("ul.errorlist li").length) assert "Ensure this value has at most 255 characters" in doc.find("ul.errorlist li").text() @mock.patch("basket.lookup_user") @mock.patch("basket.subscribe") @mock.patch("basket.unsubscribe") def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user): """Test that the form field names are localized""" lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True user = User.objects.get(username="******") self.client.login(username=user.username, password=TESTUSER_PASSWORD) url = reverse("devmo.views.profile_edit", args=(user.username,)) r = self.client.get(url, follow=True) for field in r.context["form"].fields: # if label is localized it's a lazy proxy object ok_(not isinstance(r.context["form"].fields[field].label, basestring), "Field %s is a string!" % field) def _break(self, url, r): logging.debug("URL %s" % url) logging.debug("STAT %s" % r.status_code) logging.debug("HEAD %s" % r.items()) logging.debug("CONT %s" % r.content) ok_(False)
class BrowserIDTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): # Ensure @ssl_required goes unenforced. settings.DEBUG = True # Set up some easily-testable redirects. settings.LOGIN_REDIRECT_URL = 'SUCCESS' settings.LOGIN_REDIRECT_URL_FAILURE = 'FAILURE' # BrowserID will squawk if this isn't set settings.SITE_URL = 'http://testserver' self.client = LocalizingClient() # TODO: upgrade mock to 0.8.0 so we can do this. """ self.lookup = mock.patch('basket.lookup_user') self.subscribe = mock.patch('basket.subscribe') self.unsubscribe = mock.patch('basket.unsubscribe') self.lookup.return_value = mock_lookup_user() self.subscribe.return_value = True self.unsubscribe.return_value = True self.lookup.start() self.subscribe.start() self.unsubscribe.start() def tearDown(self): self.lookup.stop() self.subscribe.stop() self.unsubscribe.stop() """ def test_invalid_post(self): resp = self.client.post( reverse('users.browserid_verify', locale='en-US')) eq_(302, resp.status_code) ok_('FAILURE' in resp['Location']) @mock.patch('users.views._verify_browserid') def test_invalid_assertion(self, _verify_browserid): _verify_browserid.return_value = None resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'bad data'}) eq_(302, resp.status_code) ok_('FAILURE' in resp['Location']) @mock.patch('users.views._verify_browserid') def test_valid_assertion_with_django_user(self, _verify_browserid): _verify_browserid.return_value = {'email': '*****@*****.**'} # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) @mock.patch('users.views._verify_browserid') def test_explain_popup(self, _verify_browserid): _verify_browserid.return_value = {'email': '*****@*****.**'} resp = self.client.get(reverse('home', locale='en-US')) # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_('1', resp.cookies.get('browserid_explained').value) resp = self.client.get(reverse('users.logout'), locale='en-US') # even after logout, cookie should prevent the toggle resp = self.client.get(reverse('home', locale='en-US')) eq_('1', self.client.cookies.get('browserid_explained').value) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') def test_valid_assertion_with_new_account_creation(self, _verify_browserid, unsubscribe, subscribe, lookup_user): new_username = '******' new_email = '*****@*****.**' lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': new_email} try: user = User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass # Sign in with a verified email, but with no existing account resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#create_user') eq_(1, form.length) # There should be no error lists on first load eq_(0, page.find('.errorlist').length) # Submit the create_user form, with a chosen username resp = self.client.post( redir_url, { 'username': '******', 'action': 'register', 'country': 'us', 'format': 'html' }) # The submission should result in a redirect to the session's redirect # value eq_(302, resp.status_code) redir_url = resp['Location'] ok_('SUCCESS' in redir_url) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # Ensure that the user was created, and with the submitted username and # verified email address try: user = User.objects.get(email=new_email) eq_(new_username, user.username) eq_(new_email, user.email) except User.DoesNotExist: ok_(False, "New user should have been created") @mock.patch('users.views._verify_browserid') def test_valid_assertion_with_existing_account_login( self, _verify_browserid): """ Removed the existing user form: we don't auth the password with MindTouch anymore """ new_email = '*****@*****.**' _verify_browserid.return_value = {'email': new_email} try: User.objects.get(email=new_email) ok_(False, "User for email should not yet exist") except User.DoesNotExist: pass # Sign in with a verified email, but with no existing account resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) # This should be a redirect to the BrowserID registration page. redir_url = resp['Location'] reg_url = reverse('users.browserid_register', locale='en-US') ok_(reg_url in redir_url) # And, as part of the redirect, the verified email address should be in # our session now. ok_(SESSION_VERIFIED_EMAIL in self.client.session.keys()) verified_email = self.client.session[SESSION_VERIFIED_EMAIL] eq_(new_email, verified_email) # Grab the redirect, assert that there's a create_user form present resp = self.client.get(redir_url) page = pq(resp.content) form = page.find('form#existing_user') eq_(0, form.length) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') def test_valid_assertion_changing_email(self, _verify_browserid, unsubscribe, subscribe, lookup_user): # just need to be authenticated, not necessarily BrowserID self.client.login(username='******', password='******') lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': '*****@*****.**'} resp = self.client.post( reverse('users.browserid_change_email', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('profiles/testuser/edit' in resp['Location']) resp = self.client.get( reverse('devmo_profile_edit', locale='en-US', args=[ 'testuser', ])) eq_(200, resp.status_code) doc = pq(resp.content) ok_('*****@*****.**' in doc.find('li#field_email').text()) @mock.patch('basket.lookup_user') @mock.patch('basket.subscribe') @mock.patch('basket.unsubscribe') @mock.patch('users.views._verify_browserid') def test_valid_assertion_doesnt_steal_email(self, _verify_browserid, unsubscribe, subscribe, lookup_user): # just need to be authenticated, not necessarily BrowserID self.client.login(username='******', password='******') lookup_user.return_value = mock_lookup_user() subscribe.return_value = True unsubscribe.return_value = True _verify_browserid.return_value = {'email': '*****@*****.**'} # doesn't change email if the new email already belongs to another user resp = self.client.post( reverse('users.browserid_change_email', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('change_email' in resp['Location']) resp = self.client.get( reverse('devmo_profile_edit', locale='en-US', args=[ 'testuser', ])) eq_(200, resp.status_code) doc = pq(resp.content) ok_('*****@*****.**' in doc.find('li#field_email').text())
class ChangeEmailTestCase(TestCase): fixtures = ['test_users.json'] def setUp(self): self.client = LocalizingClient() @mock.patch_object(Site.objects, 'get_current') def test_user_change_email(self, get_current): """Send email to change user's email and then change it.""" get_current.return_value.domain = 'su.mo.com' self.client.login(username='******', password='******') # Attempt to change email. response = self.client.post(reverse('users.change_email'), {'email': '*****@*****.**'}, follow=True) eq_(200, response.status_code) # Be notified to click a confirmation link. eq_(1, len(mail.outbox)) assert mail.outbox[0].subject.find('Please confirm your') == 0 ec = EmailChange.objects.all()[0] assert ec.activation_key in mail.outbox[0].body eq_('*****@*****.**', ec.email) # Visit confirmation link to change email. response = self.client.get( reverse('users.confirm_email', args=[ec.activation_key])) eq_(200, response.status_code) u = User.objects.get(username='******') eq_('*****@*****.**', u.email) def test_user_change_email_same(self): """Changing to same email shows validation error.""" self.client.login(username='******', password='******') user = User.objects.get(username='******') user.email = '*****@*****.**' user.save() response = self.client.post(reverse('users.change_email'), {'email': user.email}) eq_(200, response.status_code) doc = pq(response.content) eq_('This is your current email.', doc('ul.errorlist').text()) def test_user_change_email_duplicate(self): """Changing to same email shows validation error.""" self.client.login(username='******', password='******') email = '*****@*****.**' response = self.client.post(reverse('users.change_email'), {'email': email}) eq_(200, response.status_code) doc = pq(response.content) eq_('A user with that email address already exists.', doc('ul.errorlist').text()) @mock.patch_object(Site.objects, 'get_current') def test_user_confirm_email_duplicate(self, get_current): """If we detect a duplicate email when confirming an email change, don't change it and notify the user.""" get_current.return_value.domain = 'su.mo.com' self.client.login(username='******', password='******') old_email = User.objects.get(username='******').email new_email = '*****@*****.**' response = self.client.post(reverse('users.change_email'), {'email': new_email}) eq_(200, response.status_code) assert mail.outbox[0].subject.find('Please confirm your') == 0 ec = EmailChange.objects.all()[0] # Before new email is confirmed, give the same email to a user other_user = User.objects.filter(username='******')[0] other_user.email = new_email other_user.save() # Visit confirmation link and verify email wasn't changed. response = self.client.get( reverse('users.confirm_email', args=[ec.activation_key])) eq_(200, response.status_code) doc = pq(response.content) eq_('Unable to change email for user testuser', doc('article h1').text()) u = User.objects.get(username='******') eq_(old_email, u.email)