def test_only_self_edits(self): p1 = ProfileFactory() p2 = ProfileFactory() self.client.force_authenticate(user=p2.user) url = reverse('user-detail', args=[p1.user.username]) res = self.client.patch(url, {}) # u2 should not have permission to edit u1's user. eq_(res.status_code, 403)
def test_request_password_reset(self, get_current): get_current.return_value.domain = 'testserver' p = ProfileFactory() url = reverse('user-request-password-reset', args=[p.user.username]) res = self.client.get(url) eq_(res.status_code, 204) eq_(1, len(mail.outbox))
def test_settings_visible_when_signed_in(self): p = ProfileFactory() p.settings.create(name="foo", value="bar") url = reverse("user-detail", args=[p.user.username]) self.client.force_authenticate(user=p.user) res = self.client.get(url) eq_(res.data["settings"], [{"name": "foo", "value": "bar"}])
def test_adds_event_to_db(self, key, process_mock): profile = ProfileFactory(fxa_uid="54321") events = { "https://schemas.accounts.firefox.com/event/password-change": { "changeTime": 1565721242227 } } eq_(0, AccountEvent.objects.count()) response = self._call_webhook(events, key) eq_(202, response.status_code) eq_(1, AccountEvent.objects.count()) eq_(1, process_mock.delay.call_count) account_event = AccountEvent.objects.last() eq_(account_event.status, AccountEvent.UNPROCESSED) self.assertEqual(json.loads(account_event.body), list(events.values())[0]) eq_(account_event.event_type, AccountEvent.PASSWORD_CHANGE) eq_(account_event.fxa_uid, "54321") eq_(account_event.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event.issued_at, "1565720808") eq_(account_event.profile, profile)
def test_settings_visible_when_signed_in(self): p = ProfileFactory() p.settings.create(name='foo', value='bar') url = reverse('user-detail', args=[p.user.username]) self.client.force_authenticate(user=p.user) res = self.client.get(url) eq_(res.data['settings'], [{'name': 'foo', 'value': 'bar'}])
def test_last_answer_date(self): p = ProfileFactory() u = p.user AnswerFactory(creator=u) serializer = api.ProfileSerializer(instance=p) eq_(serializer.data['last_answer_date'], u.answers.last().created)
def test_set_setting_add(self): p = ProfileFactory() self.client.force_authenticate(user=p.user) url = reverse('user-set-setting', args=[p.user.username]) res = self.client.post(url, {'name': 'foo', 'value': 'bar'}) eq_(res.status_code, 200) eq_(p.settings.get(name='foo').value, 'bar')
def test_cant_update_username(self): p = ProfileFactory(user__username='******') serializer = api.ProfileSerializer(data=self.data, instance=p) eq_(serializer.is_valid(), False) eq_(serializer.errors, { 'username': [u"Can't change this field."], })
def test_delete_setting_exists_with_delete(self): p = ProfileFactory() self.client.force_authenticate(user=p.user) s = SettingFactory(user=p.user) url = reverse('user-delete-setting', args=[p.user.username]) res = self.client.delete(url, {'name': s.name}) eq_(res.status_code, 204) eq_(p.settings.filter(name=s.name).count(), 0)
def test_avatar_size(self): p = ProfileFactory() url = reverse("user-detail", args=[p.user.username]) res = self.client.get(url) assert "?s=200" in res.data["avatar"] res = self.client.get(url, {"avatar_size": 128}) assert "?s=128" in res.data["avatar"]
def test_avatar_size(self): p = ProfileFactory() url = reverse('user-detail', args=[p.user.username]) res = self.client.get(url) assert '?s=200' in res.data['avatar'] res = self.client.get(url, {'avatar_size': 128}) assert '?s=128' in res.data['avatar']
def test_logs_out_user_first_seen_before_password_change(self): self.request.user = ProfileFactory( fxa_password_change=datetime.utcnow() + timedelta(minutes=5)).user self._process_request(self.request) response = self._process_request(self.request) assert isinstance(self.request.user, AnonymousUser) assert isinstance(response, HttpResponseRedirect)
def test_does_nothing_if_user_first_seen_after_password_change(self): self.request.user = ProfileFactory( fxa_password_change=datetime.utcnow() - timedelta(minutes=5)).user user = self.request.user self._process_request(self.request) self._process_request(self.request) self.assertEqual(user, self.request.user)
def test_set_setting_update(self): p = ProfileFactory() self.client.force_authenticate(user=p.user) s = SettingFactory(user=p.user, name='favorite_fruit', value='apple') url = reverse('user-set-setting', args=[p.user.username]) res = self.client.post(url, {'name': 'favorite_fruit', 'value': 'banana'}) eq_(res.status_code, 200) eq_(res.data['value'], 'banana') s = Setting.objects.get(id=s.id) eq_(s.value, 'banana')
def test_add_and_delete(self): """Adding a user with a profile should add it to the index. Deleting should delete it. """ p = ProfileFactory() self.refresh() eq_(UserMappingType.search().count(), 1) p.user.delete() self.refresh() eq_(UserMappingType.search().count(), 0)
def test_process_password_change(self): profile = ProfileFactory() account_event_1 = AccountEventFactory( body=json.dumps({ "changeTime": 2000 }), event_type=AccountEvent.PASSWORD_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile ) process_event_password_change(account_event_1.id) profile.refresh_from_db() account_event_1.refresh_from_db() eq_(profile.fxa_password_change, datetime.utcfromtimestamp(2)) eq_(account_event_1.status, AccountEvent.PROCESSED) account_event_2 = AccountEventFactory( body=json.dumps({ "changeTime": 1000 }), event_type=AccountEvent.PASSWORD_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile ) process_event_password_change(account_event_2.id) profile.refresh_from_db() account_event_2.refresh_from_db() eq_(profile.fxa_password_change, datetime.utcfromtimestamp(2)) eq_(account_event_2.status, AccountEvent.IGNORED)
def test_process_subscription_state_change_out_of_order(self): profile = ProfileFactory() account_event_1 = AccountEventFactory( body=json.dumps({ "capabilities": ["capability_1"], "isActive": True, "changeTime": 1 }), event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile ) process_event_subscription_state_change(account_event_1.id) account_event_1.refresh_from_db() eq_(account_event_1.status, AccountEvent.PROCESSED) account_event_2 = AccountEventFactory( body=json.dumps({ "capabilities": ["capability_1"], "isActive": True, "changeTime": 3 }), event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile ) process_event_subscription_state_change(account_event_2.id) account_event_2.refresh_from_db() eq_(account_event_2.status, AccountEvent.PROCESSED) account_event_3 = AccountEventFactory( body=json.dumps({ "capabilities": ["capability_1"], "isActive": False, "changeTime": 2 }), event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile ) process_event_subscription_state_change(account_event_3.id) account_event_3.refresh_from_db() eq_(account_event_3.status, AccountEvent.IGNORED)
def test_process_delete_user(self): profile = ProfileFactory() account_event = AccountEventFactory( body=json.dumps({}), event_type=AccountEvent.DELETE_USER, status=AccountEvent.UNPROCESSED, profile=profile) assert profile.user.is_active process_event_delete_user(account_event.id) profile.user.refresh_from_db() account_event.refresh_from_db() assert not profile.user.is_active eq_(account_event.status, AccountEvent.PROCESSED)
def test_handles_unknown_events(self, key, process_mock): profile = ProfileFactory(fxa_uid="54321") events = { "https://schemas.accounts.firefox.com/event/delete-user": {}, "https://schemas.accounts.firefox.com/event/foobar": {}, "barfoo": {} } eq_(0, AccountEvent.objects.count()) response = self._call_webhook(events, key) eq_(202, response.status_code) eq_(3, AccountEvent.objects.count()) eq_(1, process_mock.delay.call_count) account_event_1 = AccountEvent.objects.get( event_type=AccountEvent.DELETE_USER ) account_event_2 = AccountEvent.objects.get( event_type="foobar" ) account_event_3 = AccountEvent.objects.get( event_type="barfoo" ) self.assertEqual(json.loads(account_event_1.body), {}) self.assertEqual(json.loads(account_event_2.body), {}) self.assertEqual(json.loads(account_event_3.body), {}) eq_(account_event_1.status, AccountEvent.UNPROCESSED) eq_(account_event_2.status, AccountEvent.NOT_IMPLEMENTED) eq_(account_event_3.status, AccountEvent.NOT_IMPLEMENTED) eq_(account_event_1.fxa_uid, "54321") eq_(account_event_2.fxa_uid, "54321") eq_(account_event_3.fxa_uid, "54321") eq_(account_event_1.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event_2.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event_3.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event_1.issued_at, "1565720808") eq_(account_event_2.issued_at, "1565720808") eq_(account_event_3.issued_at, "1565720808") eq_(account_event_1.profile, profile) eq_(account_event_2.profile, profile) eq_(account_event_3.profile, profile)
def test_adds_multiple_events_to_db(self, key, process_subscription_mock, process_profile_mock): profile = ProfileFactory(fxa_uid="54321") events = { "https://schemas.accounts.firefox.com/event/profile-change": {}, "https://schemas.accounts.firefox.com/event/subscription-state-change": { "capabilities": ["capability_1", "capability_2"], "isActive": True, "changeTime": 1565721242227, }, } eq_(0, AccountEvent.objects.count()) response = self._call_webhook(events, key) eq_(202, response.status_code) eq_(2, AccountEvent.objects.count()) eq_(1, process_subscription_mock.delay.call_count) eq_(1, process_profile_mock.delay.call_count) account_event_1 = AccountEvent.objects.get( event_type=AccountEvent.PROFILE_CHANGE) account_event_2 = AccountEvent.objects.get( event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE) self.assertEqual(json.loads(account_event_1.body), {}) self.assertEqual(json.loads(account_event_2.body), list(events.values())[1]) eq_(account_event_1.status, AccountEvent.UNPROCESSED) eq_(account_event_2.status, AccountEvent.UNPROCESSED) eq_(account_event_1.fxa_uid, "54321") eq_(account_event_2.fxa_uid, "54321") eq_(account_event_1.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event_2.jwt_id, "e19ed6c5-4816-4171-aa43-56ffe80dbda1") eq_(account_event_1.issued_at, "1565720808") eq_(account_event_2.issued_at, "1565720808") eq_(account_event_1.profile, profile) eq_(account_event_2.profile, profile)
def test_process_subscription_state_change(self): product_1 = ProductFactory(codename="capability_1") product_2 = ProductFactory(codename="capability_2") product_3 = ProductFactory(codename="capability_3") profile = ProfileFactory() profile.products.add(product_3) account_event_1 = AccountEventFactory( body=json.dumps({ "capabilities": ["capability_1", "capability_2"], "isActive": True, "changeTime": 1, }), event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile, ) process_event_subscription_state_change(account_event_1.id) account_event_1.refresh_from_db() self.assertCountEqual(profile.products.all(), [product_1, product_2, product_3]) eq_(account_event_1.status, AccountEvent.PROCESSED) account_event_2 = AccountEventFactory( body=json.dumps({ "capabilities": ["capability_1", "capability_2"], "isActive": False, "changeTime": 2, }), event_type=AccountEvent.SUBSCRIPTION_STATE_CHANGE, status=AccountEvent.UNPROCESSED, profile=profile, ) process_event_subscription_state_change(account_event_2.id) account_event_2.refresh_from_db() self.assertCountEqual(profile.products.all(), [product_3]) eq_(account_event_2.status, AccountEvent.PROCESSED)
def setUp(self): self.profile = ProfileFactory() group = GroupFactory() self.profile.user.groups.add(group) self.prepare().save() self.profile.user.groups.remove(group)
def test_is_active(self): p = ProfileFactory() url = reverse('user-detail', args=[p.user.username]) res = self.client.get(url) assert 'is_active' in res.data
def test_settings_not_visible_when_signed_out(self): p = ProfileFactory() p.settings.create(name='foo', value='bar') url = reverse('user-detail', args=[p.user.username]) res = self.client.get(url) assert 'settings' not in res.data
def test_settings_not_visible_when_signed_out(self): p = ProfileFactory() p.settings.create(name="foo", value="bar") url = reverse("user-detail", args=[p.user.username]) res = self.client.get(url) assert "settings" not in res.data
def test_email_not_visible_when_signed_out(self): p = ProfileFactory() url = reverse('user-detail', args=[p.user.username]) res = self.client.get(url) assert 'email' not in res.data
def test_email_visible_when_signed_in(self): p = ProfileFactory() url = reverse('user-detail', args=[p.user.username]) self.client.force_authenticate(user=p.user) res = self.client.get(url) eq_(res.data['email'], p.user.email)
def test_cant_delete(self): p = ProfileFactory() self.client.force_authenticate(user=p.user) url = reverse('user-detail', args=[p.user.username]) res = self.client.delete(url) eq_(res.status_code, 405)
def test_delete_setting_404(self): p = ProfileFactory() self.client.force_authenticate(user=p.user) url = reverse('user-delete-setting', args=[p.user.username]) res = self.client.post(url, {'name': 'nonexistant'}) eq_(res.status_code, 404)