def test_initial_verification_for_user(self):
"""Test that method 'get_initial_verification' of model
'SoftwareSecurePhotoVerification' always returns the initial
verification with field 'photo_id_key' set against a user.
"""
user = UserFactory.create()
# No initial verification for the user
result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
self.assertIs(result, None)
# Make an initial verification with 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(
user=user, photo_id_key="dummy_photo_id_key")
attempt.status = 'approved'
attempt.save()
# Check that method 'get_initial_verification' returns the correct
# initial verification attempt
first_result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
self.assertIsNotNone(first_result)
# Now create a second verification without 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'submitted'
attempt.save()
# Test method 'get_initial_verification' still returns the correct
# initial verification attempt which have 'photo_id_key' set
second_result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
self.assertIsNotNone(second_result)
self.assertEqual(second_result, first_result)
def test_initial_verification_for_user(self):
"""Test that method 'get_initial_verification' of model
'SoftwareSecurePhotoVerification' always returns the initial
verification with field 'photo_id_key' set against a user.
"""
user = UserFactory.create()
# No initial verification for the user
result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIs(result, None)
# Make an initial verification with 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user, photo_id_key="dummy_photo_id_key")
attempt.status = 'approved'
attempt.save()
# Check that method 'get_initial_verification' returns the correct
# initial verification attempt
first_result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIsNotNone(first_result)
# Now create a second verification without 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'submitted'
attempt.save()
# Test method 'get_initial_verification' still returns the correct
# initial verification attempt which have 'photo_id_key' set
second_result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIsNotNone(second_result)
self.assertEqual(second_result, first_result)
def test_user_status(self):
# test for correct status when no error returned
user = UserFactory.create()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('none', ''))
# test for when one has been created
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'approved'
attempt.save()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('approved', ''))
# create another one for the same user, make sure the right one is
# returned
attempt2 = SoftwareSecurePhotoVerification(user=user)
attempt2.status = 'denied'
attempt2.error_msg = '[{"photoIdReasons": ["Not provided"]}]'
attempt2.save()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('approved', ''))
# now delete the first one and verify that the denial is being handled
# properly
attempt.delete()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('must_reverify', "No photo ID was provided."))
def test_user_status(self):
# test for correct status when no error returned
user = UserFactory.create()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('none', ''))
# test for when one has been created
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'approved'
attempt.save()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('approved', ''))
# create another one for the same user, make sure the right one is
# returned
attempt2 = SoftwareSecurePhotoVerification(user=user)
attempt2.status = 'denied'
attempt2.error_msg = '[{"photoIdReasons": ["Not provided"]}]'
attempt2.save()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status, ('approved', ''))
# now delete the first one and verify that the denial is being handled
# properly
attempt.delete()
status = SoftwareSecurePhotoVerification.user_status(user)
self.assertEquals(status,
('must_reverify', "No photo ID was provided."))
def _verify_user():
if not SoftwareSecurePhotoVerification.user_is_verified(user):
obj = SoftwareSecurePhotoVerification(
user=user, photo_id_key="dummy_photo_id_key")
obj.status = 'approved'
obj.submitted_at = datetime.datetime.now()
obj.reviewing_user = User.objects.get(username='******')
obj.save()
def test_initial_verification_for_user(self):
"""Test that method 'get_initial_verification' of model
'SoftwareSecurePhotoVerification' always returns the initial
verification with field 'photo_id_key' set against a user.
"""
user = UserFactory.create()
# No initial verification for the user
result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
assert result is None
# Make an initial verification with 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(
user=user, photo_id_key="dummy_photo_id_key")
attempt.status = PhotoVerification.STATUS.approved
attempt.save()
# Check that method 'get_initial_verification' returns the correct
# initial verification attempt
first_result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
assert first_result is not None
# Now create a second verification without 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = PhotoVerification.STATUS.submitted
attempt.save()
# Test method 'get_initial_verification' still returns the correct
# initial verification attempt which have 'photo_id_key' set
second_result = SoftwareSecurePhotoVerification.get_initial_verification(
user=user)
assert second_result is not None
assert second_result == first_result
# Test method 'get_initial_verification' returns None after expiration
expired_future = now() + timedelta(
days=(FAKE_SETTINGS['DAYS_GOOD_FOR'] + 1))
with freeze_time(expired_future):
third_result = SoftwareSecurePhotoVerification.get_initial_verification(
user)
assert third_result is None
# Test method 'get_initial_verification' returns correct attempt after system expiration,
# but within earliest allowed override.
expired_future = now() + timedelta(
days=(FAKE_SETTINGS['DAYS_GOOD_FOR'] + 1))
earliest_allowed = now() - timedelta(days=1)
with freeze_time(expired_future):
fourth_result = SoftwareSecurePhotoVerification.get_initial_verification(
user, earliest_allowed)
assert fourth_result is not None
assert fourth_result == first_result
def test_get_verification_from_receipt(self):
result = SoftwareSecurePhotoVerification.get_verification_from_receipt(
'')
assert result is None
user = UserFactory.create()
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = PhotoVerification.STATUS.submitted
attempt.save()
receipt_id = attempt.receipt_id
result = SoftwareSecurePhotoVerification.get_verification_from_receipt(
receipt_id)
assert result is not None
def test_expiration_date_null(self):
"""
Test if the `expiration_date` field is null, `expiration_datetime` returns a
default expiration date based on the time the entry was created.
"""
user = UserFactory.create()
verification = SoftwareSecurePhotoVerification(user=user)
verification.expiration_date = None
verification.save()
assert verification.expiration_datetime == (
verification.created_at +
timedelta(days=FAKE_SETTINGS['DAYS_GOOD_FOR']))
def test_active_for_user(self):
"""
Make sure we can retrive a user's active (in progress) verification
attempt.
"""
user = UserFactory.create()
# This user has no active at the moment...
assert_is_none(SoftwareSecurePhotoVerification.active_for_user(user))
# Create an attempt and mark it ready...
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.mark_ready()
assert_equals(attempt,
SoftwareSecurePhotoVerification.active_for_user(user))
# A new user won't see this...
user2 = UserFactory.create()
user2.save()
assert_is_none(SoftwareSecurePhotoVerification.active_for_user(user2))
# If it's got a different status, it doesn't count
for status in ["submitted", "must_retry", "approved", "denied"]:
attempt.status = status
attempt.save()
assert_is_none(
SoftwareSecurePhotoVerification.active_for_user(user))
# But if we create yet another one and mark it ready, it passes again.
attempt_2 = SoftwareSecurePhotoVerification(user=user)
attempt_2.mark_ready()
assert_equals(attempt_2,
SoftwareSecurePhotoVerification.active_for_user(user))
# And if we add yet another one with a later created time, we get that
# one instead. We always want the most recent attempt marked ready()
attempt_3 = SoftwareSecurePhotoVerification(
user=user, created_at=attempt_2.created_at + timedelta(days=1))
attempt_3.save()
# We haven't marked attempt_3 ready yet, so attempt_2 still wins
assert_equals(attempt_2,
SoftwareSecurePhotoVerification.active_for_user(user))
# Now we mark attempt_3 ready and expect it to come back
attempt_3.mark_ready()
assert_equals(attempt_3,
SoftwareSecurePhotoVerification.active_for_user(user))
def test_initial_verification_for_user(self):
"""Test that method 'get_initial_verification' of model
'SoftwareSecurePhotoVerification' always returns the initial
verification with field 'photo_id_key' set against a user.
"""
user = UserFactory.create()
# No initial verification for the user
result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIs(result, None)
# Make an initial verification with 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user, photo_id_key="dummy_photo_id_key")
attempt.status = 'approved'
attempt.save()
# Check that method 'get_initial_verification' returns the correct
# initial verification attempt
first_result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIsNotNone(first_result)
# Now create a second verification without 'photo_id_key'
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'submitted'
attempt.save()
# Test method 'get_initial_verification' still returns the correct
# initial verification attempt which have 'photo_id_key' set
second_result = SoftwareSecurePhotoVerification.get_initial_verification(user=user)
self.assertIsNotNone(second_result)
self.assertEqual(second_result, first_result)
# Test method 'get_initial_verification' returns None after expiration
expired_future = datetime.utcnow() + timedelta(days=(FAKE_SETTINGS['DAYS_GOOD_FOR'] + 1))
with freeze_time(expired_future):
third_result = SoftwareSecurePhotoVerification.get_initial_verification(user)
self.assertIsNone(third_result)
# Test method 'get_initial_verification' returns correct attempt after system expiration,
# but within earliest allowed override.
expired_future = datetime.utcnow() + timedelta(days=(FAKE_SETTINGS['DAYS_GOOD_FOR'] + 1))
earliest_allowed = datetime.utcnow() - timedelta(days=1)
with freeze_time(expired_future):
fourth_result = SoftwareSecurePhotoVerification.get_initial_verification(user, earliest_allowed)
self.assertIsNotNone(fourth_result)
self.assertEqual(fourth_result, first_result)
def test_active_for_user(self):
"""
Make sure we can retrive a user's active (in progress) verification
attempt.
"""
user = UserFactory.create()
# This user has no active at the moment...
assert_is_none(SoftwareSecurePhotoVerification.active_for_user(user))
# Create an attempt and mark it ready...
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.mark_ready()
assert_equals(attempt, SoftwareSecurePhotoVerification.active_for_user(user))
# A new user won't see this...
user2 = UserFactory.create()
user2.save()
assert_is_none(SoftwareSecurePhotoVerification.active_for_user(user2))
# If it's got a different status, it doesn't count
for status in ["submitted", "must_retry", "approved", "denied"]:
attempt.status = status
attempt.save()
assert_is_none(SoftwareSecurePhotoVerification.active_for_user(user))
# But if we create yet another one and mark it ready, it passes again.
attempt_2 = SoftwareSecurePhotoVerification(user=user)
attempt_2.mark_ready()
assert_equals(attempt_2, SoftwareSecurePhotoVerification.active_for_user(user))
# And if we add yet another one with a later created time, we get that
# one instead. We always want the most recent attempt marked ready()
attempt_3 = SoftwareSecurePhotoVerification(
user=user,
created_at=attempt_2.created_at + timedelta(days=1)
)
attempt_3.save()
# We haven't marked attempt_3 ready yet, so attempt_2 still wins
assert_equals(attempt_2, SoftwareSecurePhotoVerification.active_for_user(user))
# Now we mark attempt_3 ready and expect it to come back
attempt_3.mark_ready()
assert_equals(attempt_3, SoftwareSecurePhotoVerification.active_for_user(user))
def test_update_expiry_email_date_for_user(self):
"""Test that method update_expiry_email_date_for_user of
model 'SoftwareSecurePhotoVerification' set expiry_email_date
if the most recent approved verification is expired.
"""
email_config = getattr(settings, 'VERIFICATION_EXPIRY_EMAIL', {'DAYS_RANGE': 1, 'RESEND_DAYS': 15})
user = UserFactory.create()
verification = SoftwareSecurePhotoVerification(user=user)
verification.expiry_date = now() - timedelta(days=FAKE_SETTINGS['DAYS_GOOD_FOR'])
verification.status = 'approved'
verification.save()
self.assertIsNone(verification.expiry_email_date)
SoftwareSecurePhotoVerification.update_expiry_email_date_for_user(user, email_config)
result = SoftwareSecurePhotoVerification.get_recent_verification(user=user)
self.assertIsNotNone(result.expiry_email_date)
def test_get_recent_verification_expiry_null(self):
"""Test that method 'get_recent_verification' of model
'SoftwareSecurePhotoVerification' will return None when expiry_date
is NULL for 'approved' verifications based on updated_at value.
"""
user = UserFactory.create()
attempt = None
for _ in range(2):
# Make an approved verification
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = PhotoVerification.STATUS.approved
attempt.save()
# Test method 'get_recent_verification' returns None
# as attempts don't have an expiry_date
recent_verification = SoftwareSecurePhotoVerification.get_recent_verification(
user=user)
self.assertIsNone(recent_verification)
def test_get_recent_verification(self):
"""Test that method 'get_recent_verification' of model
'SoftwareSecurePhotoVerification' always returns the most
recent 'approved' verification based on updated_at set
against a user.
"""
user = UserFactory.create()
attempt = None
for _ in range(2):
# Make an approved verification
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = 'approved'
attempt.save()
# Test method 'get_recent_verification' returns the most recent
# verification attempt based on updated_at
recent_verification = SoftwareSecurePhotoVerification.get_recent_verification(user=user)
self.assertIsNotNone(recent_verification)
self.assertEqual(recent_verification.id, attempt.id)
def test_user_has_valid_or_pending(self):
"""
Determine whether we have to prompt this user to verify, or if they've
already at least initiated a verification submission.
"""
user = UserFactory.create()
attempt = SoftwareSecurePhotoVerification(user=user)
# If it's any of these statuses, they don't have anything outstanding
for status in ["created", "ready", "denied"]:
attempt.status = status
attempt.save()
assert_false(SoftwareSecurePhotoVerification.user_has_valid_or_pending(user), status)
# Any of these, and we are. Note the benefit of the doubt we're giving
# -- must_retry, and submitted both count until we hear otherwise
for status in ["submitted", "must_retry", "approved"]:
attempt.status = status
attempt.save()
assert_true(SoftwareSecurePhotoVerification.user_has_valid_or_pending(user), status)
def test_get_recent_verification(self):
"""Test that method 'get_recent_verification' of model
'SoftwareSecurePhotoVerification' always returns the most
recent 'approved' verification based on updated_at set
against a user.
"""
user = UserFactory.create()
attempt = None
for _ in range(2):
# Make an approved verification
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.status = PhotoVerification.STATUS.approved
attempt.expiration_date = datetime.now()
attempt.save()
# Test method 'get_recent_verification' returns the most recent
# verification attempt based on updated_at
recent_verification = SoftwareSecurePhotoVerification.get_recent_verification(
user=user)
assert recent_verification is not None
assert recent_verification.id == attempt.id
def test_user_is_verified(self):
"""
Test to make sure we correctly answer whether a user has been verified.
"""
user = UserFactory.create()
attempt = SoftwareSecurePhotoVerification(user=user)
attempt.save()
# If it's any of these, they're not verified...
for status in ["created", "ready", "denied", "submitted", "must_retry"]:
attempt.status = status
attempt.save()
assert_false(SoftwareSecurePhotoVerification.user_is_verified(user), status)
attempt.status = "approved"
attempt.save()
assert_true(SoftwareSecurePhotoVerification.user_is_verified(user), attempt.status)
def test_user_has_ever_been_verified(self):
"""
Test to make sure we correctly answer whether a user has ever been verified.
"""
# Missing user
assert not IDVerificationService.user_has_ever_been_verified(None)
# User without any attempts
photo_user = UserFactory.create()
assert not IDVerificationService.user_has_ever_been_verified(
photo_user)
# User without an approved attempt
attempt = SoftwareSecurePhotoVerification(user=photo_user,
status='submitted')
attempt.save()
assert not IDVerificationService.user_has_ever_been_verified(
photo_user)
# User with a submitted, then an approved attempt
attempt = SoftwareSecurePhotoVerification(user=photo_user,
status='approved')
attempt.save()
assert IDVerificationService.user_has_ever_been_verified(photo_user)
# User with a manual approved attempt
manual_user = UserFactory.create()
attempt = ManualVerification(user=manual_user, status='approved')
attempt.save()
assert IDVerificationService.user_has_ever_been_verified(manual_user)
# User with 2 manual approved attempts
attempt = ManualVerification(user=manual_user, status='approved')
attempt.save()
assert IDVerificationService.user_has_ever_been_verified(manual_user)
# User with an SSO approved attempt, then a must_retry attempt
sso_user = UserFactory.create()
attempt = SSOVerification(user=sso_user, status='approved')
attempt.save()
attempt = SSOVerification(user=sso_user, status='must_retry')
attempt.save()
assert IDVerificationService.user_has_ever_been_verified(sso_user)