def test_expired_request(self):
"""
Expired requests should not be authenticated.
"""
# required for django admin during tests, apparently
self.user.is_superuser = True
self.user.save()
# give us a handle to the unhashed access code
access_code = '1234ABCD'
requesting_user = UserFactory(email="*****@*****.**")
yesterday = datetime.datetime.now(tz=pytz.UTC) - datetime.timedelta(
days=1)
request = CompanyAccessRequestFactory(
access_code=hashlib.md5(access_code).hexdigest(),
requested_by=requesting_user)
# force the request to be expired
request.requested_on = yesterday
request.save()
self.assertTrue(request.expired)
data = {"company": self.company.pk, "verification_code": access_code}
admin_url = reverse("admin:myjobs_companyaccessrequest_change",
args=(request.pk, ))
response = self.client.post(path=admin_url, data=data, follow=True)
# object is cached so we need to refetch it
access_request = CompanyAccessRequest.objects.get(pk=request.pk)
self.assertEqual(access_request.authorized_by, None)
def test_expired_request(self):
"""
Expired requests should not be authenticated.
"""
# required for django admin during tests, apparently
self.user.is_superuser = True
self.user.save()
# give us a handle to the unhashed access code
access_code = '1234ABCD'
requesting_user = UserFactory(email="*****@*****.**")
yesterday = datetime.datetime.now(
tz=pytz.UTC) - datetime.timedelta(days=1)
request = CompanyAccessRequestFactory(
access_code=hashlib.md5(access_code).hexdigest(),
requested_by=requesting_user)
# force the request to be expired
request.requested_on = yesterday
request.save()
self.assertTrue(request.expired)
data = {
"company": self.company.pk,
"verification_code": access_code
}
admin_url = reverse("admin:myjobs_companyaccessrequest_change",
args=(request.pk,))
response = self.client.post(path=admin_url, data=data, follow=True)
# object is cached so we need to refetch it
access_request = CompanyAccessRequest.objects.get(pk=request.pk)
self.assertEqual(access_request.authorized_by, None)
def test_access_code_expiration(self):
"""Any access code older than 1 day should be considered expired."""
now = datetime.datetime.now(tz=pytz.UTC)
yesterday = now - datetime.timedelta(days=1)
access_request = CompanyAccessRequestFactory(requested_by=self.user,
requested_on=now)
self.assertFalse(access_request.expired)
access_request.requested_on = yesterday
access_request.save()
self.assertTrue(access_request.expired)
def test_access_code_expiration(self):
"""Any access code older than 1 day should be considered expired."""
now = datetime.datetime.now(tz=pytz.UTC)
yesterday = now - datetime.timedelta(days=1)
access_request = CompanyAccessRequestFactory(
requested_by=self.user, requested_on=now)
self.assertFalse(access_request.expired)
access_request.requested_on = yesterday
access_request.save()
self.assertTrue(access_request.expired)
def test_approval_form_authenticates_request(self):
"""
Submitting a valid authentication code should result in the request
being updated and a new admin being assigned.
"""
# required for django admin during tests, apparently
self.user.is_superuser = True
self.user.save()
# give us a handle to the unhashed access code
access_code = '1234ABCD'
requesting_user = UserFactory(email="*****@*****.**")
request = CompanyAccessRequestFactory(
access_code=hashlib.md5(access_code).hexdigest(),
requested_by=requesting_user)
# code shouldn't have been authorized yet
self.assertFalse(request.authorized_by)
data = {"company": self.company.pk, "verification_code": access_code}
admin_url = "%s%s/" % (reverse(
"admin:myjobs_companyaccessrequest_changelist"), request.pk)
self.client.post(path=admin_url, data=data)
# object is cached so we need to refetch it
access_request = CompanyAccessRequest.objects.get(pk=request.pk)
self.assertEqual(access_request.authorized_by, self.user)
