def test_entire_reset_process_works(self):
user = UserFactory(phone_number="5551234567")
assert self.mutate_password_reset() == []
assert self.mutate_password_reset_verification_code() == []
assert self.mutate_password_reset_confirm() == []
user.refresh_from_db()
assert user.check_password("my_new_pw1234") is True
def test_it_works(self, db):
user = UserFactory()
now = time.time()
self.configure_session(timestamp=now, user_id=user.pk)
assert self.set_pw("my_awesome_new_pw") is None
user.refresh_from_db()
assert user.check_password("my_awesome_new_pw") is True
def test_entire_reset_process_with_login_works(self):
user = UserFactory(phone_number="5551234567")
assert self.mutate_password_reset() == []
assert self.mutate_password_reset_verification_code() == []
assert self.mutate_password_reset_confirm_and_login() == {
"errors": [],
"session": {
"phoneNumber": "5551234567"
},
}
user.refresh_from_db()
assert user.check_password("my_new_pw1234") is True
def test_profile_can_be_updated(self):
user = UserFactory()
data = {
'first_name': 'Вася',
'last_name': 'Долгополов',
'email': '*****@*****.**',
}
self.client.force_login(user)
url = reverse('user:profile-update')
response = self.client.post(url, data)
self.assertEqual(response.status_code, 302)
user.refresh_from_db()
self.assertEqual(user.first_name, data.get('first_name'))
self.assertEqual(user.last_name, data.get('last_name'))
self.assertEqual(user.email, data.get('email'))
def test_update_user(self):
"""User data is updated correctly."""
user = UserFactory(first_name="Old Name")
serializer = UserSerializer(
user,
data={"first_name": "New Name"},
partial=True,
context={"request": self.request},
)
self.assertTrue(serializer.is_valid())
serializer.save()
user.refresh_from_db()
self.assertEqual(user.first_name, "New Name")
class AuthTestCase(APITestCase):
def setUp(self) -> None:
self.user = UserFactory()
self.password = "******"
def test_no_login(self):
url = reverse("api:users:login")
resp = self.client.post(
url, {"email": "foo", "password": "******"}, format="json"
)
self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)
def test_login(self):
self.assertIsNone(self.user.last_login)
self.assertEqual(djconf.TOKEN_MODEL.objects.count(), 0)
self.assertEqual(Session.objects.count(), 0)
url = reverse("api:users:login")
resp = self.client.post(
url, {"email": self.user.email, "password": self.password}, format="json"
)
self.assertEqual(resp.status_code, status.HTTP_200_OK)
self.user.refresh_from_db()
self.assertIsNotNone(self.user.last_login)
self.assertEqual(djconf.TOKEN_MODEL.objects.count(), 1)
self.assertEqual(Session.objects.count(), 1)
def test_logout(self):
url = reverse("api:users:login")
resp = self.client.post(
url, {"email": self.user.email, "password": self.password}, format="json"
)
self.assertEqual(resp.status_code, status.HTTP_200_OK)
self.assertEqual(djconf.TOKEN_MODEL.objects.count(), 1)
self.assertEqual(Session.objects.count(), 1)
url2 = reverse("api:users:logout")
resp2 = self.client.post(url2, format="json")
self.assertEqual(resp2.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(djconf.TOKEN_MODEL.objects.count(), 0)
self.assertEqual(Session.objects.count(), 0)
def test_partial_update(self):
user = UserFactory()
profile = ProfileFactory(user=user)
new_profile_data = ProfileFactory.build()
new_user_data = UserFactory.build()
data = {
"description": new_profile_data.description,
"last_name": new_user_data.last_name,
}
serializer = ProfileSerializer(instance=profile,
data=data,
partial=True)
assert serializer.is_valid(), serializer.errors
serializer.save()
user.refresh_from_db()
assert user.last_name == data["last_name"]
profile.refresh_from_db()
assert profile.description == data["description"]
class UsersViewsTests(TestCase):
"""Tests for users.views"""
def setUp(self):
self.player = UserFactory(
email='*****@*****.**',
password='******',
username='******',
timezone='Europe/Tallinn',
riot_id='SpawN',
riot_tag='#123',
)
self.player_to_delete = UserFactory()
self.User = get_user_model()
def tests_profile(self):
"""Tests for users.views.profile"""
url = reverse('users:profile')
# [GET] AnonymousUser
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
self.assertEqual(response['location'], '/login/?next=/profile/')
# [GET] Authenticated User
self.client.force_login(self.player)
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'users/profile.html')
self.assertContains(response, self.player.email)
self.client.logout()
def tests_edit_profile(self):
"""Tests for users.views.edit_profile"""
url = reverse('users:edit_profile')
self.client.force_login(self.player)
# [POST] Changing the username and the timezone
payload = {
'email': self.player.email,
'timezone': 'Europe/Stockholm',
'username': '******',
'riot_id': 'SpawN',
'riot_tag': '#123',
'avatar': '/avatars/default.png',
}
response = self.client.post(url, payload)
self.player.refresh_from_db()
self.assertEqual(response.status_code, 302)
self.assertEqual(self.player.username, 'SpawN')
self.assertEqual(self.player.timezone, 'Europe/Stockholm')
# [POST] Changing the username without providing the required fields
payload = {'username': '******'}
response = self.client.post(url, payload)
self.player.refresh_from_db()
self.assertEqual(self.player.username, 'SpawN')
self.client.logout()
def tests_signup(self):
"""Tests for users.views.signup"""
url = reverse('users:signup')
email = '*****@*****.**'
password = '******'
username = '******'
timezone = 'Europe/Stockholm'
# [GET] Rendering the signup form
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context['form'])
# [POST] Creating a user with empty username
payload = {
'email': email,
'password1': password,
'password2': password,
'timezone': timezone,
}
_ = self.client.post(url, payload, follow=True)
with self.assertRaises(ObjectDoesNotExist):
self.User.objects.get(email=email)
# [POST] Creating a valid user
payload.update(username=username)
response = self.client.post(url, payload, follow=True)
self.assertEqual(response.status_code, 200)
self.assertTrue(self.User.objects.get(email=email))
def tests_login(self):
"""Tests for users.views.login"""
url = reverse('users:login')
email = '*****@*****.**'
password = '******'
# [GET] Login page
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
# [POST] Connection with the wrong password
payload = {
'email': email,
'password': '******',
}
response = self.client.post(url, payload)
self.assertEqual(response.status_code, 200)
# [POST] Connection with the correct credentials
payload.update(password=password)
response = self.client.post(url, payload)
self.assertEqual(response.status_code, 302)
def tests_delete_account(self):
"""Tests for users.views.delete_account"""
url = reverse('users:delete_account')
# [GET] Deleting a user account
self.client.force_login(self.player_to_delete)
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 200)
with self.assertRaises(ObjectDoesNotExist):
self.player_to_delete.refresh_from_db()
class UserViewTests(APITestCase):
def setUp(self):
self.admin = AdminFactory()
self.client.credentials(HTTP_AUTHORIZATION="Token " +
self.admin.auth_token.key)
self.user = UserFactory(first_name="Name")
self.data = {
"first_name": "Test",
"last_name": "User",
"email": "*****@*****.**",
"is_active": True,
"is_staff": False,
"is_superuser": False,
}
def test_list_users(self):
"""User can view other users."""
response = self.client.get(reverse("v1:users-list"))
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data), 2)
def test_create_user(self):
"""Admins can create new users."""
response = self.client.post(reverse("v1:users-list"), self.data)
user = User.objects.filter(email=self.data["email"])
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertTrue(user.exists())
user = user.first()
self.assertEqual(user.first_name, self.data["first_name"])
self.assertEqual(user.last_name, self.data["last_name"])
self.assertEqual(user.email, self.data["email"])
self.assertEqual(user.is_active, self.data["is_active"])
self.assertEqual(user.is_staff, self.data["is_staff"])
self.assertEqual(user.is_superuser, self.data["is_superuser"])
def test_create_user_invalid(self):
"""Users can not create new users."""
user = UserFactory()
self.client.credentials(HTTP_AUTHORIZATION="Token " +
user.auth_token.key)
response = self.client.post(reverse("v1:users-list"), self.data)
user = User.objects.filter(email=self.data["email"])
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertFalse(user.exists())
def test_user_partial_update(self):
"""Admins can patch user data."""
data = {"first_name": "New Name"}
response = self.client.patch(
reverse("v1:users-detail", args=[self.user.pk]), data)
self.user.refresh_from_db()
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(self.user.first_name, data["first_name"])
def test_user_partial_update_invalid(self):
"""Users can not patch user data."""
user = UserFactory()
self.client.credentials(HTTP_AUTHORIZATION="Token " +
user.auth_token.key)
data = {"first_name": "New Name"}
response = self.client.patch(
reverse("v1:users-detail", args=[self.user.pk]), data)
self.user.refresh_from_db()
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertEqual(self.user.first_name, "Name")
def test_user_delete(self):
"""Admins can delete users."""
response = self.client.delete(
reverse("v1:users-detail", args=[self.user.pk]))
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertFalse(User.objects.filter(pk=self.user.pk).exists())
def test_user_delete_invalid(self):
"""Users can not delete users."""
user = UserFactory()
self.client.credentials(HTTP_AUTHORIZATION="Token " +
user.auth_token.key)
response = self.client.delete(
reverse("v1:users-detail", args=[self.user.pk]))
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
self.assertTrue(User.objects.filter(pk=self.user.pk).exists())
