annotate accounts/tests/view_tests.py @ 701:094492e66eb9

Implement rate limiting on user photo uploads.
author Brian Neal <bgneal@gmail.com>
date Sat, 14 Sep 2013 17:23:13 -0500
parents 988782c6ce6c
children
rev   line source
bgneal@565 1 """
bgneal@565 2 View tests for the accounts application.
bgneal@565 3
bgneal@565 4 """
bgneal@565 5 import datetime
bgneal@565 6
bgneal@565 7 from django.test import TestCase
bgneal@565 8 from django.core.urlresolvers import reverse
bgneal@659 9 from django.core import mail
bgneal@576 10 from django.contrib.auth.models import User
bgneal@576 11 from django.contrib.auth.hashers import check_password
bgneal@565 12
bgneal@565 13 from accounts.models import PendingUser
bgneal@565 14 from accounts.models import IllegalUsername
bgneal@565 15 from accounts.models import IllegalEmail
bgneal@565 16
bgneal@565 17
bgneal@565 18 class RegistrationTest(TestCase):
bgneal@565 19
bgneal@565 20 def setUp(self):
bgneal@565 21 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@565 22 u.save()
bgneal@565 23
bgneal@565 24 # a 2nd user has the same email as another
bgneal@565 25 u = User.objects.create_user('existing_user2', 'existing_user@example.com', 'pw')
bgneal@565 26 u.save()
bgneal@565 27
bgneal@565 28 PendingUser.objects.create(username='pending_user',
bgneal@565 29 email='pending_user@example.com',
bgneal@565 30 password='pw',
bgneal@565 31 date_joined=datetime.datetime.now(),
bgneal@565 32 key='key')
bgneal@565 33
bgneal@565 34 IllegalUsername.objects.create(username='illegalusername')
bgneal@565 35 IllegalEmail.objects.create(email='illegal@example.com')
bgneal@565 36
bgneal@565 37 def test_get_view(self):
bgneal@565 38 """
bgneal@565 39 Test a simple get of the registration view
bgneal@565 40
bgneal@565 41 """
bgneal@565 42 response = self.client.get(reverse('accounts-register'))
bgneal@565 43 self.assertEqual(response.status_code, 200)
bgneal@565 44
bgneal@565 45 def test_existing_user(self):
bgneal@565 46 """
bgneal@565 47 Ensure we can't register with an existing username.
bgneal@565 48
bgneal@565 49 """
bgneal@565 50 response = self.client.post(reverse('accounts-register'), {
bgneal@565 51 'username': 'existing_user',
bgneal@565 52 'email': 'test@example.com',
bgneal@565 53 'password1': 'my_password',
bgneal@565 54 'password2': 'my_password',
bgneal@565 55 'agree_age': 'on',
bgneal@565 56 'agree_tos': 'on',
bgneal@565 57 'agree_privacy': 'on',
bgneal@565 58 'question1': '101',
bgneal@565 59 'question2': '',
bgneal@565 60 })
bgneal@565 61
bgneal@565 62 self.assertEqual(response.status_code, 200)
bgneal@565 63 self.assertContains(response, 'A user with that username already exists')
bgneal@565 64
bgneal@565 65 def test_pending_user(self):
bgneal@565 66 """
bgneal@565 67 Ensure we can't register with a pending username.
bgneal@565 68
bgneal@565 69 """
bgneal@565 70 response = self.client.post(reverse('accounts-register'), {
bgneal@565 71 'username': 'pending_user',
bgneal@565 72 'email': 'test@example.com',
bgneal@565 73 'password1': 'my_password',
bgneal@565 74 'password2': 'my_password',
bgneal@565 75 'agree_age': 'on',
bgneal@565 76 'agree_tos': 'on',
bgneal@565 77 'agree_privacy': 'on',
bgneal@565 78 'question1': '101',
bgneal@565 79 'question2': '',
bgneal@565 80 })
bgneal@565 81
bgneal@565 82 self.assertEqual(response.status_code, 200)
bgneal@565 83 self.assertContains(response, 'A pending user with that username already exists')
bgneal@565 84
bgneal@565 85 def test_illegal_username(self):
bgneal@565 86 """
bgneal@565 87 Ensure we can't register with a banned username.
bgneal@565 88
bgneal@565 89 """
bgneal@565 90 response = self.client.post(reverse('accounts-register'), {
bgneal@565 91 'username': 'illegalusername',
bgneal@565 92 'email': 'test@example.com',
bgneal@565 93 'password1': 'my_password',
bgneal@565 94 'password2': 'my_password',
bgneal@565 95 'agree_age': 'on',
bgneal@565 96 'agree_tos': 'on',
bgneal@565 97 'agree_privacy': 'on',
bgneal@565 98 'question1': '101',
bgneal@565 99 'question2': '',
bgneal@565 100 })
bgneal@565 101
bgneal@565 102 self.assertEqual(response.status_code, 200)
bgneal@565 103 self.assertContains(response, 'That username is not allowed')
bgneal@565 104
bgneal@565 105 def test_duplicate_existing_email(self):
bgneal@565 106 """
bgneal@565 107 Ensure we can't register with a duplicate email address.
bgneal@565 108
bgneal@565 109 """
bgneal@565 110 response = self.client.post(reverse('accounts-register'), {
bgneal@565 111 'username': 'a_new_user',
bgneal@565 112 'email': 'existing_user@example.com',
bgneal@565 113 'password1': 'my_password',
bgneal@565 114 'password2': 'my_password',
bgneal@565 115 'agree_age': 'on',
bgneal@565 116 'agree_tos': 'on',
bgneal@565 117 'agree_privacy': 'on',
bgneal@565 118 'question1': '101',
bgneal@565 119 'question2': '',
bgneal@565 120 })
bgneal@565 121
bgneal@565 122 self.assertEqual(response.status_code, 200)
bgneal@565 123 self.assertContains(response, 'A user with that email address already exists')
bgneal@565 124
bgneal@565 125 def test_duplicate_pending_email(self):
bgneal@565 126 """
bgneal@565 127 Ensure we can't register with a duplicate email address.
bgneal@565 128
bgneal@565 129 """
bgneal@565 130 response = self.client.post(reverse('accounts-register'), {
bgneal@565 131 'username': 'a_new_user',
bgneal@565 132 'email': 'pending_user@example.com',
bgneal@565 133 'password1': 'my_password',
bgneal@565 134 'password2': 'my_password',
bgneal@565 135 'agree_age': 'on',
bgneal@565 136 'agree_tos': 'on',
bgneal@565 137 'agree_privacy': 'on',
bgneal@565 138 'question1': '101',
bgneal@565 139 'question2': '',
bgneal@565 140 })
bgneal@565 141
bgneal@565 142 self.assertEqual(response.status_code, 200)
bgneal@565 143 self.assertContains(response, 'A pending user with that email address already exists')
bgneal@565 144
bgneal@565 145 def test_illegal_email(self):
bgneal@565 146 """
bgneal@565 147 Ensure we can't register with a banned email address.
bgneal@565 148
bgneal@565 149 """
bgneal@565 150 response = self.client.post(reverse('accounts-register'), {
bgneal@565 151 'username': 'a_new_user',
bgneal@565 152 'email': 'illegal@example.com',
bgneal@565 153 'password1': 'my_password',
bgneal@565 154 'password2': 'my_password',
bgneal@565 155 'agree_age': 'on',
bgneal@565 156 'agree_tos': 'on',
bgneal@565 157 'agree_privacy': 'on',
bgneal@565 158 'question1': '101',
bgneal@565 159 'question2': '',
bgneal@565 160 })
bgneal@565 161
bgneal@565 162 self.assertEqual(response.status_code, 200)
bgneal@565 163 self.assertContains(response, 'That email address is not allowed')
bgneal@565 164
bgneal@565 165 def test_password_match(self):
bgneal@565 166 """
bgneal@565 167 Ensure the passwords match.
bgneal@565 168
bgneal@565 169 """
bgneal@565 170 response = self.client.post(reverse('accounts-register'), {
bgneal@565 171 'username': 'a_new_user',
bgneal@565 172 'email': 'test@example.com',
bgneal@565 173 'password1': 'my_password',
bgneal@565 174 'password2': 'my_password_doesnt match',
bgneal@565 175 'agree_age': 'on',
bgneal@565 176 'agree_tos': 'on',
bgneal@565 177 'agree_privacy': 'on',
bgneal@565 178 'question1': '101',
bgneal@565 179 'question2': '',
bgneal@565 180 })
bgneal@565 181
bgneal@565 182 self.assertEqual(response.status_code, 200)
bgneal@565 183 self.assertContains(response, "The two password fields didn&#39;t match")
bgneal@565 184
bgneal@565 185 def test_question1(self):
bgneal@565 186 """
bgneal@565 187 Ensure our anti-spam question is answered.
bgneal@565 188
bgneal@565 189 """
bgneal@565 190 response = self.client.post(reverse('accounts-register'), {
bgneal@565 191 'username': 'a_new_user',
bgneal@565 192 'email': 'test@example.com',
bgneal@565 193 'password1': 'my_password',
bgneal@565 194 'password2': 'my_password_doesnt match',
bgneal@565 195 'agree_age': 'on',
bgneal@565 196 'agree_tos': 'on',
bgneal@565 197 'agree_privacy': 'on',
bgneal@565 198 'question1': 'huh',
bgneal@565 199 'question2': '',
bgneal@565 200 })
bgneal@565 201
bgneal@565 202 self.assertEqual(response.status_code, 200)
bgneal@565 203 self.assertContains(response, "Incorrect answer to our anti-spam question")
bgneal@565 204
bgneal@565 205 def test_question2(self):
bgneal@565 206 """
bgneal@565 207 Ensure our honeypot question check works.
bgneal@565 208
bgneal@565 209 """
bgneal@565 210 response = self.client.post(reverse('accounts-register'), {
bgneal@565 211 'username': 'a_new_user',
bgneal@565 212 'email': 'test@example.com',
bgneal@565 213 'password1': 'my_password',
bgneal@565 214 'password2': 'my_password_doesnt match',
bgneal@565 215 'agree_age': 'on',
bgneal@565 216 'agree_tos': 'on',
bgneal@565 217 'agree_privacy': 'on',
bgneal@565 218 'question1': '101',
bgneal@565 219 'question2': 'non blank',
bgneal@565 220 })
bgneal@565 221
bgneal@690 222 self.assertEqual(response.status_code, 200)
bgneal@565 223
bgneal@565 224 def test_success(self):
bgneal@565 225 """
bgneal@565 226 Ensure we can successfully register.
bgneal@565 227
bgneal@565 228 """
bgneal@565 229 response = self.client.post(reverse('accounts-register'), {
bgneal@565 230 'username': 'a_new_user',
bgneal@565 231 'email': 'test@example.com',
bgneal@565 232 'password1': 'my_password',
bgneal@565 233 'password2': 'my_password',
bgneal@565 234 'agree_age': 'on',
bgneal@565 235 'agree_tos': 'on',
bgneal@565 236 'agree_privacy': 'on',
bgneal@565 237 'question1': '101',
bgneal@565 238 'question2': '',
bgneal@565 239 })
bgneal@565 240
bgneal@565 241 self.assertEqual(response.status_code, 302)
bgneal@565 242
bgneal@565 243 try:
bgneal@565 244 pending = PendingUser.objects.get(username='a_new_user')
bgneal@565 245 except PendingUser.DoesNotExist:
bgneal@565 246 self.fail("PendingUser was not created")
bgneal@565 247
bgneal@565 248 self.assertEqual(pending.email, 'test@example.com')
bgneal@565 249 self.assertTrue(datetime.datetime.now() - pending.date_joined <
bgneal@565 250 datetime.timedelta(minutes=1))
bgneal@565 251 self.assertTrue(check_password('my_password', pending.password))
bgneal@659 252
bgneal@659 253
bgneal@659 254 class ForgotUsernameTest(TestCase):
bgneal@659 255
bgneal@659 256 def setUp(self):
bgneal@659 257 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@659 258 u.save()
bgneal@659 259
bgneal@659 260 def test_get_query_view(self):
bgneal@659 261 """Test a simple get of the username query view"""
bgneal@659 262 response = self.client.get(reverse('accounts-username_query'))
bgneal@659 263 self.assertEqual(response.status_code, 200)
bgneal@659 264
bgneal@659 265 def test_get_username_sent_view(self):
bgneal@659 266 """Test a simple get of the username sent view"""
bgneal@659 267 response = self.client.get(reverse('accounts-username_sent'))
bgneal@659 268 self.assertEqual(response.status_code, 200)
bgneal@659 269
bgneal@659 270 def test_invalid_email(self):
bgneal@659 271 """Test form submittal of unknown email address."""
bgneal@659 272 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 273 'email': 'bad_address@example.com',
bgneal@659 274 },
bgneal@659 275 follow=True)
bgneal@659 276
bgneal@659 277 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 278
bgneal@659 279 self.assertEqual(len(mail.outbox), 0)
bgneal@659 280
bgneal@659 281 def test_valid_email(self):
bgneal@659 282 """Test form submittal of valid email address."""
bgneal@659 283 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 284 'email': 'existing_user@example.com',
bgneal@659 285 },
bgneal@659 286 follow=True)
bgneal@659 287
bgneal@659 288 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 289
bgneal@659 290 self.assertEqual(len(mail.outbox), 1)
bgneal@659 291 if len(mail.outbox):
bgneal@659 292 self.assertTrue(mail.outbox[0].subject.startswith('Forgotten username'))