annotate accounts/tests/test_views.py @ 762:840f2579ef1c

Added a test for the forgotten password cycle. This was broken when I upgraded to Django 1.6. Ensure we catch it next time.
author Brian Neal <bgneal@gmail.com>
date Sun, 19 Jan 2014 00:19:44 -0600
parents 8789299c75b1
children 9133b4626a4b
rev   line source
bgneal@565 1 """
bgneal@565 2 View tests for the accounts application.
bgneal@565 3
bgneal@565 4 """
bgneal@565 5 import datetime
bgneal@762 6 import re
bgneal@565 7
bgneal@565 8 from django.test import TestCase
bgneal@565 9 from django.core.urlresolvers import reverse
bgneal@659 10 from django.core import mail
bgneal@576 11 from django.contrib.auth.models import User
bgneal@576 12 from django.contrib.auth.hashers import check_password
bgneal@565 13
bgneal@565 14 from accounts.models import PendingUser
bgneal@565 15 from accounts.models import IllegalUsername
bgneal@565 16 from accounts.models import IllegalEmail
bgneal@565 17
bgneal@565 18
bgneal@565 19 class RegistrationTest(TestCase):
bgneal@565 20
bgneal@565 21 def setUp(self):
bgneal@565 22 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@565 23 u.save()
bgneal@565 24
bgneal@565 25 # a 2nd user has the same email as another
bgneal@565 26 u = User.objects.create_user('existing_user2', 'existing_user@example.com', 'pw')
bgneal@565 27 u.save()
bgneal@565 28
bgneal@565 29 PendingUser.objects.create(username='pending_user',
bgneal@565 30 email='pending_user@example.com',
bgneal@565 31 password='pw',
bgneal@565 32 date_joined=datetime.datetime.now(),
bgneal@565 33 key='key')
bgneal@565 34
bgneal@565 35 IllegalUsername.objects.create(username='illegalusername')
bgneal@565 36 IllegalEmail.objects.create(email='illegal@example.com')
bgneal@565 37
bgneal@565 38 def test_get_view(self):
bgneal@565 39 """
bgneal@565 40 Test a simple get of the registration view
bgneal@565 41
bgneal@565 42 """
bgneal@565 43 response = self.client.get(reverse('accounts-register'))
bgneal@565 44 self.assertEqual(response.status_code, 200)
bgneal@565 45
bgneal@565 46 def test_existing_user(self):
bgneal@565 47 """
bgneal@565 48 Ensure we can't register with an existing username.
bgneal@565 49
bgneal@565 50 """
bgneal@565 51 response = self.client.post(reverse('accounts-register'), {
bgneal@565 52 'username': 'existing_user',
bgneal@565 53 'email': 'test@example.com',
bgneal@565 54 'password1': 'my_password',
bgneal@565 55 'password2': 'my_password',
bgneal@565 56 'agree_age': 'on',
bgneal@565 57 'agree_tos': 'on',
bgneal@565 58 'agree_privacy': 'on',
bgneal@565 59 'question1': '101',
bgneal@565 60 'question2': '',
bgneal@565 61 })
bgneal@565 62
bgneal@565 63 self.assertEqual(response.status_code, 200)
bgneal@565 64 self.assertContains(response, 'A user with that username already exists')
bgneal@565 65
bgneal@565 66 def test_pending_user(self):
bgneal@565 67 """
bgneal@565 68 Ensure we can't register with a pending username.
bgneal@565 69
bgneal@565 70 """
bgneal@565 71 response = self.client.post(reverse('accounts-register'), {
bgneal@565 72 'username': 'pending_user',
bgneal@565 73 'email': 'test@example.com',
bgneal@565 74 'password1': 'my_password',
bgneal@565 75 'password2': 'my_password',
bgneal@565 76 'agree_age': 'on',
bgneal@565 77 'agree_tos': 'on',
bgneal@565 78 'agree_privacy': 'on',
bgneal@565 79 'question1': '101',
bgneal@565 80 'question2': '',
bgneal@565 81 })
bgneal@565 82
bgneal@565 83 self.assertEqual(response.status_code, 200)
bgneal@565 84 self.assertContains(response, 'A pending user with that username already exists')
bgneal@565 85
bgneal@565 86 def test_illegal_username(self):
bgneal@565 87 """
bgneal@565 88 Ensure we can't register with a banned username.
bgneal@565 89
bgneal@565 90 """
bgneal@565 91 response = self.client.post(reverse('accounts-register'), {
bgneal@565 92 'username': 'illegalusername',
bgneal@565 93 'email': 'test@example.com',
bgneal@565 94 'password1': 'my_password',
bgneal@565 95 'password2': 'my_password',
bgneal@565 96 'agree_age': 'on',
bgneal@565 97 'agree_tos': 'on',
bgneal@565 98 'agree_privacy': 'on',
bgneal@565 99 'question1': '101',
bgneal@565 100 'question2': '',
bgneal@565 101 })
bgneal@565 102
bgneal@565 103 self.assertEqual(response.status_code, 200)
bgneal@565 104 self.assertContains(response, 'That username is not allowed')
bgneal@565 105
bgneal@565 106 def test_duplicate_existing_email(self):
bgneal@565 107 """
bgneal@565 108 Ensure we can't register with a duplicate email address.
bgneal@565 109
bgneal@565 110 """
bgneal@565 111 response = self.client.post(reverse('accounts-register'), {
bgneal@565 112 'username': 'a_new_user',
bgneal@565 113 'email': 'existing_user@example.com',
bgneal@565 114 'password1': 'my_password',
bgneal@565 115 'password2': 'my_password',
bgneal@565 116 'agree_age': 'on',
bgneal@565 117 'agree_tos': 'on',
bgneal@565 118 'agree_privacy': 'on',
bgneal@565 119 'question1': '101',
bgneal@565 120 'question2': '',
bgneal@565 121 })
bgneal@565 122
bgneal@565 123 self.assertEqual(response.status_code, 200)
bgneal@565 124 self.assertContains(response, 'A user with that email address already exists')
bgneal@565 125
bgneal@565 126 def test_duplicate_pending_email(self):
bgneal@565 127 """
bgneal@565 128 Ensure we can't register with a duplicate email address.
bgneal@565 129
bgneal@565 130 """
bgneal@565 131 response = self.client.post(reverse('accounts-register'), {
bgneal@565 132 'username': 'a_new_user',
bgneal@565 133 'email': 'pending_user@example.com',
bgneal@565 134 'password1': 'my_password',
bgneal@565 135 'password2': 'my_password',
bgneal@565 136 'agree_age': 'on',
bgneal@565 137 'agree_tos': 'on',
bgneal@565 138 'agree_privacy': 'on',
bgneal@565 139 'question1': '101',
bgneal@565 140 'question2': '',
bgneal@565 141 })
bgneal@565 142
bgneal@565 143 self.assertEqual(response.status_code, 200)
bgneal@565 144 self.assertContains(response, 'A pending user with that email address already exists')
bgneal@565 145
bgneal@565 146 def test_illegal_email(self):
bgneal@565 147 """
bgneal@565 148 Ensure we can't register with a banned email address.
bgneal@565 149
bgneal@565 150 """
bgneal@565 151 response = self.client.post(reverse('accounts-register'), {
bgneal@565 152 'username': 'a_new_user',
bgneal@565 153 'email': 'illegal@example.com',
bgneal@565 154 'password1': 'my_password',
bgneal@565 155 'password2': 'my_password',
bgneal@565 156 'agree_age': 'on',
bgneal@565 157 'agree_tos': 'on',
bgneal@565 158 'agree_privacy': 'on',
bgneal@565 159 'question1': '101',
bgneal@565 160 'question2': '',
bgneal@565 161 })
bgneal@565 162
bgneal@565 163 self.assertEqual(response.status_code, 200)
bgneal@565 164 self.assertContains(response, 'That email address is not allowed')
bgneal@565 165
bgneal@565 166 def test_password_match(self):
bgneal@565 167 """
bgneal@565 168 Ensure the passwords match.
bgneal@565 169
bgneal@565 170 """
bgneal@565 171 response = self.client.post(reverse('accounts-register'), {
bgneal@565 172 'username': 'a_new_user',
bgneal@565 173 'email': 'test@example.com',
bgneal@565 174 'password1': 'my_password',
bgneal@565 175 'password2': 'my_password_doesnt match',
bgneal@565 176 'agree_age': 'on',
bgneal@565 177 'agree_tos': 'on',
bgneal@565 178 'agree_privacy': 'on',
bgneal@565 179 'question1': '101',
bgneal@565 180 'question2': '',
bgneal@565 181 })
bgneal@565 182
bgneal@565 183 self.assertEqual(response.status_code, 200)
bgneal@565 184 self.assertContains(response, "The two password fields didn&#39;t match")
bgneal@565 185
bgneal@565 186 def test_question1(self):
bgneal@565 187 """
bgneal@565 188 Ensure our anti-spam question is answered.
bgneal@565 189
bgneal@565 190 """
bgneal@565 191 response = self.client.post(reverse('accounts-register'), {
bgneal@565 192 'username': 'a_new_user',
bgneal@565 193 'email': 'test@example.com',
bgneal@565 194 'password1': 'my_password',
bgneal@565 195 'password2': 'my_password_doesnt match',
bgneal@565 196 'agree_age': 'on',
bgneal@565 197 'agree_tos': 'on',
bgneal@565 198 'agree_privacy': 'on',
bgneal@565 199 'question1': 'huh',
bgneal@565 200 'question2': '',
bgneal@565 201 })
bgneal@565 202
bgneal@565 203 self.assertEqual(response.status_code, 200)
bgneal@565 204 self.assertContains(response, "Incorrect answer to our anti-spam question")
bgneal@565 205
bgneal@565 206 def test_question2(self):
bgneal@565 207 """
bgneal@565 208 Ensure our honeypot question check works.
bgneal@565 209
bgneal@565 210 """
bgneal@565 211 response = self.client.post(reverse('accounts-register'), {
bgneal@565 212 'username': 'a_new_user',
bgneal@565 213 'email': 'test@example.com',
bgneal@565 214 'password1': 'my_password',
bgneal@565 215 'password2': 'my_password_doesnt match',
bgneal@565 216 'agree_age': 'on',
bgneal@565 217 'agree_tos': 'on',
bgneal@565 218 'agree_privacy': 'on',
bgneal@565 219 'question1': '101',
bgneal@565 220 'question2': 'non blank',
bgneal@565 221 })
bgneal@565 222
bgneal@690 223 self.assertEqual(response.status_code, 200)
bgneal@565 224
bgneal@565 225 def test_success(self):
bgneal@565 226 """
bgneal@565 227 Ensure we can successfully register.
bgneal@565 228
bgneal@565 229 """
bgneal@565 230 response = self.client.post(reverse('accounts-register'), {
bgneal@565 231 'username': 'a_new_user',
bgneal@565 232 'email': 'test@example.com',
bgneal@565 233 'password1': 'my_password',
bgneal@565 234 'password2': 'my_password',
bgneal@565 235 'agree_age': 'on',
bgneal@565 236 'agree_tos': 'on',
bgneal@565 237 'agree_privacy': 'on',
bgneal@565 238 'question1': '101',
bgneal@565 239 'question2': '',
bgneal@565 240 })
bgneal@565 241
bgneal@565 242 self.assertEqual(response.status_code, 302)
bgneal@565 243
bgneal@565 244 try:
bgneal@565 245 pending = PendingUser.objects.get(username='a_new_user')
bgneal@565 246 except PendingUser.DoesNotExist:
bgneal@565 247 self.fail("PendingUser was not created")
bgneal@565 248
bgneal@565 249 self.assertEqual(pending.email, 'test@example.com')
bgneal@565 250 self.assertTrue(datetime.datetime.now() - pending.date_joined <
bgneal@565 251 datetime.timedelta(minutes=1))
bgneal@565 252 self.assertTrue(check_password('my_password', pending.password))
bgneal@659 253
bgneal@659 254
bgneal@659 255 class ForgotUsernameTest(TestCase):
bgneal@659 256
bgneal@659 257 def setUp(self):
bgneal@659 258 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@659 259 u.save()
bgneal@659 260
bgneal@659 261 def test_get_query_view(self):
bgneal@659 262 """Test a simple get of the username query view"""
bgneal@659 263 response = self.client.get(reverse('accounts-username_query'))
bgneal@659 264 self.assertEqual(response.status_code, 200)
bgneal@659 265
bgneal@659 266 def test_get_username_sent_view(self):
bgneal@659 267 """Test a simple get of the username sent view"""
bgneal@659 268 response = self.client.get(reverse('accounts-username_sent'))
bgneal@659 269 self.assertEqual(response.status_code, 200)
bgneal@659 270
bgneal@659 271 def test_invalid_email(self):
bgneal@659 272 """Test form submittal of unknown email address."""
bgneal@659 273 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 274 'email': 'bad_address@example.com',
bgneal@659 275 },
bgneal@659 276 follow=True)
bgneal@659 277
bgneal@659 278 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 279
bgneal@659 280 self.assertEqual(len(mail.outbox), 0)
bgneal@659 281
bgneal@659 282 def test_valid_email(self):
bgneal@659 283 """Test form submittal of valid email address."""
bgneal@659 284 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 285 'email': 'existing_user@example.com',
bgneal@659 286 },
bgneal@659 287 follow=True)
bgneal@659 288
bgneal@659 289 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 290
bgneal@659 291 self.assertEqual(len(mail.outbox), 1)
bgneal@659 292 if len(mail.outbox):
bgneal@659 293 self.assertTrue(mail.outbox[0].subject.startswith('Forgotten username'))
bgneal@762 294
bgneal@762 295
bgneal@762 296 class ForgotEmailTest(TestCase):
bgneal@762 297 """Because we use a custom URL its important to test this. This got broken
bgneal@762 298 in Django 1.6 when the URL pattern changed.
bgneal@762 299
bgneal@762 300 """
bgneal@762 301
bgneal@762 302 def setUp(self):
bgneal@762 303 u = User.objects.create_user('user1', 'user1@example.com', 'pw')
bgneal@762 304 u.save()
bgneal@762 305
bgneal@762 306 def test_nominal_case(self):
bgneal@762 307 """Test a full forgot password scenario."""
bgneal@762 308
bgneal@762 309 # GET password reset page
bgneal@762 310 response = self.client.get(reverse('accounts-password_reset'))
bgneal@762 311 self.assertEqual(response.status_code, 200)
bgneal@762 312
bgneal@762 313 # POST email address
bgneal@762 314 args = {'email': 'user1@example.com'}
bgneal@762 315 response = self.client.post(reverse('accounts-password_reset'), args,
bgneal@762 316 follow=True)
bgneal@762 317 self.assertRedirects(response, reverse('accounts-password_reset_sent'))
bgneal@762 318
bgneal@762 319 # Ensure the email was sent
bgneal@762 320 self.assertEqual(len(mail.outbox), 1)
bgneal@762 321 if (len(mail.outbox)):
bgneal@762 322 msg = mail.outbox[0]
bgneal@762 323 self.assertTrue(msg.subject.startswith('Password reset'))
bgneal@762 324 self.assertTrue(len(msg.to) == 1 and msg.to[0] == 'user1@example.com')
bgneal@762 325 msg_text = msg.message().as_string()
bgneal@762 326 m = re.search(r'http://example.com/accounts/password/reset/confirm/'
bgneal@762 327 r'(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9a-z]+-\w+)/',
bgneal@762 328 msg_text)
bgneal@762 329 self.assertTrue(m is not None)
bgneal@762 330 if m:
bgneal@762 331 uidb64, token = m.group('uidb64'), m.group('token')
bgneal@762 332
bgneal@762 333 # visit the password reset page
bgneal@762 334 response = self.client.get(
bgneal@762 335 reverse('accounts-password_reset_confirm',
bgneal@762 336 kwargs={'uidb64': uidb64, 'token': token}))
bgneal@762 337 self.assertEqual(response.status_code, 200)
bgneal@762 338
bgneal@762 339 # POST new password
bgneal@762 340 args = {'new_password1': 'pw2', 'new_password2': 'pw2'}
bgneal@762 341 response = self.client.post(
bgneal@762 342 reverse('accounts-password_reset_confirm',
bgneal@762 343 kwargs={'uidb64': uidb64, 'token': token}),
bgneal@762 344 args, follow=True)
bgneal@762 345 self.assertRedirects(response,
bgneal@762 346 reverse('accounts-password_reset_success'))
bgneal@762 347 self.assertEqual(response.status_code, 200)
bgneal@762 348
bgneal@762 349 # Check new password
bgneal@762 350 u = User.objects.get(username='user1')
bgneal@762 351 self.assertTrue(check_password('pw2', u.password))