Mercurial > public > sg101

annotate accounts/tests/test_views.py @ 861:e4f8d87c3d30

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Configure Markdown logger to reduce noise in logs. Markdown is logging at the INFO level whenever it loads an extension. This looks like it has been fixed in master at GitHub. But until then we will explicitly configure the MARKDOWN logger to log at WARNING or higher.
author Brian Neal <bgneal@gmail.com>
date Mon, 01 Dec 2014 18:36:27 -0600
parents 9133b4626a4b
children be233ba7ca31
rev   line source
bgneal@565 1 """
bgneal@565 2 View tests for the accounts application.
bgneal@565 3
bgneal@565 4 """
bgneal@565 5 import datetime
bgneal@762 6 import re
bgneal@565 7
bgneal@565 8 from django.test import TestCase
bgneal@565 9 from django.core.urlresolvers import reverse
bgneal@659 10 from django.core import mail
bgneal@576 11 from django.contrib.auth.models import User
bgneal@576 12 from django.contrib.auth.hashers import check_password
bgneal@565 13
bgneal@565 14 from accounts.models import PendingUser
bgneal@565 15 from accounts.models import IllegalUsername
bgneal@565 16 from accounts.models import IllegalEmail
bgneal@565 17
bgneal@565 18
bgneal@565 19 class RegistrationTest(TestCase):
bgneal@565 20
bgneal@565 21 def setUp(self):
bgneal@565 22 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@565 23 u.save()
bgneal@565 24
bgneal@565 25 # a 2nd user has the same email as another
bgneal@565 26 u = User.objects.create_user('existing_user2', 'existing_user@example.com', 'pw')
bgneal@565 27 u.save()
bgneal@565 28
bgneal@565 29 PendingUser.objects.create(username='pending_user',
bgneal@565 30 email='pending_user@example.com',
bgneal@565 31 password='pw',
bgneal@565 32 date_joined=datetime.datetime.now(),
bgneal@565 33 key='key')
bgneal@565 34
bgneal@565 35 IllegalUsername.objects.create(username='illegalusername')
bgneal@565 36 IllegalEmail.objects.create(email='illegal@example.com')
bgneal@565 37
bgneal@782 38 self.post_vals = {
bgneal@782 39 'username': 'a_new_user',
bgneal@782 40 'email': 'test@example.com',
bgneal@782 41 'password1': 'my_password',
bgneal@782 42 'password2': 'my_password',
bgneal@782 43 'agree_age': 'on',
bgneal@782 44 'agree_tos': 'on',
bgneal@782 45 'agree_privacy': 'on',
bgneal@782 46 'question1': '101',
bgneal@782 47 'question2': '',
bgneal@782 48 'question3': '',
bgneal@782 49 'question4': u'2',
bgneal@782 50 'question5': u'328',
bgneal@782 51 'question6': u'4',
bgneal@782 52 'question7': [u'2', u'4', u'5', u'7'],
bgneal@782 53 }
bgneal@782 54
bgneal@565 55 def test_get_view(self):
bgneal@565 56 """
bgneal@565 57 Test a simple get of the registration view
bgneal@565 58
bgneal@565 59 """
bgneal@565 60 response = self.client.get(reverse('accounts-register'))
bgneal@565 61 self.assertEqual(response.status_code, 200)
bgneal@565 62
bgneal@565 63 def test_existing_user(self):
bgneal@565 64 """
bgneal@565 65 Ensure we can't register with an existing username.
bgneal@565 66
bgneal@565 67 """
bgneal@565 68 response = self.client.post(reverse('accounts-register'), {
bgneal@565 69 'username': 'existing_user',
bgneal@565 70 'email': 'test@example.com',
bgneal@565 71 'password1': 'my_password',
bgneal@565 72 'password2': 'my_password',
bgneal@565 73 'agree_age': 'on',
bgneal@565 74 'agree_tos': 'on',
bgneal@565 75 'agree_privacy': 'on',
bgneal@565 76 'question1': '101',
bgneal@565 77 'question2': '',
bgneal@565 78 })
bgneal@565 79
bgneal@565 80 self.assertEqual(response.status_code, 200)
bgneal@565 81 self.assertContains(response, 'A user with that username already exists')
bgneal@565 82
bgneal@565 83 def test_pending_user(self):
bgneal@565 84 """
bgneal@565 85 Ensure we can't register with a pending username.
bgneal@565 86
bgneal@565 87 """
bgneal@782 88 self.post_vals['username'] = 'pending_user'
bgneal@782 89 response = self.client.post(reverse('accounts-register'),
bgneal@782 90 self.post_vals)
bgneal@565 91 self.assertEqual(response.status_code, 200)
bgneal@565 92 self.assertContains(response, 'A pending user with that username already exists')
bgneal@565 93
bgneal@565 94 def test_illegal_username(self):
bgneal@565 95 """
bgneal@565 96 Ensure we can't register with a banned username.
bgneal@565 97
bgneal@565 98 """
bgneal@782 99 self.post_vals['username'] = 'illegalusername'
bgneal@782 100 response = self.client.post(reverse('accounts-register'),
bgneal@782 101 self.post_vals)
bgneal@565 102 self.assertEqual(response.status_code, 200)
bgneal@565 103 self.assertContains(response, 'That username is not allowed')
bgneal@565 104
bgneal@565 105 def test_duplicate_existing_email(self):
bgneal@565 106 """
bgneal@565 107 Ensure we can't register with a duplicate email address.
bgneal@565 108
bgneal@565 109 """
bgneal@782 110 self.post_vals['email'] = 'existing_user@example.com'
bgneal@782 111 response = self.client.post(reverse('accounts-register'),
bgneal@782 112 self.post_vals)
bgneal@565 113 self.assertEqual(response.status_code, 200)
bgneal@565 114 self.assertContains(response, 'A user with that email address already exists')
bgneal@565 115
bgneal@565 116 def test_duplicate_pending_email(self):
bgneal@565 117 """
bgneal@565 118 Ensure we can't register with a duplicate email address.
bgneal@565 119
bgneal@565 120 """
bgneal@782 121 self.post_vals['email'] = 'pending_user@example.com'
bgneal@782 122 response = self.client.post(reverse('accounts-register'),
bgneal@782 123 self.post_vals)
bgneal@565 124 self.assertEqual(response.status_code, 200)
bgneal@565 125 self.assertContains(response, 'A pending user with that email address already exists')
bgneal@565 126
bgneal@565 127 def test_illegal_email(self):
bgneal@565 128 """
bgneal@565 129 Ensure we can't register with a banned email address.
bgneal@565 130
bgneal@565 131 """
bgneal@782 132 self.post_vals['email'] = 'illegal@example.com'
bgneal@782 133 response = self.client.post(reverse('accounts-register'),
bgneal@782 134 self.post_vals)
bgneal@565 135 self.assertEqual(response.status_code, 200)
bgneal@565 136 self.assertContains(response, 'That email address is not allowed')
bgneal@565 137
bgneal@565 138 def test_password_match(self):
bgneal@565 139 """
bgneal@565 140 Ensure the passwords match.
bgneal@565 141
bgneal@565 142 """
bgneal@782 143 self.post_vals['password2'] = "doesn't match"
bgneal@782 144 response = self.client.post(reverse('accounts-register'),
bgneal@782 145 self.post_vals)
bgneal@565 146 self.assertEqual(response.status_code, 200)
bgneal@565 147 self.assertContains(response, "The two password fields didn&#39;t match")
bgneal@565 148
bgneal@565 149 def test_question1(self):
bgneal@565 150 """
bgneal@565 151 Ensure our anti-spam question is answered.
bgneal@565 152
bgneal@565 153 """
bgneal@782 154 self.post_vals['question1'] = 'huh'
bgneal@782 155 response = self.client.post(reverse('accounts-register'),
bgneal@782 156 self.post_vals)
bgneal@565 157 self.assertEqual(response.status_code, 200)
bgneal@565 158 self.assertContains(response, "Incorrect answer to our anti-spam question")
bgneal@565 159
bgneal@565 160 def test_question2(self):
bgneal@565 161 """
bgneal@565 162 Ensure our honeypot question check works.
bgneal@565 163
bgneal@565 164 """
bgneal@782 165 self.post_vals['question2'] = 'non blank'
bgneal@782 166 response = self.client.post(reverse('accounts-register'),
bgneal@782 167 self.post_vals)
bgneal@782 168 self.assertEqual(response.status_code, 200)
bgneal@565 169
bgneal@782 170 def test_question3(self):
bgneal@782 171 """
bgneal@782 172 Ensure our non-hidden honeypot question check works.
bgneal@782 173
bgneal@782 174 """
bgneal@782 175 self.post_vals['question3'] = 'non blank'
bgneal@782 176 response = self.client.post(reverse('accounts-register'),
bgneal@782 177 self.post_vals)
bgneal@782 178 self.assertEqual(response.status_code, 200)
bgneal@782 179
bgneal@782 180 def test_question4(self):
bgneal@782 181 """
bgneal@782 182 Ensure our security question 4 works
bgneal@782 183
bgneal@782 184 """
bgneal@782 185 self.post_vals['question4'] = u'1'
bgneal@782 186 response = self.client.post(reverse('accounts-register'),
bgneal@782 187 self.post_vals)
bgneal@782 188 self.assertEqual(response.status_code, 200)
bgneal@782 189
bgneal@782 190 self.post_vals['question4'] = u'4'
bgneal@782 191 response = self.client.post(reverse('accounts-register'),
bgneal@782 192 self.post_vals)
bgneal@782 193 self.assertEqual(response.status_code, 200)
bgneal@782 194
bgneal@782 195 self.post_vals['question4'] = u'8'
bgneal@782 196 response = self.client.post(reverse('accounts-register'),
bgneal@782 197 self.post_vals)
bgneal@782 198 self.assertEqual(response.status_code, 200)
bgneal@782 199
bgneal@782 200 def test_question5(self):
bgneal@782 201 """
bgneal@782 202 Ensure our security question 5 works
bgneal@782 203
bgneal@782 204 """
bgneal@782 205 self.post_vals['question5'] = u'1'
bgneal@782 206 response = self.client.post(reverse('accounts-register'),
bgneal@782 207 self.post_vals)
bgneal@782 208 self.assertEqual(response.status_code, 200)
bgneal@782 209
bgneal@782 210 self.post_vals['question5'] = u'X'
bgneal@782 211 response = self.client.post(reverse('accounts-register'),
bgneal@782 212 self.post_vals)
bgneal@782 213 self.assertEqual(response.status_code, 200)
bgneal@782 214
bgneal@782 215 self.post_vals['question5'] = u'2983'
bgneal@782 216 response = self.client.post(reverse('accounts-register'),
bgneal@782 217 self.post_vals)
bgneal@782 218 self.assertEqual(response.status_code, 200)
bgneal@782 219
bgneal@782 220 def test_question6(self):
bgneal@782 221 """
bgneal@782 222 Ensure our security question 6 works
bgneal@782 223
bgneal@782 224 """
bgneal@782 225 self.post_vals['question6'] = u'1'
bgneal@782 226 response = self.client.post(reverse('accounts-register'),
bgneal@782 227 self.post_vals)
bgneal@782 228 self.assertEqual(response.status_code, 200)
bgneal@782 229
bgneal@782 230 self.post_vals['question6'] = u'2'
bgneal@782 231 response = self.client.post(reverse('accounts-register'),
bgneal@782 232 self.post_vals)
bgneal@782 233 self.assertEqual(response.status_code, 200)
bgneal@782 234
bgneal@782 235 self.post_vals['question6'] = u'8'
bgneal@782 236 response = self.client.post(reverse('accounts-register'),
bgneal@782 237 self.post_vals)
bgneal@782 238 self.assertEqual(response.status_code, 200)
bgneal@782 239
bgneal@782 240 def test_question7(self):
bgneal@782 241 """Test security question 7"""
bgneal@782 242
bgneal@782 243 self.post_vals['question7'] = []
bgneal@782 244 response = self.client.post(reverse('accounts-register'),
bgneal@782 245 self.post_vals)
bgneal@782 246 self.assertEqual(response.status_code, 200)
bgneal@782 247
bgneal@782 248 self.post_vals['question7'] = [u'1']
bgneal@782 249 response = self.client.post(reverse('accounts-register'),
bgneal@782 250 self.post_vals)
bgneal@782 251 self.assertEqual(response.status_code, 200)
bgneal@782 252
bgneal@782 253 self.post_vals['question7'] = [u'6', u'2', u'4', u'5', u'7']
bgneal@782 254 response = self.client.post(reverse('accounts-register'),
bgneal@782 255 self.post_vals)
bgneal@782 256 self.assertEqual(response.status_code, 200)
bgneal@782 257
bgneal@782 258 self.post_vals['question7'] = [u'4', u'3', u'7']
bgneal@782 259 response = self.client.post(reverse('accounts-register'),
bgneal@782 260 self.post_vals)
bgneal@690 261 self.assertEqual(response.status_code, 200)
bgneal@565 262
bgneal@565 263 def test_success(self):
bgneal@565 264 """
bgneal@565 265 Ensure we can successfully register.
bgneal@565 266
bgneal@565 267 """
bgneal@782 268 response = self.client.post(reverse('accounts-register'),
bgneal@782 269 self.post_vals)
bgneal@565 270 self.assertEqual(response.status_code, 302)
bgneal@565 271
bgneal@565 272 try:
bgneal@565 273 pending = PendingUser.objects.get(username='a_new_user')
bgneal@565 274 except PendingUser.DoesNotExist:
bgneal@565 275 self.fail("PendingUser was not created")
bgneal@565 276
bgneal@565 277 self.assertEqual(pending.email, 'test@example.com')
bgneal@565 278 self.assertTrue(datetime.datetime.now() - pending.date_joined <
bgneal@565 279 datetime.timedelta(minutes=1))
bgneal@565 280 self.assertTrue(check_password('my_password', pending.password))
bgneal@659 281
bgneal@659 282
bgneal@659 283 class ForgotUsernameTest(TestCase):
bgneal@659 284
bgneal@659 285 def setUp(self):
bgneal@659 286 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
bgneal@659 287 u.save()
bgneal@659 288
bgneal@659 289 def test_get_query_view(self):
bgneal@659 290 """Test a simple get of the username query view"""
bgneal@659 291 response = self.client.get(reverse('accounts-username_query'))
bgneal@659 292 self.assertEqual(response.status_code, 200)
bgneal@659 293
bgneal@659 294 def test_get_username_sent_view(self):
bgneal@659 295 """Test a simple get of the username sent view"""
bgneal@659 296 response = self.client.get(reverse('accounts-username_sent'))
bgneal@659 297 self.assertEqual(response.status_code, 200)
bgneal@659 298
bgneal@659 299 def test_invalid_email(self):
bgneal@659 300 """Test form submittal of unknown email address."""
bgneal@659 301 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 302 'email': 'bad_address@example.com',
bgneal@659 303 },
bgneal@659 304 follow=True)
bgneal@659 305
bgneal@659 306 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 307
bgneal@659 308 self.assertEqual(len(mail.outbox), 0)
bgneal@659 309
bgneal@659 310 def test_valid_email(self):
bgneal@659 311 """Test form submittal of valid email address."""
bgneal@659 312 response = self.client.post(reverse('accounts-username_query'), {
bgneal@659 313 'email': 'existing_user@example.com',
bgneal@659 314 },
bgneal@659 315 follow=True)
bgneal@659 316
bgneal@659 317 self.assertRedirects(response, reverse('accounts-username_sent'))
bgneal@659 318
bgneal@659 319 self.assertEqual(len(mail.outbox), 1)
bgneal@659 320 if len(mail.outbox):
bgneal@659 321 self.assertTrue(mail.outbox[0].subject.startswith('Forgotten username'))
bgneal@762 322
bgneal@762 323
bgneal@762 324 class ForgotEmailTest(TestCase):
bgneal@762 325 """Because we use a custom URL its important to test this. This got broken
bgneal@762 326 in Django 1.6 when the URL pattern changed.
bgneal@762 327
bgneal@762 328 """
bgneal@762 329
bgneal@762 330 def setUp(self):
bgneal@762 331 u = User.objects.create_user('user1', 'user1@example.com', 'pw')
bgneal@762 332 u.save()
bgneal@762 333
bgneal@762 334 def test_nominal_case(self):
bgneal@762 335 """Test a full forgot password scenario."""
bgneal@762 336
bgneal@762 337 # GET password reset page
bgneal@762 338 response = self.client.get(reverse('accounts-password_reset'))
bgneal@762 339 self.assertEqual(response.status_code, 200)
bgneal@762 340
bgneal@762 341 # POST email address
bgneal@762 342 args = {'email': 'user1@example.com'}
bgneal@762 343 response = self.client.post(reverse('accounts-password_reset'), args,
bgneal@762 344 follow=True)
bgneal@762 345 self.assertRedirects(response, reverse('accounts-password_reset_sent'))
bgneal@762 346
bgneal@762 347 # Ensure the email was sent
bgneal@762 348 self.assertEqual(len(mail.outbox), 1)
bgneal@762 349 if (len(mail.outbox)):
bgneal@762 350 msg = mail.outbox[0]
bgneal@762 351 self.assertTrue(msg.subject.startswith('Password reset'))
bgneal@762 352 self.assertTrue(len(msg.to) == 1 and msg.to[0] == 'user1@example.com')
bgneal@762 353 msg_text = msg.message().as_string()
bgneal@762 354 m = re.search(r'http://example.com/accounts/password/reset/confirm/'
bgneal@762 355 r'(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9a-z]+-\w+)/',
bgneal@762 356 msg_text)
bgneal@762 357 self.assertTrue(m is not None)
bgneal@762 358 if m:
bgneal@762 359 uidb64, token = m.group('uidb64'), m.group('token')
bgneal@762 360
bgneal@762 361 # visit the password reset page
bgneal@762 362 response = self.client.get(
bgneal@762 363 reverse('accounts-password_reset_confirm',
bgneal@762 364 kwargs={'uidb64': uidb64, 'token': token}))
bgneal@762 365 self.assertEqual(response.status_code, 200)
bgneal@762 366
bgneal@762 367 # POST new password
bgneal@762 368 args = {'new_password1': 'pw2', 'new_password2': 'pw2'}
bgneal@762 369 response = self.client.post(
bgneal@762 370 reverse('accounts-password_reset_confirm',
bgneal@762 371 kwargs={'uidb64': uidb64, 'token': token}),
bgneal@762 372 args, follow=True)
bgneal@762 373 self.assertRedirects(response,
bgneal@762 374 reverse('accounts-password_reset_success'))
bgneal@762 375 self.assertEqual(response.status_code, 200)
bgneal@762 376
bgneal@762 377 # Check new password
bgneal@762 378 u = User.objects.get(username='user1')
bgneal@762 379 self.assertTrue(check_password('pw2', u.password))