|
bgneal@565
|
1 """
|
|
bgneal@565
|
2 View tests for the accounts application.
|
|
bgneal@565
|
3
|
|
bgneal@565
|
4 """
|
|
bgneal@565
|
5 import datetime
|
|
bgneal@762
|
6 import re
|
|
bgneal@565
|
7
|
|
bgneal@565
|
8 from django.test import TestCase
|
|
bgneal@565
|
9 from django.core.urlresolvers import reverse
|
|
bgneal@659
|
10 from django.core import mail
|
|
bgneal@576
|
11 from django.contrib.auth.models import User
|
|
bgneal@576
|
12 from django.contrib.auth.hashers import check_password
|
|
bgneal@565
|
13
|
|
bgneal@565
|
14 from accounts.models import PendingUser
|
|
bgneal@565
|
15 from accounts.models import IllegalUsername
|
|
bgneal@565
|
16 from accounts.models import IllegalEmail
|
|
bgneal@565
|
17
|
|
bgneal@565
|
18
|
|
bgneal@565
|
19 class RegistrationTest(TestCase):
|
|
bgneal@565
|
20
|
|
bgneal@565
|
21 def setUp(self):
|
|
bgneal@565
|
22 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
|
|
bgneal@565
|
23 u.save()
|
|
bgneal@565
|
24
|
|
bgneal@565
|
25 # a 2nd user has the same email as another
|
|
bgneal@565
|
26 u = User.objects.create_user('existing_user2', 'existing_user@example.com', 'pw')
|
|
bgneal@565
|
27 u.save()
|
|
bgneal@565
|
28
|
|
bgneal@565
|
29 PendingUser.objects.create(username='pending_user',
|
|
bgneal@565
|
30 email='pending_user@example.com',
|
|
bgneal@565
|
31 password='pw',
|
|
bgneal@565
|
32 date_joined=datetime.datetime.now(),
|
|
bgneal@565
|
33 key='key')
|
|
bgneal@565
|
34
|
|
bgneal@565
|
35 IllegalUsername.objects.create(username='illegalusername')
|
|
bgneal@565
|
36 IllegalEmail.objects.create(email='illegal@example.com')
|
|
bgneal@565
|
37
|
|
bgneal@782
|
38 self.post_vals = {
|
|
bgneal@782
|
39 'username': 'a_new_user',
|
|
bgneal@782
|
40 'email': 'test@example.com',
|
|
bgneal@782
|
41 'password1': 'my_password',
|
|
bgneal@782
|
42 'password2': 'my_password',
|
|
bgneal@782
|
43 'agree_age': 'on',
|
|
bgneal@782
|
44 'agree_tos': 'on',
|
|
bgneal@782
|
45 'agree_privacy': 'on',
|
|
bgneal@782
|
46 'question1': '101',
|
|
bgneal@782
|
47 'question2': '',
|
|
bgneal@782
|
48 'question3': '',
|
|
bgneal@782
|
49 'question4': u'2',
|
|
bgneal@782
|
50 'question5': u'328',
|
|
bgneal@782
|
51 'question6': u'4',
|
|
bgneal@782
|
52 'question7': [u'2', u'4', u'5', u'7'],
|
|
bgneal@782
|
53 }
|
|
bgneal@782
|
54
|
|
bgneal@565
|
55 def test_get_view(self):
|
|
bgneal@565
|
56 """
|
|
bgneal@565
|
57 Test a simple get of the registration view
|
|
bgneal@565
|
58
|
|
bgneal@565
|
59 """
|
|
bgneal@565
|
60 response = self.client.get(reverse('accounts-register'))
|
|
bgneal@565
|
61 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
62
|
|
bgneal@565
|
63 def test_existing_user(self):
|
|
bgneal@565
|
64 """
|
|
bgneal@565
|
65 Ensure we can't register with an existing username.
|
|
bgneal@565
|
66
|
|
bgneal@565
|
67 """
|
|
bgneal@565
|
68 response = self.client.post(reverse('accounts-register'), {
|
|
bgneal@565
|
69 'username': 'existing_user',
|
|
bgneal@565
|
70 'email': 'test@example.com',
|
|
bgneal@565
|
71 'password1': 'my_password',
|
|
bgneal@565
|
72 'password2': 'my_password',
|
|
bgneal@565
|
73 'agree_age': 'on',
|
|
bgneal@565
|
74 'agree_tos': 'on',
|
|
bgneal@565
|
75 'agree_privacy': 'on',
|
|
bgneal@565
|
76 'question1': '101',
|
|
bgneal@565
|
77 'question2': '',
|
|
bgneal@565
|
78 })
|
|
bgneal@565
|
79
|
|
bgneal@565
|
80 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
81 self.assertContains(response, 'A user with that username already exists')
|
|
bgneal@565
|
82
|
|
bgneal@565
|
83 def test_pending_user(self):
|
|
bgneal@565
|
84 """
|
|
bgneal@565
|
85 Ensure we can't register with a pending username.
|
|
bgneal@565
|
86
|
|
bgneal@565
|
87 """
|
|
bgneal@782
|
88 self.post_vals['username'] = 'pending_user'
|
|
bgneal@782
|
89 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
90 self.post_vals)
|
|
bgneal@565
|
91 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
92 self.assertContains(response, 'A pending user with that username already exists')
|
|
bgneal@565
|
93
|
|
bgneal@565
|
94 def test_illegal_username(self):
|
|
bgneal@565
|
95 """
|
|
bgneal@565
|
96 Ensure we can't register with a banned username.
|
|
bgneal@565
|
97
|
|
bgneal@565
|
98 """
|
|
bgneal@782
|
99 self.post_vals['username'] = 'illegalusername'
|
|
bgneal@782
|
100 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
101 self.post_vals)
|
|
bgneal@565
|
102 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
103 self.assertContains(response, 'That username is not allowed')
|
|
bgneal@565
|
104
|
|
bgneal@565
|
105 def test_duplicate_existing_email(self):
|
|
bgneal@565
|
106 """
|
|
bgneal@565
|
107 Ensure we can't register with a duplicate email address.
|
|
bgneal@565
|
108
|
|
bgneal@565
|
109 """
|
|
bgneal@782
|
110 self.post_vals['email'] = 'existing_user@example.com'
|
|
bgneal@782
|
111 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
112 self.post_vals)
|
|
bgneal@565
|
113 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
114 self.assertContains(response, 'A user with that email address already exists')
|
|
bgneal@565
|
115
|
|
bgneal@565
|
116 def test_duplicate_pending_email(self):
|
|
bgneal@565
|
117 """
|
|
bgneal@565
|
118 Ensure we can't register with a duplicate email address.
|
|
bgneal@565
|
119
|
|
bgneal@565
|
120 """
|
|
bgneal@782
|
121 self.post_vals['email'] = 'pending_user@example.com'
|
|
bgneal@782
|
122 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
123 self.post_vals)
|
|
bgneal@565
|
124 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
125 self.assertContains(response, 'A pending user with that email address already exists')
|
|
bgneal@565
|
126
|
|
bgneal@565
|
127 def test_illegal_email(self):
|
|
bgneal@565
|
128 """
|
|
bgneal@565
|
129 Ensure we can't register with a banned email address.
|
|
bgneal@565
|
130
|
|
bgneal@565
|
131 """
|
|
bgneal@782
|
132 self.post_vals['email'] = 'illegal@example.com'
|
|
bgneal@782
|
133 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
134 self.post_vals)
|
|
bgneal@565
|
135 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
136 self.assertContains(response, 'That email address is not allowed')
|
|
bgneal@565
|
137
|
|
bgneal@565
|
138 def test_password_match(self):
|
|
bgneal@565
|
139 """
|
|
bgneal@565
|
140 Ensure the passwords match.
|
|
bgneal@565
|
141
|
|
bgneal@565
|
142 """
|
|
bgneal@782
|
143 self.post_vals['password2'] = "doesn't match"
|
|
bgneal@782
|
144 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
145 self.post_vals)
|
|
bgneal@565
|
146 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
147 self.assertContains(response, "The two password fields didn't match")
|
|
bgneal@565
|
148
|
|
bgneal@565
|
149 def test_question1(self):
|
|
bgneal@565
|
150 """
|
|
bgneal@565
|
151 Ensure our anti-spam question is answered.
|
|
bgneal@565
|
152
|
|
bgneal@565
|
153 """
|
|
bgneal@782
|
154 self.post_vals['question1'] = 'huh'
|
|
bgneal@782
|
155 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
156 self.post_vals)
|
|
bgneal@565
|
157 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
158 self.assertContains(response, "Incorrect answer to our anti-spam question")
|
|
bgneal@565
|
159
|
|
bgneal@565
|
160 def test_question2(self):
|
|
bgneal@565
|
161 """
|
|
bgneal@565
|
162 Ensure our honeypot question check works.
|
|
bgneal@565
|
163
|
|
bgneal@565
|
164 """
|
|
bgneal@782
|
165 self.post_vals['question2'] = 'non blank'
|
|
bgneal@782
|
166 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
167 self.post_vals)
|
|
bgneal@782
|
168 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
169
|
|
bgneal@782
|
170 def test_question3(self):
|
|
bgneal@782
|
171 """
|
|
bgneal@782
|
172 Ensure our non-hidden honeypot question check works.
|
|
bgneal@782
|
173
|
|
bgneal@782
|
174 """
|
|
bgneal@782
|
175 self.post_vals['question3'] = 'non blank'
|
|
bgneal@782
|
176 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
177 self.post_vals)
|
|
bgneal@782
|
178 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
179
|
|
bgneal@782
|
180 def test_question4(self):
|
|
bgneal@782
|
181 """
|
|
bgneal@782
|
182 Ensure our security question 4 works
|
|
bgneal@782
|
183
|
|
bgneal@782
|
184 """
|
|
bgneal@782
|
185 self.post_vals['question4'] = u'1'
|
|
bgneal@782
|
186 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
187 self.post_vals)
|
|
bgneal@782
|
188 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
189
|
|
bgneal@782
|
190 self.post_vals['question4'] = u'4'
|
|
bgneal@782
|
191 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
192 self.post_vals)
|
|
bgneal@782
|
193 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
194
|
|
bgneal@782
|
195 self.post_vals['question4'] = u'8'
|
|
bgneal@782
|
196 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
197 self.post_vals)
|
|
bgneal@782
|
198 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
199
|
|
bgneal@782
|
200 def test_question5(self):
|
|
bgneal@782
|
201 """
|
|
bgneal@782
|
202 Ensure our security question 5 works
|
|
bgneal@782
|
203
|
|
bgneal@782
|
204 """
|
|
bgneal@782
|
205 self.post_vals['question5'] = u'1'
|
|
bgneal@782
|
206 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
207 self.post_vals)
|
|
bgneal@782
|
208 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
209
|
|
bgneal@782
|
210 self.post_vals['question5'] = u'X'
|
|
bgneal@782
|
211 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
212 self.post_vals)
|
|
bgneal@782
|
213 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
214
|
|
bgneal@782
|
215 self.post_vals['question5'] = u'2983'
|
|
bgneal@782
|
216 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
217 self.post_vals)
|
|
bgneal@782
|
218 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
219
|
|
bgneal@782
|
220 def test_question6(self):
|
|
bgneal@782
|
221 """
|
|
bgneal@782
|
222 Ensure our security question 6 works
|
|
bgneal@782
|
223
|
|
bgneal@782
|
224 """
|
|
bgneal@782
|
225 self.post_vals['question6'] = u'1'
|
|
bgneal@782
|
226 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
227 self.post_vals)
|
|
bgneal@782
|
228 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
229
|
|
bgneal@782
|
230 self.post_vals['question6'] = u'2'
|
|
bgneal@782
|
231 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
232 self.post_vals)
|
|
bgneal@782
|
233 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
234
|
|
bgneal@782
|
235 self.post_vals['question6'] = u'8'
|
|
bgneal@782
|
236 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
237 self.post_vals)
|
|
bgneal@782
|
238 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
239
|
|
bgneal@782
|
240 def test_question7(self):
|
|
bgneal@782
|
241 """Test security question 7"""
|
|
bgneal@782
|
242
|
|
bgneal@782
|
243 self.post_vals['question7'] = []
|
|
bgneal@782
|
244 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
245 self.post_vals)
|
|
bgneal@782
|
246 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
247
|
|
bgneal@782
|
248 self.post_vals['question7'] = [u'1']
|
|
bgneal@782
|
249 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
250 self.post_vals)
|
|
bgneal@782
|
251 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
252
|
|
bgneal@782
|
253 self.post_vals['question7'] = [u'6', u'2', u'4', u'5', u'7']
|
|
bgneal@782
|
254 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
255 self.post_vals)
|
|
bgneal@782
|
256 self.assertEqual(response.status_code, 200)
|
|
bgneal@782
|
257
|
|
bgneal@782
|
258 self.post_vals['question7'] = [u'4', u'3', u'7']
|
|
bgneal@782
|
259 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
260 self.post_vals)
|
|
bgneal@690
|
261 self.assertEqual(response.status_code, 200)
|
|
bgneal@565
|
262
|
|
bgneal@565
|
263 def test_success(self):
|
|
bgneal@565
|
264 """
|
|
bgneal@565
|
265 Ensure we can successfully register.
|
|
bgneal@565
|
266
|
|
bgneal@565
|
267 """
|
|
bgneal@782
|
268 response = self.client.post(reverse('accounts-register'),
|
|
bgneal@782
|
269 self.post_vals)
|
|
bgneal@565
|
270 self.assertEqual(response.status_code, 302)
|
|
bgneal@565
|
271
|
|
bgneal@565
|
272 try:
|
|
bgneal@565
|
273 pending = PendingUser.objects.get(username='a_new_user')
|
|
bgneal@565
|
274 except PendingUser.DoesNotExist:
|
|
bgneal@565
|
275 self.fail("PendingUser was not created")
|
|
bgneal@565
|
276
|
|
bgneal@565
|
277 self.assertEqual(pending.email, 'test@example.com')
|
|
bgneal@565
|
278 self.assertTrue(datetime.datetime.now() - pending.date_joined <
|
|
bgneal@565
|
279 datetime.timedelta(minutes=1))
|
|
bgneal@565
|
280 self.assertTrue(check_password('my_password', pending.password))
|
|
bgneal@659
|
281
|
|
bgneal@659
|
282
|
|
bgneal@659
|
283 class ForgotUsernameTest(TestCase):
|
|
bgneal@659
|
284
|
|
bgneal@659
|
285 def setUp(self):
|
|
bgneal@659
|
286 u = User.objects.create_user('existing_user', 'existing_user@example.com', 'pw')
|
|
bgneal@659
|
287 u.save()
|
|
bgneal@659
|
288
|
|
bgneal@659
|
289 def test_get_query_view(self):
|
|
bgneal@659
|
290 """Test a simple get of the username query view"""
|
|
bgneal@659
|
291 response = self.client.get(reverse('accounts-username_query'))
|
|
bgneal@659
|
292 self.assertEqual(response.status_code, 200)
|
|
bgneal@659
|
293
|
|
bgneal@659
|
294 def test_get_username_sent_view(self):
|
|
bgneal@659
|
295 """Test a simple get of the username sent view"""
|
|
bgneal@659
|
296 response = self.client.get(reverse('accounts-username_sent'))
|
|
bgneal@659
|
297 self.assertEqual(response.status_code, 200)
|
|
bgneal@659
|
298
|
|
bgneal@659
|
299 def test_invalid_email(self):
|
|
bgneal@659
|
300 """Test form submittal of unknown email address."""
|
|
bgneal@659
|
301 response = self.client.post(reverse('accounts-username_query'), {
|
|
bgneal@659
|
302 'email': 'bad_address@example.com',
|
|
bgneal@659
|
303 },
|
|
bgneal@659
|
304 follow=True)
|
|
bgneal@659
|
305
|
|
bgneal@659
|
306 self.assertRedirects(response, reverse('accounts-username_sent'))
|
|
bgneal@659
|
307
|
|
bgneal@659
|
308 self.assertEqual(len(mail.outbox), 0)
|
|
bgneal@659
|
309
|
|
bgneal@659
|
310 def test_valid_email(self):
|
|
bgneal@659
|
311 """Test form submittal of valid email address."""
|
|
bgneal@659
|
312 response = self.client.post(reverse('accounts-username_query'), {
|
|
bgneal@659
|
313 'email': 'existing_user@example.com',
|
|
bgneal@659
|
314 },
|
|
bgneal@659
|
315 follow=True)
|
|
bgneal@659
|
316
|
|
bgneal@659
|
317 self.assertRedirects(response, reverse('accounts-username_sent'))
|
|
bgneal@659
|
318
|
|
bgneal@659
|
319 self.assertEqual(len(mail.outbox), 1)
|
|
bgneal@659
|
320 if len(mail.outbox):
|
|
bgneal@659
|
321 self.assertTrue(mail.outbox[0].subject.startswith('Forgotten username'))
|
|
bgneal@762
|
322
|
|
bgneal@762
|
323
|
|
bgneal@762
|
324 class ForgotEmailTest(TestCase):
|
|
bgneal@762
|
325 """Because we use a custom URL its important to test this. This got broken
|
|
bgneal@762
|
326 in Django 1.6 when the URL pattern changed.
|
|
bgneal@762
|
327
|
|
bgneal@762
|
328 """
|
|
bgneal@762
|
329
|
|
bgneal@762
|
330 def setUp(self):
|
|
bgneal@762
|
331 u = User.objects.create_user('user1', 'user1@example.com', 'pw')
|
|
bgneal@762
|
332 u.save()
|
|
bgneal@762
|
333
|
|
bgneal@762
|
334 def test_nominal_case(self):
|
|
bgneal@762
|
335 """Test a full forgot password scenario."""
|
|
bgneal@762
|
336
|
|
bgneal@762
|
337 # GET password reset page
|
|
bgneal@762
|
338 response = self.client.get(reverse('accounts-password_reset'))
|
|
bgneal@762
|
339 self.assertEqual(response.status_code, 200)
|
|
bgneal@762
|
340
|
|
bgneal@762
|
341 # POST email address
|
|
bgneal@762
|
342 args = {'email': 'user1@example.com'}
|
|
bgneal@762
|
343 response = self.client.post(reverse('accounts-password_reset'), args,
|
|
bgneal@762
|
344 follow=True)
|
|
bgneal@762
|
345 self.assertRedirects(response, reverse('accounts-password_reset_sent'))
|
|
bgneal@762
|
346
|
|
bgneal@762
|
347 # Ensure the email was sent
|
|
bgneal@762
|
348 self.assertEqual(len(mail.outbox), 1)
|
|
bgneal@762
|
349 if (len(mail.outbox)):
|
|
bgneal@762
|
350 msg = mail.outbox[0]
|
|
bgneal@762
|
351 self.assertTrue(msg.subject.startswith('Password reset'))
|
|
bgneal@762
|
352 self.assertTrue(len(msg.to) == 1 and msg.to[0] == 'user1@example.com')
|
|
bgneal@762
|
353 msg_text = msg.message().as_string()
|
|
bgneal@762
|
354 m = re.search(r'http://example.com/accounts/password/reset/confirm/'
|
|
bgneal@762
|
355 r'(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9a-z]+-\w+)/',
|
|
bgneal@762
|
356 msg_text)
|
|
bgneal@762
|
357 self.assertTrue(m is not None)
|
|
bgneal@762
|
358 if m:
|
|
bgneal@762
|
359 uidb64, token = m.group('uidb64'), m.group('token')
|
|
bgneal@762
|
360
|
|
bgneal@762
|
361 # visit the password reset page
|
|
bgneal@762
|
362 response = self.client.get(
|
|
bgneal@762
|
363 reverse('accounts-password_reset_confirm',
|
|
bgneal@762
|
364 kwargs={'uidb64': uidb64, 'token': token}))
|
|
bgneal@762
|
365 self.assertEqual(response.status_code, 200)
|
|
bgneal@762
|
366
|
|
bgneal@762
|
367 # POST new password
|
|
bgneal@762
|
368 args = {'new_password1': 'pw2', 'new_password2': 'pw2'}
|
|
bgneal@762
|
369 response = self.client.post(
|
|
bgneal@762
|
370 reverse('accounts-password_reset_confirm',
|
|
bgneal@762
|
371 kwargs={'uidb64': uidb64, 'token': token}),
|
|
bgneal@762
|
372 args, follow=True)
|
|
bgneal@762
|
373 self.assertRedirects(response,
|
|
bgneal@762
|
374 reverse('accounts-password_reset_success'))
|
|
bgneal@762
|
375 self.assertEqual(response.status_code, 200)
|
|
bgneal@762
|
376
|
|
bgneal@762
|
377 # Check new password
|
|
bgneal@762
|
378 u = User.objects.get(username='user1')
|
|
bgneal@762
|
379 self.assertTrue(check_password('pw2', u.password))
|
