Mercurial > public > sg101

comparison accounts/tests/test_views.py @ 782:9133b4626a4b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added additional security questions on the registration page.
author Brian Neal <bgneal@gmail.com>
date Tue, 13 May 2014 19:44:48 -0500
parents 840f2579ef1c
children be233ba7ca31
comparison
equal deleted inserted replaced
781:b6d6c9e37fae 782:9133b4626a4b
32 date_joined=datetime.datetime.now(), 32 date_joined=datetime.datetime.now(),
33 key='key') 33 key='key')
34 34
35 IllegalUsername.objects.create(username='illegalusername') 35 IllegalUsername.objects.create(username='illegalusername')
36 IllegalEmail.objects.create(email='illegal@example.com') 36 IllegalEmail.objects.create(email='illegal@example.com')
37
38 self.post_vals = {
39 'username': 'a_new_user',
40 'email': 'test@example.com',
41 'password1': 'my_password',
42 'password2': 'my_password',
43 'agree_age': 'on',
44 'agree_tos': 'on',
45 'agree_privacy': 'on',
46 'question1': '101',
47 'question2': '',
48 'question3': '',
49 'question4': u'2',
50 'question5': u'328',
51 'question6': u'4',
52 'question7': [u'2', u'4', u'5', u'7'],
53 }
37 54
38 def test_get_view(self): 55 def test_get_view(self):
39 """ 56 """
40 Test a simple get of the registration view 57 Test a simple get of the registration view
41 58
66 def test_pending_user(self): 83 def test_pending_user(self):
67 """ 84 """
68 Ensure we can't register with a pending username. 85 Ensure we can't register with a pending username.
69 86
70 """ 87 """
71 response = self.client.post(reverse('accounts-register'), { 88 self.post_vals['username'] = 'pending_user'
72 'username': 'pending_user', 89 response = self.client.post(reverse('accounts-register'),
73 'email': 'test@example.com', 90 self.post_vals)
74 'password1': 'my_password',
75 'password2': 'my_password',
76 'agree_age': 'on',
77 'agree_tos': 'on',
78 'agree_privacy': 'on',
79 'question1': '101',
80 'question2': '',
81 })
82
83 self.assertEqual(response.status_code, 200) 91 self.assertEqual(response.status_code, 200)
84 self.assertContains(response, 'A pending user with that username already exists') 92 self.assertContains(response, 'A pending user with that username already exists')
85 93
86 def test_illegal_username(self): 94 def test_illegal_username(self):
87 """ 95 """
88 Ensure we can't register with a banned username. 96 Ensure we can't register with a banned username.
89 97
90 """ 98 """
91 response = self.client.post(reverse('accounts-register'), { 99 self.post_vals['username'] = 'illegalusername'
92 'username': 'illegalusername', 100 response = self.client.post(reverse('accounts-register'),
93 'email': 'test@example.com', 101 self.post_vals)
94 'password1': 'my_password',
95 'password2': 'my_password',
96 'agree_age': 'on',
97 'agree_tos': 'on',
98 'agree_privacy': 'on',
99 'question1': '101',
100 'question2': '',
101 })
102
103 self.assertEqual(response.status_code, 200) 102 self.assertEqual(response.status_code, 200)
104 self.assertContains(response, 'That username is not allowed') 103 self.assertContains(response, 'That username is not allowed')
105 104
106 def test_duplicate_existing_email(self): 105 def test_duplicate_existing_email(self):
107 """ 106 """
108 Ensure we can't register with a duplicate email address. 107 Ensure we can't register with a duplicate email address.
109 108
110 """ 109 """
111 response = self.client.post(reverse('accounts-register'), { 110 self.post_vals['email'] = 'existing_user@example.com'
112 'username': 'a_new_user', 111 response = self.client.post(reverse('accounts-register'),
113 'email': 'existing_user@example.com', 112 self.post_vals)
114 'password1': 'my_password',
115 'password2': 'my_password',
116 'agree_age': 'on',
117 'agree_tos': 'on',
118 'agree_privacy': 'on',
119 'question1': '101',
120 'question2': '',
121 })
122
123 self.assertEqual(response.status_code, 200) 113 self.assertEqual(response.status_code, 200)
124 self.assertContains(response, 'A user with that email address already exists') 114 self.assertContains(response, 'A user with that email address already exists')
125 115
126 def test_duplicate_pending_email(self): 116 def test_duplicate_pending_email(self):
127 """ 117 """
128 Ensure we can't register with a duplicate email address. 118 Ensure we can't register with a duplicate email address.
129 119
130 """ 120 """
131 response = self.client.post(reverse('accounts-register'), { 121 self.post_vals['email'] = 'pending_user@example.com'
132 'username': 'a_new_user', 122 response = self.client.post(reverse('accounts-register'),
133 'email': 'pending_user@example.com', 123 self.post_vals)
134 'password1': 'my_password',
135 'password2': 'my_password',
136 'agree_age': 'on',
137 'agree_tos': 'on',
138 'agree_privacy': 'on',
139 'question1': '101',
140 'question2': '',
141 })
142
143 self.assertEqual(response.status_code, 200) 124 self.assertEqual(response.status_code, 200)
144 self.assertContains(response, 'A pending user with that email address already exists') 125 self.assertContains(response, 'A pending user with that email address already exists')
145 126
146 def test_illegal_email(self): 127 def test_illegal_email(self):
147 """ 128 """
148 Ensure we can't register with a banned email address. 129 Ensure we can't register with a banned email address.
149 130
150 """ 131 """
151 response = self.client.post(reverse('accounts-register'), { 132 self.post_vals['email'] = 'illegal@example.com'
152 'username': 'a_new_user', 133 response = self.client.post(reverse('accounts-register'),
153 'email': 'illegal@example.com', 134 self.post_vals)
154 'password1': 'my_password',
155 'password2': 'my_password',
156 'agree_age': 'on',
157 'agree_tos': 'on',
158 'agree_privacy': 'on',
159 'question1': '101',
160 'question2': '',
161 })
162
163 self.assertEqual(response.status_code, 200) 135 self.assertEqual(response.status_code, 200)
164 self.assertContains(response, 'That email address is not allowed') 136 self.assertContains(response, 'That email address is not allowed')
165 137
166 def test_password_match(self): 138 def test_password_match(self):
167 """ 139 """
168 Ensure the passwords match. 140 Ensure the passwords match.
169 141
170 """ 142 """
171 response = self.client.post(reverse('accounts-register'), { 143 self.post_vals['password2'] = "doesn't match"
172 'username': 'a_new_user', 144 response = self.client.post(reverse('accounts-register'),
173 'email': 'test@example.com', 145 self.post_vals)
174 'password1': 'my_password',
175 'password2': 'my_password_doesnt match',
176 'agree_age': 'on',
177 'agree_tos': 'on',
178 'agree_privacy': 'on',
179 'question1': '101',
180 'question2': '',
181 })
182
183 self.assertEqual(response.status_code, 200) 146 self.assertEqual(response.status_code, 200)
184 self.assertContains(response, "The two password fields didn&#39;t match") 147 self.assertContains(response, "The two password fields didn&#39;t match")
185 148
186 def test_question1(self): 149 def test_question1(self):
187 """ 150 """
188 Ensure our anti-spam question is answered. 151 Ensure our anti-spam question is answered.
189 152
190 """ 153 """
191 response = self.client.post(reverse('accounts-register'), { 154 self.post_vals['question1'] = 'huh'
192 'username': 'a_new_user', 155 response = self.client.post(reverse('accounts-register'),
193 'email': 'test@example.com', 156 self.post_vals)
194 'password1': 'my_password',
195 'password2': 'my_password_doesnt match',
196 'agree_age': 'on',
197 'agree_tos': 'on',
198 'agree_privacy': 'on',
199 'question1': 'huh',
200 'question2': '',
201 })
202
203 self.assertEqual(response.status_code, 200) 157 self.assertEqual(response.status_code, 200)
204 self.assertContains(response, "Incorrect answer to our anti-spam question") 158 self.assertContains(response, "Incorrect answer to our anti-spam question")
205 159
206 def test_question2(self): 160 def test_question2(self):
207 """ 161 """
208 Ensure our honeypot question check works. 162 Ensure our honeypot question check works.
209 163
210 """ 164 """
211 response = self.client.post(reverse('accounts-register'), { 165 self.post_vals['question2'] = 'non blank'
212 'username': 'a_new_user', 166 response = self.client.post(reverse('accounts-register'),
213 'email': 'test@example.com', 167 self.post_vals)
214 'password1': 'my_password', 168 self.assertEqual(response.status_code, 200)
215 'password2': 'my_password_doesnt match', 169
216 'agree_age': 'on', 170 def test_question3(self):
217 'agree_tos': 'on', 171 """
218 'agree_privacy': 'on', 172 Ensure our non-hidden honeypot question check works.
219 'question1': '101', 173
220 'question2': 'non blank', 174 """
221 }) 175 self.post_vals['question3'] = 'non blank'
222 176 response = self.client.post(reverse('accounts-register'),
177 self.post_vals)
178 self.assertEqual(response.status_code, 200)
179
180 def test_question4(self):
181 """
182 Ensure our security question 4 works
183
184 """
185 self.post_vals['question4'] = u'1'
186 response = self.client.post(reverse('accounts-register'),
187 self.post_vals)
188 self.assertEqual(response.status_code, 200)
189
190 self.post_vals['question4'] = u'4'
191 response = self.client.post(reverse('accounts-register'),
192 self.post_vals)
193 self.assertEqual(response.status_code, 200)
194
195 self.post_vals['question4'] = u'8'
196 response = self.client.post(reverse('accounts-register'),
197 self.post_vals)
198 self.assertEqual(response.status_code, 200)
199
200 def test_question5(self):
201 """
202 Ensure our security question 5 works
203
204 """
205 self.post_vals['question5'] = u'1'
206 response = self.client.post(reverse('accounts-register'),
207 self.post_vals)
208 self.assertEqual(response.status_code, 200)
209
210 self.post_vals['question5'] = u'X'
211 response = self.client.post(reverse('accounts-register'),
212 self.post_vals)
213 self.assertEqual(response.status_code, 200)
214
215 self.post_vals['question5'] = u'2983'
216 response = self.client.post(reverse('accounts-register'),
217 self.post_vals)
218 self.assertEqual(response.status_code, 200)
219
220 def test_question6(self):
221 """
222 Ensure our security question 6 works
223
224 """
225 self.post_vals['question6'] = u'1'
226 response = self.client.post(reverse('accounts-register'),
227 self.post_vals)
228 self.assertEqual(response.status_code, 200)
229
230 self.post_vals['question6'] = u'2'
231 response = self.client.post(reverse('accounts-register'),
232 self.post_vals)
233 self.assertEqual(response.status_code, 200)
234
235 self.post_vals['question6'] = u'8'
236 response = self.client.post(reverse('accounts-register'),
237 self.post_vals)
238 self.assertEqual(response.status_code, 200)
239
240 def test_question7(self):
241 """Test security question 7"""
242
243 self.post_vals['question7'] = []
244 response = self.client.post(reverse('accounts-register'),
245 self.post_vals)
246 self.assertEqual(response.status_code, 200)
247
248 self.post_vals['question7'] = [u'1']
249 response = self.client.post(reverse('accounts-register'),
250 self.post_vals)
251 self.assertEqual(response.status_code, 200)
252
253 self.post_vals['question7'] = [u'6', u'2', u'4', u'5', u'7']
254 response = self.client.post(reverse('accounts-register'),
255 self.post_vals)
256 self.assertEqual(response.status_code, 200)
257
258 self.post_vals['question7'] = [u'4', u'3', u'7']
259 response = self.client.post(reverse('accounts-register'),
260 self.post_vals)
223 self.assertEqual(response.status_code, 200) 261 self.assertEqual(response.status_code, 200)
224 262
225 def test_success(self): 263 def test_success(self):
226 """ 264 """
227 Ensure we can successfully register. 265 Ensure we can successfully register.
228 266
229 """ 267 """
230 response = self.client.post(reverse('accounts-register'), { 268 response = self.client.post(reverse('accounts-register'),
231 'username': 'a_new_user', 269 self.post_vals)
232 'email': 'test@example.com',
233 'password1': 'my_password',
234 'password2': 'my_password',
235 'agree_age': 'on',
236 'agree_tos': 'on',
237 'agree_privacy': 'on',
238 'question1': '101',
239 'question2': '',
240 })
241
242 self.assertEqual(response.status_code, 302) 270 self.assertEqual(response.status_code, 302)
243 271
244 try: 272 try:
245 pending = PendingUser.objects.get(username='a_new_user') 273 pending = PendingUser.objects.get(username='a_new_user')
246 except PendingUser.DoesNotExist: 274 except PendingUser.DoesNotExist: