takahe/tests/users/views/test_auth.py

import datetime

import pytest
from django.core import mail
from django.utils import timezone
from pytest_django.asserts import assertContains, assertNotContains

from users.models import Invite, User


@pytest.mark.django_db
def test_signup_disabled(client, config_system):
    """
    Tests that disabling signup takes effect
    """
    # Signup disabled and no signup text
    config_system.signup_allowed = False
    response = client.get("/auth/signup/")
    assertContains(
        response, "We're not accepting new users at this time", status_code=200
    )
    assertNotContains(response, "<button>Create</button>")

    # Signup disabled with signup text configured
    config_system.signup_text = "Go away!!!!!!"
    response = client.get("/auth/signup/")
    assertContains(response, "Go away!!!!!!", status_code=200)

    # Ensure direct POST doesn't side step guard
    response = client.post(
        "/auth/signup/", data={"email": "test_signup_disabled@example.org"}
    )
    assert response.status_code == 200
    assert not User.objects.filter(email="test_signup_disabled@example.org").exists()

    # Signup enabled
    config_system.signup_allowed = True
    response = client.get("/auth/signup/")
    assertContains(response, "<button>Create</button>", status_code=200)
    assertNotContains(response, "We're not accepting new users at this time")


@pytest.mark.django_db
def test_signup_invite_only(client, config_system):
    """
    Tests that invite codes work with signup
    """
    config_system.signup_allowed = False

    # Try to sign up without an invite code
    response = client.post("/auth/signup/", {"email": "random@example.com"})
    assertNotContains(response, "Email Sent", status_code=200)

    # Make an invite code for any email with infinite uses
    invite_infinite = Invite.create_random()
    response = client.post(
        f"/auth/signup/{invite_infinite.token}/",
        {"email": "random@example.com"},
    )
    assertContains(response, "Email Sent", status_code=200)

    # Ensure it still has infinite uses
    assert Invite.objects.get(token=invite_infinite.token).uses is None

    # Make an invite code for any email with one use
    invite_single = Invite.create_random(uses=1)
    response = client.post(
        f"/auth/signup/{invite_single.token}/",
        {"email": "random2@example.com"},
    )
    assertContains(response, "Email Sent", status_code=200)

    # Verify it was used up
    assert Invite.objects.filter(token=invite_single.token).count() == 0

    # Make an invite code that's invalid
    invite_expired = Invite.create_random(
        expires=timezone.now() - datetime.timedelta(days=1)
    )
    response = client.post(
        f"/auth/signup/{invite_expired.token}/",
        {"email": "random3@example.com"},
    )
    print(response.content)
    assert response.status_code == 404


@pytest.mark.django_db
def test_signup_policy(client, config_system):
    """
    Tests that you must agree to policies to sign up
    """
    config_system.signup_allowed = True

    # Make sure we can sign up when there are no policies
    response = client.post("/auth/signup/", {"email": "random@example.com"})
    assertContains(response, "Email Sent", status_code=200)

    # Make sure that's then denied when we have a policy in place
    config_system.policy_rules = "You must love unit tests"
    response = client.post("/auth/signup/", {"email": "random2@example.com"})
    assertContains(response, "field is required", status_code=200)
    assertNotContains(response, "Email Sent")


@pytest.mark.django_db
def test_signup_email(client, config_system, stator):
    """
    Tests that you can sign up and get an email sent to you
    """
    config_system.signup_allowed = True

    # Sign up with a user
    response = client.post("/auth/signup/", {"email": "random@example.com"})
    assertContains(response, "Email Sent", status_code=200)

    # Verify that made a user object and a password reset
    user = User.objects.get(email="random@example.com")
    assert user.password_resets.exists()

    # Run Stator and verify it sends the email
    assert len(mail.outbox) == 0
    stator.run_single_cycle_sync()
    assert len(mail.outbox) == 1
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`import datetime`

Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00			`import pytest`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`from django.core import mail`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`from django.utils import timezone`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`from pytest_django.asserts import assertContains, assertNotContains`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`from users.models import Invite, User`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00

			`@pytest.mark.django_db`
			`def test_signup_disabled(client, config_system):`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`"""`
			`Tests that disabling signup takes effect`
			`"""`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00			`# Signup disabled and no signup text`
			`config_system.signup_allowed = False`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.get("/auth/signup/")`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`assertContains(`
			`response, "We're not accepting new users at this time", status_code=200`
			`)`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`assertNotContains(response, "<button>Create</button>")`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00
			`# Signup disabled with signup text configured`
			`config_system.signup_text = "Go away!!!!!!"`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.get("/auth/signup/")`
			`assertContains(response, "Go away!!!!!!", status_code=200)`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00
			`# Ensure direct POST doesn't side step guard`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.post(`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00			`"/auth/signup/", data={"email": "test_signup_disabled@example.org"}`
			`)`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`assert response.status_code == 200`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00			`assert not User.objects.filter(email="test_signup_disabled@example.org").exists()`

			`# Signup enabled`
			`config_system.signup_allowed = True`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.get("/auth/signup/")`
			`assertContains(response, "<button>Create</button>", status_code=200)`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`assertNotContains(response, "We're not accepting new users at this time")`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00

			`@pytest.mark.django_db`
			`def test_signup_invite_only(client, config_system):`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`"""`
			`Tests that invite codes work with signup`
			`"""`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`config_system.signup_allowed = False`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`# Try to sign up without an invite code`
			`response = client.post("/auth/signup/", {"email": "random@example.com"})`
			`assertNotContains(response, "Email Sent", status_code=200)`

Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`# Make an invite code for any email with infinite uses`
			`invite_infinite = Invite.create_random()`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.post(`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`f"/auth/signup/{invite_infinite.token}/",`
			`{"email": "random@example.com"},`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`)`
			`assertContains(response, "Email Sent", status_code=200)`

Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`# Ensure it still has infinite uses`
			`assert Invite.objects.get(token=invite_infinite.token).uses is None`

			`# Make an invite code for any email with one use`
			`invite_single = Invite.create_random(uses=1)`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`response = client.post(`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`f"/auth/signup/{invite_single.token}/",`
			`{"email": "random2@example.com"},`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`)`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`assertContains(response, "Email Sent", status_code=200)`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`# Verify it was used up`
			`assert Invite.objects.filter(token=invite_single.token).count() == 0`

			`# Make an invite code that's invalid`
			`invite_expired = Invite.create_random(`
			`expires=timezone.now() - datetime.timedelta(days=1)`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`)`
			`response = client.post(`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`f"/auth/signup/{invite_expired.token}/",`
			`{"email": "random3@example.com"},`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`)`
Invites overhaul No email tie, added uses and expires, now works by URL. 2022-12-22 07:03:21 +00:00			`print(response.content)`
			`assert response.status_code == 404`
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00

			`@pytest.mark.django_db`
			`def test_signup_policy(client, config_system):`
			`"""`
			`Tests that you must agree to policies to sign up`
			`"""`
			`config_system.signup_allowed = True`

			`# Make sure we can sign up when there are no policies`
			`response = client.post("/auth/signup/", {"email": "random@example.com"})`
			`assertContains(response, "Email Sent", status_code=200)`

			`# Make sure that's then denied when we have a policy in place`
			`config_system.policy_rules = "You must love unit tests"`
			`response = client.post("/auth/signup/", {"email": "random2@example.com"})`
			`assertContains(response, "field is required", status_code=200)`
			`assertNotContains(response, "Email Sent")`


			`@pytest.mark.django_db`
			`def test_signup_email(client, config_system, stator):`
			`"""`
			`Tests that you can sign up and get an email sent to you`
			`"""`
			`config_system.signup_allowed = True`

			`# Sign up with a user`
			`response = client.post("/auth/signup/", {"email": "random@example.com"})`
			`assertContains(response, "Email Sent", status_code=200)`

			`# Verify that made a user object and a password reset`
			`user = User.objects.get(email="random@example.com")`
			`assert user.password_resets.exists()`
Enforce signups_allowed=False (#26) 2022-11-20 23:03:09 +00:00
Policy pages and signup tests. Fixes #113 2022-12-06 02:21:00 +00:00			`# Run Stator and verify it sends the email`
			`assert len(mail.outbox) == 0`
			`stator.run_single_cycle_sync()`
			`assert len(mail.outbox) == 1`