moviewyrm/bookwyrm/tests/views/test_authentication.py

252 lines
9.1 KiB
Python
Raw Normal View History

2021-03-08 16:49:10 +00:00
""" test for app action functionality """
2021-01-12 17:09:05 +00:00
from unittest.mock import patch
from django.contrib.auth.models import AnonymousUser
from django.core.exceptions import PermissionDenied
from django.http.response import Http404
from django.template.response import TemplateResponse
from django.test import TestCase
2021-01-12 17:53:04 +00:00
from django.test.client import RequestFactory
2021-01-12 17:09:05 +00:00
2021-08-06 18:23:38 +00:00
from bookwyrm import forms, models, views
2021-01-12 17:09:05 +00:00
from bookwyrm.settings import DOMAIN
# pylint: disable=too-many-public-methods
2021-08-03 17:25:53 +00:00
@patch("bookwyrm.suggested_users.rerank_suggestions_task.delay")
2021-01-12 17:09:05 +00:00
class AuthenticationViews(TestCase):
2021-04-26 16:15:42 +00:00
"""login and password management"""
2021-03-08 16:49:10 +00:00
2021-01-12 17:53:04 +00:00
def setUp(self):
2021-04-26 16:15:42 +00:00
"""we need basic test data and mocks"""
2021-01-12 17:53:04 +00:00
self.factory = RequestFactory()
2021-08-03 17:25:53 +00:00
with patch("bookwyrm.suggested_users.rerank_suggestions_task.delay"):
self.local_user = models.User.objects.create_user(
2021-08-06 18:23:38 +00:00
"mouse@your.domain.here",
2021-08-03 17:25:53 +00:00
"mouse@mouse.com",
"password",
local=True,
localname="mouse",
)
2021-01-12 17:53:04 +00:00
self.anonymous_user = AnonymousUser
self.anonymous_user.is_authenticated = False
2021-08-02 23:05:40 +00:00
self.settings = models.SiteSettings.objects.create(id=1)
2021-01-12 17:53:04 +00:00
2021-08-03 17:25:53 +00:00
def test_login_get(self, _):
2021-04-26 16:15:42 +00:00
"""there are so many views, this just makes sure it LOADS"""
2021-01-12 17:53:04 +00:00
login = views.Login.as_view()
2021-03-08 16:49:10 +00:00
request = self.factory.get("")
2021-01-12 17:53:04 +00:00
request.user = self.anonymous_user
result = login(request)
2021-01-12 17:09:05 +00:00
self.assertIsInstance(result, TemplateResponse)
result.render()
2021-01-12 17:09:05 +00:00
self.assertEqual(result.status_code, 200)
request.user = self.local_user
2021-01-12 17:53:04 +00:00
result = login(request)
2021-03-08 16:49:10 +00:00
self.assertEqual(result.url, "/")
2021-01-12 17:09:05 +00:00
self.assertEqual(result.status_code, 302)
2021-08-06 18:23:38 +00:00
def test_login_post_localname(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse@mouse.com"
form.data["password"] = "password"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
self.assertEqual(result.url, "/")
self.assertEqual(result.status_code, 302)
def test_login_post_username(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse@your.domain.here"
form.data["password"] = "password"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
self.assertEqual(result.url, "/")
self.assertEqual(result.status_code, 302)
def test_login_post_email(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse"
form.data["password"] = "password"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
self.assertEqual(result.url, "/")
self.assertEqual(result.status_code, 302)
def test_login_post_invalid_credentials(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse"
form.data["password"] = "passsword1"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
result.render()
self.assertEqual(result.status_code, 200)
self.assertEqual(
result.context_data["login_form"].non_field_errors,
"Username or password are incorrect",
)
2021-08-03 17:25:53 +00:00
def test_register(self, _):
2021-04-26 16:15:42 +00:00
"""create a user"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
self.assertEqual(models.User.objects.count(), 1)
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
2021-01-12 17:09:05 +00:00
{
2021-03-08 16:49:10 +00:00
"localname": "nutria-user.user_nutria",
"password": "mouseword",
"email": "aa@bb.cccc",
},
)
2021-08-02 23:05:40 +00:00
with patch("bookwyrm.views.authentication.login"):
response = view(request)
2021-01-12 17:53:04 +00:00
self.assertEqual(models.User.objects.count(), 2)
2021-01-12 17:09:05 +00:00
self.assertEqual(response.status_code, 302)
nutria = models.User.objects.last()
2021-03-08 16:49:10 +00:00
self.assertEqual(nutria.username, "nutria-user.user_nutria@%s" % DOMAIN)
self.assertEqual(nutria.localname, "nutria-user.user_nutria")
2021-01-12 17:09:05 +00:00
self.assertEqual(nutria.local, True)
2021-08-03 17:25:53 +00:00
def test_register_trailing_space(self, _):
2021-04-26 16:15:42 +00:00
"""django handles this so weirdly"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
{"localname": "nutria ", "password": "mouseword", "email": "aa@bb.ccc"},
)
2021-08-02 23:05:40 +00:00
with patch("bookwyrm.views.authentication.login"):
response = view(request)
2021-01-12 17:53:04 +00:00
self.assertEqual(models.User.objects.count(), 2)
2021-01-12 17:09:05 +00:00
self.assertEqual(response.status_code, 302)
nutria = models.User.objects.last()
2021-03-08 16:49:10 +00:00
self.assertEqual(nutria.username, "nutria@%s" % DOMAIN)
self.assertEqual(nutria.localname, "nutria")
2021-01-12 17:09:05 +00:00
self.assertEqual(nutria.local, True)
2021-08-03 17:25:53 +00:00
def test_register_invalid_email(self, _):
2021-04-26 16:15:42 +00:00
"""gotta have an email"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
self.assertEqual(models.User.objects.count(), 1)
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/", {"localname": "nutria", "password": "mouseword", "email": "aa"}
)
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 1)
response.render()
2021-01-12 17:09:05 +00:00
2021-08-03 17:25:53 +00:00
def test_register_invalid_username(self, _):
2021-04-26 16:15:42 +00:00
"""gotta have an email"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
self.assertEqual(models.User.objects.count(), 1)
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
{"localname": "nut@ria", "password": "mouseword", "email": "aa@bb.ccc"},
)
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 1)
response.render()
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
{"localname": "nutr ia", "password": "mouseword", "email": "aa@bb.ccc"},
)
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 1)
response.render()
2021-01-12 17:09:05 +00:00
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
{"localname": "nut@ria", "password": "mouseword", "email": "aa@bb.ccc"},
)
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 1)
response.render()
2021-01-12 17:09:05 +00:00
2021-08-03 17:25:53 +00:00
def test_register_closed_instance(self, _):
2021-04-26 16:15:42 +00:00
"""you can't just register"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
2021-01-12 17:09:05 +00:00
self.settings.allow_registration = False
self.settings.save()
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
{"localname": "nutria ", "password": "mouseword", "email": "aa@bb.ccc"},
)
2021-01-12 17:09:05 +00:00
with self.assertRaises(PermissionDenied):
2021-01-12 17:53:04 +00:00
view(request)
2021-01-12 17:09:05 +00:00
2021-08-03 17:25:53 +00:00
def test_register_invite(self, _):
2021-04-26 16:15:42 +00:00
"""you can't just register"""
2021-01-12 17:53:04 +00:00
view = views.Register.as_view()
2021-01-12 17:09:05 +00:00
self.settings.allow_registration = False
self.settings.save()
models.SiteInvite.objects.create(
2021-03-08 16:49:10 +00:00
code="testcode", user=self.local_user, use_limit=1
)
2021-01-12 17:09:05 +00:00
self.assertEqual(models.SiteInvite.objects.get().times_used, 0)
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
2021-01-12 17:09:05 +00:00
{
2021-03-08 16:49:10 +00:00
"localname": "nutria",
"password": "mouseword",
"email": "aa@bb.ccc",
"invite_code": "testcode",
},
)
2021-08-02 23:05:40 +00:00
with patch("bookwyrm.views.authentication.login"):
response = view(request)
2021-01-12 17:53:04 +00:00
self.assertEqual(models.User.objects.count(), 2)
2021-01-12 17:09:05 +00:00
self.assertEqual(response.status_code, 302)
self.assertEqual(models.SiteInvite.objects.get().times_used, 1)
# invite already used to max capacity
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
2021-01-12 17:09:05 +00:00
{
2021-03-08 16:49:10 +00:00
"localname": "nutria2",
"password": "mouseword",
"email": "aa@bb.ccc",
"invite_code": "testcode",
},
)
2021-01-12 17:09:05 +00:00
with self.assertRaises(PermissionDenied):
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 2)
2021-01-12 17:09:05 +00:00
# bad invite code
request = self.factory.post(
2021-03-08 16:49:10 +00:00
"register/",
2021-01-12 17:09:05 +00:00
{
2021-03-08 16:49:10 +00:00
"localname": "nutria3",
"password": "mouseword",
"email": "aa@bb.ccc",
"invite_code": "dkfkdjgdfkjgkdfj",
},
)
2021-01-12 17:09:05 +00:00
with self.assertRaises(Http404):
2021-01-12 17:53:04 +00:00
response = view(request)
self.assertEqual(models.User.objects.count(), 2)