2020-12-16 00:36:22 +00:00
|
|
|
''' test for app action functionality '''
|
|
|
|
from unittest.mock import patch
|
|
|
|
|
|
|
|
from django.core.exceptions import PermissionDenied
|
2020-12-22 18:10:36 +00:00
|
|
|
from django.contrib.auth.models import Group, Permission
|
|
|
|
from django.contrib.contenttypes.models import ContentType
|
2020-12-16 00:36:22 +00:00
|
|
|
from django.http.response import Http404
|
|
|
|
from django.test import TestCase
|
|
|
|
from django.test.client import RequestFactory
|
|
|
|
|
2020-12-22 00:19:36 +00:00
|
|
|
from bookwyrm import forms, models, view_actions as actions
|
2020-12-16 00:36:22 +00:00
|
|
|
from bookwyrm.settings import DOMAIN
|
|
|
|
|
|
|
|
|
|
|
|
#pylint: disable=too-many-public-methods
|
|
|
|
class ViewActions(TestCase):
|
|
|
|
''' a lot here: all handlers for receiving activitypub requests '''
|
|
|
|
def setUp(self):
|
|
|
|
''' we need basic things, like users '''
|
|
|
|
self.local_user = models.User.objects.create_user(
|
2020-12-27 23:18:48 +00:00
|
|
|
'mouse', 'mouse@mouse.com', 'mouseword',
|
|
|
|
local=True, localname='mouse')
|
2020-12-16 00:36:22 +00:00
|
|
|
self.local_user.remote_id = 'https://example.com/user/mouse'
|
|
|
|
self.local_user.save()
|
2020-12-22 18:10:36 +00:00
|
|
|
self.group = Group.objects.create(name='editor')
|
|
|
|
self.group.permissions.add(
|
|
|
|
Permission.objects.create(
|
|
|
|
name='edit_book',
|
|
|
|
codename='edit_book',
|
|
|
|
content_type=ContentType.objects.get_for_model(models.User)).id
|
|
|
|
)
|
2020-12-16 00:36:22 +00:00
|
|
|
with patch('bookwyrm.models.user.set_remote_server.delay'):
|
|
|
|
self.remote_user = models.User.objects.create_user(
|
|
|
|
'rat', 'rat@rat.com', 'ratword',
|
|
|
|
local=False,
|
|
|
|
remote_id='https://example.com/users/rat',
|
|
|
|
inbox='https://example.com/users/rat/inbox',
|
|
|
|
outbox='https://example.com/users/rat/outbox',
|
|
|
|
)
|
|
|
|
self.status = models.Status.objects.create(
|
|
|
|
user=self.local_user,
|
|
|
|
content='Test status',
|
|
|
|
remote_id='https://example.com/status/1',
|
|
|
|
)
|
2020-12-31 16:30:51 +00:00
|
|
|
self.work = models.Work.objects.create(title='Test Work')
|
|
|
|
self.book = models.Edition.objects.create(
|
|
|
|
title='Test Book', parent_work=self.work)
|
2020-12-16 00:36:22 +00:00
|
|
|
self.settings = models.SiteSettings.objects.create(id=1)
|
|
|
|
self.factory = RequestFactory()
|
|
|
|
|
|
|
|
|
|
|
|
def test_register(self):
|
|
|
|
''' create a user '''
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria-user.user_nutria',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.cccc'
|
|
|
|
})
|
|
|
|
with patch('bookwyrm.view_actions.login'):
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 3)
|
|
|
|
self.assertEqual(response.status_code, 302)
|
|
|
|
nutria = models.User.objects.last()
|
|
|
|
self.assertEqual(nutria.username, 'nutria-user.user_nutria@%s' % DOMAIN)
|
|
|
|
self.assertEqual(nutria.localname, 'nutria-user.user_nutria')
|
|
|
|
self.assertEqual(nutria.local, True)
|
|
|
|
|
|
|
|
def test_register_trailing_space(self):
|
|
|
|
''' django handles this so weirdly '''
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria ',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc'
|
|
|
|
})
|
|
|
|
with patch('bookwyrm.view_actions.login'):
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 3)
|
|
|
|
self.assertEqual(response.status_code, 302)
|
|
|
|
nutria = models.User.objects.last()
|
|
|
|
self.assertEqual(nutria.username, 'nutria@%s' % DOMAIN)
|
|
|
|
self.assertEqual(nutria.localname, 'nutria')
|
|
|
|
self.assertEqual(nutria.local, True)
|
|
|
|
|
|
|
|
def test_register_invalid_email(self):
|
|
|
|
''' gotta have an email '''
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa'
|
|
|
|
})
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
self.assertEqual(response.template_name, 'login.html')
|
|
|
|
|
|
|
|
def test_register_invalid_username(self):
|
|
|
|
''' gotta have an email '''
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nut@ria',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc'
|
|
|
|
})
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
self.assertEqual(response.template_name, 'login.html')
|
|
|
|
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutr ia',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc'
|
|
|
|
})
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
self.assertEqual(response.template_name, 'login.html')
|
|
|
|
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nut@ria',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc'
|
|
|
|
})
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 2)
|
|
|
|
self.assertEqual(response.template_name, 'login.html')
|
|
|
|
|
|
|
|
|
|
|
|
def test_register_closed_instance(self):
|
|
|
|
''' you can't just register '''
|
|
|
|
self.settings.allow_registration = False
|
|
|
|
self.settings.save()
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria ',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc'
|
|
|
|
})
|
|
|
|
with self.assertRaises(PermissionDenied):
|
|
|
|
actions.register(request)
|
|
|
|
|
|
|
|
def test_register_invite(self):
|
|
|
|
''' you can't just register '''
|
|
|
|
self.settings.allow_registration = False
|
|
|
|
self.settings.save()
|
|
|
|
models.SiteInvite.objects.create(
|
|
|
|
code='testcode', user=self.local_user, use_limit=1)
|
|
|
|
self.assertEqual(models.SiteInvite.objects.get().times_used, 0)
|
|
|
|
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc',
|
|
|
|
'invite_code': 'testcode'
|
|
|
|
})
|
|
|
|
with patch('bookwyrm.view_actions.login'):
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 3)
|
|
|
|
self.assertEqual(response.status_code, 302)
|
|
|
|
self.assertEqual(models.SiteInvite.objects.get().times_used, 1)
|
|
|
|
|
2021-01-04 19:14:10 +00:00
|
|
|
# invite already used to max capacity
|
2020-12-16 00:36:22 +00:00
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria2',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc',
|
|
|
|
'invite_code': 'testcode'
|
|
|
|
})
|
2021-01-04 19:14:10 +00:00
|
|
|
with self.assertRaises(PermissionDenied):
|
|
|
|
response = actions.register(request)
|
2020-12-16 00:36:22 +00:00
|
|
|
self.assertEqual(models.User.objects.count(), 3)
|
|
|
|
|
|
|
|
# bad invite code
|
|
|
|
request = self.factory.post(
|
|
|
|
'register/',
|
|
|
|
{
|
2020-12-27 23:18:48 +00:00
|
|
|
'localname': 'nutria3',
|
2020-12-16 00:36:22 +00:00
|
|
|
'password': 'mouseword',
|
|
|
|
'email': 'aa@bb.ccc',
|
|
|
|
'invite_code': 'dkfkdjgdfkjgkdfj'
|
|
|
|
})
|
|
|
|
with self.assertRaises(Http404):
|
|
|
|
response = actions.register(request)
|
|
|
|
self.assertEqual(models.User.objects.count(), 3)
|
|
|
|
|
|
|
|
|
|
|
|
def test_password_reset_request(self):
|
|
|
|
''' send 'em an email '''
|
|
|
|
request = self.factory.post('', {'email': 'aa@bb.ccc'})
|
|
|
|
resp = actions.password_reset_request(request)
|
|
|
|
self.assertEqual(resp.status_code, 302)
|
|
|
|
|
|
|
|
request = self.factory.post(
|
|
|
|
'', {'email': 'mouse@mouse.com'})
|
|
|
|
with patch('bookwyrm.emailing.send_email.delay'):
|
|
|
|
resp = actions.password_reset_request(request)
|
|
|
|
self.assertEqual(resp.template_name, 'password_reset_request.html')
|
|
|
|
|
|
|
|
self.assertEqual(
|
|
|
|
models.PasswordReset.objects.get().user, self.local_user)
|
|
|
|
|
|
|
|
def test_password_reset(self):
|
|
|
|
''' reset from code '''
|
|
|
|
code = models.PasswordReset.objects.create(user=self.local_user)
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'reset-code': code.code,
|
|
|
|
'password': 'hi',
|
|
|
|
'confirm-password': 'hi'
|
|
|
|
})
|
|
|
|
with patch('bookwyrm.view_actions.login'):
|
|
|
|
resp = actions.password_reset(request)
|
|
|
|
self.assertEqual(resp.status_code, 302)
|
|
|
|
self.assertFalse(models.PasswordReset.objects.exists())
|
|
|
|
|
|
|
|
def test_password_reset_wrong_code(self):
|
|
|
|
''' reset from code '''
|
|
|
|
models.PasswordReset.objects.create(user=self.local_user)
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'reset-code': 'jhgdkfjgdf',
|
|
|
|
'password': 'hi',
|
|
|
|
'confirm-password': 'hi'
|
|
|
|
})
|
|
|
|
resp = actions.password_reset(request)
|
|
|
|
self.assertEqual(resp.template_name, 'password_reset.html')
|
|
|
|
self.assertTrue(models.PasswordReset.objects.exists())
|
|
|
|
|
|
|
|
def test_password_reset_mismatch(self):
|
|
|
|
''' reset from code '''
|
|
|
|
code = models.PasswordReset.objects.create(user=self.local_user)
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'reset-code': code.code,
|
|
|
|
'password': 'hi',
|
|
|
|
'confirm-password': 'hihi'
|
|
|
|
})
|
|
|
|
resp = actions.password_reset(request)
|
|
|
|
self.assertEqual(resp.template_name, 'password_reset.html')
|
|
|
|
self.assertTrue(models.PasswordReset.objects.exists())
|
2020-12-16 21:59:18 +00:00
|
|
|
|
2020-12-21 22:54:45 +00:00
|
|
|
|
|
|
|
def test_password_change(self):
|
|
|
|
''' change password '''
|
|
|
|
password_hash = self.local_user.password
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'password': 'hi',
|
|
|
|
'confirm-password': 'hi'
|
|
|
|
})
|
|
|
|
request.user = self.local_user
|
2020-12-22 00:19:36 +00:00
|
|
|
with patch('bookwyrm.view_actions.login'):
|
2020-12-22 18:10:36 +00:00
|
|
|
actions.password_change(request)
|
2020-12-22 00:19:36 +00:00
|
|
|
self.assertNotEqual(self.local_user.password, password_hash)
|
2020-12-21 22:54:45 +00:00
|
|
|
|
|
|
|
def test_password_change_mismatch(self):
|
|
|
|
''' change password '''
|
|
|
|
password_hash = self.local_user.password
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'password': 'hi',
|
|
|
|
'confirm-password': 'hihi'
|
|
|
|
})
|
|
|
|
request.user = self.local_user
|
2020-12-22 18:10:36 +00:00
|
|
|
actions.password_change(request)
|
2020-12-22 00:19:36 +00:00
|
|
|
self.assertEqual(self.local_user.password, password_hash)
|
2020-12-21 22:54:45 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_edit_user(self):
|
|
|
|
''' use a form to update a user '''
|
2020-12-22 00:19:36 +00:00
|
|
|
form = forms.EditUserForm(instance=self.local_user)
|
|
|
|
form.data['name'] = 'New Name'
|
|
|
|
request = self.factory.post('', form.data)
|
|
|
|
request.user = self.local_user
|
|
|
|
|
|
|
|
with patch('bookwyrm.broadcast.broadcast_task.delay'):
|
|
|
|
actions.edit_profile(request)
|
|
|
|
self.assertEqual(self.local_user.name, 'New Name')
|
2020-12-21 22:54:45 +00:00
|
|
|
|
|
|
|
|
2020-12-16 21:59:18 +00:00
|
|
|
def test_switch_edition(self):
|
|
|
|
''' updates user's relationships to a book '''
|
|
|
|
work = models.Work.objects.create(title='test work')
|
|
|
|
edition1 = models.Edition.objects.create(
|
|
|
|
title='first ed', parent_work=work)
|
|
|
|
edition2 = models.Edition.objects.create(
|
|
|
|
title='second ed', parent_work=work)
|
|
|
|
shelf = models.Shelf.objects.create(
|
|
|
|
name='Test Shelf', user=self.local_user)
|
|
|
|
shelf.books.add(edition1)
|
|
|
|
models.ReadThrough.objects.create(
|
|
|
|
user=self.local_user, book=edition1)
|
|
|
|
|
|
|
|
self.assertEqual(models.ShelfBook.objects.get().book, edition1)
|
|
|
|
self.assertEqual(models.ReadThrough.objects.get().book, edition1)
|
|
|
|
request = self.factory.post('', {
|
|
|
|
'edition': edition2.id
|
|
|
|
})
|
|
|
|
request.user = self.local_user
|
|
|
|
with patch('bookwyrm.broadcast.broadcast_task.delay'):
|
|
|
|
actions.switch_edition(request)
|
|
|
|
|
|
|
|
self.assertEqual(models.ShelfBook.objects.get().book, edition2)
|
|
|
|
self.assertEqual(models.ReadThrough.objects.get().book, edition2)
|
2020-12-22 18:10:36 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_edit_author(self):
|
|
|
|
''' edit an author '''
|
|
|
|
author = models.Author.objects.create(name='Test Author')
|
|
|
|
self.local_user.groups.add(self.group)
|
|
|
|
form = forms.AuthorForm(instance=author)
|
|
|
|
form.data['name'] = 'New Name'
|
|
|
|
form.data['last_edited_by'] = self.local_user.id
|
|
|
|
request = self.factory.post('', form.data)
|
|
|
|
request.user = self.local_user
|
|
|
|
with patch('bookwyrm.broadcast.broadcast_task.delay'):
|
|
|
|
actions.edit_author(request, author.id)
|
|
|
|
author.refresh_from_db()
|
|
|
|
self.assertEqual(author.name, 'New Name')
|
|
|
|
self.assertEqual(author.last_edited_by, self.local_user)
|
|
|
|
|
|
|
|
def test_edit_author_non_editor(self):
|
|
|
|
''' edit an author with invalid post data'''
|
|
|
|
author = models.Author.objects.create(name='Test Author')
|
|
|
|
form = forms.AuthorForm(instance=author)
|
|
|
|
form.data['name'] = 'New Name'
|
|
|
|
form.data['last_edited_by'] = self.local_user.id
|
|
|
|
request = self.factory.post('', form.data)
|
|
|
|
request.user = self.local_user
|
|
|
|
with self.assertRaises(PermissionDenied):
|
|
|
|
actions.edit_author(request, author.id)
|
|
|
|
author.refresh_from_db()
|
|
|
|
self.assertEqual(author.name, 'Test Author')
|
|
|
|
|
|
|
|
def test_edit_author_invalid_form(self):
|
|
|
|
''' edit an author with invalid post data'''
|
|
|
|
author = models.Author.objects.create(name='Test Author')
|
|
|
|
self.local_user.groups.add(self.group)
|
|
|
|
form = forms.AuthorForm(instance=author)
|
|
|
|
form.data['name'] = ''
|
|
|
|
form.data['last_edited_by'] = self.local_user.id
|
|
|
|
request = self.factory.post('', form.data)
|
|
|
|
request.user = self.local_user
|
|
|
|
resp = actions.edit_author(request, author.id)
|
|
|
|
author.refresh_from_db()
|
|
|
|
self.assertEqual(author.name, 'Test Author')
|
|
|
|
self.assertEqual(resp.template_name, 'edit_author.html')
|
2020-12-31 16:30:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_tag(self):
|
|
|
|
''' add a tag to a book '''
|
|
|
|
request = self.factory.post(
|
|
|
|
'', {
|
|
|
|
'name': 'A Tag!?',
|
|
|
|
'book': self.book.id,
|
|
|
|
})
|
|
|
|
request.user = self.local_user
|
|
|
|
|
|
|
|
with patch('bookwyrm.broadcast.broadcast_task.delay'):
|
|
|
|
actions.tag(request)
|
|
|
|
|
|
|
|
tag = models.Tag.objects.get()
|
|
|
|
user_tag = models.UserTag.objects.get()
|
|
|
|
self.assertEqual(tag.name, 'A Tag!?')
|
|
|
|
self.assertEqual(tag.identifier, 'A+Tag%21%3F')
|
|
|
|
self.assertEqual(user_tag.user, self.local_user)
|
|
|
|
self.assertEqual(user_tag.book, self.book)
|
2020-12-31 16:42:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_untag(self):
|
|
|
|
''' remove a tag from a book '''
|
|
|
|
tag = models.Tag.objects.create(name='A Tag!?')
|
2021-01-04 19:14:10 +00:00
|
|
|
models.UserTag.objects.create(
|
2020-12-31 16:42:09 +00:00
|
|
|
user=self.local_user, book=self.book, tag=tag)
|
|
|
|
request = self.factory.post(
|
|
|
|
'', {
|
|
|
|
'user': self.local_user.id,
|
|
|
|
'book': self.book.id,
|
|
|
|
'name': tag.name,
|
|
|
|
})
|
|
|
|
request.user = self.local_user
|
|
|
|
|
|
|
|
with patch('bookwyrm.broadcast.broadcast_task.delay'):
|
|
|
|
actions.untag(request)
|
|
|
|
|
|
|
|
self.assertTrue(models.Tag.objects.filter(name='A Tag!?').exists())
|
|
|
|
self.assertFalse(models.UserTag.objects.exists())
|