From 9102d817678817e7e1c78ae702b4054325ee32ee Mon Sep 17 00:00:00 2001
From: Mouse Reeve <mousereeve@riseup.net>
Date: Mon, 4 Jan 2021 11:14:10 -0800
Subject: [PATCH] Fixes checking invite validity

---
 bookwyrm/tests/test_view_actions.py | 7 ++++---
 bookwyrm/view_actions.py            | 5 +++--
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/bookwyrm/tests/test_view_actions.py b/bookwyrm/tests/test_view_actions.py
index e1950e3f..2e5258f6 100644
--- a/bookwyrm/tests/test_view_actions.py
+++ b/bookwyrm/tests/test_view_actions.py
@@ -173,7 +173,7 @@ class ViewActions(TestCase):
         self.assertEqual(response.status_code, 302)
         self.assertEqual(models.SiteInvite.objects.get().times_used, 1)
 
-        # invalid invite
+        # invite already used to max capacity
         request = self.factory.post(
             'register/',
             {
@@ -182,7 +182,8 @@ class ViewActions(TestCase):
                 'email': 'aa@bb.ccc',
                 'invite_code': 'testcode'
             })
-        response = actions.register(request)
+        with self.assertRaises(PermissionDenied):
+            response = actions.register(request)
         self.assertEqual(models.User.objects.count(), 3)
 
         # bad invite code
@@ -380,7 +381,7 @@ class ViewActions(TestCase):
     def test_untag(self):
         ''' remove a tag from a book '''
         tag = models.Tag.objects.create(name='A Tag!?')
-        user_tag = models.UserTag.objects.create(
+        models.UserTag.objects.create(
             user=self.local_user, book=self.book, tag=tag)
         request = self.factory.post(
             '', {
diff --git a/bookwyrm/view_actions.py b/bookwyrm/view_actions.py
index c600248a..d27701b2 100644
--- a/bookwyrm/view_actions.py
+++ b/bookwyrm/view_actions.py
@@ -30,7 +30,6 @@ def user_login(request):
     ''' authenticate user login '''
     login_form = forms.LoginForm(request.POST)
 
-    print(login_form.data)
     localname = login_form.data['localname']
     username = '%s@%s' % (localname, DOMAIN)
     password = login_form.data['password']
@@ -60,6 +59,8 @@ def register(request):
             raise PermissionDenied
 
         invite = get_object_or_404(models.SiteInvite, code=invite_code)
+        if not invite.valid():
+            raise PermissionDenied
     else:
         invite = None
 
@@ -74,7 +75,7 @@ def register(request):
 
     # check localname and email uniqueness
     if models.User.objects.filter(localname=localname).first():
-        form.add_error('localname', 'User with this username already exists')
+        form.errors['localname'] = ['User with this username already exists']
         errors = True
 
     if errors: