2017-11-13 00:43:40 +00:00
|
|
|
|
# -*- coding: utf-8 -*-
|
2021-05-14 03:28:39 +00:00
|
|
|
|
import datetime
|
|
|
|
|
|
2023-02-11 18:31:14 +00:00
|
|
|
|
from django.conf import settings
|
2023-02-06 14:59:57 +00:00
|
|
|
|
from django.contrib.auth import get_user_model
|
2017-11-13 00:43:40 +00:00
|
|
|
|
from django.core.management import call_command
|
2020-02-14 18:23:58 +00:00
|
|
|
|
from django.test import Client as HttpClient, override_settings, TestCase
|
2020-02-14 17:48:25 +00:00
|
|
|
|
from django.utils import timezone
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
2022-05-28 02:56:38 +00:00
|
|
|
|
from faker import Faker
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class FormsTestCase(TestCase):
|
|
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(FormsTestCase, cls).setUpClass()
|
2022-05-28 02:56:38 +00:00
|
|
|
|
fake = Faker()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
call_command("migrate", verbosity=0)
|
|
|
|
|
call_command("fake", verbosity=0)
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
|
|
|
|
cls.c = HttpClient()
|
|
|
|
|
|
|
|
|
|
fake_user = fake.simple_profile()
|
|
|
|
|
cls.credentials = {
|
2022-02-10 00:00:30 +00:00
|
|
|
|
"username": fake_user["username"],
|
|
|
|
|
"password": fake.password(),
|
2017-11-13 00:43:40 +00:00
|
|
|
|
}
|
2023-02-08 04:29:15 +00:00
|
|
|
|
cls.user = get_user_model().objects.create_user(
|
|
|
|
|
is_superuser=True, **cls.credentials
|
|
|
|
|
)
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
2023-02-09 03:33:22 +00:00
|
|
|
|
cls.user_template = {
|
|
|
|
|
"username": "username",
|
|
|
|
|
"first_name": "User",
|
|
|
|
|
"last_name": "Name",
|
|
|
|
|
"email": "user@user.user",
|
|
|
|
|
"is_staff": False,
|
|
|
|
|
"is_read_only": False,
|
|
|
|
|
"password1": "d47o8dD&#hu3ulu3",
|
|
|
|
|
"password2": "d47o8dD&#hu3ulu3",
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-19 02:52:17 +00:00
|
|
|
|
cls.settings_template = {
|
2022-02-10 00:00:30 +00:00
|
|
|
|
"first_name": "User",
|
|
|
|
|
"last_name": "Name",
|
|
|
|
|
"email": "user@user.user",
|
|
|
|
|
"dashboard_refresh_rate": "",
|
|
|
|
|
"language": "en-US",
|
|
|
|
|
"timezone": "UTC",
|
|
|
|
|
"next": "/user/settings/",
|
2019-04-19 02:52:17 +00:00
|
|
|
|
}
|
|
|
|
|
|
2017-12-02 21:20:15 +00:00
|
|
|
|
def test_change_password(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.get("/user/password/")
|
2017-12-02 21:20:15 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
|
|
|
|
|
|
|
|
|
params = {
|
2022-02-10 00:00:30 +00:00
|
|
|
|
"old_password": "wrong",
|
|
|
|
|
"new_password1": "mynewpassword",
|
|
|
|
|
"new_password2": "notmynewpassword",
|
2017-12-02 21:20:15 +00:00
|
|
|
|
}
|
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/password/", params)
|
2017-12-02 21:20:15 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertFormError(
|
|
|
|
|
page,
|
|
|
|
|
"form",
|
|
|
|
|
"old_password",
|
|
|
|
|
"Your old password was entered incorrectly. " "Please enter it again.",
|
|
|
|
|
)
|
2017-12-02 21:20:15 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["old_password"] = self.credentials["password"]
|
|
|
|
|
page = self.c.post("/user/password/", params)
|
2017-12-02 21:20:15 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertFormError(
|
|
|
|
|
page, "form", "new_password2", "The two password fields didn’t match."
|
|
|
|
|
)
|
2017-12-02 21:20:15 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["new_password2"] = "mynewpassword"
|
|
|
|
|
page = self.c.post("/user/password/", params)
|
2017-12-06 19:39:41 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
2017-12-11 22:18:22 +00:00
|
|
|
|
def test_user_forms(self):
|
2017-12-13 18:49:10 +00:00
|
|
|
|
self.user.is_staff = True
|
|
|
|
|
self.user.save()
|
2017-12-11 22:18:22 +00:00
|
|
|
|
self.c.login(**self.credentials)
|
2023-02-09 03:33:22 +00:00
|
|
|
|
params = self.user_template.copy()
|
2017-12-11 22:18:22 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/users/add/", params)
|
2017-12-11 22:18:22 +00:00
|
|
|
|
self.assertEqual(page.status_code, 302)
|
2023-02-06 14:59:57 +00:00
|
|
|
|
new_user = get_user_model().objects.get(username="username")
|
|
|
|
|
self.assertIsInstance(new_user, get_user_model())
|
2017-12-11 22:18:22 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["first_name"] = "Changed"
|
|
|
|
|
page = self.c.post("/users/{}/edit/".format(new_user.id), params)
|
2017-12-11 22:18:22 +00:00
|
|
|
|
self.assertEqual(page.status_code, 302)
|
|
|
|
|
new_user.refresh_from_db()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertEqual(new_user.first_name, params["first_name"])
|
2017-12-11 22:18:22 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/users/{}/delete/".format(new_user.id))
|
2017-12-11 22:18:22 +00:00
|
|
|
|
self.assertEqual(page.status_code, 302)
|
2023-02-08 04:29:15 +00:00
|
|
|
|
self.assertQuerysetEqual(
|
|
|
|
|
get_user_model().objects.filter(username="username"), []
|
|
|
|
|
)
|
2017-12-11 22:18:22 +00:00
|
|
|
|
|
2023-02-09 03:33:22 +00:00
|
|
|
|
def test_add_regular_user(self):
|
|
|
|
|
self.user.is_staff = True
|
|
|
|
|
self.user.save()
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.user_template.copy()
|
|
|
|
|
|
|
|
|
|
page = self.c.post("/users/add/", params)
|
|
|
|
|
self.assertEqual(page.status_code, 302)
|
|
|
|
|
user = get_user_model().objects.get(username="username")
|
|
|
|
|
self.assertIsInstance(user, get_user_model())
|
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
|
self.assertFalse(user.is_staff)
|
2023-02-11 18:31:14 +00:00
|
|
|
|
self.assertFalse(
|
|
|
|
|
user.groups.filter(
|
|
|
|
|
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
|
|
|
|
).exists()
|
|
|
|
|
)
|
2023-02-09 03:33:22 +00:00
|
|
|
|
|
|
|
|
|
def test_add_staff_user(self):
|
|
|
|
|
self.user.is_staff = True
|
|
|
|
|
self.user.save()
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.user_template.copy()
|
|
|
|
|
params["is_staff"] = True
|
|
|
|
|
|
|
|
|
|
page = self.c.post("/users/add/", params)
|
|
|
|
|
self.assertEqual(page.status_code, 302)
|
|
|
|
|
user = get_user_model().objects.get(username="username")
|
|
|
|
|
self.assertIsInstance(user, get_user_model())
|
|
|
|
|
self.assertTrue(user.is_superuser)
|
|
|
|
|
self.assertTrue(user.is_staff)
|
2023-02-11 18:31:14 +00:00
|
|
|
|
self.assertFalse(
|
|
|
|
|
user.groups.filter(
|
|
|
|
|
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
|
|
|
|
).exists()
|
|
|
|
|
)
|
2023-02-09 03:33:22 +00:00
|
|
|
|
|
|
|
|
|
def test_add_read_only_user(self):
|
|
|
|
|
self.user.is_staff = True
|
|
|
|
|
self.user.save()
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.user_template.copy()
|
|
|
|
|
params["is_read_only"] = True
|
|
|
|
|
|
|
|
|
|
page = self.c.post("/users/add/", params)
|
|
|
|
|
self.assertEqual(page.status_code, 302)
|
|
|
|
|
user = get_user_model().objects.get(username="username")
|
|
|
|
|
self.assertIsInstance(user, get_user_model())
|
|
|
|
|
self.assertFalse(user.is_superuser)
|
|
|
|
|
self.assertFalse(user.is_staff)
|
2023-02-11 18:31:14 +00:00
|
|
|
|
self.assertTrue(
|
|
|
|
|
user.groups.filter(
|
|
|
|
|
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
|
|
|
|
).exists()
|
|
|
|
|
)
|
2023-02-09 03:33:22 +00:00
|
|
|
|
|
2017-11-13 00:43:40 +00:00
|
|
|
|
def test_user_settings(self):
|
2017-12-02 21:20:15 +00:00
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
2019-04-19 02:52:17 +00:00
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["first_name"] = "New First Name"
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", params, follow=True)
|
2019-04-19 02:52:17 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertContains(page, "New First Name")
|
2019-04-19 02:52:17 +00:00
|
|
|
|
|
2021-06-22 04:27:45 +00:00
|
|
|
|
def test_user_regenerate_api_key(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
2023-02-08 04:29:15 +00:00
|
|
|
|
api_key_before = (
|
|
|
|
|
get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
|
|
|
|
)
|
2021-06-22 04:27:45 +00:00
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["api_key_regenerate"] = "Regenerate"
|
2021-06-22 04:27:45 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", params, follow=True)
|
2021-06-22 04:27:45 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2023-02-06 14:59:57 +00:00
|
|
|
|
new_api_key = get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
2022-10-17 08:02:21 +00:00
|
|
|
|
self.assertNotEqual(api_key_before, new_api_key)
|
|
|
|
|
|
|
|
|
|
# API key can also be regenerated on the add-device page
|
|
|
|
|
api_key_before = new_api_key
|
|
|
|
|
params = {"api_key_regenerate": "Regenerate"}
|
|
|
|
|
page = self.c.post("/user/add-device/", params, follow=True)
|
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2023-02-06 14:59:57 +00:00
|
|
|
|
new_api_key = get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
2022-10-17 08:02:21 +00:00
|
|
|
|
self.assertNotEqual(api_key_before, new_api_key)
|
|
|
|
|
|
|
|
|
|
def test_invalid_post_to_add_device(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
page = self.c.get("/user/add-device/")
|
|
|
|
|
self.assertEqual(page.status_code, 200)
|
|
|
|
|
page = self.c.post("/user/add-device/", params={"garbage": True}, follow=True)
|
|
|
|
|
self.assertEqual(page.status_code, 400)
|
2021-06-22 04:27:45 +00:00
|
|
|
|
|
2019-04-19 02:52:17 +00:00
|
|
|
|
def test_user_settings_invalid(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["email"] = "Not an email address"
|
2017-11-13 00:43:40 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", params)
|
2017-11-13 00:43:40 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertFormError(page, "user_form", "email", "Enter a valid email address.")
|
2019-04-19 02:52:17 +00:00
|
|
|
|
|
|
|
|
|
def test_user_settings_language(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["language"] = "fr"
|
|
|
|
|
page = self.c.post("/user/settings/", data=params, follow=True)
|
2022-08-15 14:53:01 +00:00
|
|
|
|
self.assertContains(page, "Paramètres utilisateur")
|
2020-02-14 18:23:58 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
@override_settings(TIME_ZONE="US/Eastern")
|
2020-02-14 18:23:58 +00:00
|
|
|
|
def test_user_settings_timezone(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertEqual(timezone.get_default_timezone_name(), "US/Eastern")
|
2020-02-14 18:23:58 +00:00
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["timezone"] = "US/Pacific"
|
|
|
|
|
page = self.c.post("/user/settings/", data=params, follow=True)
|
2020-02-14 18:23:58 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertEqual(timezone.get_current_timezone_name(), params["timezone"])
|
2021-05-14 03:28:39 +00:00
|
|
|
|
|
|
|
|
|
def test_user_settings_dashboard_hide_empty_on(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["dashboard_hide_empty"] = "on"
|
2021-05-14 03:28:39 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", data=params, follow=True)
|
2021-05-14 03:28:39 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
|
|
|
|
self.user.refresh_from_db()
|
|
|
|
|
self.assertTrue(self.user.settings.dashboard_hide_empty)
|
|
|
|
|
|
|
|
|
|
def test_user_settings_dashboard_refresh_rate(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["dashboard_refresh_rate"] = "0:05:00"
|
2021-05-14 03:28:39 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", data=params, follow=True)
|
2021-05-14 03:28:39 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
|
|
|
|
self.user.refresh_from_db()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertEqual(
|
|
|
|
|
self.user.settings.dashboard_refresh_rate, datetime.timedelta(seconds=300)
|
|
|
|
|
)
|
2021-06-19 21:09:05 +00:00
|
|
|
|
|
|
|
|
|
def test_user_settings_dashboard_hide_age(self):
|
|
|
|
|
self.c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
params = self.settings_template.copy()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
params["dashboard_hide_age"] = "1 day, 0:00:00"
|
2021-06-19 21:09:05 +00:00
|
|
|
|
|
2022-02-10 00:00:30 +00:00
|
|
|
|
page = self.c.post("/user/settings/", data=params, follow=True)
|
2021-06-19 21:09:05 +00:00
|
|
|
|
self.assertEqual(page.status_code, 200)
|
|
|
|
|
self.user.refresh_from_db()
|
2022-02-10 00:00:30 +00:00
|
|
|
|
self.assertEqual(
|
|
|
|
|
self.user.settings.dashboard_hide_age, datetime.timedelta(days=1)
|
|
|
|
|
)
|
2022-02-25 05:14:26 +00:00
|
|
|
|
|
|
|
|
|
def test_csrf_error_handling(self):
|
|
|
|
|
c = HttpClient(enforce_csrf_checks=True)
|
|
|
|
|
c.login(**self.credentials)
|
|
|
|
|
|
|
|
|
|
# Add a CSRF cookie to the client by making a request with the logout form.
|
|
|
|
|
c.get("/", follow=True)
|
|
|
|
|
|
|
|
|
|
# Send POST request with an invalid Origin.
|
|
|
|
|
headers = {"HTTP_ORIGIN": "https://www.example.com"}
|
|
|
|
|
data = {"csrfmiddlewaretoken": c.cookies["csrftoken"].value}
|
|
|
|
|
response = c.post("/logout/", data=data, follow=True, **headers)
|
|
|
|
|
|
|
|
|
|
# Assert response contains Baby Buddy's custom 403 handler text.
|
|
|
|
|
self.assertContains(response, "How to Fix", status_code=403)
|
|
|
|
|
|
|
|
|
|
response = c.post("/logout/", data=data, follow=True)
|
|
|
|
|
self.assertEqual(response.status_code, 200)
|