mirror of https://github.com/snachodog/mybuddy.git
292 lines
10 KiB
Python
292 lines
10 KiB
Python
# -*- coding: utf-8 -*-
|
||
import datetime
|
||
|
||
from django.conf import settings
|
||
from django.contrib.auth import get_user_model
|
||
from django.core.management import call_command
|
||
from django.test import Client as HttpClient, override_settings, TestCase
|
||
from django.utils import timezone
|
||
|
||
from faker import Faker
|
||
|
||
|
||
class FormsTestCase(TestCase):
|
||
@classmethod
|
||
def setUpClass(cls):
|
||
super(FormsTestCase, cls).setUpClass()
|
||
fake = Faker()
|
||
call_command("migrate", verbosity=0)
|
||
call_command("fake", verbosity=0)
|
||
|
||
cls.c = HttpClient()
|
||
|
||
fake_user = fake.simple_profile()
|
||
cls.credentials = {
|
||
"username": fake_user["username"],
|
||
"password": fake.password(),
|
||
}
|
||
cls.user = get_user_model().objects.create_user(
|
||
is_superuser=True, **cls.credentials
|
||
)
|
||
|
||
cls.user_template = {
|
||
"username": "username",
|
||
"first_name": "User",
|
||
"last_name": "Name",
|
||
"email": "user@user.user",
|
||
"is_staff": False,
|
||
"is_read_only": False,
|
||
"password1": "d47o8dD&#hu3ulu3",
|
||
"password2": "d47o8dD&#hu3ulu3",
|
||
}
|
||
|
||
cls.settings_template = {
|
||
"first_name": "User",
|
||
"last_name": "Name",
|
||
"email": "user@user.user",
|
||
"dashboard_refresh_rate": "",
|
||
"language": "en-US",
|
||
"timezone": "UTC",
|
||
"next": "/user/settings/",
|
||
}
|
||
|
||
def test_change_password(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
page = self.c.get("/user/password/")
|
||
self.assertEqual(page.status_code, 200)
|
||
|
||
params = {
|
||
"old_password": "wrong",
|
||
"new_password1": "mynewpassword",
|
||
"new_password2": "notmynewpassword",
|
||
}
|
||
|
||
page = self.c.post("/user/password/", params)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.assertFormError(
|
||
page.context["form"],
|
||
"old_password",
|
||
"Your old password was entered incorrectly. " "Please enter it again.",
|
||
)
|
||
|
||
params["old_password"] = self.credentials["password"]
|
||
page = self.c.post("/user/password/", params)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.assertFormError(
|
||
page.context["form"],
|
||
"new_password2",
|
||
"The two password fields didn’t match.",
|
||
)
|
||
|
||
params["new_password2"] = "mynewpassword"
|
||
page = self.c.post("/user/password/", params)
|
||
self.assertEqual(page.status_code, 200)
|
||
|
||
def test_user_forms(self):
|
||
self.user.is_staff = True
|
||
self.user.save()
|
||
self.c.login(**self.credentials)
|
||
params = self.user_template.copy()
|
||
|
||
page = self.c.post("/users/add/", params)
|
||
self.assertEqual(page.status_code, 302)
|
||
new_user = get_user_model().objects.get(username="username")
|
||
self.assertIsInstance(new_user, get_user_model())
|
||
|
||
params["first_name"] = "Changed"
|
||
page = self.c.post("/users/{}/edit/".format(new_user.id), params)
|
||
self.assertEqual(page.status_code, 302)
|
||
new_user.refresh_from_db()
|
||
self.assertEqual(new_user.first_name, params["first_name"])
|
||
|
||
page = self.c.post("/users/{}/delete/".format(new_user.id))
|
||
self.assertEqual(page.status_code, 302)
|
||
self.assertQuerySetEqual(
|
||
get_user_model().objects.filter(username="username"), []
|
||
)
|
||
|
||
def test_add_regular_user(self):
|
||
self.user.is_staff = True
|
||
self.user.save()
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.user_template.copy()
|
||
|
||
page = self.c.post("/users/add/", params)
|
||
self.assertEqual(page.status_code, 302)
|
||
user = get_user_model().objects.get(username="username")
|
||
self.assertIsInstance(user, get_user_model())
|
||
self.assertTrue(user.is_superuser)
|
||
self.assertFalse(user.is_staff)
|
||
self.assertFalse(
|
||
user.groups.filter(
|
||
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
||
).exists()
|
||
)
|
||
|
||
def test_add_staff_user(self):
|
||
self.user.is_staff = True
|
||
self.user.save()
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.user_template.copy()
|
||
params["is_staff"] = True
|
||
|
||
page = self.c.post("/users/add/", params)
|
||
self.assertEqual(page.status_code, 302)
|
||
user = get_user_model().objects.get(username="username")
|
||
self.assertIsInstance(user, get_user_model())
|
||
self.assertTrue(user.is_superuser)
|
||
self.assertTrue(user.is_staff)
|
||
self.assertFalse(
|
||
user.groups.filter(
|
||
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
||
).exists()
|
||
)
|
||
|
||
def test_add_read_only_user(self):
|
||
self.user.is_staff = True
|
||
self.user.save()
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.user_template.copy()
|
||
params["is_read_only"] = True
|
||
|
||
page = self.c.post("/users/add/", params)
|
||
self.assertEqual(page.status_code, 302)
|
||
user = get_user_model().objects.get(username="username")
|
||
self.assertIsInstance(user, get_user_model())
|
||
self.assertFalse(user.is_superuser)
|
||
self.assertFalse(user.is_staff)
|
||
self.assertTrue(
|
||
user.groups.filter(
|
||
name=settings.BABY_BUDDY["READ_ONLY_GROUP_NAME"]
|
||
).exists()
|
||
)
|
||
|
||
def test_user_settings(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["first_name"] = "New First Name"
|
||
|
||
page = self.c.post("/user/settings/", params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.assertContains(page, "New First Name")
|
||
|
||
def test_user_regenerate_api_key(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
api_key_before = (
|
||
get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
||
)
|
||
|
||
params = self.settings_template.copy()
|
||
params["api_key_regenerate"] = "Regenerate"
|
||
|
||
page = self.c.post("/user/settings/", params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
new_api_key = get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
||
self.assertNotEqual(api_key_before, new_api_key)
|
||
|
||
# API key can also be regenerated on the add-device page
|
||
api_key_before = new_api_key
|
||
params = {"api_key_regenerate": "Regenerate"}
|
||
page = self.c.post("/user/add-device/", params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
new_api_key = get_user_model().objects.get(pk=self.user.id).settings.api_key()
|
||
self.assertNotEqual(api_key_before, new_api_key)
|
||
|
||
def test_invalid_post_to_add_device(self):
|
||
self.c.login(**self.credentials)
|
||
page = self.c.get("/user/add-device/")
|
||
self.assertEqual(page.status_code, 200)
|
||
page = self.c.post("/user/add-device/", params={"garbage": True}, follow=True)
|
||
self.assertEqual(page.status_code, 400)
|
||
|
||
def test_user_settings_invalid(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["email"] = "Not an email address"
|
||
|
||
page = self.c.post("/user/settings/", params)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.assertFormError(
|
||
page.context["user_form"], "email", "Enter a valid email address."
|
||
)
|
||
|
||
def test_user_settings_language(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["language"] = "fr"
|
||
page = self.c.post("/user/settings/", data=params, follow=True)
|
||
self.assertContains(page, "Paramètres utilisateur")
|
||
|
||
def test_user_settings_timezone(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
self.assertEqual(timezone.get_default_timezone_name(), "UTC")
|
||
params = self.settings_template.copy()
|
||
params["timezone"] = "US/Pacific"
|
||
page = self.c.post("/user/settings/", data=params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.assertEqual(timezone.get_current_timezone_name(), params["timezone"])
|
||
|
||
def test_user_settings_dashboard_hide_empty_on(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["dashboard_hide_empty"] = "on"
|
||
|
||
page = self.c.post("/user/settings/", data=params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.user.refresh_from_db()
|
||
self.assertTrue(self.user.settings.dashboard_hide_empty)
|
||
|
||
def test_user_settings_dashboard_refresh_rate(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["dashboard_refresh_rate"] = "0:05:00"
|
||
|
||
page = self.c.post("/user/settings/", data=params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.user.refresh_from_db()
|
||
self.assertEqual(
|
||
self.user.settings.dashboard_refresh_rate, datetime.timedelta(seconds=300)
|
||
)
|
||
|
||
def test_user_settings_dashboard_hide_age(self):
|
||
self.c.login(**self.credentials)
|
||
|
||
params = self.settings_template.copy()
|
||
params["dashboard_hide_age"] = "1 day, 0:00:00"
|
||
|
||
page = self.c.post("/user/settings/", data=params, follow=True)
|
||
self.assertEqual(page.status_code, 200)
|
||
self.user.refresh_from_db()
|
||
self.assertEqual(
|
||
self.user.settings.dashboard_hide_age, datetime.timedelta(days=1)
|
||
)
|
||
|
||
def test_csrf_error_handling(self):
|
||
c = HttpClient(enforce_csrf_checks=True)
|
||
c.login(**self.credentials)
|
||
|
||
# Add a CSRF cookie to the client by making a request with the logout form.
|
||
c.get("/", follow=True)
|
||
|
||
# Send POST request with an invalid Origin.
|
||
headers = {"HTTP_ORIGIN": "https://www.example.com"}
|
||
data = {"csrfmiddlewaretoken": c.cookies["csrftoken"].value}
|
||
response = c.post("/logout/", data=data, follow=True, **headers)
|
||
|
||
# Assert response contains Baby Buddy's custom 403 handler text.
|
||
self.assertContains(response, "How to Fix", status_code=403)
|
||
|
||
response = c.post("/logout/", data=data, follow=True)
|
||
self.assertEqual(response.status_code, 200)
|