215 lines
9.2 KiB
Python
215 lines
9.2 KiB
Python
# -*- coding: utf-8 -*-
|
|
from django.apps import apps
|
|
from django.contrib.auth import get_user_model
|
|
from django.core import mail as django_mail
|
|
from django.shortcuts import resolve_url
|
|
from django.test import TestCase
|
|
from django.utils.translation import ugettext
|
|
from django.urls import reverse
|
|
|
|
from ..forms import LoginForm, SetPasswordForm, CreateAndSendPasswordForm
|
|
|
|
TEST_USERNAME = 'root@localhost'
|
|
TEST_PASSWORD = u'me||ön 21ABll'
|
|
TEST_EMAIL = TEST_USERNAME
|
|
|
|
|
|
class ViewsTestCase(TestCase):
|
|
@classmethod
|
|
def setUpClass(cls):
|
|
super(ViewsTestCase, cls).setUpClass()
|
|
|
|
cls.app_settings = apps.get_containing_app_config(__package__).settings
|
|
|
|
# Some locations
|
|
cls.login_url = reverse('dav_auth:login')
|
|
cls.login_redirect_url = resolve_url(cls.app_settings.login_redirect_url)
|
|
cls.logout_url = reverse('dav_auth:logout')
|
|
cls.logout_redirect_url = resolve_url(cls.app_settings.logout_redirect_url)
|
|
cls.set_password_url = reverse('dav_auth:set_password')
|
|
cls.recreate_password_url = reverse('dav_auth:recreate_password')
|
|
|
|
# Some messages
|
|
cls.wrong_credentials_message = ugettext(u'Benutzername oder Passwort falsch.')
|
|
cls.logout_message = ugettext(u'Benutzer abgemeldet.')
|
|
cls.set_password_message = ugettext(u'Passwort gespeichert.')
|
|
|
|
def setUp(self):
|
|
super(ViewsTestCase, self).setUp()
|
|
# Need a test user
|
|
self.test_username = TEST_USERNAME
|
|
self.test_password = TEST_PASSWORD
|
|
model = get_user_model()
|
|
self.user = model.objects.create_user(username=TEST_USERNAME, password=TEST_PASSWORD, email=TEST_EMAIL)
|
|
|
|
def test_integrated_login_get(self):
|
|
response = self.client.get(self.login_url)
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertTemplateUsed(response, 'dav_auth/forms/login.html')
|
|
self.assertIn('form', response.context)
|
|
self.assertIsInstance(response.context['form'], LoginForm)
|
|
|
|
field = response.context['form'].fields['username']
|
|
self.assertTrue(field.required)
|
|
field = response.context['form'].fields['password']
|
|
self.assertTrue(field.required)
|
|
|
|
def test_integrated_login_inactive_user(self):
|
|
user = self.user
|
|
user.is_active = False
|
|
user.save()
|
|
|
|
response = self.client.post(self.login_url, {'username': self.test_username, 'password': self.test_password})
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertFormError(response, 'form', None, self.wrong_credentials_message)
|
|
self.assertFalse(response.context['user'].is_authenticated, 'User is logged in')
|
|
|
|
def test_integrated_login_fail_with_wrong_credentials(self):
|
|
wrong_password = self.test_password[::-1]
|
|
|
|
response = self.client.post(self.login_url, {'username': self.test_username, 'password': wrong_password})
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertFormError(response, 'form', None, self.wrong_credentials_message)
|
|
self.assertFalse(response.context['user'].is_authenticated, 'User is logged in')
|
|
|
|
def test_integrated_login_succeed(self):
|
|
username = self.user.username
|
|
message = ugettext(u'Benutzer angemeldet: %(username)s') % {'username': username}
|
|
|
|
response = self.client.post(self.login_url, {'username': username, 'password': self.test_password})
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.url, self.login_redirect_url)
|
|
|
|
response = self.client.get(response.url)
|
|
self.assertContains(response, message)
|
|
|
|
self.assertTrue(response.context['user'].is_authenticated, 'Login failed')
|
|
|
|
def test_integrated_logout(self):
|
|
self.client.login(username=self.test_username, password=self.test_password)
|
|
|
|
response = self.client.get(self.logout_url)
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.url, self.logout_redirect_url)
|
|
|
|
response = self.client.get(response.url)
|
|
self.assertContains(response, self.logout_message)
|
|
|
|
self.assertFalse(response.context['user'].is_authenticated, 'Logout failed')
|
|
|
|
def test_integrated_set_password_unauth_get_redirect_to_login(self):
|
|
location = self.set_password_url
|
|
redirect_to = '%s?next=%s' % (self.login_url, location)
|
|
|
|
response = self.client.get(location)
|
|
self.assertRedirects(response, redirect_to)
|
|
|
|
def test_integrated_set_password_unauth_post_redirect_to_login(self):
|
|
location = self.set_password_url
|
|
redirect_to = '%s?next=%s' % (self.login_url, location)
|
|
changed_password = self.test_password[::-1]
|
|
|
|
response = self.client.post(location, {'new_password': changed_password,
|
|
'new_password_repeat': changed_password})
|
|
self.assertRedirects(response, redirect_to)
|
|
|
|
def test_integrated_set_password_get(self):
|
|
location = self.set_password_url
|
|
username = self.test_username
|
|
password = self.test_password
|
|
|
|
self.client.login(username=username, password=password)
|
|
|
|
response = self.client.get(location)
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertTemplateUsed(response, 'dav_auth/forms/set_password.html')
|
|
self.assertIn('form', response.context)
|
|
self.assertIsInstance(response.context['form'], SetPasswordForm)
|
|
|
|
def test_integrated_set_password_post(self):
|
|
location = self.set_password_url
|
|
username = self.test_username
|
|
password = self.test_password
|
|
new_password = password * 8
|
|
|
|
self.client.login(username=username, password=password)
|
|
|
|
response = self.client.post(location, {'new_password': new_password,
|
|
'new_password_repeat': new_password})
|
|
self.assertEqual(response.status_code, 302)
|
|
self.assertEqual(response.url, self.login_redirect_url)
|
|
|
|
self.assertEqual(len(django_mail.outbox), 0)
|
|
|
|
response = self.client.get(response.url)
|
|
self.assertContains(response, self.set_password_message)
|
|
|
|
self.client.logout()
|
|
self.assertFalse(self.client.login(username=username, password=password), 'Old password still valid')
|
|
self.assertTrue(self.client.login(username=username, password=new_password), 'New password not valid')
|
|
|
|
# TODO
|
|
# maybe we should test also:
|
|
# - new password does no match new password repeat
|
|
# - new password is not suitable
|
|
|
|
def test_integrated_set_password_with_mail(self):
|
|
location = self.set_password_url
|
|
username = self.test_username
|
|
password = self.test_password
|
|
new_password = password * 8
|
|
|
|
self.client.login(username=username, password=password)
|
|
|
|
response = self.client.post(location, {'new_password': new_password,
|
|
'new_password_repeat': new_password,
|
|
'send_password_mail': True})
|
|
self.assertEqual(len(django_mail.outbox), 1)
|
|
mail = django_mail.outbox[0]
|
|
recipient = u'"%s" <%s>' % (self.user.get_full_name(), self.user.email)
|
|
recipients = mail.recipients()
|
|
self.assertIn(recipient, recipients)
|
|
self.assertEqual(len(recipients), 1)
|
|
self.assertIn(new_password, mail.body)
|
|
|
|
response = self.client.get(response.url)
|
|
self.assertContains(response, self.set_password_message)
|
|
|
|
self.client.logout()
|
|
self.assertFalse(self.client.login(username=username, password=password), 'Old password still valid')
|
|
self.assertTrue(self.client.login(username=username, password=new_password), 'New password not valid')
|
|
|
|
def test_recreate_password_integrated_unauth_get(self):
|
|
response = self.client.get(self.recreate_password_url)
|
|
self.assertEqual(response.status_code, 200)
|
|
self.assertTemplateUsed(response, 'dav_auth/forms/recreate_password.html')
|
|
self.assertIn('form', response.context)
|
|
self.assertIsInstance(response.context['form'], CreateAndSendPasswordForm)
|
|
|
|
field = response.context['form'].fields['username']
|
|
self.assertTrue(field.required)
|
|
|
|
def test_recreate_password_integrated_auth_get(self):
|
|
self.client.login(username=self.test_username, password=self.test_password)
|
|
response = self.client.get(self.recreate_password_url)
|
|
self.assertRedirects(response, self.set_password_url)
|
|
|
|
def test_recreate_password_integrated_post(self):
|
|
location = self.recreate_password_url
|
|
|
|
response = self.client.post(location, {'username': self.user.username})
|
|
self.assertRedirects(response, self.login_url)
|
|
|
|
self.assertEqual(len(django_mail.outbox), 1)
|
|
mail = django_mail.outbox[0]
|
|
recipient = u'"%s" <%s>' % (self.user.get_full_name(), self.user.email)
|
|
recipients = mail.recipients()
|
|
self.assertIn(recipient, recipients)
|
|
self.assertEqual(len(recipients), 1)
|
|
|
|
response = self.client.get(location)
|
|
self.assertFalse(response.context['user'].is_authenticated, 'User is logged in')
|
|
|
|
self.assertFalse(self.client.login(username=self.test_username, password=self.test_password),
|
|
'Old password still valid')
|