CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Customer accounts & Memberships (#2024)

Browse Source
This commit is contained in:
Raphael Michel
2021-05-04 16:56:06 +02:00
committed by GitHub
parent 62e412bbc0
commit 8e79eb570e
116 changed files with 7975 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/tests/api/conftest.py
View File

@@ -115,6 +115,7 @@ def team(organizer):
can_change_vouchers=True,
can_view_vouchers=True,
can_change_orders=True,
can_manage_customers=True,
can_change_organizer_settings=True
)

130
src/tests/api/test_customers.py Normal file
View File

@@ -0,0 +1,130 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
import pytest
from django_scopes import scopes_disabled
@pytest.fixture
def customer(organizer, event):
return organizer.customers.create(
identifier="8WSAJCJ",
email="foo@example.org",
name_parts={"_legacy": "Foo"},
name_cached="Foo",
is_verified=False,
)
TEST_CUSTOMER_RES = {
"identifier": "8WSAJCJ",
"email": "foo@example.org",
"name": "Foo",
"name_parts": {
"_legacy": "Foo",
},
"is_active": True,
"is_verified": False,
"last_login": None,
"date_joined": "2021-04-06T13:44:22.809216Z",
"locale": "en",
"last_modified": "2021-04-06T13:44:22.809377Z"
}
@pytest.mark.django_db
def test_customer_list(token_client, organizer, customer):
res = dict(TEST_CUSTOMER_RES)
res["date_joined"] = customer.date_joined.isoformat().replace('+00:00', 'Z')
res["last_modified"] = customer.last_modified.isoformat().replace('+00:00', 'Z')
resp = token_client.get('/api/v1/organizers/{}/customers/'.format(organizer.slug))
assert resp.status_code == 200
assert [res] == resp.data['results']
@pytest.mark.django_db
def test_customer_detail(token_client, organizer, customer):
res = dict(TEST_CUSTOMER_RES)
res["date_joined"] = customer.date_joined.isoformat().replace('+00:00', 'Z')
res["last_modified"] = customer.last_modified.isoformat().replace('+00:00', 'Z')
resp = token_client.get('/api/v1/organizers/{}/customers/{}/'.format(organizer.slug, customer.identifier))
assert resp.status_code == 200
assert res == resp.data
@pytest.mark.django_db
def test_customer_create(token_client, organizer):
resp = token_client.post(
'/api/v1/organizers/{}/customers/'.format(organizer.slug),
format='json',
data={
'identifier': 'IGNORED',
'email': 'bar@example.com',
'name_parts': {
"_scheme": "given_family",
'given_name': 'John',
'family_name': 'Doe',
},
'is_active': True,
'is_verified': True,
}
)
assert resp.status_code == 201
with scopes_disabled():
customer = organizer.customers.get(identifier=resp.data['identifier'])
assert customer.identifier != 'IGNORED'
assert customer.email == 'bar@example.com'
assert customer.is_active
assert customer.name == 'John Doe'
assert customer.is_verified
@pytest.mark.django_db
def test_customer_patch(token_client, organizer, customer):
resp = token_client.patch(
'/api/v1/organizers/{}/customers/{}/'.format(organizer.slug, customer.identifier),
format='json',
data={
'email': 'blubb@example.org',
}
)
assert resp.status_code == 200
customer.refresh_from_db()
assert customer.email == 'blubb@example.org'
@pytest.mark.django_db
def test_customer_anonymize(token_client, organizer, customer):
resp = token_client.post(
'/api/v1/organizers/{}/customers/{}/anonymize/'.format(organizer.slug, customer.identifier),
)
assert resp.status_code == 200
customer.refresh_from_db()
assert customer.email is None
@pytest.mark.django_db
def test_customer_delete(token_client, organizer, customer):
resp = token_client.delete(
'/api/v1/organizers/{}/customers/{}/'.format(organizer.slug, customer.identifier),
)
assert resp.status_code == 405

8
src/tests/api/test_items.py
View File

@@ -283,7 +283,13 @@ TEST_ITEM_RES = {
"original_price": None,
"meta_data": {
"day": "Tuesday"
}
},
"require_membership": False,
"require_membership_types": [],
"grant_membership_type": None,
"grant_membership_duration_like_event": True,
"grant_membership_duration_days": 0,
"grant_membership_duration_months": 0,
}

151
src/tests/api/test_membership.py Normal file
View File

@@ -0,0 +1,151 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
from datetime import datetime
import pytest
import pytz
from django_scopes import scopes_disabled
from i18nfield.strings import LazyI18nString
from pretix.base.models import Membership
@pytest.fixture
def membershiptype(organizer):
return organizer.membership_types.create(
name=LazyI18nString({"en": "Week pass"}),
transferable=True,
allow_parallel_usage=False,
max_usages=15,
)
@pytest.fixture
def customer(organizer):
return organizer.customers.create(
identifier="8WSAJCJ",
email="foo@example.org",
name_parts={"_legacy": "Foo"},
name_cached="Foo",
is_verified=False,
)
@pytest.fixture
def membership(organizer, customer, membershiptype):
return customer.memberships.create(
membership_type=membershiptype,
date_start=datetime(2021, 4, 1, 0, 0, 0, 0, tzinfo=pytz.UTC),
date_end=datetime(2021, 4, 8, 23, 59, 59, 999999, tzinfo=pytz.UTC),
attendee_name_parts={
"_scheme": "given_family",
'given_name': 'John',
'family_name': 'Doe',
}
)
TEST_MEMBERSHIP_RES = {
"customer": "8WSAJCJ",
"date_start": "2021-04-01T00:00:00Z",
"date_end": "2021-04-08T23:59:59.999999Z",
"attendee_name_parts": {
"_scheme": "given_family",
'given_name': 'John',
'family_name': 'Doe',
}
}
@pytest.mark.django_db
def test_membership_list(token_client, organizer, membershiptype, membership):
res = dict(TEST_MEMBERSHIP_RES)
res['membership_type'] = membershiptype.pk
res['id'] = membership.pk
resp = token_client.get('/api/v1/organizers/{}/memberships/'.format(organizer.slug))
assert resp.status_code == 200
assert [res] == resp.data['results']
@pytest.mark.django_db
def test_membership_detail(token_client, organizer, membershiptype, membership):
res = dict(TEST_MEMBERSHIP_RES)
res['membership_type'] = membershiptype.pk
res['id'] = membership.pk
resp = token_client.get('/api/v1/organizers/{}/memberships/{}/'.format(organizer.slug, membershiptype.pk))
assert resp.status_code == 200
assert res == resp.data
@pytest.mark.django_db
def test_membership_create(token_client, organizer, membershiptype, customer):
resp = token_client.post(
'/api/v1/organizers/{}/memberships/'.format(organizer.slug),
format='json',
data={
"customer": customer.identifier,
"membership_type": membershiptype.pk,
"date_start": "2021-04-01T00:00:00.000Z",
"date_end": "2021-04-08T23:59:59.999999Z",
}
)
assert resp.status_code == 201
with scopes_disabled():
membership = Membership.objects.get(id=resp.data['id'])
assert membership.customer == customer
assert membership.membership_type == membershiptype
@pytest.mark.django_db
def test_membership_patch(token_client, organizer, customer, membership):
resp = token_client.patch(
'/api/v1/organizers/{}/memberships/{}/'.format(organizer.slug, membership.pk),
format='json',
data={
"date_end": "2021-04-03T23:59:59.999999Z",
}
)
assert resp.status_code == 200
membership.refresh_from_db()
assert membership.date_end.isoformat() == "2021-04-03T23:59:59.999999+00:00"
with scopes_disabled():
other_customer = organizer.customers.create()
resp = token_client.patch(
'/api/v1/organizers/{}/memberships/{}/'.format(organizer.slug, membership.pk),
format='json',
data={
"customer": other_customer.identifier,
}
)
assert resp.status_code == 200
membership.refresh_from_db()
assert membership.customer == customer # change is ignored
@pytest.mark.django_db
def test_membership_delete(token_client, organizer, membership):
resp = token_client.delete(
'/api/v1/organizers/{}/memberships/{}/'.format(organizer.slug, membership.pk),
)
assert resp.status_code == 405

108
src/tests/api/test_membershiptypes.py Normal file
View File

@@ -0,0 +1,108 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
import pytest
from django_scopes import scopes_disabled
from i18nfield.strings import LazyI18nString
@pytest.fixture
def membershiptype(organizer, event):
return organizer.membership_types.create(
name=LazyI18nString({"en": "Week pass"}),
transferable=True,
allow_parallel_usage=False,
max_usages=15,
)
TEST_TYPE_RES = {
"name": {
"en": "Week pass"
},
"transferable": True,
"allow_parallel_usage": False,
"max_usages": 15,
}
@pytest.mark.django_db
def test_membershiptype_list(token_client, organizer, membershiptype):
res = dict(TEST_TYPE_RES)
res["id"] = membershiptype.pk
resp = token_client.get('/api/v1/organizers/{}/membershiptypes/'.format(organizer.slug))
assert resp.status_code == 200
assert [res] == resp.data['results']
@pytest.mark.django_db
def test_membershiptype_detail(token_client, organizer, membershiptype):
res = dict(TEST_TYPE_RES)
res["id"] = membershiptype.pk
resp = token_client.get('/api/v1/organizers/{}/membershiptypes/{}/'.format(organizer.slug, membershiptype.pk))
assert resp.status_code == 200
assert res == resp.data
@pytest.mark.django_db
def test_membershiptype_create(token_client, organizer):
resp = token_client.post(
'/api/v1/organizers/{}/membershiptypes/'.format(organizer.slug),
format='json',
data={
"name": {
"en": "Week pass"
},
"transferable": True,
"allow_parallel_usage": False,
"max_usages": 15,
}
)
assert resp.status_code == 201
with scopes_disabled():
membershiptype = organizer.membership_types.get(id=resp.data['id'])
assert str(membershiptype.name) == "Week pass"
assert membershiptype.transferable
assert not membershiptype.allow_parallel_usage
@pytest.mark.django_db
def test_membershiptype_patch(token_client, organizer, membershiptype):
resp = token_client.patch(
'/api/v1/organizers/{}/membershiptypes/{}/'.format(organizer.slug, membershiptype.pk),
format='json',
data={
'transferable': False,
}
)
assert resp.status_code == 200
membershiptype.refresh_from_db()
assert not membershiptype.transferable
@pytest.mark.django_db
def test_membershiptype_delete(token_client, organizer, membershiptype):
resp = token_client.delete(
'/api/v1/organizers/{}/membershiptypes/{}/'.format(organizer.slug, membershiptype.pk),
)
assert resp.status_code == 204
assert not organizer.membership_types.exists()

6
src/tests/api/test_orders.py
View File

@@ -236,6 +236,7 @@ TEST_ORDER_RES = {
"email": "dummy@dummy.test",
"phone": None,
"locale": "en",
"customer": None,
"datetime": "2017-12-01T10:00:00Z",
"expires": "2017-12-10T10:00:00Z",
"payment_date": "2017-12-01",
@@ -1633,6 +1634,9 @@ def test_order_create(token_client, organizer, event, item, quota, question):
res = copy.deepcopy(ORDER_CREATE_PAYLOAD)
res['positions'][0]['item'] = item.pk
res['positions'][0]['answers'][0]['question'] = question.pk
with scopes_disabled():
customer = organizer.customers.create()
res['customer'] = customer.identifier
resp = token_client.post(
'/api/v1/organizers/{}/events/{}/orders/'.format(
organizer.slug, event.slug
@@ -1641,6 +1645,7 @@ def test_order_create(token_client, organizer, event, item, quota, question):
assert resp.status_code == 201
with scopes_disabled():
o = Order.objects.get(code=resp.data['code'])
assert o.customer == customer
assert o.email == "dummy@dummy.test"
assert o.phone == "+49622112345"
assert o.locale == "en"
@@ -1712,6 +1717,7 @@ def test_order_create_simulate(token_client, organizer, event, item, quota, ques
'testmode': False,
'email': 'dummy@dummy.test',
'phone': '+49622112345',
'customer': None,
'locale': 'en',
'datetime': None,
'payment_date': None,

19
src/tests/api/test_permissions.py
View File

@@ -179,6 +179,25 @@ org_permission_sub_urls = [
('put', 'can_change_organizer_settings', 'webhooks/1/', 404),
('patch', 'can_change_organizer_settings', 'webhooks/1/', 404),
('delete', 'can_change_organizer_settings', 'webhooks/1/', 404),
('get', 'can_manage_customers', 'customers/', 200),
('post', 'can_manage_customers', 'customers/', 201),
('get', 'can_manage_customers', 'customers/1/', 404),
('patch', 'can_manage_customers', 'customers/1/', 404),
('post', 'can_manage_customers', 'customers/1/anonymize/', 404),
('put', 'can_manage_customers', 'customers/1/', 404),
('delete', 'can_manage_customers', 'customers/1/', 404),
('get', 'can_manage_customers', 'memberships/', 200),
('post', 'can_manage_customers', 'memberships/', 400),
('get', 'can_manage_customers', 'memberships/1/', 404),
('patch', 'can_manage_customers', 'memberships/1/', 404),
('put', 'can_manage_customers', 'memberships/1/', 404),
('delete', 'can_manage_customers', 'memberships/1/', 404),
('get', 'can_change_organizer_settings', 'membershiptypes/', 200),
('post', 'can_change_organizer_settings', 'membershiptypes/', 400),
('get', 'can_change_organizer_settings', 'membershiptypes/1/', 404),
('patch', 'can_change_organizer_settings', 'membershiptypes/1/', 404),
('put', 'can_change_organizer_settings', 'membershiptypes/1/', 404),
('delete', 'can_change_organizer_settings', 'membershiptypes/1/', 404),
('get', 'can_manage_gift_cards', 'giftcards/', 200),
('post', 'can_manage_gift_cards', 'giftcards/', 400),
('get', 'can_manage_gift_cards', 'giftcards/1/', 404),

2
src/tests/api/test_teams.py
View File

@@ -39,6 +39,7 @@ def second_team(organizer, event):
TEST_TEAM_RES = {
'id': 1, 'name': 'Test-Team', 'all_events': True, 'limit_events': [], 'can_create_events': True,
'can_change_teams': True, 'can_change_organizer_settings': True, 'can_manage_gift_cards': True,
'can_manage_customers': True,
'can_change_event_settings': True, 'can_change_items': True, 'can_view_orders': True, 'can_change_orders': True,
'can_view_vouchers': True, 'can_change_vouchers': True, 'can_checkin_orders': False
}
@@ -46,6 +47,7 @@ TEST_TEAM_RES = {
SECOND_TEAM_RES = {
'id': 1, 'name': 'User team', 'all_events': False, 'limit_events': ['dummy'],
'can_create_events': False,
'can_manage_customers': False,
'can_change_teams': False, 'can_change_organizer_settings': False, 'can_manage_gift_cards': False,
'can_change_event_settings': False, 'can_change_items': False, 'can_view_orders': False, 'can_change_orders': False,
'can_view_vouchers': False, 'can_change_vouchers': False, 'can_checkin_orders': False

501
src/tests/base/test_memberships.py Normal file
View File

@@ -0,0 +1,501 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
from datetime import datetime, timedelta
from decimal import Decimal
import pytest
import pytz
from django.conf import settings
from django.core.exceptions import ValidationError
from django.utils.timezone import now
from django_scopes import scope
from freezegun import freeze_time
from pretix.base.models import (
CartPosition, Event, Item, Order, OrderPosition, Organizer,
)
from pretix.base.services.memberships import (
membership_validity, validate_memberships_in_order,
)
from pretix.base.services.orders import (
OrderError, _create_order, _perform_order,
)
from pretix.plugins.banktransfer.payment import BankTransfer
TZ = pytz.timezone('Europe/Berlin')
@pytest.fixture(scope='function')
def event():
o = Organizer.objects.create(name='Dummy', slug='dummy')
o.settings.customer_accounts = True
event = Event.objects.create(
organizer=o, name='Dummy', slug='dummy',
date_from=TZ.localize(datetime(2021, 4, 27, 10, 0, 0, 0)),
date_to=TZ.localize(datetime(2021, 4, 28, 10, 0, 0, 0)),
presale_end=TZ.localize(datetime(2221, 4, 28, 10, 0, 0, 0)),
plugins='pretix.plugins.banktransfer'
)
event.settings.timezone = 'Europe/Berlin'
with scope(organizer=o):
yield event
@pytest.fixture
def customer(event):
return event.organizer.customers.create(email="john@example.org")
@pytest.fixture
def membership_type(event):
return event.organizer.membership_types.create(name="Full pass")
@pytest.fixture
def membership(event, membership_type, customer):
return customer.memberships.create(
membership_type=membership_type,
date_start=TZ.localize(datetime(2021, 4, 1, 0, 0, 0, 0)),
date_end=TZ.localize(datetime(2021, 4, 30, 23, 59, 59, 999999)),
)
@pytest.fixture
def granting_ticket(event, membership_type):
return Item.objects.create(
event=event, name='Full pass',
default_price=Decimal('23.00'),
admission=True,
grant_membership_type=membership_type,
)
@pytest.fixture
def requiring_ticket(event, membership_type):
i = Item.objects.create(
event=event, name='Day ticket',
default_price=Decimal('23.00'),
admission=True,
require_membership=True,
)
i.require_membership_types.add(membership_type)
return i
@pytest.fixture
def subevent(event):
event.has_subevents = True
return event.subevents.create(
name='Foo',
date_from=TZ.localize(datetime(2021, 4, 29, 10, 0, 0, 0)),
)
@pytest.mark.django_db
def test_validity_membership_duration_like_event(event, granting_ticket, membership_type):
granting_ticket.grant_membership_duration_like_event = True
assert membership_validity(granting_ticket, None, event) == (
TZ.localize(datetime(2021, 4, 27, 10, 0, 0, 0)),
TZ.localize(datetime(2021, 4, 28, 10, 0, 0, 0)),
)
@pytest.mark.django_db
def test_validity_membership_duration_like_subevent_without_end(event, granting_ticket, subevent, membership_type):
granting_ticket.grant_membership_duration_like_event = True
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 4, 29, 10, 0, 0, 0)),
TZ.localize(datetime(2021, 4, 29, 23, 59, 59, 999999)),
)
@pytest.mark.django_db
def test_validity_membership_duration_days(event, granting_ticket, membership_type):
granting_ticket.grant_membership_duration_like_event = False
granting_ticket.grant_membership_duration_days = 3
with freeze_time("2021-04-10T11:00:00+02:00"):
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 4, 10, 0, 0, 0, 0)),
TZ.localize(datetime(2021, 4, 12, 23, 59, 59, 999999)),
)
@pytest.mark.django_db
def test_validity_membership_duration_months(event, granting_ticket, membership_type):
granting_ticket.grant_membership_duration_like_event = False
granting_ticket.grant_membership_duration_months = 1
with freeze_time("2021-02-01T11:00:00+01:00"):
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 2, 1, 0, 0, 0, 0)),
TZ.localize(datetime(2021, 2, 28, 23, 59, 59, 999999)),
)
with freeze_time("2021-02-28T11:00:00+01:00"):
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 2, 28, 0, 0, 0, 0)),
TZ.localize(datetime(2021, 3, 27, 23, 59, 59, 999999)),
)
@pytest.mark.django_db
def test_validity_membership_duration_months_plus_days(event, granting_ticket, membership_type):
granting_ticket.grant_membership_duration_like_event = False
granting_ticket.grant_membership_duration_months = 1
granting_ticket.grant_membership_duration_days = 2
with freeze_time("2021-02-01T11:00:00+01:00"):
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 2, 1, 0, 0, 0, 0)),
TZ.localize(datetime(2021, 3, 2, 23, 59, 59, 999999)),
)
with freeze_time("2021-02-28T11:00:00+01:00"):
assert membership_validity(granting_ticket, subevent, event) == (
TZ.localize(datetime(2021, 2, 28, 0, 0, 0, 0)),
TZ.localize(datetime(2021, 3, 29, 23, 59, 59, 999999)),
)
@pytest.mark.django_db
def test_validate_membership_not_required(event, customer, membership, granting_ticket, membership_type):
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=granting_ticket,
used_membership=membership,
)
],
event,
lock=False,
ignored_order=None
)
assert "does not require" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_required(event, customer, membership, requiring_ticket, membership_type):
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
)
],
event,
lock=False,
ignored_order=None
)
assert "requires an active" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_ensure_locking(event, customer, membership, requiring_ticket, membership_type, django_assert_num_queries):
with django_assert_num_queries(4) as captured:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership,
)
],
event,
lock=True,
ignored_order=None
)
if 'sqlite' not in settings.DATABASES['default']['ENGINE']:
assert any('FOR UPDATE' in s['sql'] for s in captured)
@pytest.mark.django_db
def test_validate_membership_wrong_customer(event, customer, membership, requiring_ticket, membership_type):
customer2 = event.organizer.customers.create(email="doe@example.org")
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer2,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
)
],
event,
lock=False,
ignored_order=None
)
assert "different customer" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_wrong_date(event, customer, membership, requiring_ticket, membership_type):
membership.date_start -= timedelta(days=100)
membership.date_end -= timedelta(days=100)
membership.save()
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
)
],
event,
lock=False,
ignored_order=None
)
assert "taking place at" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_wrong_type(event, customer, membership, requiring_ticket, membership_type):
requiring_ticket.require_membership_types.clear()
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
)
],
event,
lock=False,
ignored_order=None
)
assert "not allowed for the product" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_max_usages(event, customer, membership, requiring_ticket, membership_type):
membership_type.max_usages = 1
membership_type.allow_parallel_usage = True
membership_type.save()
o1 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
email='admin@localhost',
datetime=now() - timedelta(days=3),
expires=now() + timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o1,
item=requiring_ticket,
used_membership=membership,
variation=None,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
)
],
event,
lock=False,
ignored_order=None
)
assert "more than 1 time" in str(excinfo.value)
membership_type.max_usages = 2
membership_type.save()
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
)
],
event,
lock=False,
ignored_order=None
)
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership
),
CartPosition(
item=requiring_ticket,
used_membership=membership
),
],
event,
lock=False,
ignored_order=None
)
assert "more than 2 times" in str(excinfo.value)
@pytest.mark.django_db
def test_validate_membership_parallel(event, customer, membership, subevent, requiring_ticket, membership_type):
se2 = event.subevents.create(
name='Foo',
date_from=TZ.localize(datetime(2021, 4, 28, 10, 0, 0, 0)),
)
membership_type.allow_parallel_usage = False
membership_type.save()
o1 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
email='admin@localhost',
datetime=now() - timedelta(days=3),
expires=now() + timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o1,
item=requiring_ticket,
used_membership=membership,
variation=None,
subevent=subevent,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership,
subevent=subevent
)
],
event,
lock=False,
ignored_order=None
)
assert "different ticket at the same time" in str(excinfo.value)
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership,
subevent=se2
)
],
event,
lock=False,
ignored_order=None
)
with pytest.raises(ValidationError) as excinfo:
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership,
subevent=se2
),
CartPosition(
item=requiring_ticket,
used_membership=membership,
subevent=se2
)
],
event,
lock=False,
ignored_order=None
)
assert "different ticket at the same time" in str(excinfo.value)
membership_type.allow_parallel_usage = True
membership_type.save()
validate_memberships_in_order(
customer,
[
CartPosition(
item=requiring_ticket,
used_membership=membership,
subevent=subevent
)
],
event,
lock=False,
ignored_order=None
)
@pytest.mark.django_db
def test_use_membership(event, customer, membership, requiring_ticket):
cp1 = CartPosition.objects.create(
item=requiring_ticket, price=23, expires=now() + timedelta(days=1), event=event, cart_id="123",
used_membership=membership
)
order = _create_order(event, email='dummy@example.org', positions=[cp1],
now_dt=now(), payment_provider=BankTransfer(event),
locale='de', customer=customer)[0]
assert order.positions.first().used_membership == membership
@pytest.mark.django_db
def test_use_membership_invalid(event, customer, membership, requiring_ticket):
membership.date_start -= timedelta(days=100)
membership.date_end -= timedelta(days=100)
membership.save()
cp1 = CartPosition.objects.create(
item=requiring_ticket, price=23, expires=now() + timedelta(days=1), event=event, cart_id="123",
used_membership=membership
)
with pytest.raises(OrderError) as excinfo:
_perform_order(event, email='dummy@example.org', position_ids=[cp1.pk],
payment_provider='banktransfer', address=None,
locale='de', customer=customer.pk)[0]
assert 'membership' in str(excinfo.value)
@pytest.mark.django_db
def test_grant_when_paid_and_changed(event, customer, granting_ticket):
cp1 = CartPosition.objects.create(
item=granting_ticket, price=0, expires=now() + timedelta(days=1), event=event, cart_id="123",
)
q = event.quotas.create(size=None, name="foo")
q.items.add(granting_ticket)
order = _create_order(event, email='dummy@example.org', positions=[cp1],
now_dt=now(), payment_provider=BankTransfer(event),
locale='de', customer=customer)[0]
assert not customer.memberships.exists()
order.payments.first().confirm()
m = customer.memberships.get()
assert m.granted_in == order.positions.first()
assert m.membership_type == granting_ticket.grant_membership_type
assert m.date_start == TZ.localize(datetime(2021, 4, 27, 10, 0, 0, 0))
assert m.date_end == TZ.localize(datetime(2021, 4, 28, 10, 0, 0, 0))

117
src/tests/base/test_orders.py
View File

@@ -826,6 +826,14 @@ class OrderChangeManagerTests(TestCase):
self.quota.items.add(self.ticket2)
self.quota.items.add(self.shirt)
self.mtype = self.o.membership_types.create(name="Week pass")
self.vip = Item.objects.create(event=self.event, name='VIP', tax_rule=self.tr7,
default_price=Decimal('23.00'), admission=True,
require_membership=True)
self.vip.require_membership_types.add(self.mtype)
self.quota.items.add(self.vip)
self.stalls = Item.objects.create(event=self.event, name='Stalls', tax_rule=self.tr7,
default_price=Decimal('23.00'), admission=True)
self.stalls = Item.objects.create(event=self.event, name='Stalls', tax_rule=self.tr7,
default_price=Decimal('23.00'), admission=True)
self.plan = SeatingPlan.objects.create(
@@ -2558,6 +2566,115 @@ class OrderChangeManagerTests(TestCase):
assert nop.tax_rate == Decimal('19.00')
assert nop.tax_value == Decimal('3.67')
@classscope(attr='o')
def test_add_with_membership_required(self):
with self.assertRaises(OrderError):
self.ocm.add_position(self.vip, None, price=Decimal('13.00'))
self.ocm.commit()
@classscope(attr='o')
def test_add_with_membership_forbidden(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
m = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
with self.assertRaises(OrderError):
self.ocm.add_position(self.ticket, None, price=Decimal('13.00'), membership=m)
self.ocm.commit()
@classscope(attr='o')
def test_add_with_membership(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
m = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.ocm.add_position(self.vip, None, price=Decimal('13.00'), membership=m)
self.ocm.commit()
assert self.order.positions.last().used_membership == m
@classscope(attr='o')
def test_change_membership(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
m = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
m2 = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.op1.item = self.vip
self.op1.used_membership = m
self.op1.save()
self.ocm.change_membership(self.op1, membership=m2)
self.ocm.commit()
self.op1.refresh_from_db()
assert self.op1.used_membership == m2
@classscope(attr='o')
def test_change_to_invalid_membership(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
m = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
m2 = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=5),
date_end=self.event.date_from - timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.op1.item = self.vip
self.op1.used_membership = m
self.op1.save()
self.ocm.change_membership(self.op1, membership=m2)
with self.assertRaises(OrderError):
self.ocm.commit()
@classscope(attr='o')
def test_change_item_to_required_membership(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
self.ocm.change_item(self.op1, self.vip, None)
with self.assertRaises(OrderError):
self.ocm.commit()
@classscope(attr='o')
def test_change_membership_to_none(self):
self.order.customer = self.o.customers.create(email="foo@bar.com")
m = self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.order.customer.memberships.create(
membership_type=self.mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.op1.item = self.vip
self.op1.used_membership = m
self.op1.save()
self.ocm.change_item(self.op1, self.ticket, None)
self.ocm.change_membership(self.op1, membership=None)
self.ocm.commit()
self.op1.refresh_from_db()
assert self.op1.used_membership is None
assert self.op1.item == self.ticket
@pytest.mark.django_db
def test_autocheckin(clist_autocheckin, event):

235
src/tests/control/test_customer.py Normal file
View File

@@ -0,0 +1,235 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
from datetime import timedelta
from decimal import Decimal
import pytest
from bs4 import BeautifulSoup
from django.utils.timezone import now
from django_scopes import scopes_disabled
from tests.base import extract_form_fields
from pretix.base.models import (
Item, Order, OrderPosition, Organizer, Team, User,
)
@pytest.fixture
def organizer():
return Organizer.objects.create(name='Dummy', slug='dummy')
@pytest.fixture
def customer(organizer):
return organizer.customers.create(email="john@example.org")
@pytest.fixture
def membership_type(organizer):
return organizer.membership_types.create(name="Week pass")
@pytest.fixture
def event(organizer):
return organizer.events.create(
name='Conference', slug='conf',
date_from=now() + timedelta(days=10),
live=True, is_public=False
)
@pytest.fixture
def order(event, customer):
ticket = Item.objects.create(event=event, name='Early-bird ticket', default_price=23, admission=True)
o1 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
customer=customer,
email='admin@localhost',
datetime=now() - timedelta(days=3),
expires=now() + timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o1,
item=ticket,
variation=None,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
return o1
@pytest.fixture
def admin_user(organizer):
u = User.objects.create_user('dummy@dummy.dummy', 'dummy')
admin_team = Team.objects.create(
organizer=organizer, can_manage_customers=True, can_change_organizer_settings=True,
name='Admin team'
)
admin_team.members.add(u)
return u
@pytest.mark.django_db
def test_list_of_customers(organizer, admin_user, client, customer):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.get('/control/organizer/dummy/customers')
assert customer.identifier in resp.content.decode()
resp = client.get('/control/organizer/dummy/customers?query=john@example.org')
assert customer.identifier in resp.content.decode()
resp = client.get('/control/organizer/dummy/customers?query=1234_FOO')
assert customer.identifier not in resp.content.decode()
@pytest.mark.django_db
def test_customer_detail_view(organizer, admin_user, customer, client, order):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.get('/control/organizer/dummy/customer/{}/'.format(customer.identifier))
c = resp.content.decode()
assert customer.email in c
assert order.code in c
@pytest.mark.django_db
def test_customer_update(organizer, admin_user, customer, client):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.get('/control/organizer/dummy/customer/{}/edit'.format(customer.identifier))
doc = BeautifulSoup(resp.content, "lxml")
d = extract_form_fields(doc)
d['name_parts_0'] = 'John Doe'
d['is_verified'] = 'on'
resp = client.post('/control/organizer/dummy/customer/{}/edit'.format(customer.identifier), d)
assert resp.status_code == 302
customer.refresh_from_db()
assert customer.name == 'John Doe'
assert customer.is_verified
@pytest.mark.django_db
def test_customer_anonymize(organizer, admin_user, customer, client, order):
customer.is_active = True
customer.name_parts = {'_legacy': 'Foo'}
customer.save()
client.login(email='dummy@dummy.dummy', password='dummy')
client.post('/control/organizer/dummy/customer/{}/anonymize'.format(customer.identifier))
customer.refresh_from_db()
order.refresh_from_db()
assert not customer.name_parts
assert not customer.name_cached
assert not customer.email
assert not customer.is_active
assert not customer.is_verified
assert not order.customer
@pytest.mark.django_db
def test_list_of_membership_types(organizer, admin_user, client, customer, membership_type):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.get('/control/organizer/dummy/membershiptypes'.format(customer.identifier))
c = resp.content.decode()
assert 'Week pass' in c
@pytest.mark.django_db
def test_update_membership_type(organizer, admin_user, customer, client, membership_type):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.get('/control/organizer/dummy/membershiptype/{}/edit'.format(membership_type.pk))
doc = BeautifulSoup(resp.content, "lxml")
d = extract_form_fields(doc)
d['transferable'] = 'on'
resp = client.post('/control/organizer/dummy/membershiptype/{}/edit'.format(membership_type.pk), d)
assert resp.status_code == 302
membership_type.refresh_from_db()
assert membership_type.transferable
@pytest.mark.django_db
def test_add_membership_type(organizer, admin_user, customer, client):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.post('/control/organizer/dummy/membershiptype/add', {
'name_0': 'Year pass',
'max_usages': '3'
})
assert resp.status_code == 302
with scopes_disabled():
mt = organizer.membership_types.get()
assert str(mt.name) == 'Year pass'
assert mt.max_usages == 3
@pytest.mark.django_db
def test_delete_membership_type(organizer, admin_user, customer, client, membership_type):
client.login(email='dummy@dummy.dummy', password='dummy')
resp = client.post('/control/organizer/dummy/membershiptype/{}/delete'.format(membership_type.pk))
assert resp.status_code == 302
with scopes_disabled():
assert not organizer.membership_types.exists()
@pytest.mark.django_db
def test_delete_membership_type_forbidden(organizer, admin_user, customer, client, membership_type):
client.login(email='dummy@dummy.dummy', password='dummy')
with scopes_disabled():
customer.memberships.create(customer=customer, date_start=now(), date_end=now(), membership_type=membership_type)
resp = client.post('/control/organizer/dummy/membershiptype/{}/delete'.format(membership_type.pk))
assert resp.status_code == 302
with scopes_disabled():
assert organizer.membership_types.exists()
@pytest.mark.django_db
def test_customer_add_and_change_membership(organizer, admin_user, customer, client, membership_type):
client.login(email='dummy@dummy.dummy', password='dummy')
r = client.post('/control/organizer/dummy/customer/{}/membership/add'.format(customer.identifier), {
'membership_type': membership_type.pk,
'date_start_0': '2021-01-01',
'date_start_1': '00:00:00',
'date_end_0': '2021-01-08',
'date_end_1': '23:59:59',
'attendee_name_parts_0': 'John Doe',
})
assert r.status_code == 302
customer.refresh_from_db()
with scopes_disabled():
m = customer.memberships.get()
assert m.membership_type == membership_type
assert m.date_start.isoformat().startswith('2021-01-01')
assert m.date_end.isoformat().startswith('2021-01-08')
assert m.attendee_name == 'John Doe'
r = client.post('/control/organizer/dummy/customer/{}/membership/{}/edit'.format(customer.identifier, m.pk), {
'membership_type': membership_type.pk,
'date_start_0': '2021-01-02',
'date_start_1': '00:00:00',
'date_end_0': '2021-01-09',
'date_end_1': '23:59:59',
'attendee_name_parts_0': 'Maria Doe',
})
assert r.status_code == 302
customer.refresh_from_db()
with scopes_disabled():
m = customer.memberships.get()
assert m.membership_type == membership_type
assert m.date_start.isoformat().startswith('2021-01-02')
assert m.date_end.isoformat().startswith('2021-01-09')
assert m.attendee_name == 'Maria Doe'

51
src/tests/control/test_orders.py
View File

@@ -65,7 +65,7 @@ def env():
)
event.settings.set('ticketoutput_testdummy__enabled', True)
user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
t = Team.objects.create(organizer=o, can_view_orders=True, can_change_orders=True)
t = Team.objects.create(organizer=o, can_view_orders=True, can_change_orders=True, can_manage_customers=True)
t.members.add(user)
t.limit_events.add(event)
o = Order.objects.create(
@@ -208,6 +208,22 @@ def test_order_set_contact(client, env):
assert o.email == 'admin@rami.io'
@pytest.mark.django_db
def test_order_set_customer(client, env):
with scopes_disabled():
org = env[0].organizer
c = org.customers.create(email='foo@example.org')
org.settings.customer_accounts = True
client.login(email='dummy@dummy.dummy', password='dummy')
client.post('/control/event/dummy/dummy/orders/FOO/contact', {
'email': 'admin@rami.io',
'customer': c.pk
}, follow=True)
env[2].refresh_from_db()
assert env[2].email == 'admin@rami.io'
assert env[2].customer == c
@pytest.mark.django_db
def test_order_set_locale(client, env):
with scopes_disabled():
@@ -1332,6 +1348,39 @@ class OrderChangeTests(SoupTest):
assert self.op1.subevent == se2
assert self.op2.subevent == se1
def test_change_membership_success(self):
self.event.organizer.settings.customer_accounts = True
with scopes_disabled():
mtype = self.event.organizer.membership_types.create(name='Week pass', transferable=True, allow_parallel_usage=True)
self.ticket.require_membership = True
self.ticket.require_membership_types.add(mtype)
self.ticket.admission = True
self.ticket.save()
customer = self.event.organizer.customers.create(email='john@example.org', is_verified=True)
self.order.customer = customer
self.order.save()
m_correct1 = customer.memberships.create(
membership_type=mtype,
date_start=self.event.date_from - timedelta(days=1),
date_end=self.event.date_from + timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
r = self.client.post('/control/event/{}/{}/orders/{}/change'.format(
self.event.organizer.slug, self.event.slug, self.order.code
), {
'add-TOTAL_FORMS': '0',
'add-INITIAL_FORMS': '0',
'add-MIN_NUM_FORMS': '0',
'add-MAX_NUM_FORMS': '100',
'op-{}-used_membership'.format(self.op1.pk): str(m_correct1.pk),
'op-{}-used_membership'.format(self.op2.pk): str(m_correct1.pk),
'op-{}-used_membership'.format(self.op3.pk): str(m_correct1.pk),
}, follow=True)
print(r.content)
self.op1.refresh_from_db()
self.order.refresh_from_db()
assert self.op1.used_membership == m_correct1
def test_change_price_success(self):
self.client.post('/control/event/{}/{}/orders/{}/change'.format(
self.event.organizer.slug, self.event.slug, self.order.code

12
src/tests/control/test_permissions.py
View File

@@ -191,6 +191,8 @@ organizer_urls = [
'organizer/abc/webhook/add',
'organizer/abc/webhook/1/edit',
'organizer/abc/webhook/1/logs',
'organizer/abc/customers',
'organizer/abc/customer/1/',
'organizer/abc/giftcards',
'organizer/abc/giftcard/add',
'organizer/abc/giftcard/1/',
@@ -471,6 +473,16 @@ organizer_permission_urls = [
("can_change_organizer_settings", "organizer/dummy/property/add", 200),
("can_change_organizer_settings", "organizer/dummy/property/1/edit", 404),
("can_change_organizer_settings", "organizer/dummy/property/1/delete", 404),
("can_change_organizer_settings", "organizer/dummy/membershiptypes", 200),
("can_change_organizer_settings", "organizer/dummy/membershiptype/add", 200),
("can_change_organizer_settings", "organizer/dummy/membershiptype/1/edit", 404),
("can_change_organizer_settings", "organizer/dummy/membershiptype/1/delete", 404),
("can_manage_customers", "organizer/dummy/customers", 200),
("can_manage_customers", "organizer/dummy/customer/ABC/edit", 404),
("can_manage_customers", "organizer/dummy/customer/ABC/anonymize", 404),
("can_manage_customers", "organizer/dummy/customer/ABC/membership/add", 404),
("can_manage_customers", "organizer/dummy/customer/ABC/membership/1/edit", 404),
("can_manage_customers", "organizer/dummy/customer/ABC/", 404),
("can_manage_gift_cards", "organizer/dummy/giftcards", 200),
("can_manage_gift_cards", "organizer/dummy/giftcard/add", 200),
("can_manage_gift_cards", "organizer/dummy/giftcard/1/", 404),

250
src/tests/presale/test_checkout.py
View File

@@ -3690,3 +3690,253 @@ class CheckoutVoucherBudgetTest(BaseCheckoutTestCase, TestCase):
'web')
self.cp2.refresh_from_db()
assert self.cp2.price == Decimal('23.00')
class CustomerCheckoutTestCase(BaseCheckoutTestCase, TestCase):
@scopes_disabled()
def setUp(self):
super().setUp()
self.orga.settings.customer_accounts = True
self.event.settings.set('payment_stripe__enabled', True)
self.event.settings.set('payment_banktransfer__enabled', True)
with scopes_disabled():
CartPosition.objects.create(
event=self.event, cart_id=self.session_key, item=self.ticket,
price=23, expires=now() + timedelta(minutes=10)
)
self.customer = self.orga.customers.create(email='john@example.org', is_verified=True)
self.customer.set_password('foo')
self.customer.save()
def _finish(self):
self._set_session('payment', 'banktransfer')
self.client.post('/%s/%s/checkout/confirm/' % (self.orga.slug, self.event.slug), follow=True)
with scopes_disabled():
return Order.objects.last()
def test_guest(self):
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'guest'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.email == 'admin@localhost'
assert not order.customer
def test_guest_even_if_logged_in(self):
self.client.post('/%s/account/login' % self.orga.slug, {
'email': 'john@example.org',
'password': 'foo',
})
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
assert 'john@example.org' in response.content.decode()
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'guest'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.email == 'admin@localhost'
assert not order.customer
def test_login_already_logged_in_and_forced_email(self):
self.client.post('/%s/account/login' % self.orga.slug, {
'email': 'john@example.org',
'password': 'foo',
})
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
assert 'john@example.org' in response.content.decode()
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'login'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug), {
'email': 'will-be-ignored'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/payment/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.email == 'john@example.org'
assert order.customer == self.customer
def test_login_valid(self):
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'login',
'login-email': 'john@example.org',
'login-password': 'foo',
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.customer == self.customer
def test_login_invalid(self):
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'login',
'login-email': 'john@example.org',
'login-password': 'bar',
}, follow=False)
assert response.status_code == 200
assert b'alert-danger' in response.content
def test_register_valid(self):
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'register',
'register-email': 'foo@example.com',
'register-name_parts_0': 'John Doe',
}, follow=False)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
assert len(djmail.outbox) == 1
# After a valid registration form, we apply a kind of soft login. Since the email address hasn't yet been
# verified, we do not do a proper login, since that would cause security problems. However, if the customer
# goes back to this step manually, they can re-use the account.
response = self.client.get('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug))
assert response.content.decode().count('foo@example.com') == 1
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'login',
}, follow=False)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug), {
'email': 'will-be-ignored'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/payment/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.customer != self.customer
assert order.customer.email == 'foo@example.com'
assert order.email == 'foo@example.com'
assert not order.customer.is_verified
def test_register_invalid(self):
response = self.client.get('/%s/%s/checkout/start' % (self.orga.slug, self.event.slug), follow=True)
self.assertRedirects(response, '/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug),
target_status_code=200)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'register',
'register-email': 'john@example.org',
'register-name_parts_0': 'John Doe',
}, follow=False)
assert response.status_code == 200
assert b'has-error' in response.content
def test_guest_not_allowed_if_granting_membership(self):
self.ticket.grant_membership_type = self.orga.membership_types.create(
name='Week pass'
)
self.ticket.save()
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'guest'
}, follow=False)
assert response.status_code == 200
def test_guest_not_allowed_if_requiring_membership(self):
self.ticket.require_membership = True
self.ticket.save()
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'guest'
}, follow=False)
assert response.status_code == 200
def test_select_membership(self):
mtype = self.orga.membership_types.create(name='Week pass', transferable=False)
mtype2 = self.orga.membership_types.create(name='Invalid pass')
self.ticket.require_membership = True
self.ticket.require_membership_types.add(mtype)
self.ticket.admission = True
self.ticket.save()
self.event.settings.attendee_names_asked = True
with scopes_disabled():
cp = CartPosition.objects.get()
m_correct1 = self.customer.memberships.create(
membership_type=mtype,
date_start=self.event.date_from - datetime.timedelta(days=1),
date_end=self.event.date_from + datetime.timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
)
self.customer.memberships.create(
membership_type=mtype,
date_start=self.event.date_from - datetime.timedelta(days=1),
date_end=self.event.date_from + datetime.timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'Mark Fisher'},
)
self.customer.memberships.create(
membership_type=mtype,
date_start=self.event.date_from - datetime.timedelta(days=5),
date_end=self.event.date_from - datetime.timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'Sue Fisher'},
)
self.customer.memberships.create(
membership_type=mtype2,
date_start=self.event.date_from - datetime.timedelta(days=5),
date_end=self.event.date_from + datetime.timedelta(days=1),
attendee_name_parts={'_scheme': 'full', 'full_name': 'Mike Miller'},
)
response = self.client.post('/%s/%s/checkout/customer/' % (self.orga.slug, self.event.slug), {
'customer_mode': 'login',
'login-email': 'john@example.org',
'login-password': 'foo',
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/membership/' % (self.orga.slug, self.event.slug),
target_status_code=200)
assert b'John Doe' in response.content
assert b'Mark Fisher' in response.content
assert b'Sue Fisher' not in response.content
assert b'Mike Miller' not in response.content
response = self.client.post('/%s/%s/checkout/membership/' % (self.orga.slug, self.event.slug), {
f'membership-{cp.pk}-membership': m_correct1.pk,
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug),
target_status_code=200)
assert b'John Doe' in response.content
assert b'Mark Fisher' not in response.content
response = self.client.post('/%s/%s/checkout/questions/' % (self.orga.slug, self.event.slug), {
'email': 'will-be-ignored',
f'{cp.pk}-attendee_name_parts_0': 'will-be-ignored'
}, follow=True)
self.assertRedirects(response, '/%s/%s/checkout/payment/' % (self.orga.slug, self.event.slug),
target_status_code=200)
order = self._finish()
assert order.customer == self.customer
assert order.customer.email == order.email
with scopes_disabled():
assert order.positions.first().used_membership == m_correct1
assert order.positions.first().attendee_name == 'John Doe'

14
src/tests/presale/test_checkoutflow.py
View File

@@ -100,10 +100,12 @@ def test_plugin_in_order(event, mocker):
flow = with_mocked_step(mocker, MockingStep, event)
assert isinstance(flow[0], checkoutflow.AddOnsStep)
assert isinstance(flow[1], checkoutflow.QuestionsStep)
assert isinstance(flow[2], MockingStep)
assert isinstance(flow[3], checkoutflow.PaymentStep)
assert isinstance(flow[4], checkoutflow.ConfirmStep)
assert isinstance(flow[1], checkoutflow.CustomerStep)
assert isinstance(flow[2], checkoutflow.MembershipStep)
assert isinstance(flow[3], checkoutflow.QuestionsStep)
assert isinstance(flow[4], MockingStep)
assert isinstance(flow[5], checkoutflow.PaymentStep)
assert isinstance(flow[6], checkoutflow.ConfirmStep)
@pytest.mark.django_db
@@ -117,9 +119,9 @@ def test_step_ignored(event, mocker, req_with_session):
flow = with_mocked_step(mocker, MockingStep, event)
req_with_session.event = event
assert flow[1].get_next_applicable(req_with_session) is flow[4]
assert flow[3].get_next_applicable(req_with_session) is flow[6]
# flow[3] is also skipped because no payment is required if there is no cart
assert flow[1] is flow[4].get_prev_applicable(req_with_session)
assert flow[3] is flow[6].get_prev_applicable(req_with_session)
@pytest.mark.django_db

405
src/tests/presale/test_customer.py Normal file
View File

@@ -0,0 +1,405 @@
#
# This file is part of pretix (Community Edition).
#
# Copyright (C) 2014-2020 Raphael Michel and contributors
# Copyright (C) 2020-2021 rami.io GmbH and contributors
#
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation in version 3 of the License.
#
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
# this file, see <https://pretix.eu/about/en/license>.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>.
#
import datetime
from datetime import timedelta
from decimal import Decimal
import pytest
from django.core import mail as djmail
from django.core.signing import dumps
from django.utils.timezone import now
from django_scopes import scopes_disabled
from pretix.base.models import Event, Item, Order, OrderPosition, Organizer
from pretix.presale.forms.customer import TokenGenerator
@pytest.fixture
def env():
o = Organizer.objects.create(name='Big Events LLC', slug='bigevents')
o.settings.customer_accounts = True
event = Event.objects.create(
organizer=o, name='Conference', slug='conf',
date_from=now() + timedelta(days=10),
live=True, is_public=False
)
return o, event
@pytest.mark.django_db
def test_disabled(env, client):
env[0].settings.customer_accounts = False
r = client.get('/bigevents/account/register')
assert r.status_code == 404
r = client.get('/bigevents/account/login')
assert r.status_code == 404
r = client.get('/bigevents/account/pwreset')
assert r.status_code == 404
r = client.get('/bigevents/account/pwrecover')
assert r.status_code == 404
r = client.get('/bigevents/account/activate')
assert r.status_code == 404
r = client.get('/bigevents/account/change')
assert r.status_code == 404
r = client.get('/bigevents/account/confirmchange')
assert r.status_code == 404
r = client.get('/bigevents/account/')
assert r.status_code == 404
@pytest.mark.django_db
def test_org_register(env, client):
r = client.post('/bigevents/account/register', {
'email': 'john@example.org',
'name_parts_0': 'John Doe',
})
assert r.status_code == 302
assert len(djmail.outbox) == 1
with scopes_disabled():
customer = env[0].customers.get(email='john@example.org')
assert not customer.is_verified
assert customer.is_active
r = client.post(
f'/bigevents/account/activate?id={customer.identifier}&token={TokenGenerator().make_token(customer)}', {
'password': 'PANioMR62',
'password_repeat': 'PANioMR62',
})
assert r.status_code == 302
customer.refresh_from_db()
assert customer.check_password('PANioMR62')
assert customer.is_verified
@pytest.mark.django_db
def test_org_register_duplicate_email(env, client):
with scopes_disabled():
env[0].customers.create(email='john@example.org')
r = client.post('/bigevents/account/register', {
'email': 'john@example.org',
'name_parts_0': 'John Doe',
})
assert b'already registered' in r.content
assert r.status_code == 200
@pytest.mark.django_db
def test_org_resetpw(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=False)
r = client.post('/bigevents/account/pwreset', {
'email': 'john@example.org',
})
assert r.status_code == 302
assert len(djmail.outbox) == 1
r = client.post(
f'/bigevents/account/pwrecover?id={customer.identifier}&token={TokenGenerator().make_token(customer)}', {
'password': 'PANioMR62',
'password_repeat': 'PANioMR62',
})
assert r.status_code == 302
customer.refresh_from_db()
assert customer.check_password('PANioMR62')
assert customer.is_verified
@pytest.mark.django_db
def test_org_activate_invalid_token(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=False)
r = client.get(
f'/bigevents/account/activate?id={customer.identifier}&token=.invalid.{TokenGenerator().make_token(customer)}')
assert r.status_code == 302
@pytest.mark.django_db
def test_org_login_logout(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 302
r = client.get(f'/bigevents/account/')
assert r.status_code == 200
r = client.get('/bigevents/account/logout')
assert r.status_code == 302
r = client.get(f'/bigevents/account/')
assert r.status_code == 302
@pytest.mark.django_db
def test_org_login_invalid_password(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'invalid',
})
assert r.status_code == 200
assert b'alert-danger' in r.content
@pytest.mark.django_db
def test_org_login_not_verified(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=False)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 200
assert b'alert-danger' in r.content
@pytest.mark.django_db
def test_org_login_not_active(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True, is_active=False)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 200
assert b'alert-danger' in r.content
@pytest.mark.django_db
@pytest.mark.parametrize("url", [
"account/change",
"account/membership/1/",
"account/",
])
def test_login_required(client, env, url):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
assert client.get('/bigevents/' + url).status_code == 302
client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert client.get('/bigevents/' + url).status_code in (200, 404)
@pytest.mark.django_db
def test_org_order_list(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
event = env[1]
ticket = Item.objects.create(event=event, name='Early-bird ticket', default_price=23, admission=True)
o1 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
email='admin@localhost',
datetime=now() - datetime.timedelta(days=3),
expires=now() + datetime.timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o1,
item=ticket,
variation=None,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
o2 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
email='john@example.org',
datetime=now() - datetime.timedelta(days=3),
expires=now() + datetime.timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o2,
item=ticket,
variation=None,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
o3 = Order.objects.create(
status=Order.STATUS_PENDING,
event=event,
email='admin@localhost',
customer=customer,
datetime=now() - datetime.timedelta(days=3),
expires=now() + datetime.timedelta(days=11),
total=Decimal("23"),
)
OrderPosition.objects.create(
order=o3,
item=ticket,
variation=None,
price=Decimal("23"),
attendee_name_parts={'full_name': "Peter"}
)
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 302
r = client.get(f'/bigevents/account/')
assert r.status_code == 200
content = r.content.decode()
assert o1.code not in content
assert o2.code in content
assert o3.code in content
@pytest.mark.django_db
def test_change_name(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 302
r = client.post(f'/bigevents/account/change', {
'name_parts_0': 'John Doe',
'email': 'john@example.org',
})
assert r.status_code == 302
customer.refresh_from_db()
assert customer.name == 'John Doe'
@pytest.mark.django_db
def test_change_email(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 302
r = client.post(f'/bigevents/account/change', {
'name_parts_0': 'John Doe',
'email': 'john@example.com'
})
assert r.status_code == 200
customer.refresh_from_db()
assert customer.email == 'john@example.org'
r = client.post(f'/bigevents/account/change', {
'name_parts_0': 'John Doe',
'email': 'john@example.com',
'password_current': 'foo',
})
assert r.status_code == 302
customer.refresh_from_db()
assert customer.email == 'john@example.org'
assert len(djmail.outbox) == 1
token = dumps({
'customer': customer.pk,
'email': 'john@example.com'
}, salt='pretix.presale.views.customer.ChangeInformationView')
r = client.get(f'/bigevents/account/confirmchange?token={token}')
assert r.status_code == 302
customer.refresh_from_db()
assert customer.email == 'john@example.com'
@pytest.mark.django_db
def test_change_pw(env, client):
with scopes_disabled():
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
r = client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert r.status_code == 302
r = client.post(f'/bigevents/account/password', {
'password_current': 'invalid',
'password': 'aYLBRNg4',
'password_repeat': 'aYLBRNg4',
})
assert r.status_code == 200
customer.refresh_from_db()
assert customer.check_password('foo')
r = client.post(f'/bigevents/account/password', {
'password_current': 'foo',
'password': 'aYLBRNg4',
'password_repeat': 'aYLBRNg4',
})
assert r.status_code == 302
customer.refresh_from_db()
assert customer.check_password('aYLBRNg4')
@pytest.mark.django_db
def test_login_per_org(env, client):
with scopes_disabled():
o2 = Organizer.objects.create(name='Demo', slug='demo')
o2.settings.customer_accounts = True
customer = env[0].customers.create(email='john@example.org', is_verified=True)
customer.set_password('foo')
customer.save()
client.post('/bigevents/account/login', {
'email': 'john@example.org',
'password': 'foo',
})
assert client.get('/bigevents/account/').status_code == 200
assert client.get('/demo/account/').status_code == 302