CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-04 15:04:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added unit tests for authentication forms

Browse Source
This commit is contained in:
Raphael Michel
2015-09-29 01:00:54 +02:00
parent 264c1e034f
commit 109e18e891
3 changed files with 253 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/tests/control/test_auth.py
View File

@@ -32,25 +32,19 @@ class LoginFormBrowserTest(BrowserTest):
class LoginFormTest(TestCase):
"""
This test case tests various methods around the properties /
variations concept.
"""
def setUp(self):
self.user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
def test_wrong_credentials(self):
c = Client()
response = c.post('/control/login', {
response = self.client.post('/control/login', {
'email': 'dummy@dummy.dummy',
'password': 'foo',
})
self.assertEqual(response.status_code, 200)
def test_correct_credentials(self):
c = Client()
response = c.post('/control/login', {
response = self.client.post('/control/login', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
@@ -60,16 +54,14 @@ class LoginFormTest(TestCase):
self.user.is_active = False
self.user.save()
c = Client()
response = c.post('/control/login', {
response = self.client.post('/control/login', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
self.assertEqual(response.status_code, 200)
def test_redirect(self):
c = Client()
response = c.post('/control/login?next=/control/events/', {
response = self.client.post('/control/login?next=/control/events/', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
@@ -77,31 +69,57 @@ class LoginFormTest(TestCase):
self.assertIn('/control/events/', response['Location'])
def test_logged_in(self):
c = Client()
response = c.post('/control/login?next=/control/events/', {
response = self.client.post('/control/login?next=/control/events/', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
self.assertEqual(response.status_code, 302)
self.assertIn('/control/events/', response['Location'])
response = c.get('/control/login')
response = self.client.get('/control/login')
self.assertEqual(response.status_code, 302)
response = c.get('/control/login?next=/control/events/')
response = self.client.get('/control/login?next=/control/events/')
self.assertEqual(response.status_code, 302)
self.assertIn('/control/events/', response['Location'])
def test_logout(self):
c = Client()
response = c.post('/control/login', {
response = self.client.post('/control/login', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
self.assertEqual(response.status_code, 302)
response = c.get('/control/logout')
response = self.client.get('/control/logout')
self.assertEqual(response.status_code, 302)
response = c.get('/control/login')
response = self.client.get('/control/login')
self.assertEqual(response.status_code, 200)
class RegistrationFormTest(TestCase):
def test_different_passwords(self):
response = self.client.post('/control/register', {
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foobar'
})
self.assertEqual(response.status_code, 200)
def test_email_duplicate(self):
self.user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
response = self.client.post('/control/register', {
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foo'
})
self.assertEqual(response.status_code, 200)
def test_success(self):
response = self.client.post('/control/register', {
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foo'
})
self.assertEqual(response.status_code, 302)

48
src/tests/presale/test_event.py
View File

@@ -140,54 +140,6 @@ class ItemDisplayTest(EventTestMixin, BrowserTest):
self.driver.find_elements_by_css_selector("section:nth-of-type(1) div.variation")[1].text)
class LoginTest(EventTestMixin, TestCase):
def setUp(self):
super().setUp()
self.user = User.objects.create_user('demo@demo.dummy', 'demo')
def test_login_invalid(self):
response = self.client.post(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
{
'form': 'login',
'email': 'demo@demo.foo',
'password': 'bar'
}
)
self.assertEqual(response.status_code, 200)
self.assertIn('alert-danger', response.rendered_content)
def test_login_valid(self):
response = self.client.post(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
{
'form': 'login',
'email': 'demo@demo.dummy',
'password': 'demo'
}
)
self.assertEqual(response.status_code, 302)
def test_login_already_logged_in(self):
self.assertTrue(self.client.login(email='demo@demo.dummy', password='demo'))
response = self.client.get(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 302)
def test_logout(self):
self.assertTrue(self.client.login(email='demo@demo.dummy', password='demo'))
response = self.client.get(
'/%s/%s/logout' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 302)
response = self.client.get(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 200)
class DeadlineTest(EventTestMixin, TestCase):
def setUp(self):

215
src/tests/presale/test_event_auth.py Normal file
View File

@@ -0,0 +1,215 @@
from datetime import date, timedelta
from django.conf import settings
from django.contrib.auth.tokens import (
PasswordResetTokenGenerator, default_token_generator,
)
from django.core import mail as djmail
from django.test import TestCase
from tests.presale.test_event import EventTestMixin
from pretix.base.models import User
class LoginTest(EventTestMixin, TestCase):
def setUp(self):
super().setUp()
self.user = User.objects.create_user('demo@demo.dummy', 'demo')
def test_login_invalid(self):
response = self.client.post(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
{
'form': 'login',
'email': 'demo@demo.foo',
'password': 'bar'
}
)
self.assertEqual(response.status_code, 200)
self.assertIn('alert-danger', response.rendered_content)
def test_login_valid(self):
response = self.client.post(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
{
'form': 'login',
'email': 'demo@demo.dummy',
'password': 'demo'
}
)
self.assertEqual(response.status_code, 302)
def test_login_already_logged_in(self):
self.assertTrue(self.client.login(email='demo@demo.dummy', password='demo'))
response = self.client.get(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 302)
def test_logout(self):
self.assertTrue(self.client.login(email='demo@demo.dummy', password='demo'))
response = self.client.get(
'/%s/%s/logout' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 302)
response = self.client.get(
'/%s/%s/login' % (self.orga.slug, self.event.slug),
)
self.assertEqual(response.status_code, 200)
class RegistrationFormTest(EventTestMixin, TestCase):
def test_different_passwords(self):
response = self.client.post('/%s/%s/login' % (self.orga.slug, self.event.slug), {
'form': 'registration',
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foobar'
})
self.assertEqual(response.status_code, 200)
def test_email_duplicate(self):
self.user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
response = self.client.post('/%s/%s/login' % (self.orga.slug, self.event.slug), {
'form': 'registration',
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foo'
})
self.assertEqual(response.status_code, 200)
def test_success(self):
response = self.client.post('/%s/%s/login' % (self.orga.slug, self.event.slug), {
'form': 'registration',
'email': 'dummy@dummy.dummy',
'password': 'foo',
'password_repeat': 'foo'
})
self.assertEqual(response.status_code, 302)
class PasswordRecoveryFormTest(EventTestMixin, TestCase):
def setUp(self):
super().setUp()
self.user = User.objects.create_user('demo@demo.dummy', 'demo')
def test_unknown(self):
response = self.client.post('/%s/%s/forgot' % (self.orga.slug, self.event.slug), {
'email': 'dummy@dummy.dummy',
})
self.assertEqual(response.status_code, 200)
def test_email_sent(self):
djmail.outbox = []
response = self.client.post('/%s/%s/forgot' % (self.orga.slug, self.event.slug), {
'email': 'demo@demo.dummy',
})
self.assertEqual(response.status_code, 302)
assert len(djmail.outbox) == 1
assert djmail.outbox[0].to == [self.user.email]
assert "recover?id=%d&token=" % self.user.id in djmail.outbox[0].body
def test_recovery_unknown_user(self):
response = self.client.get('/%s/%s/forgot/recover?id=0&token=foo' % (self.orga.slug, self.event.slug))
self.assertEqual(response.status_code, 302)
response = self.client.post(
'/%s/%s/forgot/recover?id=0&token=foo' % (self.orga.slug, self.event.slug),
{
'password': 'foobar',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 302)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('demo'))
def test_recovery_invalid_token(self):
response = self.client.get(
'/%s/%s/forgot/recover?id=%d&token=foo' % (self.orga.slug, self.event.slug, self.user.id)
)
self.assertEqual(response.status_code, 302)
response = self.client.post(
'/%s/%s/forgot/recover?id=%d&token=foo' % (self.orga.slug, self.event.slug, self.user.id),
{
'password': 'foobar',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 302)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('demo'))
def test_recovery_expired_token(self):
class Mocked(PasswordResetTokenGenerator):
def _today(self):
return date.today() - timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)
generator = Mocked()
token = generator.make_token(self.user)
response = self.client.get(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token)
)
self.assertEqual(response.status_code, 302)
response = self.client.post(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token),
{
'password': 'foobar',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 302)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('demo'))
def test_recovery_valid_token_success(self):
token = default_token_generator.make_token(self.user)
response = self.client.get(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token)
)
self.assertEqual(response.status_code, 200)
response = self.client.post(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token),
{
'password': 'foobar',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 302)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('foobar'))
def test_recovery_valid_token_empty_passwords(self):
token = default_token_generator.make_token(self.user)
response = self.client.get(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token)
)
self.assertEqual(response.status_code, 200)
response = self.client.post(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token),
{
'password': '',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 200)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('demo'))
def test_recovery_valid_token_different_passwords(self):
token = default_token_generator.make_token(self.user)
response = self.client.get(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token)
)
self.assertEqual(response.status_code, 200)
response = self.client.post(
'/%s/%s/forgot/recover?id=%d&token=%s' % (self.orga.slug, self.event.slug, self.user.id, token),
{
'password': 'foo',
'password_repeat': 'foobar'
}
)
self.assertEqual(response.status_code, 200)
self.user = User.objects.get(id=self.user.id)
self.assertTrue(self.user.check_password('demo'))