fix #555: added tests

misago/users/forms/register.py

@@ -1,9 +1,10 @@
 from django import forms
 from django.contrib.auth import get_user_model
 from django.contrib.auth.password_validation import validate_password
+from django.core.exceptions import ValidationError
 
 from misago.users import validators
-from misago.users.bans import get_email_ban, get_username_ban
+from misago.users.bans import get_email_ban, get_ip_ban, get_username_ban
 
 
 UserModel = get_user_model()

misago/users/tests/test_bans.py

@@ -43,7 +43,7 @@ class GetBanTests(TestCase):
         regitration_ban = Ban.objects.create(
             banned_value='bob*',
             expires_on=timezone.now() + timedelta(days=7),
-            registration_only=True
+            registration_only=True,
         )
         self.assertIsNone(get_username_ban('boberson'))
         self.assertEqual(get_username_ban('boberson', True).pk, regitration_ban.pk)
@@ -81,7 +81,7 @@ class GetBanTests(TestCase):
             banned_value='*.ua',
             check_type=Ban.EMAIL,
             expires_on=timezone.now() + timedelta(days=7),
-            registration_only=True
+            registration_only=True,
         )
         self.assertIsNone(get_email_ban('banned@mail.ua'))
         self.assertEqual(get_email_ban('banned@mail.ua', True).pk, regitration_ban.pk)
@@ -119,7 +119,7 @@ class GetBanTests(TestCase):
             banned_value='188.*',
             check_type=Ban.IP,
             expires_on=timezone.now() + timedelta(days=7),
-            registration_only=True
+            registration_only=True,
         )
         self.assertIsNone(get_ip_ban('188.12.12.41'))
         self.assertEqual(get_ip_ban('188.12.12.41', True).pk, regitration_ban.pk)

misago/users/tests/test_user_create_api.py

@@ -3,7 +3,7 @@ from django.core import mail
 from django.urls import reverse
 
 from misago.conf import settings
-from misago.users.models import Online
+from misago.users.models import Ban, Online
 from misago.users.testutils import UserTestCase
 
 
@@ -35,6 +35,48 @@ class UserCreateTests(UserTestCase):
         response = self.client.post(self.api_link)
         self.assertContains(response, 'closed', status_code=403)
 
+    def test_registration_validates_ip_ban(self):
+        """api validates ip ban"""
+        Ban.objects.create(
+            check_type=Ban.IP,
+            banned_value='127.*',
+            user_message="You can't register account like this.",
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 403)
+
+    def test_registration_validates_ip_registration_ban(self):
+        """api validates ip registration-only ban"""
+        Ban.objects.create(
+            check_type=Ban.IP,
+            banned_value='127.*',
+            user_message="You can't register account like this.",
+            registration_only=True,
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.json(), {
+            '__all__': ["You can't register account like this."],
+        })
+
     def test_registration_validates_username(self):
         """api validates usernames"""
         user = self.get_authenticated_user()
@@ -53,6 +95,49 @@ class UserCreateTests(UserTestCase):
             'username': ["This username is not available."],
         })
 
+    def test_registration_validates_username_ban(self):
+        """api validates username ban"""
+        Ban.objects.create(
+            banned_value='totally*',
+            user_message="You can't register account like this.",
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.json(), {
+            'username': ["You can't register account like this."],
+        })
+
+    def test_registration_validates_username_registration_ban(self):
+        """api validates username registration-only ban"""
+        Ban.objects.create(
+            banned_value='totally*',
+            user_message="You can't register account like this.",
+            registration_only=True,
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.json(), {
+            'username': ["You can't register account like this."],
+        })
+
     def test_registration_validates_email(self):
         """api validates usernames"""
         user = self.get_authenticated_user()
@@ -71,6 +156,51 @@ class UserCreateTests(UserTestCase):
             'email': ["This e-mail address is not available."],
         })
 
+    def test_registration_validates_email_ban(self):
+        """api validates email ban"""
+        Ban.objects.create(
+            check_type=Ban.EMAIL,
+            banned_value='lorem*',
+            user_message="You can't register account like this.",
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.json(), {
+            'email': ["You can't register account like this."],
+        })
+
+    def test_registration_validates_email_registration_ban(self):
+        """api validates email registration-only ban"""
+        Ban.objects.create(
+            check_type=Ban.EMAIL,
+            banned_value='lorem*',
+            user_message="You can't register account like this.",
+            registration_only=True,
+        )
+
+        response = self.client.post(
+            self.api_link,
+            data={
+                'username': 'totallyNew',
+                'email': 'loremipsum@dolor.met',
+                'password': 'LoremP4ssword',
+            },
+        )
+
+        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.json(), {
+            'email': ["You can't register account like this."],
+        })
+
     def test_registration_validates_password(self):
         """api uses django's validate_password to validate registrations"""
         response = self.client.post(