221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							from django.urls import reverse

from misago.users.models import Ban
from misago.users.testutils import UserTestCase


class UnbannedOnlyTests(UserTestCase):
    def setUp(self):
        self.user = self.get_authenticated_user()

    def test_api_allows_guests(self):
        """policy allows guests"""
        response = self.client.post(
            reverse('misago:api:send-password-form'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 200)

    def test_api_allows_authenticated(self):
        """policy allows authenticated"""
        self.login_user(self.user)

        response = self.client.post(
            reverse('misago:api:send-password-form'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 200)

    def test_api_blocks_banned(self):
        """policy blocked banned ip"""
        Ban.objects.create(
            check_type=Ban.IP,
            banned_value='127.*',
            user_message='Ya got banned!',
        )

        response = self.client.post(
            reverse('misago:api:send-password-form'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 403)


class UnbannedAnonOnlyTests(UserTestCase):
    def setUp(self):
        self.user = self.get_authenticated_user()

    def test_api_allows_guests(self):
        """policy allows guests"""
        self.user.requires_activation = 1
        self.user.save()

        response = self.client.post(
            reverse('misago:api:send-activation'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 200)

    def test_api_allows_authenticated(self):
        """policy blocks authenticated"""
        self.login_user(self.user)

        response = self.client.post(
            reverse('misago:api:send-activation'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 403)

    def test_api_blocks_banned(self):
        """policy blocked banned ip"""
        Ban.objects.create(
            check_type=Ban.IP,
            banned_value='127.*',
            user_message='Ya got banned!',
        )

        response = self.client.post(
            reverse('misago:api:send-activation'),
            data={
                'email': self.user.email,
            },
        )
        self.assertEqual(response.status_code, 403)