| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127 |
- from django.contrib.auth import get_user_model
- from django.urls import reverse
- from misago.core.utils import encode_json_html
- from misago.users.models import Ban
- from misago.users.testutils import UserTestCase
- from misago.users.tokens import make_password_change_token
- UserModel = get_user_model()
- class ForgottenPasswordViewsTests(UserTestCase):
- def test_guest_request_view_returns_200(self):
- """request new password view returns 200 for guests"""
- response = self.client.get(reverse('misago:forgotten-password'))
- self.assertEqual(response.status_code, 200)
- def test_authenticated_request_view_returns_200(self):
- """request new password view returns 200 for authenticated"""
- self.login_user(self.get_authenticated_user())
- response = self.client.get(reverse('misago:forgotten-password'))
- self.assertEqual(response.status_code, 200)
- def test_authenticated_request_unusable_password_view_returns_200(self):
- """request new password view returns 200 for authenticated with unusable password"""
- user = self.get_authenticated_user()
- user.set_password(None)
- user.save()
- self.assertFalse(user.has_usable_password())
- self.login_user(user)
- response = self.client.get(reverse('misago:forgotten-password'))
- self.assertEqual(response.status_code, 200)
- def test_change_password_on_banned(self):
- """change banned user password errors"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
- Ban.objects.create(
- check_type=Ban.USERNAME,
- banned_value='bob',
- user_message='Nope!',
- )
- password_token = make_password_change_token(test_user)
- response = self.client.get(
- reverse(
- 'misago:forgotten-password-change-form',
- kwargs={
- 'pk': test_user.pk,
- 'token': password_token,
- },
- )
- )
- self.assertContains(response, encode_json_html("<p>Nope!</p>"), status_code=403)
- def test_change_password_on_other_user(self):
- """change other user password errors"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
- password_token = make_password_change_token(test_user)
- self.login_user(self.get_authenticated_user())
- response = self.client.get(
- reverse(
- 'misago:forgotten-password-change-form',
- kwargs={
- 'pk': test_user.pk,
- 'token': password_token,
- },
- )
- )
- self.assertContains(response, 'your link has expired', status_code=400)
- def test_change_password_invalid_token(self):
- """invalid form token errors"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
- response = self.client.get(
- reverse(
- 'misago:forgotten-password-change-form',
- kwargs={
- 'pk': test_user.pk,
- 'token': 'abcdfghqsads',
- },
- )
- )
- self.assertContains(response, 'your link is invalid', status_code=400)
- def test_change_password_form(self):
- """change user password form displays for valid token"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
- password_token = make_password_change_token(test_user)
- response = self.client.get(
- reverse(
- 'misago:forgotten-password-change-form',
- kwargs={
- 'pk': test_user.pk,
- 'token': password_token,
- },
- )
- )
- self.assertContains(response, password_token)
- def test_change_password_unusable_password_form(self):
- """set user first password form displays for valid token"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com')
- password_token = make_password_change_token(test_user)
- response = self.client.get(
- reverse(
- 'misago:forgotten-password-change-form',
- kwargs={
- 'pk': test_user.pk,
- 'token': password_token,
- },
- )
- )
- self.assertContains(response, password_token)
|
