| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540 |
- from django.contrib.auth import get_user_model
- from django.core import mail
- from django.urls import reverse
- from django.utils import six
- from misago.acl.models import Role
- from misago.admin.testutils import AdminTestCase
- from misago.categories.models import Category
- from misago.threads.testutils import post_thread, reply_thread
- from misago.users.models import Ban, Rank
- UserModel = get_user_model()
- class UserAdminViewsTests(AdminTestCase):
- AJAX_HEADER = {'HTTP_X_REQUESTED_WITH': 'XMLHttpRequest'}
- def test_link_registered(self):
- """admin index view contains users link"""
- response = self.client.get(reverse('misago:admin:index'))
- self.assertContains(response, reverse('misago:admin:users:accounts:index'))
- def test_list_view(self):
- """users list view returns 200"""
- response = self.client.get(
- reverse('misago:admin:users:accounts:index'))
- self.assertEqual(response.status_code, 302)
- response = self.client.get(response['location'])
- self.assertEqual(response.status_code, 200)
- self.assertContains(response, self.user.username)
- def test_list_search(self):
- """users list is searchable"""
- response = self.client.get(
- reverse('misago:admin:users:accounts:index'))
- self.assertEqual(response.status_code, 302)
- link_base = response['location']
- response = self.client.get(link_base)
- self.assertEqual(response.status_code, 200)
- user_a = UserModel.objects.create_user('Tyrael', 't123@test.com', 'pass123')
- user_b = UserModel.objects.create_user('Tyrion', 't321@test.com', 'pass123')
- user_c = UserModel.objects.create_user('Karen', 't432@test.com', 'pass123')
- # Search both
- response = self.client.get('%s&username=tyr' % link_base)
- self.assertEqual(response.status_code, 200)
- self.assertContains(response, user_a.username)
- self.assertContains(response, user_b.username)
- # Search tyrion
- response = self.client.get('%s&username=tyrion' % link_base)
- self.assertEqual(response.status_code, 200)
- self.assertNotContains(response, user_a.username)
- self.assertContains(response, user_b.username)
- # Search tyrael
- response = self.client.get('%s&email=t123@test.com' % link_base)
- self.assertEqual(response.status_code, 200)
- self.assertContains(response, user_a.username)
- self.assertNotContains(response, user_b.username)
- # Search disabled
- user_c.is_active = False
- user_c.save()
- response = self.client.get('%s&disabled=1' % link_base)
- self.assertEqual(response.status_code, 200)
- self.assertNotContains(response, user_a.username)
- self.assertNotContains(response, user_b.username)
- self.assertContains(response, '<del>%s</del>' % user_c.username)
- def test_mass_activation(self):
- """users list activates multiple users"""
- user_pks = []
- for i in range(10):
- test_user = UserModel.objects.create_user(
- 'Bob%s' % i,
- 'bob%s@test.com' % i,
- 'pass123',
- requires_activation=1
- )
- user_pks.append(test_user.pk)
- response = self.client.post(
- reverse('misago:admin:users:accounts:index'),
- data={'action': 'activate', 'selected_items': user_pks})
- self.assertEqual(response.status_code, 302)
- inactive_qs = UserModel.objects.filter(id__in=user_pks,
- requires_activation=1)
- self.assertEqual(inactive_qs.count(), 0)
- self.assertIn("has been activated", mail.outbox[0].subject)
- def test_mass_ban(self):
- """users list bans multiple users"""
- user_pks = []
- for i in range(10):
- test_user = UserModel.objects.create_user(
- 'Bob%s' % i,
- 'bob%s@test.com' % i,
- 'pass123',
- requires_activation=1
- )
- user_pks.append(test_user.pk)
- response = self.client.post(
- reverse('misago:admin:users:accounts:index'),
- data={'action': 'ban', 'selected_items': user_pks})
- self.assertEqual(response.status_code, 200)
- response = self.client.post(
- reverse('misago:admin:users:accounts:index'),
- data={
- 'action': 'ban',
- 'selected_items': user_pks,
- 'ban_type': [
- 'usernames', 'emails', 'domains',
- 'ip', 'ip_first', 'ip_two'
- ],
- 'finalize': ''
- })
- self.assertEqual(response.status_code, 302)
- self.assertEqual(Ban.objects.count(), 24)
- def test_mass_delete_accounts(self):
- """users list deletes users"""
- user_pks = []
- for i in range(10):
- test_user = UserModel.objects.create_user(
- 'Bob%s' % i,
- 'bob%s@test.com' % i,
- 'pass123',
- requires_activation=1
- )
- user_pks.append(test_user.pk)
- response = self.client.post(
- reverse('misago:admin:users:accounts:index'),
- data={'action': 'delete_accounts', 'selected_items': user_pks})
- self.assertEqual(response.status_code, 302)
- self.assertEqual(UserModel.objects.count(), 1)
- def test_mass_delete_all(self):
- """users list deletes users and their content"""
- user_pks = []
- for i in range(10):
- test_user = UserModel.objects.create_user(
- 'Bob%s' % i,
- 'bob%s@test.com' % i,
- 'pass123',
- requires_activation=1
- )
- user_pks.append(test_user.pk)
- response = self.client.post(
- reverse('misago:admin:users:accounts:index'),
- data={'action': 'delete_accounts', 'selected_items': user_pks})
- self.assertEqual(response.status_code, 302)
- self.assertEqual(UserModel.objects.count(), 1)
- def test_new_view(self):
- """new user view creates account"""
- response = self.client.get(
- reverse('misago:admin:users:accounts:new'))
- self.assertEqual(response.status_code, 200)
- default_rank = Rank.objects.get_default()
- authenticated_role = Role.objects.get(special_role='authenticated')
- response = self.client.post(reverse('misago:admin:users:accounts:new'),
- data={
- 'username': 'Bawww',
- 'rank': six.text_type(default_rank.pk),
- 'roles': six.text_type(authenticated_role.pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'staff_level': '0'
- })
- self.assertEqual(response.status_code, 302)
- UserModel.objects.get_by_username('Bawww')
- UserModel.objects.get_by_email('reg@stered.com')
- def test_edit_view(self):
- """edit user view changes account"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertEqual(response.status_code, 200)
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'newpass123',
- 'staff_level': '0',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertTrue(updated_user.check_password('newpass123'))
- self.assertEqual(updated_user.username, 'Bawww')
- self.assertEqual(updated_user.slug, 'bawww')
- UserModel.objects.get_by_username('Bawww')
- UserModel.objects.get_by_email('reg@stered.com')
- def test_edit_dont_change_username(self):
- """
- If username wasn't changed, don't touch user's username, slug or history
- This is regression test for issue #640
- """
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertEqual(response.status_code, 200)
- response = self.client.post(test_link, data={
- 'username': 'Bob',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertEqual(updated_user.username, 'Bob')
- self.assertEqual(updated_user.slug, 'bob')
- self.assertEqual(updated_user.namechanges.count(), 0)
- def test_edit_make_admin(self):
- """edit user view allows super admin to make other user admin"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertContains(response, 'id="id_is_staff_1"')
- self.assertContains(response, 'id="id_is_superuser_1"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '1',
- 'is_superuser': '0',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertTrue(updated_user.is_staff)
- self.assertFalse(updated_user.is_superuser)
- def test_edit_make_superadmin_admin(self):
- """edit user view allows super admin to make other user super admin"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertContains(response, 'id="id_is_staff_1"')
- self.assertContains(response, 'id="id_is_superuser_1"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '0',
- 'is_superuser': '1',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertFalse(updated_user.is_staff)
- self.assertTrue(updated_user.is_superuser)
- def test_edit_cant_make_admin(self):
- """edit user view forbids admins from making other admins"""
- self.user.is_superuser = False
- self.user.save()
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertNotContains(response, 'id="id_is_staff_1"')
- self.assertNotContains(response, 'id="id_is_superuser_1"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '1',
- 'is_superuser': '1',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertFalse(updated_user.is_staff)
- self.assertFalse(updated_user.is_superuser)
- def test_edit_disable_user(self):
- """edit user view allows admin to disable non admin"""
- self.user.is_superuser = False
- self.user.save()
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertContains(response, 'id="id_is_active_1"')
- self.assertContains(response, 'id="id_is_active_staff_message"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '0',
- 'is_superuser': '0',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- 'is_active': '0',
- 'is_active_staff_message': "Disabled in test!"
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertFalse(updated_user.is_active)
- self.assertEqual(updated_user.is_active_staff_message, "Disabled in test!")
- def test_edit_superuser_disable_admin(self):
- """edit user view allows admin to disable non admin"""
- self.user.is_superuser = True
- self.user.save()
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_user.is_staff = True
- test_user.save()
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertContains(response, 'id="id_is_active_1"')
- self.assertContains(response, 'id="id_is_active_staff_message"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '1',
- 'is_superuser': '0',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- 'is_active': '0',
- 'is_active_staff_message': "Disabled in test!"
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertFalse(updated_user.is_active)
- self.assertEqual(updated_user.is_active_staff_message, "Disabled in test!")
- def test_edit_admin_cant_disable_admin(self):
- """edit user view disallows admin to disable admin"""
- self.user.is_superuser = False
- self.user.save()
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_user.is_staff = True
- test_user.save()
- test_link = reverse('misago:admin:users:accounts:edit',
- kwargs={'pk': test_user.pk})
- response = self.client.get(test_link)
- self.assertNotContains(response, 'id="id_is_active_1"')
- self.assertNotContains(response, 'id="id_is_active_staff_message"')
- response = self.client.post(test_link, data={
- 'username': 'Bawww',
- 'rank': six.text_type(test_user.rank_id),
- 'roles': six.text_type(test_user.roles.all()[0].pk),
- 'email': 'reg@stered.com',
- 'new_password': 'pass123',
- 'is_staff': '1',
- 'is_superuser': '0',
- 'signature': 'Hello world!',
- 'is_signature_locked': '1',
- 'is_hiding_presence': '0',
- 'limits_private_thread_invites_to': '0',
- 'signature_lock_staff_message': 'Staff message',
- 'signature_lock_user_message': 'User message',
- 'subscribe_to_started_threads': '2',
- 'subscribe_to_replied_threads': '2',
- 'is_active': '0',
- 'is_active_staff_message': "Disabled in test!"
- })
- self.assertEqual(response.status_code, 302)
- updated_user = UserModel.objects.get(pk=test_user.pk)
- self.assertTrue(updated_user.is_active)
- self.assertFalse(updated_user.is_active_staff_message)
- def test_delete_threads_view(self):
- """delete user threads view deletes threads"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:delete-threads',
- kwargs={'pk': test_user.pk})
- category = Category.objects.all_categories()[:1][0]
- [post_thread(category, poster=test_user) for _ in range(10)]
- response = self.client.post(test_link, **self.AJAX_HEADER)
- self.assertEqual(response.status_code, 200)
- response_dict = response.json()
- self.assertEqual(response_dict['deleted_count'], 10)
- self.assertFalse(response_dict['is_completed'])
- response = self.client.post(test_link, **self.AJAX_HEADER)
- self.assertEqual(response.status_code, 200)
- response_dict = response.json()
- self.assertEqual(response_dict['deleted_count'], 0)
- self.assertTrue(response_dict['is_completed'])
- def test_delete_posts_view(self):
- """delete user posts view deletes posts"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:delete-posts',
- kwargs={'pk': test_user.pk})
- category = Category.objects.all_categories()[:1][0]
- thread = post_thread(category)
- [reply_thread(thread, poster=test_user) for _ in range(10)]
- response = self.client.post(test_link, **self.AJAX_HEADER)
- self.assertEqual(response.status_code, 200)
- response_dict = response.json()
- self.assertEqual(response_dict['deleted_count'], 10)
- self.assertFalse(response_dict['is_completed'])
- response = self.client.post(test_link, **self.AJAX_HEADER)
- self.assertEqual(response.status_code, 200)
- response_dict = response.json()
- self.assertEqual(response_dict['deleted_count'], 0)
- self.assertTrue(response_dict['is_completed'])
- def test_delete_account_view(self):
- """delete user account view deletes user account"""
- test_user = UserModel.objects.create_user('Bob', 'bob@test.com', 'pass123')
- test_link = reverse('misago:admin:users:accounts:delete-account',
- kwargs={'pk': test_user.pk})
- response = self.client.post(test_link, **self.AJAX_HEADER)
- self.assertEqual(response.status_code, 200)
- response_dict = response.json()
- self.assertTrue(response_dict['is_completed'])
|
