221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156
							from django.contrib.auth import get_user_model
from django.urls import reverse

from ...acl.test import patch_user_acl
from ...admin.test import AdminTestCase

User = get_user_model()


class JoinIpProfileFieldTests(AdminTestCase):
    def setUp(self):
        super().setUp()

        self.test_link = reverse(
            "misago:admin:users:accounts:edit", kwargs={"pk": self.user.pk}
        )

    def test_field_hidden_in_admin(self):
        """readonly field doesn't display in the admin"""
        response = self.client.get(self.test_link)
        self.assertNotContains(response, 'name="join_ip"')
        self.assertNotContains(response, "IP address")
        self.assertNotContains(response, "Join IP")

    def test_admin_edits_field(self):
        """join_ip is non-editable by admin"""
        response = self.client.post(
            self.test_link,
            data={
                "username": "Edited",
                "rank": str(self.user.rank_id),
                "roles": str(self.user.roles.all()[0].pk),
                "email": "reg@stered.com",
                "join_ip": "127.0.0.1",
                "new_password": "",
                "signature": "",
                "is_signature_locked": "0",
                "is_hiding_presence": "0",
                "limits_private_thread_invites_to": "0",
                "signature_lock_staff_message": "",
                "signature_lock_user_message": "",
                "subscribe_to_started_threads": "2",
                "subscribe_to_replied_threads": "2",
            },
        )
        self.assertEqual(response.status_code, 302)

        self.reload_user()
        self.assertNotIn("join_ip", self.user.profile_fields)

    def test_admin_search_field(self):
        """admin users search searches this field"""
        test_link = reverse("misago:admin:users:accounts:index")

        response = self.client.get(
            "%s?redirected=1&profilefields=127.0.0.1" % test_link
        )
        self.assertContains(
            response, "No users matching search criteria have been found."
        )

    def test_field_display(self):
        """field displays on user profile"""
        test_link = reverse(
            "misago:user-details", kwargs={"pk": self.user.pk, "slug": self.user.slug}
        )

        response = self.client.get(test_link)
        self.assertContains(response, "IP address")
        self.assertContains(response, "Join IP")
        self.assertContains(response, "127.0.0.1")

    @patch_user_acl({"can_see_users_ips": 0})
    def test_field_hidden_no_permission(self):
        """field is hidden on user profile if user has no permission"""
        test_link = reverse(
            "misago:user-details", kwargs={"pk": self.user.pk, "slug": self.user.slug}
        )

        response = self.client.get(test_link)
        self.assertNotContains(response, "IP address")
        self.assertNotContains(response, "Join IP")
        self.assertNotContains(response, "127.0.0.1")

    def test_field_hidden_ip_removed(self):
        """field is hidden on user profile if ip is removed"""
        test_link = reverse(
            "misago:user-details", kwargs={"pk": self.user.pk, "slug": self.user.slug}
        )

        self.user.joined_from_ip = None
        self.user.save()

        response = self.client.get(test_link)
        self.assertNotContains(response, "IP address")
        self.assertNotContains(response, "Join IP")
        self.assertNotContains(response, "127.0.0.1")

    def test_field_display_json(self):
        """field is included in display json"""
        test_link = reverse("misago:api:user-details", kwargs={"pk": self.user.pk})

        response = self.client.get(test_link)
        self.assertEqual(
            response.json()["groups"],
            [
                {
                    "name": "IP address",
                    "fields": [
                        {"fieldname": "join_ip", "name": "Join IP", "text": "127.0.0.1"}
                    ],
                }
            ],
        )

    @patch_user_acl({"can_see_users_ips": 0})
    def test_field_hidden_no_permission_json(self):
        """field is not included in display json if user has no permission"""
        test_link = reverse("misago:api:user-details", kwargs={"pk": self.user.pk})

        response = self.client.get(test_link)
        self.assertEqual(response.json()["groups"], [])

    def test_field_hidden_ip_removed_json(self):
        """field is not included in display json if user ip is removed"""
        test_link = reverse("misago:api:user-details", kwargs={"pk": self.user.pk})

        self.user.joined_from_ip = None
        self.user.save()

        response = self.client.get(test_link)
        self.assertEqual(response.json()["groups"], [])

    def test_field_not_in_edit_json(self):
        """readonly field json is not returned from API"""
        test_link = reverse("misago:api:user-edit-details", kwargs={"pk": self.user.pk})

        response = self.client.get(test_link)

        found_field = None
        for group in response.json():
            for field in group["fields"]:
                if field["fieldname"] == "join_ip":
                    found_field = field

        self.assertIsNone(found_field)

    def test_field_is_not_editable_in_api(self):
        """readonly field can't be edited via api"""
        test_link = reverse("misago:api:user-edit-details", kwargs={"pk": self.user.pk})

        response = self.client.post(test_link, data={"join_ip": "88.12.13.14"})
        self.assertEqual(response.status_code, 200)

        self.reload_user()
        self.assertNotIn("join_ip", self.user.profile_fields)