zestedesavoir · Situphen · Mar 6, 2022 · Feb 20, 2022 · Mar 5, 2022 · Mar 6, 2022
diff --git a/zds/member/tests/tests_views.py b/zds/member/tests/tests_views.py
diff --git a/zds/member/tests/views/__init__.py b/zds/member/tests/views/__init__.py
diff --git a/zds/member/tests/views/tests_admin.py b/zds/member/tests/views/tests_admin.py
@@ -0,0 +1,117 @@
+from django.conf import settings
+from django.contrib.auth.models import Group
+from django.urls import reverse
+from django.test import TestCase
+
+from zds.notification.models import TopicAnswerSubscription
+from zds.member.tests.factories import ProfileFactory, StaffProfileFactory, UserFactory
+from zds.member.models import Profile
+from zds.forum.tests.factories import ForumCategoryFactory, ForumFactory, TopicFactory
+
+
+class MemberTests(TestCase):
+    def setUp(self):
+        settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
+        self.mas = ProfileFactory()
+        settings.ZDS_APP["member"]["bot_account"] = self.mas.user.username
+        self.anonymous = UserFactory(username=settings.ZDS_APP["member"]["anonymous_account"], password="anything")
+        self.external = UserFactory(username=settings.ZDS_APP["member"]["external_account"], password="anything")
+        self.category1 = ForumCategoryFactory(position=1)
+        self.forum11 = ForumFactory(category=self.category1, position_in_category=1)
+        self.staff = StaffProfileFactory().user
+
+        self.bot = Group(name=settings.ZDS_APP["member"]["bot_group"])
+        self.bot.save()
+
+    def test_promote_interface(self):
+        """
+        Test promotion interface.
+        """
+
+        # create users (one regular, one staff and one superuser)
+        tester = ProfileFactory()
+        staff = StaffProfileFactory()
+        tester.user.is_active = False
+        tester.user.save()
+        staff.user.is_superuser = True
+        staff.user.save()
+
+        # create groups
+        group = Group.objects.create(name="DummyGroup_1")
+        groupbis = Group.objects.create(name="DummyGroup_2")
+
+        # create Forums, Posts and subscribe member to them.
+        category1 = ForumCategoryFactory(position=1)
+        forum1 = ForumFactory(category=category1, position_in_category=1)
+        forum1.groups.add(group)
+        forum1.save()
+        forum2 = ForumFactory(category=category1, position_in_category=2)
+        forum2.groups.add(groupbis)
+        forum2.save()
+        forum3 = ForumFactory(category=category1, position_in_category=3)
+        topic1 = TopicFactory(forum=forum1, author=staff.user)
+        topic2 = TopicFactory(forum=forum2, author=staff.user)
+        topic3 = TopicFactory(forum=forum3, author=staff.user)
+
+        # LET THE TEST BEGIN !
+
+        # tester shouldn't be able to connect
+        login_check = self.client.login(username=tester.user.username, password="hostel77")
+        self.assertEqual(login_check, False)
+
+        # connect as staff (superuser)
+        self.client.force_login(staff.user)
+
+        # check that we can go through the page
+        result = self.client.get(reverse("member-settings-promote", kwargs={"user_pk": tester.user.id}), follow=False)
+        self.assertEqual(result.status_code, 200)
+
+        # give groups thanks to staff (but account still not activated)
+        result = self.client.post(
+            reverse("member-settings-promote", kwargs={"user_pk": tester.user.id}),
+            {
+                "groups": [group.id, groupbis.id],
+            },
+            follow=False,
+        )
+        self.assertEqual(result.status_code, 302)
+        tester = Profile.objects.get(id=tester.id)  # refresh
+
+        self.assertEqual(len(tester.user.groups.all()), 2)
+        self.assertFalse(tester.user.is_active)
+
+        # Now our tester is going to follow one post in every forum (3)
+        TopicAnswerSubscription.objects.toggle_follow(topic1, tester.user)
+        TopicAnswerSubscription.objects.toggle_follow(topic2, tester.user)
+        TopicAnswerSubscription.objects.toggle_follow(topic3, tester.user)
+
+        self.assertEqual(len(TopicAnswerSubscription.objects.get_objects_followed_by(tester.user)), 3)
+
+        # retract all right, keep one group only and activate account
+        result = self.client.post(
+            reverse("member-settings-promote", kwargs={"user_pk": tester.user.id}),
+            {"groups": [group.id], "activation": "on"},
+            follow=False,
+        )
+        self.assertEqual(result.status_code, 302)
+        tester = Profile.objects.get(id=tester.id)  # refresh
+
+        self.assertEqual(len(tester.user.groups.all()), 1)
+        self.assertTrue(tester.user.is_active)
+        self.assertEqual(len(TopicAnswerSubscription.objects.get_objects_followed_by(tester.user)), 2)
+
+        # no groups specified
+        result = self.client.post(
+            reverse("member-settings-promote", kwargs={"user_pk": tester.user.id}), {"activation": "on"}, follow=False
+        )
+        self.assertEqual(result.status_code, 302)
+        tester = Profile.objects.get(id=tester.id)  # refresh
+        self.assertEqual(len(TopicAnswerSubscription.objects.get_objects_followed_by(tester.user)), 1)
+
+        # Finally, check that user can connect and can not access the interface
+        login_check = self.client.login(username=tester.user.username, password="hostel77")
+        self.assertEqual(login_check, True)
+        result = self.client.post(
+            reverse("member-settings-promote", kwargs={"user_pk": staff.user.id}), {"activation": "on"}, follow=False
+        )
+        self.assertEqual(result.status_code, 403)  # forbidden !
diff --git a/zds/member/tests/views/tests_emailproviders.py b/zds/member/tests/views/tests_emailproviders.py
@@ -0,0 +1,153 @@
+from django.conf import settings
+from django.contrib.auth.models import Group, User
+from django.urls import reverse
+from django.test import TestCase
+
+from zds.member.tests.factories import ProfileFactory, StaffProfileFactory, UserFactory
+from zds.member.models import NewEmailProvider, BannedEmailProvider, TokenRegister
+from zds.forum.tests.factories import ForumCategoryFactory, ForumFactory
+
+
+class EmailProvidersTests(TestCase):
+    def setUp(self):
+        settings.EMAIL_BACKEND = "django.core.mail.backends.locmem.EmailBackend"
+        self.mas = ProfileFactory()
+        settings.ZDS_APP["member"]["bot_account"] = self.mas.user.username
+        self.anonymous = UserFactory(username=settings.ZDS_APP["member"]["anonymous_account"], password="anything")
+        self.external = UserFactory(username=settings.ZDS_APP["member"]["external_account"], password="anything")
+        self.category1 = ForumCategoryFactory(position=1)
+        self.forum11 = ForumFactory(category=self.category1, position_in_category=1)
+        self.staff = StaffProfileFactory().user
+
+        self.bot = Group(name=settings.ZDS_APP["member"]["bot_group"])
+        self.bot.save()
+
+    def test_new_provider_with_email_edit(self):
+        new_providers_count = NewEmailProvider.objects.count()
+        user = ProfileFactory().user
+        self.client.force_login(user)
+        # Edit the email with an unknown provider
+        self.client.post(
+            reverse("update-username-email-member"),
+            {"username": user.username, "email": "test@unknown-provider-edit.com"},
+            follow=False,
+        )
+        # A new provider object should have been created
+        self.assertEqual(new_providers_count + 1, NewEmailProvider.objects.count())
+
+    def test_new_providers_list(self):
+        # create a new provider
+        user = ProfileFactory().user
+        provider = NewEmailProvider.objects.create(use="NEW_ACCOUNT", user=user, provider="test.com")
+        # check that the list is not available for a non-staff member
+        self.client.logout()
+        result = self.client.get(reverse("new-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.client.force_login(user)
+        result = self.client.get(reverse("new-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 403)
+        # and that it contains the provider we created
+        self.client.force_login(self.staff)
+        result = self.client.get(reverse("new-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 200)
+        self.assertIn(provider, result.context["providers"])
+
+    def test_check_new_provider(self):
+        # create two new providers
+        user = ProfileFactory().user
+        provider1 = NewEmailProvider.objects.create(use="NEW_ACCOUNT", user=user, provider="test1.com")
+        provider2 = NewEmailProvider.objects.create(use="EMAIl_EDIT", user=user, provider="test2.com")
+        # check that this option is only available for a staff member
+        self.client.force_login(user)
+        result = self.client.post(reverse("check-new-email-provider", args=[provider1.pk]), follow=False)
+        self.assertEqual(result.status_code, 403)
+        # test approval
+        self.client.force_login(self.staff)
+        result = self.client.post(reverse("check-new-email-provider", args=[provider1.pk]), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.assertFalse(NewEmailProvider.objects.filter(pk=provider1.pk).exists())
+        self.assertFalse(BannedEmailProvider.objects.filter(provider=provider1.provider).exists())
+        # test ban
+        self.client.force_login(self.staff)
+        result = self.client.post(reverse("check-new-email-provider", args=[provider2.pk]), {"ban": "on"}, follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.assertFalse(NewEmailProvider.objects.filter(pk=provider2.pk).exists())
+        self.assertTrue(BannedEmailProvider.objects.filter(provider=provider2.provider).exists())
+
+    def test_banned_providers_list(self):
+        user = ProfileFactory().user
+        # create a banned provider
+        provider = BannedEmailProvider.objects.create(moderator=self.staff, provider="test.com")
+        # check that the list is not available for a non-staff member
+        self.client.logout()
+        result = self.client.get(reverse("banned-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.client.force_login(user)
+        result = self.client.get(reverse("banned-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 403)
+        # and that it contains the provider we created
+        self.client.force_login(self.staff)
+        result = self.client.get(reverse("banned-email-providers"), follow=False)
+        self.assertEqual(result.status_code, 200)
+        self.assertIn(provider, result.context["providers"])
+
+    def test_add_banned_provider(self):
+        # test that this page is only available for staff
+        user = ProfileFactory().user
+        self.client.logout()
+        result = self.client.get(reverse("add-banned-email-provider"), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.client.force_login(user)
+        result = self.client.get(reverse("add-banned-email-provider"), follow=False)
+        self.assertEqual(result.status_code, 403)
+        self.client.force_login(self.staff)
+        result = self.client.get(reverse("add-banned-email-provider"), follow=False)
+        self.assertEqual(result.status_code, 200)
+
+        # add a provider
+        result = self.client.post(reverse("add-banned-email-provider"), {"provider": "new-provider.com"}, follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.assertTrue(BannedEmailProvider.objects.filter(provider="new-provider.com").exists())
+
+        # check that it cannot be added again
+        result = self.client.post(reverse("add-banned-email-provider"), {"provider": "new-provider.com"}, follow=False)
+        self.assertEqual(result.status_code, 200)
+        self.assertEqual(1, BannedEmailProvider.objects.filter(provider="new-provider.com").count())
+
+    def test_members_with_provider(self):
+        # create two members with the same provider
+        member1 = ProfileFactory().user
+        member2 = ProfileFactory().user
+        member1.email = "test1@test-members.com"
+        member1.save()
+        member2.email = "test2@test-members.com"
+        member2.save()
+        # ban this provider
+        provider = BannedEmailProvider.objects.create(moderator=self.staff, provider="test-members.com")
+        # check that this page is only available for staff
+        self.client.logout()
+        result = self.client.get(reverse("members-with-provider", args=[provider.pk]), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.client.force_login(member1)
+        result = self.client.get(reverse("members-with-provider", args=[provider.pk]), follow=False)
+        self.assertEqual(result.status_code, 403)
+        self.client.force_login(self.staff)
+        result = self.client.get(reverse("members-with-provider", args=[provider.pk]), follow=False)
+        self.assertEqual(result.status_code, 200)
+        # check that it contains the two members
+        self.assertIn(member1.profile, result.context["members"])
+        self.assertIn(member2.profile, result.context["members"])
+
+    def test_remove_banned_provider(self):
+        user = ProfileFactory().user
+        # add a banned provider
+        provider = BannedEmailProvider.objects.create(moderator=self.staff, provider="test-remove.com")
+        # check that this option is only available for a staff member
+        self.client.force_login(user)
+        result = self.client.post(reverse("check-new-email-provider", args=[provider.pk]), follow=False)
+        self.assertEqual(result.status_code, 403)
+        # test that it removes the provider
+        self.client.force_login(self.staff)
+        result = self.client.post(reverse("remove-banned-email-provider", args=[provider.pk]), follow=False)
+        self.assertEqual(result.status_code, 302)
+        self.assertFalse(BannedEmailProvider.objects.filter(pk=provider.pk).exists())