195 lines
7.9 KiB
Python
195 lines
7.9 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
# authentic2 - versatile identity manager
|
|
# Copyright (C) 2010-2019 Entr'ouvert
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify it
|
|
# under the terms of the GNU Affero General Public License as published
|
|
# by the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
from __future__ import unicode_literals
|
|
|
|
import pytest
|
|
|
|
from django.urls import reverse
|
|
|
|
from authentic2.models import Attribute
|
|
|
|
from . import utils
|
|
|
|
pytestmark = pytest.mark.django_db
|
|
|
|
|
|
def test_account_edit_view(app, simple_user):
|
|
utils.login(app, simple_user)
|
|
url = reverse('profile_edit')
|
|
resp = app.get(url, status=200)
|
|
|
|
phone = Attribute.objects.create(
|
|
name='phone', label='phone',
|
|
kind='phone_number', user_visible=True, user_editable=True)
|
|
title = Attribute.objects.create(
|
|
name='title', label='title',
|
|
kind='title', user_visible=True, user_editable=True)
|
|
agreement = Attribute.objects.create(
|
|
name='agreement', label='agreement',
|
|
kind='boolean', user_visible=True, user_editable=True)
|
|
|
|
resp = old_resp = app.get(url, status=200)
|
|
resp.form['edit-profile-phone'] = '1234'
|
|
assert resp.form['edit-profile-phone'].attrs['type'] == 'tel'
|
|
resp.form['edit-profile-title'] = 'Mrs'
|
|
resp.form['edit-profile-agreement'] = False
|
|
resp = resp.form.submit()
|
|
# verify that missing next_url in POST is ok
|
|
assert resp['Location'].endswith(reverse('account_management'))
|
|
assert phone.get_value(simple_user) == '1234'
|
|
assert title.get_value(simple_user) == 'Mrs'
|
|
assert agreement.get_value(simple_user) is False
|
|
|
|
resp = resp.follow()
|
|
profile = [(dt.text.split('\xa0')[0], dd.text.strip())
|
|
for dt, dd in zip(resp.pyquery('dl dt'), resp.pyquery('dl dd'))]
|
|
assert profile == [
|
|
('First name', 'Jôhn'),
|
|
('Last name', 'Dôe'),
|
|
('Email address', 'user@example.net'),
|
|
('Phone', '1234'),
|
|
('Title', 'Mrs')
|
|
]
|
|
|
|
resp = app.get(url, status=200)
|
|
resp.form.set('edit-profile-phone', '0123456789')
|
|
resp = resp.form.submit().follow()
|
|
assert phone.get_value(simple_user) == '0123456789'
|
|
|
|
resp = app.get(url, status=200)
|
|
resp.form.set('edit-profile-phone', '9876543210')
|
|
resp = resp.form.submit('cancel').follow()
|
|
assert phone.get_value(simple_user) == '0123456789'
|
|
|
|
phone.set_value(simple_user, '0123456789', verified=True)
|
|
title.set_value(simple_user, 'Mr', verified=True)
|
|
agreement.set_value(simple_user, True, verified=True)
|
|
resp = app.get(url, status=200)
|
|
assert 'edit-profile-phone' not in resp.form.fields
|
|
assert 'edit-profile-title' not in resp.form.fields
|
|
assert 'edit-profile-agreement' not in resp.form.fields
|
|
assert 'readonly' in resp.form['edit-profile-phone@disabled'].attrs
|
|
assert resp.form['edit-profile-phone@disabled'].value == '0123456789'
|
|
assert resp.form['edit-profile-title@disabled'].value == 'Mr'
|
|
assert resp.form['edit-profile-agreement@disabled'].value == 'Yes'
|
|
resp.form.set('edit-profile-phone@disabled', '1234')
|
|
resp.form.set('edit-profile-title@disabled', 'Mrs')
|
|
resp.form.set('edit-profile-agreement@disabled', 'False')
|
|
resp = resp.form.submit().follow()
|
|
assert phone.get_value(simple_user) == '0123456789'
|
|
assert title.get_value(simple_user) == 'Mr'
|
|
assert agreement.get_value(simple_user) is True
|
|
|
|
resp = old_resp.form.submit()
|
|
assert phone.get_value(simple_user) == '0123456789'
|
|
assert title.get_value(simple_user) == 'Mr'
|
|
assert agreement.get_value(simple_user) is True
|
|
|
|
phone.disabled = True
|
|
phone.save()
|
|
resp = app.get(url, status=200)
|
|
assert 'edit-profile-phone@disabled' not in resp
|
|
assert 'edit-profile-title@disabled' in resp
|
|
assert 'edit-profile-agreement@disabled' in resp
|
|
assert phone.get_value(simple_user) == '0123456789'
|
|
|
|
|
|
def test_account_edit_next_url(app, simple_user, external_redirect_next_url, assert_external_redirect):
|
|
utils.login(app, simple_user)
|
|
url = reverse('profile_edit')
|
|
|
|
attribute = Attribute.objects.create(
|
|
name='phone', label='phone',
|
|
kind='string', user_visible=True,
|
|
user_editable=True)
|
|
|
|
resp = app.get(url + '?next=%s' % external_redirect_next_url, status=200)
|
|
resp.form.set('edit-profile-phone', '0123456789')
|
|
resp = resp.form.submit()
|
|
assert_external_redirect(resp, reverse('account_management'))
|
|
assert attribute.get_value(simple_user) == '0123456789'
|
|
|
|
resp = app.get(url + '?next=%s' % external_redirect_next_url, status=200)
|
|
resp.form.set('edit-profile-phone', '1234')
|
|
resp = resp.form.submit('cancel')
|
|
assert_external_redirect(resp, reverse('account_management'))
|
|
assert attribute.get_value(simple_user) == '0123456789'
|
|
|
|
|
|
def test_account_edit_scopes(app, simple_user):
|
|
utils.login(app, simple_user)
|
|
url = reverse('profile_edit')
|
|
|
|
Attribute.objects.create(name='phone', label='phone',
|
|
kind='string', user_visible=True,
|
|
user_editable=True, scopes='contact')
|
|
Attribute.objects.create(name='mobile', label='mobile phone',
|
|
kind='string', user_visible=True,
|
|
user_editable=True, scopes='contact')
|
|
|
|
Attribute.objects.create(name='city', label='city',
|
|
kind='string', user_visible=True,
|
|
user_editable=True, scopes='address')
|
|
Attribute.objects.create(name='zipcode', label='zipcode', kind='string',
|
|
user_visible=True, user_editable=True,
|
|
scopes='address')
|
|
|
|
def get_fields(resp):
|
|
return set(key.split('edit-profile-')[1]
|
|
for key in resp.form.fields.keys() if key and key.startswith('edit-profile-'))
|
|
resp = app.get(url, status=200)
|
|
assert get_fields(resp) == set(['first_name', 'last_name', 'phone', 'mobile', 'city', 'zipcode', 'next_url'])
|
|
|
|
resp = app.get(url + '?scope=contact', status=200)
|
|
assert get_fields(resp) == set(['phone', 'mobile', 'next_url'])
|
|
|
|
resp = app.get(url + '?scope=address', status=200)
|
|
assert get_fields(resp) == set(['city', 'zipcode', 'next_url'])
|
|
|
|
resp = app.get(url + '?scope=contact address', status=200)
|
|
assert get_fields(resp) == set(['phone', 'mobile', 'city', 'zipcode', 'next_url'])
|
|
|
|
resp = app.get(reverse('profile_edit_with_scope', kwargs={'scope': 'contact'}),
|
|
status=200)
|
|
assert get_fields(resp) == set(['phone', 'mobile', 'next_url'])
|
|
|
|
resp = app.get(reverse('profile_edit_with_scope', kwargs={'scope': 'address'}),
|
|
status=200)
|
|
assert get_fields(resp) == set(['city', 'zipcode', 'next_url'])
|
|
|
|
|
|
def test_account_edit_locked_title(app, simple_user):
|
|
Attribute.objects.create(
|
|
name='title', label='title',
|
|
kind='title', user_visible=True, user_editable=True)
|
|
simple_user.attributes.title = 'Monsieur'
|
|
|
|
utils.login(app, simple_user)
|
|
url = reverse('profile_edit')
|
|
response = app.get(url, status=200)
|
|
assert len(response.pyquery('input[type="radio"][name="edit-profile-title"]')) == 2
|
|
assert len(response.pyquery('input[type="radio"][name="edit-profile-title"][readonly="true"]')) == 0
|
|
assert len(response.pyquery('select[name="edit-profile-title"]')) == 0
|
|
|
|
simple_user.verified_attributes.title = 'Monsieur'
|
|
|
|
response = app.get(url, status=200)
|
|
assert len(response.pyquery('input[type="radio"][name="edit-profile-title"]')) == 0
|
|
assert len(response.pyquery('input[type="text"][name="edit-profile-title@disabled"][readonly]')) == 1
|