/usr/lib/python2.7/dist-packages/registration/tests/test_hmac_workflow.py is in python-django-registration 2.2-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 | """
Tests for the HMAC signed-token registration workflow.
"""
import datetime
import time
from django.conf import settings
from django.core import signing
from django.core.urlresolvers import reverse
from django.http import HttpRequest
from django.test import modify_settings, override_settings
from .. import signals
from registration.backends.hmac.views import REGISTRATION_SALT
from .base import ActivationTestCase
@modify_settings(INSTALLED_APPS={'remove': 'registration'})
@override_settings(ROOT_URLCONF='registration.backends.hmac.urls')
class HMACViewTests(ActivationTestCase):
"""
Tests for the signed-token registration workflow.
"""
def test_activation(self):
"""
Activation of an account functions properly.
"""
resp = self.client.post(
reverse('registration_register'),
data=self.valid_data
)
activation_key = signing.dumps(
obj=self.valid_data[self.user_model.USERNAME_FIELD],
salt=REGISTRATION_SALT
)
with self.assertSignalSent(signals.user_activated):
resp = self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
self.assertRedirects(resp, reverse('registration_activation_complete'))
def test_repeat_activation(self):
"""
Once activated, attempting to re-activate an account (even
with a valid key) does nothing.
"""
resp = self.client.post(
reverse('registration_register'),
data=self.valid_data
)
activation_key = signing.dumps(
obj=self.valid_data[self.user_model.USERNAME_FIELD],
salt=REGISTRATION_SALT
)
with self.assertSignalSent(signals.user_activated):
resp = self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
# First activation redirects to success.
self.assertRedirects(resp, reverse('registration_activation_complete'))
with self.assertSignalNotSent(signals.user_activated):
resp = self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
# Second activation fails.
self.assertEqual(200, resp.status_code)
self.assertTemplateUsed(resp, 'registration/activate.html')
# The timestamp calculation will error if USE_TZ=True, due to
# trying to subtract a naive from an aware datetime. Since time
# zones aren't relevant to the test, we just temporarily disable
# time-zone support rather than do the more complex dance of
# checking the setting and forcing everything to naive or aware.
@override_settings(USE_TZ=False)
def test_activation_expired(self):
"""
An expired account can't be activated.
"""
self.client.post(
reverse('registration_register'),
data=self.valid_data
)
# We need to create an activation key valid for the username,
# but with a timestamp > ACCOUNT_ACTIVATION_DAYS days in the
# past. This requires monkeypatching time.time() to return
# that timestamp, since TimestampSigner uses time.time().
#
# On Python 3.3+ this is much easier because of the
# timestamp() method of datetime objects, but since
# django-registration has to run on Python 2.7, we manually
# calculate it using a timedelta between the signup date and
# the UNIX epoch, and patch time.time() temporarily to return
# a date (ACCOUNT_ACTIVATION_DAYS + 1) days in the past.
user = self.user_model.objects.get(**self.user_lookup_kwargs)
joined_timestamp = (
user.date_joined - datetime.datetime.fromtimestamp(0)
).total_seconds()
expired_timestamp = (
joined_timestamp - (settings.ACCOUNT_ACTIVATION_DAYS + 1) * 86400
)
_old_time = time.time
try:
time.time = lambda: expired_timestamp
activation_key = signing.dumps(
obj=self.valid_data[self.user_model.USERNAME_FIELD],
salt=REGISTRATION_SALT
)
finally:
time.time = _old_time
with self.assertSignalNotSent(signals.user_activated):
resp = self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
self.assertEqual(200, resp.status_code)
self.assertTemplateUsed(resp, 'registration/activate.html')
def test_nonexistent_activation(self):
"""
A nonexistent username in an activation key will fail to
activate.
"""
activation_key = signing.dumps(
obj='parrot',
salt=REGISTRATION_SALT
)
with self.assertSignalNotSent(signals.user_activated):
resp = self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
self.assertEqual(200, resp.status_code)
self.assertTemplateUsed(resp, 'registration/activate.html')
def test_activation_signal(self):
self.client.post(
reverse('registration_register'),
data=self.valid_data
)
activation_key = signing.dumps(
obj=self.valid_data[self.user_model.USERNAME_FIELD],
salt=REGISTRATION_SALT
)
with self.assertSignalSent(signals.user_activated,
required_kwargs=['user', 'request']) as cm:
self.client.get(
reverse(
'registration_activate',
args=(),
kwargs={'activation_key': activation_key}
)
)
self.assertEqual(
getattr(cm.received_kwargs['user'],
self.user_model.USERNAME_FIELD),
self.valid_data[self.user_model.USERNAME_FIELD]
)
self.assertTrue(
isinstance(cm.received_kwargs['request'], HttpRequest)
)
|