113 lines
2.9 KiB
Python
113 lines
2.9 KiB
Python
from django.test import TestCase
|
|
from rest_framework import status
|
|
from rest_framework.test import APITestCase
|
|
from django.utils import timezone
|
|
|
|
from .models import CustomUser
|
|
|
|
|
|
class AdminOnlyRegistrationEndpointsTests(APITestCase):
|
|
def setUp(self):
|
|
self.admin_user = CustomUser.objects.create_superuser(
|
|
email='admin@example.com',
|
|
password='adminpass123',
|
|
)
|
|
self.regular_user = CustomUser.objects.create_user(
|
|
email='user@example.com',
|
|
password='userpass123',
|
|
is_active=True,
|
|
)
|
|
|
|
def test_register_endpoint_rejects_non_admin(self):
|
|
self.client.force_authenticate(user=self.regular_user)
|
|
|
|
response = self.client.post(
|
|
'/api/v1/auth/users/',
|
|
{
|
|
'email': 'new-user@example.com',
|
|
'password': 'strong-pass-123',
|
|
're_password': 'strong-pass-123',
|
|
},
|
|
format='json',
|
|
)
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_register_endpoint_allows_admin(self):
|
|
self.client.force_authenticate(user=self.admin_user)
|
|
|
|
response = self.client.post(
|
|
'/api/v1/auth/users/',
|
|
{
|
|
'email': 'created-by-admin@example.com',
|
|
'password': 'strong-pass-123',
|
|
're_password': 'strong-pass-123',
|
|
},
|
|
format='json',
|
|
)
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
|
|
def test_activation_endpoint_rejects_non_admin(self):
|
|
self.client.force_authenticate(user=self.regular_user)
|
|
|
|
response = self.client.post(
|
|
'/api/v1/auth/users/activation/',
|
|
{'uid': 'invalid', 'token': 'invalid'},
|
|
format='json',
|
|
)
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_resend_activation_endpoint_rejects_non_admin(self):
|
|
self.client.force_authenticate(user=self.regular_user)
|
|
|
|
response = self.client.post(
|
|
'/api/v1/auth/users/resend_activation/',
|
|
{'email': self.regular_user.email},
|
|
format='json',
|
|
)
|
|
|
|
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
def test_resend_activation_endpoint_allows_admin_access(self):
|
|
self.client.force_authenticate(user=self.admin_user)
|
|
|
|
response = self.client.post(
|
|
'/api/v1/auth/users/resend_activation/',
|
|
{'email': self.regular_user.email},
|
|
format='json',
|
|
)
|
|
|
|
self.assertNotEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
class AccountExpiryTests(TestCase):
|
|
def test_user_is_deactivated_when_expired(self):
|
|
user = CustomUser.objects.create_user(
|
|
email='expired@example.com',
|
|
password='pass123456',
|
|
is_active=True,
|
|
active_until=timezone.now() - timezone.timedelta(days=1),
|
|
)
|
|
|
|
changed = user.deactivate_if_expired()
|
|
|
|
user.refresh_from_db()
|
|
self.assertTrue(changed)
|
|
self.assertFalse(user.is_active)
|
|
|
|
def test_user_stays_active_before_expiry(self):
|
|
user = CustomUser.objects.create_user(
|
|
email='active@example.com',
|
|
password='pass123456',
|
|
is_active=True,
|
|
active_until=timezone.now() + timezone.timedelta(days=3),
|
|
)
|
|
|
|
changed = user.deactivate_if_expired()
|
|
|
|
user.refresh_from_db()
|
|
self.assertFalse(changed)
|
|
self.assertTrue(user.is_active)
|