Save group_id, verify email confirmed

2020-01-30 07:11:34 +01:00 · 2020-01-30 07:11:34 +01:00 · 45f887287f
parent a2f634a677
commit 45f887287f
8 changed files with 89 additions and 20 deletions
--- a/server/core/hep_client.py
+++ b/server/core/hep_client.py
@ -70,8 +70,8 @@ class HepClient:
                              data={'customerEmail': email, 'websiteId': self.WEBSITE_ID})
        return response.json()

-    def is_email_verified(self, email):
-        return True
+    def is_email_verified(self, user_data):
+        return 'confirmation' not in user_data

    def customer_verify_email(self, confirmation_key):
        response = self._call('/rest/V1/customers/me', method='put', data={'confirmationKey': confirmation_key})
--- a/server/users/managers.py
+++ b/server/users/managers.py
@ -99,12 +99,11 @@ class UserManager(DjangoUserManager):
        user.save()
        return user

-    def create_user_from_hep(self, token):
-        hep_client = HepClient()
-        me_data = hep_client.customer_me(token)
+    def create_user_from_hep(self, user_data):
        user = self.user = self._create_user_with_random_password_no_save(
-            me_data['firstname'], me_data['lastname'], me_data['email'])
+            user_data['firstname'], user_data['lastname'], user_data['email'])

-        user.hep_id = me_data['id']
+        user.hep_id = user_data['id']
+        user.hep_gruop_id = user_data['group_id']
        user.save()
        return user
--- a/server/users/migrations/0012_user_hep_group_id.py
+++ b/server/users/migrations/0012_user_hep_group_id.py
@ -0,0 +1,18 @@
+# Generated by Django 2.0.6 on 2020-01-30 05:50
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0011_user_hep_id'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='hep_group_id',
+            field=models.PositiveIntegerField(null=True),
+        ),
+    ]
--- a/server/users/models.py
+++ b/server/users/models.py
@ -16,6 +16,7 @@ class User(AbstractUser):
    avatar_url = models.CharField(max_length=254, blank=True, default='')
    email = models.EmailField(_('email address'), unique=True)
    hep_id = models.PositiveIntegerField(null=True, blank=False)
+    hep_group_id = models.PositiveIntegerField(null=True, blank=False)

    objects = UserManager()

--- a/server/users/mutations_public.py
+++ b/server/users/mutations_public.py
@ -47,7 +47,7 @@ class Login(relay.ClientIDMutation):
            token = kwargs.get('token')

            try:
-                hep_client.customer_me(token)
+                user_data = hep_client.customer_me(token)
            except HepClientUnauthorizedException:
                return cls.return_login_error('invalid_credentials')
            except HepClientException:
@ -56,15 +56,15 @@ class Login(relay.ClientIDMutation):
            try:
                user = User.objects.get(email=username)
            except User.DoesNotExist:
-                user = User.objects.create_user_from_hep(token)
+                user = User.objects.create_user_from_hep(user_data)

-            #is this needed?
+            #todo is this needed?
            magento_token, created = MagentoToken.objects.get_or_create(user=user)
            magento_token.token = token
            magento_token.save()

            try:
-                if not hep_client.is_email_verified(username):
+                if not hep_client.is_email_verified(user_data):
                    return cls.return_login_error('email_not_verified')
            except HepClientException:
                return cls.return_login_error('unknown_error')
--- a/server/users/tests/test_data/email_not_confirmed_me.json
+++ b/server/users/tests/test_data/email_not_confirmed_me.json
@ -0,0 +1,41 @@
+{
+  "id": 49124,
+  "group_id": 1,
+  "default_billing": "47579",
+  "default_shipping": "47579",
+  "confirmation": "41b58ba6598a618095e8c70625d7f052",
+  "created_at": "2018-07-19 15:05:27",
+  "updated_at": "2019-11-26 17:04:29",
+  "created_in": "hep verlag",
+  "email": "1heptest19072018@mailinator.com",
+  "firstname": "Test",
+  "lastname": "Test",
+  "prefix": "Frau",
+  "gender": 2,
+  "store_id": 1,
+  "website_id": 1,
+  "addresses": [
+    {
+      "id": 47579,
+      "customer_id": 49124,
+      "region": {
+        "region_code": null,
+        "region": null,
+        "region_id": 0
+      },
+      "region_id": 0,
+      "country_id": "CH",
+      "street": [
+        "Test"
+      ],
+      "telephone": "",
+      "postcode": "0000",
+      "city": "Test",
+      "firstname": "Test",
+      "lastname": "Test",
+      "prefix": "Frau",
+      "default_shipping": true,
+      "default_billing": true
+    }
+  ]
+}
--- a/server/users/tests/test_data/me_data.json
+++ b/server/users/tests/test_data/me_data.json
@ -3,7 +3,6 @@
  "group_id": 1,
  "default_billing": "47579",
  "default_shipping": "47579",
-  "confirmation": "41b58ba6598a618095e8c70625d7f052",
  "created_at": "2018-07-19 15:05:27",
  "updated_at": "2019-11-26 17:04:29",
  "created_in": "hep verlag",
--- a/server/users/tests/test_login.py
+++ b/server/users/tests/test_login.py
@ -51,7 +51,11 @@ with open('{}/test_data/valid_student_orders.json'.format(dir_path), 'r') as fil
 with open('{}/test_data/me_data.json'.format(dir_path), 'r') as file:
    me_data = file.read()

+with open('{}/test_data/email_not_confirmed_me.json'.format(dir_path), 'r') as file:
+    not_confirmed_email_me_data = file.read()
+
 ME_DATA = json.loads(me_data)
+NOT_CONFIRMED_ME = json.loads(not_confirmed_email_me_data)

 valid_teacher_order_items = json.loads(valid_teacher_order_data)
 VALID_TEACHERS_ORDERS = make_orders_valid(valid_teacher_order_items)
@ -109,7 +113,7 @@ class PasswordResetTests(TestCase):
        expiry_date = now + timedelta(365)
        LicenseFactory(expire_date=expiry_date, licensee=self.user, for_role=self.teacher_role).save()

-        result = self.make_login_mutation(self.user.email, 'test123')
+        result = self.make_login_mutation(self.user.email, TOKEN)

        self.assertTrue(result.get('data').get('login').get('success'))
        self.assertTrue(self.user.is_authenticated)
@ -117,7 +121,7 @@ class PasswordResetTests(TestCase):
    @patch.object(HepClient, '_customer_orders', return_value=VALID_TEACHERS_ORDERS)
    @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
    def test_teacher_can_login_with_local_user_and_remote_license(self, order_mock, me_token):
-        result = self.make_login_mutation(ME_DATA['email'], 'test123')
+        result = self.make_login_mutation(ME_DATA['email'], TOKEN)

        user = User.objects.get(email=ME_DATA['email'])

@ -136,7 +140,7 @@ class PasswordResetTests(TestCase):
    @patch.object(HepClient, '_customer_orders', return_value=VALID_STUDENT_ORDERS)
    @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
    def test_student_can_login_with_local_user_and_remote_license(self, order_mock, me_token):
-        result = self.make_login_mutation(ME_DATA['email'], 'test123')
+        result = self.make_login_mutation(ME_DATA['email'], TOKEN)

        user = User.objects.get(email=ME_DATA['email'])

@ -151,7 +155,7 @@ class PasswordResetTests(TestCase):

    @patch.object(requests, 'post', return_value=MockResponse(401))
    def test_user_with_no_login_cannot_login(self, post_mock):
-        result = self.make_login_mutation(ME_DATA['email'], 'test123')
+        result = self.make_login_mutation(ME_DATA['email'], TOKEN)

        self.assertFalse(result.get('data').get('login').get('success'))
        self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'invalid_credentials')
@ -159,7 +163,7 @@ class PasswordResetTests(TestCase):
    @patch.object(HepClient, 'is_email_verified', return_value=False)
    @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
    def test_user_with_unconfirmed_email_cannot_login(self, me_mock, post_mock):
-        result = self.make_login_mutation(ME_DATA['email'], 'test123')
+        result = self.make_login_mutation(ME_DATA['email'], TOKEN)

        user = User.objects.get(email=ME_DATA['email'])

@ -169,7 +173,7 @@ class PasswordResetTests(TestCase):
    @patch.object(HepClient, 'myskillbox_product_for_customer', return_value=None)
    @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
    def test_user_cannot_login_without_license(self, me_mock, product_mock):
-        result = self.make_login_mutation(self.user.email, 'test123')
+        result = self.make_login_mutation(self.user.email, TOKEN)

        self.assertFalse(result.get('data').get('login').get('success'))
        self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license')
@ -180,14 +184,21 @@ class PasswordResetTests(TestCase):
        expiry_date = now - timedelta(1)
        LicenseFactory(expire_date=expiry_date, licensee=self.user, for_role=self.teacher_role).save()

-        result = self.make_login_mutation(self.user.email, 'test123')
+        result = self.make_login_mutation(self.user.email, TOKEN)

        self.assertFalse(result.get('data').get('login').get('success'))
        self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license')

+    @patch.object(HepClient, 'customer_me', return_value=NOT_CONFIRMED_ME)
+    def test_user_cannot_login_with_unconfirmed_email(self, me_mock):
+        result = self.make_login_mutation(self.user.email, TOKEN)
+
+        self.assertFalse(result.get('data').get('login').get('success'))
+        self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'email_not_verified')
+
    @patch.object(requests, 'get', return_value=MockResponse(500))
    def test_user_gets_notified_if_server_error(self, post_mock):
-        result = self.make_login_mutation(ME_DATA['email'], 'test123')
+        result = self.make_login_mutation(ME_DATA['email'], TOKEN)

        self.assertFalse(result.get('data').get('login').get('success'))
        self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'unknown_error')