# -*- coding: utf-8 -*- # # ITerativ GmbH # http://www.iterativ.ch/ # # Copyright (c) 2019 ITerativ GmbH. All rights reserved. # # Created on 2019-10-02 # @author: chrigu import json import os from datetime import timedelta, datetime from unittest.mock import patch import requests from django.contrib.sessions.middleware import SessionMiddleware from django.test import TestCase, RequestFactory from django.utils import timezone from graphene.test import Client from api.schema_public import schema from core.factories import UserFactory from core.hep_client import HepClient from registration.factories import LicenseFactory from registration.models import License from users.models import Role, MagentoToken, User, SchoolClass FAKE_TOKEN = 'abcd12345!' ## Setup json data def make_orders_valid(order_items): for order_item in order_items['items']: for status in order_item['status_histories']: if status['comment'] == 'payed by couponcode': yesterday = datetime.now() - timedelta(1) status['created_at'] = datetime.strftime(yesterday, '%Y-%m-%d %H:%M:%S') return order_items # Load data dir_path = os.path.dirname(os.path.realpath(__file__)) with open('{}/test_data/valid_teacher_orders.json'.format(dir_path), 'r') as file: valid_teacher_order_data = file.read() with open('{}/test_data/valid_student_orders.json'.format(dir_path), 'r') as file: valid_student_order_data = file.read() with open('{}/test_data/me_data.json'.format(dir_path), 'r') as file: me_data = file.read() ME_DATA = json.loads(me_data) valid_teacher_order_items = json.loads(valid_teacher_order_data) VALID_TEACHERS_ORDERS = make_orders_valid(valid_teacher_order_items) valid_student_order_items = json.loads(valid_student_order_data) VALID_STUDENT_ORDERS = make_orders_valid(valid_student_order_items) ## Mocks class MockResponse: def __init__(self, status_code): self.status_code = status_code def json(self): return {} class PasswordResetTests(TestCase): def setUp(self): self.user = UserFactory(username='aschi@iterativ.ch', email='aschi@iterativ.ch') Role.objects.create_default_roles() self.teacher_role = Role.objects.get_default_teacher_role() request = RequestFactory().post('/') # adding session middleware = SessionMiddleware() middleware.process_request(request) request.session.save() self.client = Client(schema=schema, context_value=request) def make_login_mutation(self, username, password): mutation = ''' mutation Login($input: LoginInput!){ login(input: $input) { success errors { field } } } ''' return self.client.execute(mutation, variables={ 'input': { 'usernameInput': username, 'passwordInput': password } }) @patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN}) def test_user_can_login_with_local_user_and_valid_local_license(self, token_mock): now = timezone.now() expiry_date = now + timedelta(365) LicenseFactory(expire_date=expiry_date, licensee=self.user, for_role=self.teacher_role).save() result = self.make_login_mutation(self.user.email, 'test123') token = MagentoToken.objects.get(user=self.user) self.assertEqual(token.token, FAKE_TOKEN) self.assertTrue(result.get('data').get('login').get('success')) self.assertTrue(self.user.is_authenticated) @patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN}) @patch.object(HepClient, '_customer_orders', return_value=VALID_TEACHERS_ORDERS) @patch.object(HepClient, 'customer_me', return_value=ME_DATA) def test_teacher_can_login_with_local_user_and_remote_license(self, order_mock, token_mock, me_token): result = self.make_login_mutation(ME_DATA['email'], 'test123') user = User.objects.get(email=ME_DATA['email']) token = MagentoToken.objects.get(user=user) self.assertEqual(token.token, FAKE_TOKEN) user_role_key = user.user_roles.get(user=user).role.key self.assertEqual(user_role_key, Role.objects.TEACHER_KEY) license = License.objects.get(licensee=user) self.assertEqual(license.for_role.key, Role.objects.TEACHER_KEY) school_class = SchoolClass.objects.get(users__in=[user]) self.assertIsNotNone(school_class) self.assertTrue(result.get('data').get('login').get('success')) self.assertTrue(self.user.is_authenticated) @patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN}) @patch.object(HepClient, '_customer_orders', return_value=VALID_STUDENT_ORDERS) @patch.object(HepClient, 'customer_me', return_value=ME_DATA) def test_student_can_login_with_local_user_and_remote_license(self, order_mock, token_mock, me_token): result = self.make_login_mutation(ME_DATA['email'], 'test123') user = User.objects.get(email=ME_DATA['email']) token = MagentoToken.objects.get(user=user) self.assertEqual(token.token, FAKE_TOKEN) user_role_key = user.user_roles.get(user=user).role.key self.assertEqual(user_role_key, Role.objects.STUDENT_KEY) license = License.objects.get(licensee=user) self.assertEqual(license.for_role.key, Role.objects.STUDENT_KEY) self.assertTrue(result.get('data').get('login').get('success')) self.assertTrue(self.user.is_authenticated) @patch.object(requests, 'post', return_value=MockResponse(401)) def test_user_with_no_login_cannot_login(self, post_fn): result = self.make_login_mutation(ME_DATA['email'], 'test123') self.assertFalse(result.get('data').get('login').get('success')) # todo check message @patch.object(HepClient, 'is_email_verified', return_value=False) def test_user_with_unconfirmed_email_cannot_login(self, post_fn): result = self.make_login_mutation(ME_DATA['email'], 'test123') self.assertFalse(result.get('data').get('login').get('success')) # todo check message ## can login with license and user ## can login with no user and license # ?can login with no user and local license ## cannot login without user # cannot login with user and not verfied # cannot login with user and no license # cannot login with user and expired license # non 200 error # if more than one valid license take correct # if mulitple licenses and one correct take one test in own class # def test_user_cannot_login_with_invalid_password(self): # password = 'test123' # self.user.set_password(password) # self.user.save() # # result = self.make_login_mutation(self.user.email, 'test1234') # self.assertFalse(result.get('data').get('login').get('success')) # # def test_user_with_active_license_can_login(self): # password = 'test123' # self.user.set_password(password) # self.user.save() # # LicenseFactory(license_type=self.teacher_license_type, licensee=self.user) # # result = self.make_login_mutation(self.user.email, password) # self.assertTrue(result.get('data').get('login').get('success')) # # def test_user_with_inactive_license_cannot_login(self): # password = 'test123' # self.user.set_password(password) # self.user.save() # # self.teacher_license_type.active = False # self.teacher_license_type.save() # LicenseFactory(license_type=self.teacher_license_type, licensee=self.user) # # result = self.make_login_mutation(self.user.email, password) # self.assertFalse(result.get('data').get('login').get('success'))