nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1468 Commits
2 Branches
15 MiB
Tree: 39198c827a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '39198c827a'
${ noResults }
healthchecks/hc/accounts/tests/test_project.py

214 lines
7.9 KiB
Raw Normal View History

Move project-specific settings to a new "Project Settings" page
6 years ago
Rate limit team invites to 20/day
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Improved UI to invite users from account's other projects. Fixes #258. The team size limit is applied to the number of distinct users across all projects. Fixes #332.
5 years ago
Rate limit team invites to 20/day
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Source formatted with Black
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Don't create default projects for invited users.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Source formatted with Black
6 years ago
Django 3.0
5 years ago
Source formatted with Black
6 years ago
Django 3.0
5 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Improved UI to invite users from account's other projects. Fixes #258. The team size limit is applied to the number of distinct users across all projects. Fixes #332.
5 years ago
Bugfix: don't allow duplicate team memberships
4 years ago
Handle excessively long email addresses in the team member invite form.
4 years ago
Rate limit team invites to 20/day
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Profile.current_project not used any more, remove last remaining references. cc: #336
5 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Check membership before removing project member.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Fix invite suggestions.
5 years ago
 
  1. from django.core import mail
  2. 

  3. from django.conf import settings
  4. from django.test.utils import override_settings
  5. from hc.test import BaseTestCase
  6. from hc.accounts.models import Member, Project
  7. from hc.api.models import TokenBucket
  8. 

  9. 

  10. class ProjectTestCase(BaseTestCase):
  11.     def setUp(self):
  12.         super(ProjectTestCase, self).setUp()
  13. 

  14.         self.url = "/projects/%s/settings/" % self.project.code
  15. 

  16.     def test_it_checks_access(self):
  17.         self.client.login(username="[email protected]", password="password")
  18.         r = self.client.get(self.url)
  19.         self.assertEqual(r.status_code, 404)
  20. 

  21.     def test_it_allows_team_access(self):
  22.         self.client.login(username="[email protected]", password="password")
  23.         r = self.client.get(self.url)
  24.         self.assertContains(r, "Change Project Name")
  25. 

  26.     def test_it_shows_api_keys(self):
  27.         self.project.api_key_readonly = "R" * 32
  28.         self.project.save()
  29. 

  30.         self.client.login(username="[email protected]", password="password")
  31. 

  32.         form = {"show_api_keys": "1"}
  33.         r = self.client.post(self.url, form)
  34.         self.assertEqual(r.status_code, 200)
  35. 

  36.         self.assertContains(r, "X" * 32)
  37.         self.assertContains(r, "R" * 32)
  38. 

  39.     def test_it_creates_api_key(self):
  40.         self.client.login(username="[email protected]", password="password")
  41. 

  42.         form = {"create_api_keys": "1"}
  43.         r = self.client.post(self.url, form)
  44.         self.assertEqual(r.status_code, 200)
  45. 

  46.         self.project.refresh_from_db()
  47.         api_key = self.project.api_key
  48.         self.assertTrue(len(api_key) > 10)
  49.         self.assertFalse("b'" in api_key)
  50. 

  51.     def test_it_revokes_api_key(self):
  52.         self.project.api_key_readonly = "R" * 32
  53.         self.project.save()
  54. 

  55.         self.client.login(username="[email protected]", password="password")
  56. 

  57.         form = {"revoke_api_keys": "1"}
  58.         r = self.client.post(self.url, form)
  59.         self.assertEqual(r.status_code, 200)
  60. 

  61.         self.project.refresh_from_db()
  62.         self.assertEqual(self.project.api_key, "")
  63.         self.assertEqual(self.project.api_key_readonly, "")
  64. 

  65.     def test_it_adds_team_member(self):
  66.         self.client.login(username="[email protected]", password="password")
  67. 

  68.         form = {"invite_team_member": "1", "email": "[email protected]"}
  69.         r = self.client.post(self.url, form)
  70.         self.assertEqual(r.status_code, 200)
  71. 

  72.         members = self.project.member_set.all()
  73.         self.assertEqual(members.count(), 2)
  74. 

  75.         member = Member.objects.get(
  76.             project=self.project, user__email="[email protected]"
  77.         )
  78. 

  79.         # The new user should not have their own project
  80.         self.assertFalse(member.user.project_set.exists())
  81. 

  82.         # And an email should have been sent
  83.         subj = (
  84.             "You have been invited to join"
  85.             " Alice's Project on %s" % settings.SITE_NAME
  86.         )
  87.         self.assertHTMLEqual(mail.outbox[0].subject, subj)
  88. 

  89.     def test_it_adds_member_from_another_team(self):
  90.         # With team limit at zero, we should not be able to invite any new users
  91.         self.profile.team_limit = 0
  92.         self.profile.save()
  93. 

  94.         # But Charlie will have an existing membership in another Alice's project
  95.         # so Alice *should* be able to invite Charlie:
  96.         p2 = Project.objects.create(owner=self.alice)
  97.         Member.objects.create(user=self.charlie, project=p2)
  98. 

  99.         self.client.login(username="[email protected]", password="password")
  100.         form = {"invite_team_member": "1", "email": "[email protected]"}
  101.         r = self.client.post(self.url, form)
  102.         self.assertEqual(r.status_code, 200)
  103. 

  104.         q = Member.objects.filter(project=self.project, user=self.charlie)
  105.         self.assertEqual(q.count(), 1)
  106. 

  107.         # And this should not have affected the rate limit:
  108.         q = TokenBucket.objects.filter(value="invite-%d" % self.alice.id)
  109.         self.assertFalse(q.exists())
  110. 

  111.     def test_it_rejects_duplicate_membership(self):
  112.         self.client.login(username="[email protected]", password="password")
  113. 

  114.         form = {"invite_team_member": "1", "email": "[email protected]"}
  115.         r = self.client.post(self.url, form)
  116.         self.assertContains(r, "[email protected] is already a member")
  117. 

  118.         # The number of memberships should have not increased
  119.         self.assertEqual(self.project.member_set.count(), 1)
  120. 

  121.     def test_it_rejects_owner_as_a_member(self):
  122.         self.client.login(username="[email protected]", password="password")
  123. 

  124.         form = {"invite_team_member": "1", "email": "[email protected]"}
  125.         r = self.client.post(self.url, form)
  126.         self.assertContains(r, "[email protected] is already a member")
  127. 

  128.         # The number of memberships should have not increased
  129.         self.assertEqual(self.project.member_set.count(), 1)
  130. 

  131.     def test_it_rejects_too_long_email_addresses(self):
  132.         self.client.login(username="[email protected]", password="password")
  133. 

  134.         aaa = "a" * 300
  135.         form = {"invite_team_member": "1", "email": f"frank+{aaa}@example.org"}
  136.         r = self.client.post(self.url, form)
  137.         self.assertEqual(r.status_code, 200)
  138. 

  139.         # No email should have been sent
  140.         self.assertEqual(len(mail.outbox), 0)
  141. 

  142.     @override_settings(SECRET_KEY="test-secret")
  143.     def test_it_rate_limits_invites(self):
  144.         obj = TokenBucket(value="invite-%d" % self.alice.id)
  145.         obj.tokens = 0
  146.         obj.save()
  147. 

  148.         self.client.login(username="[email protected]", password="password")
  149. 

  150.         form = {"invite_team_member": "1", "email": "[email protected]"}
  151.         r = self.client.post(self.url, form)
  152.         self.assertContains(r, "Too Many Requests")
  153. 

  154.         self.assertEqual(len(mail.outbox), 0)
  155. 

  156.     def test_it_requires_owner_to_add_team_member(self):
  157.         self.client.login(username="[email protected]", password="password")
  158. 

  159.         form = {"invite_team_member": "1", "email": "[email protected]"}
  160.         r = self.client.post(self.url, form)
  161.         self.assertEqual(r.status_code, 403)
  162. 

  163.     def test_it_checks_team_size(self):
  164.         self.profile.team_limit = 0
  165.         self.profile.save()
  166. 

  167.         self.client.login(username="[email protected]", password="password")
  168. 

  169.         form = {"invite_team_member": "1", "email": "[email protected]"}
  170.         r = self.client.post(self.url, form)
  171.         self.assertEqual(r.status_code, 403)
  172. 

  173.     def test_it_removes_team_member(self):
  174.         self.client.login(username="[email protected]", password="password")
  175. 

  176.         form = {"remove_team_member": "1", "email": "[email protected]"}
  177.         r = self.client.post(self.url, form)
  178.         self.assertEqual(r.status_code, 200)
  179. 

  180.         self.assertFalse(Member.objects.exists())
  181. 

  182.     def test_it_requires_owner_to_remove_team_member(self):
  183.         self.client.login(username="[email protected]", password="password")
  184. 

  185.         form = {"remove_team_member": "1", "email": "[email protected]"}
  186.         r = self.client.post(self.url, form)
  187.         self.assertEqual(r.status_code, 403)
  188. 

  189.     def test_it_checks_membership_when_removing_team_member(self):
  190.         self.client.login(username="[email protected]", password="password")
  191. 

  192.         url = "/projects/%s/settings/" % self.charlies_project.code
  193.         form = {"remove_team_member": "1", "email": "[email protected]"}
  194.         r = self.client.post(url, form)
  195.         self.assertEqual(r.status_code, 400)
  196. 

  197.     def test_it_sets_project_name(self):
  198.         self.client.login(username="[email protected]", password="password")
  199. 

  200.         form = {"set_project_name": "1", "name": "Alpha Team"}
  201.         r = self.client.post(self.url, form)
  202.         self.assertEqual(r.status_code, 200)
  203. 

  204.         self.project.refresh_from_db()
  205.         self.assertEqual(self.project.name, "Alpha Team")
  206. 

  207.     def test_it_shows_invite_suggestions(self):
  208.         p2 = Project.objects.create(owner=self.alice)
  209. 

  210.         self.client.login(username="[email protected]", password="password")
  211. 

  212.         r = self.client.get("/projects/%s/settings/" % p2.code)
  213.         self.assertContains(r, "Add Users from Other Teams")
  214.         self.assertContains(r, "[email protected]")