diff options
-rw-r--r-- | .pre-commit-config.yaml | 2 | ||||
-rw-r--r-- | requirements-dev.txt | 1 | ||||
-rw-r--r-- | templates/auth/signup.html | 13 | ||||
-rw-r--r-- | users/tests/models/__init__.py | 0 | ||||
-rw-r--r-- | users/tests/models/test_identity.py (renamed from users/tests/test_identity.py) | 0 | ||||
-rw-r--r-- | users/tests/views/__init__.py | 0 | ||||
-rw-r--r-- | users/tests/views/test_auth.py | 59 | ||||
-rw-r--r-- | users/views/auth.py | 4 |
8 files changed, 77 insertions, 2 deletions
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 98148fd..940fbbc 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,4 +35,4 @@ repos: rev: v0.982 hooks: - id: mypy - additional_dependencies: [types-pyopenssl, types-bleach] + additional_dependencies: [types-pyopenssl, types-bleach, types-mock] diff --git a/requirements-dev.txt b/requirements-dev.txt index 8879356..6be4cd3 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -3,6 +3,7 @@ pre-commit~=2.20.0 black==22.10.0 flake8==5.0.4 isort==5.10.1 +mock~=4.0.3 pre-commit~=2.20.0 pytest-django~=4.5.2 pytest-httpx~=0.21 diff --git a/templates/auth/signup.html b/templates/auth/signup.html index b1aaa50..7924c0a 100644 --- a/templates/auth/signup.html +++ b/templates/auth/signup.html @@ -7,13 +7,24 @@ {% csrf_token %} <fieldset> <legend>Create An Account</legend> - {{ config.signup_text|safe|linebreaks }} + {% if config.signup_text %}{{ config.signup_text|safe|linebreaks }}{% endif %} + {% if config.signup_allowed %} {% for field in form %} {% include "forms/_field.html" %} {% endfor %} + {% else %} + {% if not config.signup_text %} + <p>Not accepting new users at this time</p> + {% endif %} + {% endif %} + </fieldset> + + {% if config.signup_allowed %} <div class="buttons"> <button>Create</button> </div> + {% endif %} + </form> {% endblock %} diff --git a/users/tests/models/__init__.py b/users/tests/models/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/tests/models/__init__.py diff --git a/users/tests/test_identity.py b/users/tests/models/test_identity.py index 868894a..868894a 100644 --- a/users/tests/test_identity.py +++ b/users/tests/models/test_identity.py diff --git a/users/tests/views/__init__.py b/users/tests/views/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/users/tests/views/__init__.py diff --git a/users/tests/views/test_auth.py b/users/tests/views/test_auth.py new file mode 100644 index 0000000..22e1fb6 --- /dev/null +++ b/users/tests/views/test_auth.py @@ -0,0 +1,59 @@ +import mock +import pytest + +from core.models import Config +from users.models import User + + +@pytest.fixture +def config_system(): + # TODO: Good enough for now, but a better Config mocking system is needed + result = Config.load_system() + with mock.patch("core.models.Config.load_system", return_value=result): + yield result + + +@pytest.mark.django_db +def test_signup_disabled(client, config_system): + # Signup disabled and no signup text + config_system.signup_allowed = False + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" in content + assert "<button>Create</button>" not in content + + # Signup disabled with signup text configured + config_system.signup_text = "Go away!!!!!!" + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Go away!!!!!!" in content + + # Ensure direct POST doesn't side step guard + resp = client.post( + "/auth/signup/", data={"email": "test_signup_disabled@example.org"} + ) + assert resp.status_code == 200 + assert not User.objects.filter(email="test_signup_disabled@example.org").exists() + + # Signup enabled + config_system.signup_allowed = True + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" not in content + assert "<button>Create</button>" in content + + +@pytest.mark.django_db +def test_signup_invite_only(client, config_system): + config_system.signup_allowed = True + config_system.signup_invite_only = True + + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert 'name="invite_code"' in content + + # TODO: Actually test this diff --git a/users/views/auth.py b/users/views/auth.py index 2257ea5..61e9a29 100644 --- a/users/views/auth.py +++ b/users/views/auth.py @@ -49,6 +49,10 @@ class Signup(FormView): raise forms.ValidationError("That is not a valid invite code") return invite_code + def clean(self): + if not Config.system.signup_allowed: + raise forms.ValidationError("Not accepting new users at this time") + def form_valid(self, form): user = User.objects.create(email=form.cleaned_data["email"]) # Auto-promote the user to admin if that setting is set |