From 0d1e09fbcdb1a1db93d9561c9323c7ef105e71ca Mon Sep 17 00:00:00 2001 From: Andrew Godwin Date: Mon, 21 Nov 2022 20:10:01 -0700 Subject: Refactor almost all tests into /tests/ --- activities/tests/__init__.py | 0 activities/tests/models/__init__.py | 0 activities/tests/models/test_post.py | 31 ---- activities/tests/templatetags/__init__.py | 0 .../tests/templatetags/test_activity_tags.py | 21 --- core/tests/__init__.py | 0 core/tests/conftest.py | 9 -- core/tests/test_signatures.py | 156 ------------------ tests/activities/models/test_post.py | 31 ++++ .../activities/templatetags/test_activity_tags.py | 21 +++ tests/conftest.py | 59 +++++++ tests/core/test_signatures.py | 114 +++++++++++++ tests/users/models/test_identity.py | 178 +++++++++++++++++++++ tests/users/views/test_activitypub.py | 31 ++++ tests/users/views/test_auth.py | 59 +++++++ users/tests/__init__.py | 0 users/tests/conftest.py | 51 ------ users/tests/models/__init__.py | 0 users/tests/models/test_identity.py | 178 --------------------- users/tests/test_activitypub.py | 31 ---- users/tests/views/__init__.py | 0 users/tests/views/test_auth.py | 59 ------- 22 files changed, 493 insertions(+), 536 deletions(-) delete mode 100644 activities/tests/__init__.py delete mode 100644 activities/tests/models/__init__.py delete mode 100644 activities/tests/models/test_post.py delete mode 100644 activities/tests/templatetags/__init__.py delete mode 100644 activities/tests/templatetags/test_activity_tags.py delete mode 100644 core/tests/__init__.py delete mode 100644 core/tests/conftest.py delete mode 100644 core/tests/test_signatures.py create mode 100644 tests/activities/models/test_post.py create mode 100644 tests/activities/templatetags/test_activity_tags.py create mode 100644 tests/conftest.py create mode 100644 tests/core/test_signatures.py create mode 100644 tests/users/models/test_identity.py create mode 100644 tests/users/views/test_activitypub.py create mode 100644 tests/users/views/test_auth.py delete mode 100644 users/tests/__init__.py delete mode 100644 users/tests/conftest.py delete mode 100644 users/tests/models/__init__.py delete mode 100644 users/tests/models/test_identity.py delete mode 100644 users/tests/test_activitypub.py delete mode 100644 users/tests/views/__init__.py delete mode 100644 users/tests/views/test_auth.py diff --git a/activities/tests/__init__.py b/activities/tests/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/activities/tests/models/__init__.py b/activities/tests/models/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/activities/tests/models/test_post.py b/activities/tests/models/test_post.py deleted file mode 100644 index 5c7fca2..0000000 --- a/activities/tests/models/test_post.py +++ /dev/null @@ -1,31 +0,0 @@ -import pytest -from pytest_httpx import HTTPXMock - -from activities.models import Post - - -@pytest.mark.django_db -def test_fetch_post(httpx_mock: HTTPXMock): - """ - Tests that a post we don't have locally can be fetched by by_object_uri - """ - httpx_mock.add_response( - url="https://example.com/test-post", - json={ - "@context": [ - "https://www.w3.org/ns/activitystreams", - ], - "id": "https://example.com/test-post", - "type": "Note", - "published": "2022-11-13T23:20:16Z", - "url": "https://example.com/test-post", - "attributedTo": "https://example.com/test-actor", - "content": "BEEEEEES", - }, - ) - # Fetch with a HTTP access - post = Post.by_object_uri("https://example.com/test-post", fetch=True) - assert post.content == "BEEEEEES" - assert post.author.actor_uri == "https://example.com/test-actor" - # Fetch again with a DB hit - assert Post.by_object_uri("https://example.com/test-post").id == post.id diff --git a/activities/tests/templatetags/__init__.py b/activities/tests/templatetags/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/activities/tests/templatetags/test_activity_tags.py b/activities/tests/templatetags/test_activity_tags.py deleted file mode 100644 index 987c008..0000000 --- a/activities/tests/templatetags/test_activity_tags.py +++ /dev/null @@ -1,21 +0,0 @@ -from datetime import timedelta - -from django.utils import timezone - -from activities.templatetags.activity_tags import timedeltashort - - -def test_timedeltashort_regress(): - assert timedeltashort(None) == "" - assert timedeltashort("") == "" - - value = timezone.now() - - assert timedeltashort(value) == "0s" - assert timedeltashort(value - timedelta(seconds=2)) == "2s" - assert timedeltashort(value - timedelta(minutes=2)) == "2m" - assert timedeltashort(value - timedelta(hours=2)) == "2h" - assert timedeltashort(value - timedelta(days=2)) == "2d" - assert timedeltashort(value - timedelta(days=364)) == "364d" - assert timedeltashort(value - timedelta(days=365)) == "1y" - assert timedeltashort(value - timedelta(days=366)) == "1y" diff --git a/core/tests/__init__.py b/core/tests/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/core/tests/conftest.py b/core/tests/conftest.py deleted file mode 100644 index ab8d6ea..0000000 --- a/core/tests/conftest.py +++ /dev/null @@ -1,9 +0,0 @@ -import pytest -from pyld import jsonld - -from core.ld import builtin_document_loader - - -@pytest.fixture(scope="session", autouse=True) -def ldloader(): - jsonld.set_document_loader(builtin_document_loader) diff --git a/core/tests/test_signatures.py b/core/tests/test_signatures.py deleted file mode 100644 index 2d480b7..0000000 --- a/core/tests/test_signatures.py +++ /dev/null @@ -1,156 +0,0 @@ -import pytest -from asgiref.sync import async_to_sync -from django.test.client import RequestFactory -from pytest_httpx import HTTPXMock - -from core.signatures import HttpSignature, LDSignature, VerificationError - -# Our testing-only keypair -private_key = """-----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzNJa9JIxQpOtQ -z8UQKXDPREF9DyBliGu3uPWo6DMnkOm7hoh2+nOryrWDqWOFaVK//n7kltHXUEbm -U3exh0/0iWfzx2AbNrI04csAvW/hRvHbHBnVTotSxzqTd3ESkpcSW4xVuz9aCcFR -kW3unSCO3fF0Lh8Jsy9N/CT6oTnwG+ZpeGvHVbh9xfR5Ww6zA7z8A6B17hbzdMd/ -3qUPijyIb5se4cWVtGg/ZJ0X1syn9u9kpwUjhHlyWH/esMRHxPuW49BPZPhhKs1+ -t//4xgZcRX515qFqPS2EtYgZAfh7M3TRv8uCSzL4TT+8ka9IUwKdV6TFaqH27bAG -KyJQfGaTAgMBAAECggEALZY5qFjlRtiFMfQApdlc5KTw4d7Yt2tqN3zaJUMYTD7d -boJNMbMJfNCetyT+d6Aw2D1ly0GglNzLhGkEQElzKfpQUt/Lj3CtCa3Mpd4K2Wxi -NwJhgfUulPqwaHYQchCPVLCsNNziw0VLA7Rymionb6B+/TaEV8PYy0ZSo90ir3UD -CL5t+IWgIPiy6pk1wGOmeB+tU4+V7/hFel+vPFNahafqVhLE311dfx2aOfweAEfN -e4JoPeJP1/fB+BVZMyVSAraKz6wheymBBNKKn/vpFsdd6it2AP4UZeFp6ma9wT9t -nk65IpHg1MBxazQd7621GrPH+ZnhMg62H/FEj6rIDQKBgQC1w1fEbk+zjI54DXU8 -FAe5cJbZS89fMP5CtzlWKzTzfdaavT+5cUYp3XAv37tSGsqYAXxY+4bHGa+qdCQO -I41cmylWGNX2e29/p2BspDPM6YQ0Z21MxFRBTWvHFrhd0bF1cXKBKPttdkKvzOEP -6uNy+/QtRNn9xF/ZjaMHcyPPTQKBgQD8ZdOmZ3TMsYJchAjjseN8S+Objw2oZzmK -6I1ULJBz3DWiyCUfir+pMjSH4fsAf9zrHkiM7xUgMByTukVRt16BrT7TlEBanAxc -/AKdNB3f0pza829LCz1lMAUn+ngZLTmRR+1rQFXqTjhB+0peJzKiMli+9BBhL9Ry -jMeTuLHdXwKBgGiz9kL5KIBNX2RYnEfXYfu4l6zktrgnCNB1q1mv2fjJbG4GxkaU -sc47+Pwa7VUGid22PWMkwSa/7SlLbdmXMT8/QjiOZfJueHQYfrsWe6B2g+mMCrJG -BiL37jXpKJsiyA7XIxaz/OG5VgDfDGaW8B60dJv/JXPBQ1WW+Wq5MM+hAoGAAUdS -xykHAnJzwpw4n06rZFnOEV+sJgo/1GBRNvfy02NuMiDpbzt4tRa4BWgzqVD8gYRp -wa0EYmFcA7OR3lQbenSyOMgre0oHFgGA0eMNs7CRctqA2dR4vyZ7IDS4nwgHnqDK -pxxwUvuKdWsceVWhgAjZQj5iRtvDK8Fi0XDCFekCgYALTU1v5iMIpaRAe+eyA2B1 -42qm4B/uhXznvOu2YXU6iJFmMgHGYgpa+Dq8uUjKtpn/LIFeX1KN0hH8z/0LW3gB -e7tN7taW0oLK3RQcEMfkZ7diE9x3LGqo/xMxsZMtxAr88p5eMEU/nxxznOqq+W9b -qxRbXYzEtHz+cW9+FZkyVw== ------END PRIVATE KEY-----""" - -public_key = """-----BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszSWvSSMUKTrUM/FEClw -z0RBfQ8gZYhrt7j1qOgzJ5Dpu4aIdvpzq8q1g6ljhWlSv/5+5JbR11BG5lN3sYdP -9Iln88dgGzayNOHLAL1v4Ubx2xwZ1U6LUsc6k3dxEpKXEluMVbs/WgnBUZFt7p0g -jt3xdC4fCbMvTfwk+qE58BvmaXhrx1W4fcX0eVsOswO8/AOgde4W83THf96lD4o8 -iG+bHuHFlbRoP2SdF9bMp/bvZKcFI4R5clh/3rDER8T7luPQT2T4YSrNfrf/+MYG -XEV+deahaj0thLWIGQH4ezN00b/Lgksy+E0/vJGvSFMCnVekxWqh9u2wBisiUHxm -kwIDAQAB ------END PUBLIC KEY-----""" - -public_key_id = "https://example.com/test-actor#test-key" - - -def test_sign_ld(): - """ - Tests signing JSON-LD documents by round-tripping them through the - verifier. - """ - # Create the signature - document = { - "id": "https://example.com/test-create", - "type": "Create", - "actor": "https://example.com/test-actor", - "object": { - "id": "https://example.com/test-object", - "type": "Note", - }, - } - signature_section = LDSignature.create_signature( - document, - private_key, - public_key_id, - ) - # Check it and assign it to the document - assert "signatureValue" in signature_section - assert signature_section["type"] == "RsaSignature2017" - document["signature"] = signature_section - # Now verify it ourselves - LDSignature.verify_signature(document, public_key) - - -def test_verifying_ld(): - """ - Tests verifying JSON-LD signatures from a known-good document - """ - document = { - "id": "https://example.com/test-create", - "type": "Create", - "actor": "https://example.com/test-actor", - "object": {"id": "https://example.com/test-object", "type": "Note"}, - "signature": { - "@context": "https://w3id.org/identity/v1", - "creator": "https://example.com/test-actor#test-key", - "created": "2022-11-12T21:41:47Z", - "signatureValue": "nTHfkHqG4hegfnjpHucXtXDLDaIKi2Duk+NeCzqTtkjf4NneXsofbZY2tGew4uAooEe1UeM23PIyjWYnR16KwcD4YY8nMj8L3xY2czwQPScMM9n+KhSHzkWfX+iI4FWKbjpPI8M53EtTRJU+1qEjjmGUx03Ip0vfvT5821etIgvY4wLNhg3y7R8fevnNux+BeytcEV6gM4awJJ6RK0xrWGLyTgDNon5V5aNUjwcV/UVPy9UAQi1KYWtA74/F0Y4oPzL5CTudPpyiViyVHZQaal4r+ExzgSvGztqKxQeT1ya6gLXxbm1YQ+8UiGVSS8zoGhMFDEZWVsRPv7e0jm5wfA==", - "type": "RsaSignature2017", - }, - } - # Ensure it verifies with correct data - LDSignature.verify_signature(document, public_key) - # Mutate it slightly and ensure it does not verify - with pytest.raises(VerificationError): - document["actor"] = "https://example.com/evil-actor" - LDSignature.verify_signature(document, public_key) - - -def test_sign_http(httpx_mock: HTTPXMock): - """ - Tests signing HTTP requests by round-tripping them through our verifier - """ - # Create document - document = { - "id": "https://example.com/test-create", - "type": "Create", - "actor": "https://example.com/test-actor", - "object": { - "id": "https://example.com/test-object", - "type": "Note", - }, - } - # Send the signed request to the mock library - httpx_mock.add_response() - async_to_sync(HttpSignature.signed_request)( - uri="https://example.com/test-actor", - body=document, - private_key=private_key, - key_id=public_key_id, - ) - # Retrieve it and construct a fake request object - outbound_request = httpx_mock.get_request() - fake_request = RequestFactory().post( - path="/test-actor", - data=outbound_request.content, - content_type=outbound_request.headers["content-type"], - HTTP_HOST="example.com", - HTTP_DATE=outbound_request.headers["date"], - HTTP_SIGNATURE=outbound_request.headers["signature"], - HTTP_DIGEST=outbound_request.headers["digest"], - ) - # Verify that - HttpSignature.verify_request(fake_request, public_key) - - -def test_verify_http(): - """ - Tests verifying HTTP requests against a known good example - """ - # Make our predictable request - fake_request = RequestFactory().post( - path="/test-actor", - data=b'{"id": "https://example.com/test-create", "type": "Create", "actor": "https://example.com/test-actor", "object": {"id": "https://example.com/test-object", "type": "Note"}}', - content_type="application/json", - HTTP_HOST="example.com", - HTTP_DATE="Sat, 12 Nov 2022 21:57:18 GMT", - HTTP_SIGNATURE='keyId="https://example.com/test-actor#test-key",headers="(request-target) host date digest content-type",signature="IRduYoDJIh90mprjUgOIdxY1iaBWHs5ou9vsDlcmSekg6DXMZTiXjmZxbNIrnpEbNFu3wTcqz1nv9H97Gp7orbYMuHm6j2ecxsvzSr37T9jxBbt3Ov3xSfuYWwhv6PuTWNxHtUQWNuAIc3wHDAQt8Flnak/uHe7swoAq4uHq2kt18iMW6CEV9XA5ESFho2HSUgRaifoNxJlIWbHYPJiP0t9aktgGBkpQoZ8ulOj3Ew4RwC1lwk9kzWiLIjU4tSAie8RbIy2g0aUvA1tQh9Uge1by3o7+349SL5iooj+B6WSCEvvjEl52wo3xoEQmv0ptYuSPLUgB9tP8q7DoHEc8Dw==",algorithm="rsa-sha256"', - HTTP_DIGEST="SHA-256=07sIbQ3GlOHWMbFMNajtPNtmUQXXu20UuvrIYLlI3kc=", - ) - # Verify that - HttpSignature.verify_request(fake_request, public_key, skip_date=True) diff --git a/tests/activities/models/test_post.py b/tests/activities/models/test_post.py new file mode 100644 index 0000000..5c7fca2 --- /dev/null +++ b/tests/activities/models/test_post.py @@ -0,0 +1,31 @@ +import pytest +from pytest_httpx import HTTPXMock + +from activities.models import Post + + +@pytest.mark.django_db +def test_fetch_post(httpx_mock: HTTPXMock): + """ + Tests that a post we don't have locally can be fetched by by_object_uri + """ + httpx_mock.add_response( + url="https://example.com/test-post", + json={ + "@context": [ + "https://www.w3.org/ns/activitystreams", + ], + "id": "https://example.com/test-post", + "type": "Note", + "published": "2022-11-13T23:20:16Z", + "url": "https://example.com/test-post", + "attributedTo": "https://example.com/test-actor", + "content": "BEEEEEES", + }, + ) + # Fetch with a HTTP access + post = Post.by_object_uri("https://example.com/test-post", fetch=True) + assert post.content == "BEEEEEES" + assert post.author.actor_uri == "https://example.com/test-actor" + # Fetch again with a DB hit + assert Post.by_object_uri("https://example.com/test-post").id == post.id diff --git a/tests/activities/templatetags/test_activity_tags.py b/tests/activities/templatetags/test_activity_tags.py new file mode 100644 index 0000000..987c008 --- /dev/null +++ b/tests/activities/templatetags/test_activity_tags.py @@ -0,0 +1,21 @@ +from datetime import timedelta + +from django.utils import timezone + +from activities.templatetags.activity_tags import timedeltashort + + +def test_timedeltashort_regress(): + assert timedeltashort(None) == "" + assert timedeltashort("") == "" + + value = timezone.now() + + assert timedeltashort(value) == "0s" + assert timedeltashort(value - timedelta(seconds=2)) == "2s" + assert timedeltashort(value - timedelta(minutes=2)) == "2m" + assert timedeltashort(value - timedelta(hours=2)) == "2h" + assert timedeltashort(value - timedelta(days=2)) == "2d" + assert timedeltashort(value - timedelta(days=364)) == "364d" + assert timedeltashort(value - timedelta(days=365)) == "1y" + assert timedeltashort(value - timedelta(days=366)) == "1y" diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 0000000..79bdf60 --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,59 @@ +import pytest + +from core.models import Config + + +@pytest.fixture +def keypair(): + """ + Testing-only keypair + """ + return { + "private_key": """-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzNJa9JIxQpOtQ +z8UQKXDPREF9DyBliGu3uPWo6DMnkOm7hoh2+nOryrWDqWOFaVK//n7kltHXUEbm +U3exh0/0iWfzx2AbNrI04csAvW/hRvHbHBnVTotSxzqTd3ESkpcSW4xVuz9aCcFR +kW3unSCO3fF0Lh8Jsy9N/CT6oTnwG+ZpeGvHVbh9xfR5Ww6zA7z8A6B17hbzdMd/ +3qUPijyIb5se4cWVtGg/ZJ0X1syn9u9kpwUjhHlyWH/esMRHxPuW49BPZPhhKs1+ +t//4xgZcRX515qFqPS2EtYgZAfh7M3TRv8uCSzL4TT+8ka9IUwKdV6TFaqH27bAG +KyJQfGaTAgMBAAECggEALZY5qFjlRtiFMfQApdlc5KTw4d7Yt2tqN3zaJUMYTD7d +boJNMbMJfNCetyT+d6Aw2D1ly0GglNzLhGkEQElzKfpQUt/Lj3CtCa3Mpd4K2Wxi +NwJhgfUulPqwaHYQchCPVLCsNNziw0VLA7Rymionb6B+/TaEV8PYy0ZSo90ir3UD +CL5t+IWgIPiy6pk1wGOmeB+tU4+V7/hFel+vPFNahafqVhLE311dfx2aOfweAEfN +e4JoPeJP1/fB+BVZMyVSAraKz6wheymBBNKKn/vpFsdd6it2AP4UZeFp6ma9wT9t +nk65IpHg1MBxazQd7621GrPH+ZnhMg62H/FEj6rIDQKBgQC1w1fEbk+zjI54DXU8 +FAe5cJbZS89fMP5CtzlWKzTzfdaavT+5cUYp3XAv37tSGsqYAXxY+4bHGa+qdCQO +I41cmylWGNX2e29/p2BspDPM6YQ0Z21MxFRBTWvHFrhd0bF1cXKBKPttdkKvzOEP +6uNy+/QtRNn9xF/ZjaMHcyPPTQKBgQD8ZdOmZ3TMsYJchAjjseN8S+Objw2oZzmK +6I1ULJBz3DWiyCUfir+pMjSH4fsAf9zrHkiM7xUgMByTukVRt16BrT7TlEBanAxc +/AKdNB3f0pza829LCz1lMAUn+ngZLTmRR+1rQFXqTjhB+0peJzKiMli+9BBhL9Ry +jMeTuLHdXwKBgGiz9kL5KIBNX2RYnEfXYfu4l6zktrgnCNB1q1mv2fjJbG4GxkaU +sc47+Pwa7VUGid22PWMkwSa/7SlLbdmXMT8/QjiOZfJueHQYfrsWe6B2g+mMCrJG +BiL37jXpKJsiyA7XIxaz/OG5VgDfDGaW8B60dJv/JXPBQ1WW+Wq5MM+hAoGAAUdS +xykHAnJzwpw4n06rZFnOEV+sJgo/1GBRNvfy02NuMiDpbzt4tRa4BWgzqVD8gYRp +wa0EYmFcA7OR3lQbenSyOMgre0oHFgGA0eMNs7CRctqA2dR4vyZ7IDS4nwgHnqDK +pxxwUvuKdWsceVWhgAjZQj5iRtvDK8Fi0XDCFekCgYALTU1v5iMIpaRAe+eyA2B1 +42qm4B/uhXznvOu2YXU6iJFmMgHGYgpa+Dq8uUjKtpn/LIFeX1KN0hH8z/0LW3gB +e7tN7taW0oLK3RQcEMfkZ7diE9x3LGqo/xMxsZMtxAr88p5eMEU/nxxznOqq+W9b +qxRbXYzEtHz+cW9+FZkyVw== +-----END PRIVATE KEY-----""", + "public_key": """-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszSWvSSMUKTrUM/FEClw +z0RBfQ8gZYhrt7j1qOgzJ5Dpu4aIdvpzq8q1g6ljhWlSv/5+5JbR11BG5lN3sYdP +9Iln88dgGzayNOHLAL1v4Ubx2xwZ1U6LUsc6k3dxEpKXEluMVbs/WgnBUZFt7p0g +jt3xdC4fCbMvTfwk+qE58BvmaXhrx1W4fcX0eVsOswO8/AOgde4W83THf96lD4o8 +iG+bHuHFlbRoP2SdF9bMp/bvZKcFI4R5clh/3rDER8T7luPQT2T4YSrNfrf/+MYG +XEV+deahaj0thLWIGQH4ezN00b/Lgksy+E0/vJGvSFMCnVekxWqh9u2wBisiUHxm +kwIDAQAB +-----END PUBLIC KEY-----""", + "public_key_id": "https://example.com/test-actor#test-key", + } + + +@pytest.fixture +def config_system(keypair): + Config.system = Config.SystemOptions( + system_actor_private_key=keypair["private_key"], + system_actor_public_key=keypair["public_key"], + ) + yield Config.system diff --git a/tests/core/test_signatures.py b/tests/core/test_signatures.py new file mode 100644 index 0000000..f15e090 --- /dev/null +++ b/tests/core/test_signatures.py @@ -0,0 +1,114 @@ +import pytest +from asgiref.sync import async_to_sync +from django.test.client import RequestFactory +from pytest_httpx import HTTPXMock + +from core.signatures import HttpSignature, LDSignature, VerificationError + + +def test_sign_ld(keypair): + """ + Tests signing JSON-LD documents by round-tripping them through the + verifier. + """ + # Create the signature + document = { + "id": "https://example.com/test-create", + "type": "Create", + "actor": "https://example.com/test-actor", + "object": { + "id": "https://example.com/test-object", + "type": "Note", + }, + } + signature_section = LDSignature.create_signature( + document, + keypair["private_key"], + keypair["public_key_id"], + ) + # Check it and assign it to the document + assert "signatureValue" in signature_section + assert signature_section["type"] == "RsaSignature2017" + document["signature"] = signature_section + # Now verify it ourselves + LDSignature.verify_signature(document, keypair["public_key"]) + + +def test_verifying_ld(keypair): + """ + Tests verifying JSON-LD signatures from a known-good document + """ + document = { + "id": "https://example.com/test-create", + "type": "Create", + "actor": "https://example.com/test-actor", + "object": {"id": "https://example.com/test-object", "type": "Note"}, + "signature": { + "@context": "https://w3id.org/identity/v1", + "creator": "https://example.com/test-actor#test-key", + "created": "2022-11-12T21:41:47Z", + "signatureValue": "nTHfkHqG4hegfnjpHucXtXDLDaIKi2Duk+NeCzqTtkjf4NneXsofbZY2tGew4uAooEe1UeM23PIyjWYnR16KwcD4YY8nMj8L3xY2czwQPScMM9n+KhSHzkWfX+iI4FWKbjpPI8M53EtTRJU+1qEjjmGUx03Ip0vfvT5821etIgvY4wLNhg3y7R8fevnNux+BeytcEV6gM4awJJ6RK0xrWGLyTgDNon5V5aNUjwcV/UVPy9UAQi1KYWtA74/F0Y4oPzL5CTudPpyiViyVHZQaal4r+ExzgSvGztqKxQeT1ya6gLXxbm1YQ+8UiGVSS8zoGhMFDEZWVsRPv7e0jm5wfA==", + "type": "RsaSignature2017", + }, + } + # Ensure it verifies with correct data + LDSignature.verify_signature(document, keypair["public_key"]) + # Mutate it slightly and ensure it does not verify + with pytest.raises(VerificationError): + document["actor"] = "https://example.com/evil-actor" + LDSignature.verify_signature(document, keypair["public_key"]) + + +def test_sign_http(httpx_mock: HTTPXMock, keypair): + """ + Tests signing HTTP requests by round-tripping them through our verifier + """ + # Create document + document = { + "id": "https://example.com/test-create", + "type": "Create", + "actor": "https://example.com/test-actor", + "object": { + "id": "https://example.com/test-object", + "type": "Note", + }, + } + # Send the signed request to the mock library + httpx_mock.add_response() + async_to_sync(HttpSignature.signed_request)( + uri="https://example.com/test-actor", + body=document, + private_key=keypair["private_key"], + key_id=keypair["public_key_id"], + ) + # Retrieve it and construct a fake request object + outbound_request = httpx_mock.get_request() + fake_request = RequestFactory().post( + path="/test-actor", + data=outbound_request.content, + content_type=outbound_request.headers["content-type"], + HTTP_HOST="example.com", + HTTP_DATE=outbound_request.headers["date"], + HTTP_SIGNATURE=outbound_request.headers["signature"], + HTTP_DIGEST=outbound_request.headers["digest"], + ) + # Verify that + HttpSignature.verify_request(fake_request, keypair["public_key"]) + + +def test_verify_http(keypair): + """ + Tests verifying HTTP requests against a known good example + """ + # Make our predictable request + fake_request = RequestFactory().post( + path="/test-actor", + data=b'{"id": "https://example.com/test-create", "type": "Create", "actor": "https://example.com/test-actor", "object": {"id": "https://example.com/test-object", "type": "Note"}}', + content_type="application/json", + HTTP_HOST="example.com", + HTTP_DATE="Sat, 12 Nov 2022 21:57:18 GMT", + HTTP_SIGNATURE='keyId="https://example.com/test-actor#test-key",headers="(request-target) host date digest content-type",signature="IRduYoDJIh90mprjUgOIdxY1iaBWHs5ou9vsDlcmSekg6DXMZTiXjmZxbNIrnpEbNFu3wTcqz1nv9H97Gp7orbYMuHm6j2ecxsvzSr37T9jxBbt3Ov3xSfuYWwhv6PuTWNxHtUQWNuAIc3wHDAQt8Flnak/uHe7swoAq4uHq2kt18iMW6CEV9XA5ESFho2HSUgRaifoNxJlIWbHYPJiP0t9aktgGBkpQoZ8ulOj3Ew4RwC1lwk9kzWiLIjU4tSAie8RbIy2g0aUvA1tQh9Uge1by3o7+349SL5iooj+B6WSCEvvjEl52wo3xoEQmv0ptYuSPLUgB9tP8q7DoHEc8Dw==",algorithm="rsa-sha256"', + HTTP_DIGEST="SHA-256=07sIbQ3GlOHWMbFMNajtPNtmUQXXu20UuvrIYLlI3kc=", + ) + # Verify that + HttpSignature.verify_request(fake_request, keypair["public_key"], skip_date=True) diff --git a/tests/users/models/test_identity.py b/tests/users/models/test_identity.py new file mode 100644 index 0000000..13c08f0 --- /dev/null +++ b/tests/users/models/test_identity.py @@ -0,0 +1,178 @@ +import pytest +from asgiref.sync import async_to_sync + +from core.models import Config +from users.models import Domain, Identity, User +from users.views.identity import CreateIdentity + + +@pytest.mark.django_db +def test_create_identity_form(config_system, client): + """ """ + # Make a user + user = User.objects.create(email="test@example.com") + admin = User.objects.create(email="admin@example.com", admin=True) + # Make a domain + domain = Domain.objects.create(domain="example.com", local=True) + domain.users.add(user) + domain.users.add(admin) + + # Test identity_min_length + data = { + "username": "a", + "domain": domain.domain, + "name": "The User", + } + + form = CreateIdentity.form_class(user=user, data=data) + assert not form.is_valid() + assert "username" in form.errors + assert "value has at least" in form.errors["username"][0] + + form = CreateIdentity.form_class(user=admin, data=data) + assert form.errors == {} + + # Test restricted_usernames + data = { + "username": "@root", + "domain": domain.domain, + "name": "The User", + } + + form = CreateIdentity.form_class(user=user, data=data) + assert not form.is_valid() + assert "username" in form.errors + assert "restricted to administrators" in form.errors["username"][0] + + form = CreateIdentity.form_class(user=admin, data=data) + assert form.errors == {} + + # Test valid chars + data = { + "username": "@someval!!!!", + "domain": domain.domain, + "name": "The User", + } + + for u in (user, admin): + form = CreateIdentity.form_class(user=u, data=data) + assert not form.is_valid() + assert "username" in form.errors + assert form.errors["username"][0].startswith("Only the letters") + + +@pytest.mark.django_db +def test_identity_max_per_user(config_system, client): + """ + Ensures that the identity limit is functioning + """ + # Make a user + user = User.objects.create(email="test@example.com") + # Make a domain + domain = Domain.objects.create(domain="example.com", local=True) + domain.users.add(user) + # Make an identity for them + for i in range(Config.system.identity_max_per_user): + identity = Identity.objects.create( + actor_uri=f"https://example.com/@test{i}@example.com/actor/", + username=f"test{i}", + domain=domain, + name=f"Test User{i}", + local=True, + ) + identity.users.add(user) + + data = { + "username": "toomany", + "domain": domain.domain, + "name": "Too Many", + } + form = CreateIdentity.form_class(user=user, data=data) + assert form.errors["__all__"][0].startswith("You are not allowed more than") + + user.admin = True + form = CreateIdentity.form_class(user=user, data=data) + assert form.is_valid() + + +@pytest.mark.django_db +def test_fetch_actor(httpx_mock, config_system): + """ + Ensures that making identities via actor fetching works + """ + # Make a shell remote identity + identity = Identity.objects.create( + actor_uri="https://example.com/test-actor/", + local=False, + ) + + # Trigger actor fetch + httpx_mock.add_response( + url="https://example.com/.well-known/webfinger?resource=acct:test@example.com", + json={ + "subject": "acct:test@example.com", + "aliases": [ + "https://example.com/test-actor/", + ], + "links": [ + { + "rel": "http://webfinger.net/rel/profile-page", + "type": "text/html", + "href": "https://example.com/test-actor/", + }, + { + "rel": "self", + "type": "application/activity+json", + "href": "https://example.com/test-actor/", + }, + ], + }, + ) + httpx_mock.add_response( + url="https://example.com/test-actor/", + json={ + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + ], + "id": "https://example.com/test-actor/", + "type": "Person", + "inbox": "https://example.com/test-actor/inbox/", + "publicKey": { + "id": "https://example.com/test-actor/#main-key", + "owner": "https://example.com/test-actor/", + "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nits-a-faaaake\n-----END PUBLIC KEY-----\n", + }, + "followers": "https://example.com/test-actor/followers/", + "following": "https://example.com/test-actor/following/", + "icon": { + "type": "Image", + "mediaType": "image/jpeg", + "url": "https://example.com/icon.jpg", + }, + "image": { + "type": "Image", + "mediaType": "image/jpeg", + "url": "https://example.com/image.jpg", + }, + "as:manuallyApprovesFollowers": False, + "name": "Test User", + "preferredUsername": "test", + "published": "2022-11-02T00:00:00Z", + "summary": "

A test user

", + "url": "https://example.com/test-actor/view/", + }, + ) + async_to_sync(identity.fetch_actor)() + + # Verify the data arrived + identity = Identity.objects.get(pk=identity.pk) + assert identity.name == "Test User" + assert identity.username == "test" + assert identity.domain_id == "example.com" + assert identity.profile_uri == "https://example.com/test-actor/view/" + assert identity.inbox_uri == "https://example.com/test-actor/inbox/" + assert identity.icon_uri == "https://example.com/icon.jpg" + assert identity.image_uri == "https://example.com/image.jpg" + assert identity.summary == "

A test user

" + assert "ts-a-faaaake" in identity.public_key diff --git a/tests/users/views/test_activitypub.py b/tests/users/views/test_activitypub.py new file mode 100644 index 0000000..72ab8c3 --- /dev/null +++ b/tests/users/views/test_activitypub.py @@ -0,0 +1,31 @@ +import pytest + +from users.models import Domain, Identity, User + + +@pytest.mark.django_db +def test_webfinger_actor(client): + """ + Ensures the webfinger and actor URLs are working properly + """ + # Make a user + user = User.objects.create(email="test@example.com") + # Make a domain + domain = Domain.objects.create(domain="example.com", local=True) + domain.users.add(user) + # Make an identity for them + identity = Identity.objects.create( + actor_uri="https://example.com/@test@example.com/", + username="test", + domain=domain, + name="Test User", + local=True, + ) + identity.generate_keypair() + # Fetch their webfinger + data = client.get("/.well-known/webfinger?resource=acct:test@example.com").json() + assert data["subject"] == "acct:test@example.com" + assert data["aliases"][0] == "https://example.com/@test/" + # Fetch their actor + data = client.get("/@test@example.com/", HTTP_ACCEPT="application/ld+json").json() + assert data["id"] == "https://example.com/@test@example.com/" diff --git a/tests/users/views/test_auth.py b/tests/users/views/test_auth.py new file mode 100644 index 0000000..22e1fb6 --- /dev/null +++ b/tests/users/views/test_auth.py @@ -0,0 +1,59 @@ +import mock +import pytest + +from core.models import Config +from users.models import User + + +@pytest.fixture +def config_system(): + # TODO: Good enough for now, but a better Config mocking system is needed + result = Config.load_system() + with mock.patch("core.models.Config.load_system", return_value=result): + yield result + + +@pytest.mark.django_db +def test_signup_disabled(client, config_system): + # Signup disabled and no signup text + config_system.signup_allowed = False + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" in content + assert "" not in content + + # Signup disabled with signup text configured + config_system.signup_text = "Go away!!!!!!" + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Go away!!!!!!" in content + + # Ensure direct POST doesn't side step guard + resp = client.post( + "/auth/signup/", data={"email": "test_signup_disabled@example.org"} + ) + assert resp.status_code == 200 + assert not User.objects.filter(email="test_signup_disabled@example.org").exists() + + # Signup enabled + config_system.signup_allowed = True + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" not in content + assert "" in content + + +@pytest.mark.django_db +def test_signup_invite_only(client, config_system): + config_system.signup_allowed = True + config_system.signup_invite_only = True + + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert 'name="invite_code"' in content + + # TODO: Actually test this diff --git a/users/tests/__init__.py b/users/tests/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/users/tests/conftest.py b/users/tests/conftest.py deleted file mode 100644 index 0b12793..0000000 --- a/users/tests/conftest.py +++ /dev/null @@ -1,51 +0,0 @@ -import pytest - -from core.models import Config - -# Our testing-only keypair -private_key = """-----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzNJa9JIxQpOtQ -z8UQKXDPREF9DyBliGu3uPWo6DMnkOm7hoh2+nOryrWDqWOFaVK//n7kltHXUEbm -U3exh0/0iWfzx2AbNrI04csAvW/hRvHbHBnVTotSxzqTd3ESkpcSW4xVuz9aCcFR -kW3unSCO3fF0Lh8Jsy9N/CT6oTnwG+ZpeGvHVbh9xfR5Ww6zA7z8A6B17hbzdMd/ -3qUPijyIb5se4cWVtGg/ZJ0X1syn9u9kpwUjhHlyWH/esMRHxPuW49BPZPhhKs1+ -t//4xgZcRX515qFqPS2EtYgZAfh7M3TRv8uCSzL4TT+8ka9IUwKdV6TFaqH27bAG -KyJQfGaTAgMBAAECggEALZY5qFjlRtiFMfQApdlc5KTw4d7Yt2tqN3zaJUMYTD7d -boJNMbMJfNCetyT+d6Aw2D1ly0GglNzLhGkEQElzKfpQUt/Lj3CtCa3Mpd4K2Wxi -NwJhgfUulPqwaHYQchCPVLCsNNziw0VLA7Rymionb6B+/TaEV8PYy0ZSo90ir3UD -CL5t+IWgIPiy6pk1wGOmeB+tU4+V7/hFel+vPFNahafqVhLE311dfx2aOfweAEfN -e4JoPeJP1/fB+BVZMyVSAraKz6wheymBBNKKn/vpFsdd6it2AP4UZeFp6ma9wT9t -nk65IpHg1MBxazQd7621GrPH+ZnhMg62H/FEj6rIDQKBgQC1w1fEbk+zjI54DXU8 -FAe5cJbZS89fMP5CtzlWKzTzfdaavT+5cUYp3XAv37tSGsqYAXxY+4bHGa+qdCQO -I41cmylWGNX2e29/p2BspDPM6YQ0Z21MxFRBTWvHFrhd0bF1cXKBKPttdkKvzOEP -6uNy+/QtRNn9xF/ZjaMHcyPPTQKBgQD8ZdOmZ3TMsYJchAjjseN8S+Objw2oZzmK -6I1ULJBz3DWiyCUfir+pMjSH4fsAf9zrHkiM7xUgMByTukVRt16BrT7TlEBanAxc -/AKdNB3f0pza829LCz1lMAUn+ngZLTmRR+1rQFXqTjhB+0peJzKiMli+9BBhL9Ry -jMeTuLHdXwKBgGiz9kL5KIBNX2RYnEfXYfu4l6zktrgnCNB1q1mv2fjJbG4GxkaU -sc47+Pwa7VUGid22PWMkwSa/7SlLbdmXMT8/QjiOZfJueHQYfrsWe6B2g+mMCrJG -BiL37jXpKJsiyA7XIxaz/OG5VgDfDGaW8B60dJv/JXPBQ1WW+Wq5MM+hAoGAAUdS -xykHAnJzwpw4n06rZFnOEV+sJgo/1GBRNvfy02NuMiDpbzt4tRa4BWgzqVD8gYRp -wa0EYmFcA7OR3lQbenSyOMgre0oHFgGA0eMNs7CRctqA2dR4vyZ7IDS4nwgHnqDK -pxxwUvuKdWsceVWhgAjZQj5iRtvDK8Fi0XDCFekCgYALTU1v5iMIpaRAe+eyA2B1 -42qm4B/uhXznvOu2YXU6iJFmMgHGYgpa+Dq8uUjKtpn/LIFeX1KN0hH8z/0LW3gB -e7tN7taW0oLK3RQcEMfkZ7diE9x3LGqo/xMxsZMtxAr88p5eMEU/nxxznOqq+W9b -qxRbXYzEtHz+cW9+FZkyVw== ------END PRIVATE KEY-----""" - -public_key = """-----BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszSWvSSMUKTrUM/FEClw -z0RBfQ8gZYhrt7j1qOgzJ5Dpu4aIdvpzq8q1g6ljhWlSv/5+5JbR11BG5lN3sYdP -9Iln88dgGzayNOHLAL1v4Ubx2xwZ1U6LUsc6k3dxEpKXEluMVbs/WgnBUZFt7p0g -jt3xdC4fCbMvTfwk+qE58BvmaXhrx1W4fcX0eVsOswO8/AOgde4W83THf96lD4o8 -iG+bHuHFlbRoP2SdF9bMp/bvZKcFI4R5clh/3rDER8T7luPQT2T4YSrNfrf/+MYG -XEV+deahaj0thLWIGQH4ezN00b/Lgksy+E0/vJGvSFMCnVekxWqh9u2wBisiUHxm -kwIDAQAB ------END PUBLIC KEY-----""" - - -@pytest.fixture -def config_system(): - Config.system = Config.SystemOptions( - system_actor_private_key=private_key, system_actor_public_key=public_key - ) - yield Config.system diff --git a/users/tests/models/__init__.py b/users/tests/models/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/users/tests/models/test_identity.py b/users/tests/models/test_identity.py deleted file mode 100644 index 738abe3..0000000 --- a/users/tests/models/test_identity.py +++ /dev/null @@ -1,178 +0,0 @@ -import pytest -from asgiref.sync import async_to_sync - -from core.models import Config -from users.models import Domain, Identity, User -from users.views.identity import CreateIdentity - - -@pytest.mark.django_db -def test_create_identity_form(client): - """ """ - # Make a user - user = User.objects.create(email="test@example.com") - admin = User.objects.create(email="admin@example.com", admin=True) - # Make a domain - domain = Domain.objects.create(domain="example.com", local=True) - domain.users.add(user) - domain.users.add(admin) - - # Test identity_min_length - data = { - "username": "a", - "domain": domain.domain, - "name": "The User", - } - - form = CreateIdentity.form_class(user=user, data=data) - assert not form.is_valid() - assert "username" in form.errors - assert "value has at least" in form.errors["username"][0] - - form = CreateIdentity.form_class(user=admin, data=data) - assert form.errors == {} - - # Test restricted_usernames - data = { - "username": "@root", - "domain": domain.domain, - "name": "The User", - } - - form = CreateIdentity.form_class(user=user, data=data) - assert not form.is_valid() - assert "username" in form.errors - assert "restricted to administrators" in form.errors["username"][0] - - form = CreateIdentity.form_class(user=admin, data=data) - assert form.errors == {} - - # Test valid chars - data = { - "username": "@someval!!!!", - "domain": domain.domain, - "name": "The User", - } - - for u in (user, admin): - form = CreateIdentity.form_class(user=u, data=data) - assert not form.is_valid() - assert "username" in form.errors - assert form.errors["username"][0].startswith("Only the letters") - - -@pytest.mark.django_db -def test_identity_max_per_user(client): - """ - Ensures that the identity limit is functioning - """ - # Make a user - user = User.objects.create(email="test@example.com") - # Make a domain - domain = Domain.objects.create(domain="example.com", local=True) - domain.users.add(user) - # Make an identity for them - for i in range(Config.system.identity_max_per_user): - identity = Identity.objects.create( - actor_uri=f"https://example.com/@test{i}@example.com/actor/", - username=f"test{i}", - domain=domain, - name=f"Test User{i}", - local=True, - ) - identity.users.add(user) - - data = { - "username": "toomany", - "domain": domain.domain, - "name": "Too Many", - } - form = CreateIdentity.form_class(user=user, data=data) - assert form.errors["__all__"][0].startswith("You are not allowed more than") - - user.admin = True - form = CreateIdentity.form_class(user=user, data=data) - assert form.is_valid() - - -@pytest.mark.django_db -def test_fetch_actor(httpx_mock, config_system): - """ - Ensures that making identities via actor fetching works - """ - # Make a shell remote identity - identity = Identity.objects.create( - actor_uri="https://example.com/test-actor/", - local=False, - ) - - # Trigger actor fetch - httpx_mock.add_response( - url="https://example.com/.well-known/webfinger?resource=acct:test@example.com", - json={ - "subject": "acct:test@example.com", - "aliases": [ - "https://example.com/test-actor/", - ], - "links": [ - { - "rel": "http://webfinger.net/rel/profile-page", - "type": "text/html", - "href": "https://example.com/test-actor/", - }, - { - "rel": "self", - "type": "application/activity+json", - "href": "https://example.com/test-actor/", - }, - ], - }, - ) - httpx_mock.add_response( - url="https://example.com/test-actor/", - json={ - "@context": [ - "https://www.w3.org/ns/activitystreams", - "https://w3id.org/security/v1", - ], - "id": "https://example.com/test-actor/", - "type": "Person", - "inbox": "https://example.com/test-actor/inbox/", - "publicKey": { - "id": "https://example.com/test-actor/#main-key", - "owner": "https://example.com/test-actor/", - "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nits-a-faaaake\n-----END PUBLIC KEY-----\n", - }, - "followers": "https://example.com/test-actor/followers/", - "following": "https://example.com/test-actor/following/", - "icon": { - "type": "Image", - "mediaType": "image/jpeg", - "url": "https://example.com/icon.jpg", - }, - "image": { - "type": "Image", - "mediaType": "image/jpeg", - "url": "https://example.com/image.jpg", - }, - "as:manuallyApprovesFollowers": False, - "name": "Test User", - "preferredUsername": "test", - "published": "2022-11-02T00:00:00Z", - "summary": "

A test user

", - "url": "https://example.com/test-actor/view/", - }, - ) - async_to_sync(identity.fetch_actor)() - - # Verify the data arrived - identity = Identity.objects.get(pk=identity.pk) - assert identity.name == "Test User" - assert identity.username == "test" - assert identity.domain_id == "example.com" - assert identity.profile_uri == "https://example.com/test-actor/view/" - assert identity.inbox_uri == "https://example.com/test-actor/inbox/" - assert identity.icon_uri == "https://example.com/icon.jpg" - assert identity.image_uri == "https://example.com/image.jpg" - assert identity.summary == "

A test user

" - assert "ts-a-faaaake" in identity.public_key diff --git a/users/tests/test_activitypub.py b/users/tests/test_activitypub.py deleted file mode 100644 index 72ab8c3..0000000 --- a/users/tests/test_activitypub.py +++ /dev/null @@ -1,31 +0,0 @@ -import pytest - -from users.models import Domain, Identity, User - - -@pytest.mark.django_db -def test_webfinger_actor(client): - """ - Ensures the webfinger and actor URLs are working properly - """ - # Make a user - user = User.objects.create(email="test@example.com") - # Make a domain - domain = Domain.objects.create(domain="example.com", local=True) - domain.users.add(user) - # Make an identity for them - identity = Identity.objects.create( - actor_uri="https://example.com/@test@example.com/", - username="test", - domain=domain, - name="Test User", - local=True, - ) - identity.generate_keypair() - # Fetch their webfinger - data = client.get("/.well-known/webfinger?resource=acct:test@example.com").json() - assert data["subject"] == "acct:test@example.com" - assert data["aliases"][0] == "https://example.com/@test/" - # Fetch their actor - data = client.get("/@test@example.com/", HTTP_ACCEPT="application/ld+json").json() - assert data["id"] == "https://example.com/@test@example.com/" diff --git a/users/tests/views/__init__.py b/users/tests/views/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/users/tests/views/test_auth.py b/users/tests/views/test_auth.py deleted file mode 100644 index 22e1fb6..0000000 --- a/users/tests/views/test_auth.py +++ /dev/null @@ -1,59 +0,0 @@ -import mock -import pytest - -from core.models import Config -from users.models import User - - -@pytest.fixture -def config_system(): - # TODO: Good enough for now, but a better Config mocking system is needed - result = Config.load_system() - with mock.patch("core.models.Config.load_system", return_value=result): - yield result - - -@pytest.mark.django_db -def test_signup_disabled(client, config_system): - # Signup disabled and no signup text - config_system.signup_allowed = False - resp = client.get("/auth/signup/") - assert resp.status_code == 200 - content = str(resp.content) - assert "Not accepting new users at this time" in content - assert "" not in content - - # Signup disabled with signup text configured - config_system.signup_text = "Go away!!!!!!" - resp = client.get("/auth/signup/") - assert resp.status_code == 200 - content = str(resp.content) - assert "Go away!!!!!!" in content - - # Ensure direct POST doesn't side step guard - resp = client.post( - "/auth/signup/", data={"email": "test_signup_disabled@example.org"} - ) - assert resp.status_code == 200 - assert not User.objects.filter(email="test_signup_disabled@example.org").exists() - - # Signup enabled - config_system.signup_allowed = True - resp = client.get("/auth/signup/") - assert resp.status_code == 200 - content = str(resp.content) - assert "Not accepting new users at this time" not in content - assert "" in content - - -@pytest.mark.django_db -def test_signup_invite_only(client, config_system): - config_system.signup_allowed = True - config_system.signup_invite_only = True - - resp = client.get("/auth/signup/") - assert resp.status_code == 200 - content = str(resp.content) - assert 'name="invite_code"' in content - - # TODO: Actually test this -- cgit v1.2.3