Enforce signups_allowed=False (#26)
This commit is contained in:
parent
6e88c00969
commit
61ce62b026
@ -35,4 +35,4 @@ repos:
|
||||
rev: v0.982
|
||||
hooks:
|
||||
- id: mypy
|
||||
additional_dependencies: [types-pyopenssl, types-bleach]
|
||||
additional_dependencies: [types-pyopenssl, types-bleach, types-mock]
|
||||
|
@ -3,6 +3,7 @@ pre-commit~=2.20.0
|
||||
black==22.10.0
|
||||
flake8==5.0.4
|
||||
isort==5.10.1
|
||||
mock~=4.0.3
|
||||
pre-commit~=2.20.0
|
||||
pytest-django~=4.5.2
|
||||
pytest-httpx~=0.21
|
||||
|
@ -7,13 +7,24 @@
|
||||
{% csrf_token %}
|
||||
<fieldset>
|
||||
<legend>Create An Account</legend>
|
||||
{{ config.signup_text|safe|linebreaks }}
|
||||
{% if config.signup_text %}{{ config.signup_text|safe|linebreaks }}{% endif %}
|
||||
{% if config.signup_allowed %}
|
||||
{% for field in form %}
|
||||
{% include "forms/_field.html" %}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
{% if not config.signup_text %}
|
||||
<p>Not accepting new users at this time</p>
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
</fieldset>
|
||||
|
||||
{% if config.signup_allowed %}
|
||||
<div class="buttons">
|
||||
<button>Create</button>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
</form>
|
||||
{% endblock %}
|
||||
|
0
users/tests/models/__init__.py
Normal file
0
users/tests/models/__init__.py
Normal file
0
users/tests/views/__init__.py
Normal file
0
users/tests/views/__init__.py
Normal file
59
users/tests/views/test_auth.py
Normal file
59
users/tests/views/test_auth.py
Normal file
@ -0,0 +1,59 @@
|
||||
import mock
|
||||
import pytest
|
||||
|
||||
from core.models import Config
|
||||
from users.models import User
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def config_system():
|
||||
# TODO: Good enough for now, but a better Config mocking system is needed
|
||||
result = Config.load_system()
|
||||
with mock.patch("core.models.Config.load_system", return_value=result):
|
||||
yield result
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_signup_disabled(client, config_system):
|
||||
# Signup disabled and no signup text
|
||||
config_system.signup_allowed = False
|
||||
resp = client.get("/auth/signup/")
|
||||
assert resp.status_code == 200
|
||||
content = str(resp.content)
|
||||
assert "Not accepting new users at this time" in content
|
||||
assert "<button>Create</button>" not in content
|
||||
|
||||
# Signup disabled with signup text configured
|
||||
config_system.signup_text = "Go away!!!!!!"
|
||||
resp = client.get("/auth/signup/")
|
||||
assert resp.status_code == 200
|
||||
content = str(resp.content)
|
||||
assert "Go away!!!!!!" in content
|
||||
|
||||
# Ensure direct POST doesn't side step guard
|
||||
resp = client.post(
|
||||
"/auth/signup/", data={"email": "test_signup_disabled@example.org"}
|
||||
)
|
||||
assert resp.status_code == 200
|
||||
assert not User.objects.filter(email="test_signup_disabled@example.org").exists()
|
||||
|
||||
# Signup enabled
|
||||
config_system.signup_allowed = True
|
||||
resp = client.get("/auth/signup/")
|
||||
assert resp.status_code == 200
|
||||
content = str(resp.content)
|
||||
assert "Not accepting new users at this time" not in content
|
||||
assert "<button>Create</button>" in content
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_signup_invite_only(client, config_system):
|
||||
config_system.signup_allowed = True
|
||||
config_system.signup_invite_only = True
|
||||
|
||||
resp = client.get("/auth/signup/")
|
||||
assert resp.status_code == 200
|
||||
content = str(resp.content)
|
||||
assert 'name="invite_code"' in content
|
||||
|
||||
# TODO: Actually test this
|
@ -49,6 +49,10 @@ class Signup(FormView):
|
||||
raise forms.ValidationError("That is not a valid invite code")
|
||||
return invite_code
|
||||
|
||||
def clean(self):
|
||||
if not Config.system.signup_allowed:
|
||||
raise forms.ValidationError("Not accepting new users at this time")
|
||||
|
||||
def form_valid(self, form):
|
||||
user = User.objects.create(email=form.cleaned_data["email"])
|
||||
# Auto-promote the user to admin if that setting is set
|
||||
|
Reference in New Issue
Block a user