Enforce signups_allowed=False (#26)
This commit is contained in:
parent
6e88c00969
commit
61ce62b026
@ -35,4 +35,4 @@ repos:
|
|||||||
rev: v0.982
|
rev: v0.982
|
||||||
hooks:
|
hooks:
|
||||||
- id: mypy
|
- id: mypy
|
||||||
additional_dependencies: [types-pyopenssl, types-bleach]
|
additional_dependencies: [types-pyopenssl, types-bleach, types-mock]
|
||||||
|
@ -3,6 +3,7 @@ pre-commit~=2.20.0
|
|||||||
black==22.10.0
|
black==22.10.0
|
||||||
flake8==5.0.4
|
flake8==5.0.4
|
||||||
isort==5.10.1
|
isort==5.10.1
|
||||||
|
mock~=4.0.3
|
||||||
pre-commit~=2.20.0
|
pre-commit~=2.20.0
|
||||||
pytest-django~=4.5.2
|
pytest-django~=4.5.2
|
||||||
pytest-httpx~=0.21
|
pytest-httpx~=0.21
|
||||||
|
@ -7,13 +7,24 @@
|
|||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend>Create An Account</legend>
|
<legend>Create An Account</legend>
|
||||||
{{ config.signup_text|safe|linebreaks }}
|
{% if config.signup_text %}{{ config.signup_text|safe|linebreaks }}{% endif %}
|
||||||
|
{% if config.signup_allowed %}
|
||||||
{% for field in form %}
|
{% for field in form %}
|
||||||
{% include "forms/_field.html" %}
|
{% include "forms/_field.html" %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% else %}
|
||||||
|
{% if not config.signup_text %}
|
||||||
|
<p>Not accepting new users at this time</p>
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</fieldset>
|
</fieldset>
|
||||||
|
|
||||||
|
{% if config.signup_allowed %}
|
||||||
<div class="buttons">
|
<div class="buttons">
|
||||||
<button>Create</button>
|
<button>Create</button>
|
||||||
</div>
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
0
users/tests/models/__init__.py
Normal file
0
users/tests/models/__init__.py
Normal file
0
users/tests/views/__init__.py
Normal file
0
users/tests/views/__init__.py
Normal file
59
users/tests/views/test_auth.py
Normal file
59
users/tests/views/test_auth.py
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
import mock
|
||||||
|
import pytest
|
||||||
|
|
||||||
|
from core.models import Config
|
||||||
|
from users.models import User
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def config_system():
|
||||||
|
# TODO: Good enough for now, but a better Config mocking system is needed
|
||||||
|
result = Config.load_system()
|
||||||
|
with mock.patch("core.models.Config.load_system", return_value=result):
|
||||||
|
yield result
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
def test_signup_disabled(client, config_system):
|
||||||
|
# Signup disabled and no signup text
|
||||||
|
config_system.signup_allowed = False
|
||||||
|
resp = client.get("/auth/signup/")
|
||||||
|
assert resp.status_code == 200
|
||||||
|
content = str(resp.content)
|
||||||
|
assert "Not accepting new users at this time" in content
|
||||||
|
assert "<button>Create</button>" not in content
|
||||||
|
|
||||||
|
# Signup disabled with signup text configured
|
||||||
|
config_system.signup_text = "Go away!!!!!!"
|
||||||
|
resp = client.get("/auth/signup/")
|
||||||
|
assert resp.status_code == 200
|
||||||
|
content = str(resp.content)
|
||||||
|
assert "Go away!!!!!!" in content
|
||||||
|
|
||||||
|
# Ensure direct POST doesn't side step guard
|
||||||
|
resp = client.post(
|
||||||
|
"/auth/signup/", data={"email": "test_signup_disabled@example.org"}
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200
|
||||||
|
assert not User.objects.filter(email="test_signup_disabled@example.org").exists()
|
||||||
|
|
||||||
|
# Signup enabled
|
||||||
|
config_system.signup_allowed = True
|
||||||
|
resp = client.get("/auth/signup/")
|
||||||
|
assert resp.status_code == 200
|
||||||
|
content = str(resp.content)
|
||||||
|
assert "Not accepting new users at this time" not in content
|
||||||
|
assert "<button>Create</button>" in content
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
def test_signup_invite_only(client, config_system):
|
||||||
|
config_system.signup_allowed = True
|
||||||
|
config_system.signup_invite_only = True
|
||||||
|
|
||||||
|
resp = client.get("/auth/signup/")
|
||||||
|
assert resp.status_code == 200
|
||||||
|
content = str(resp.content)
|
||||||
|
assert 'name="invite_code"' in content
|
||||||
|
|
||||||
|
# TODO: Actually test this
|
@ -49,6 +49,10 @@ class Signup(FormView):
|
|||||||
raise forms.ValidationError("That is not a valid invite code")
|
raise forms.ValidationError("That is not a valid invite code")
|
||||||
return invite_code
|
return invite_code
|
||||||
|
|
||||||
|
def clean(self):
|
||||||
|
if not Config.system.signup_allowed:
|
||||||
|
raise forms.ValidationError("Not accepting new users at this time")
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
user = User.objects.create(email=form.cleaned_data["email"])
|
user = User.objects.create(email=form.cleaned_data["email"])
|
||||||
# Auto-promote the user to admin if that setting is set
|
# Auto-promote the user to admin if that setting is set
|
||||||
|
Reference in New Issue
Block a user