darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 02:42:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Removed some un needed flash messages raised as bugs.

Browse Source 
In the process found a couple of edge cases of incorrect
use of invitation links by other users which are now
handled.
This commit is contained in:
Adam Shimali
2016-03-30 16:16:34 +01:00
parent 8391af9d40
commit fc01735d70
4 changed files with 102 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
tests/app/main/views/test_accept_invite.py
View File

@@ -16,8 +16,7 @@ def test_existing_user_accept_invite_calls_api_and_redirects_to_dashboard(app_,
mock_check_invite_token,
mock_get_user_by_email,
mock_get_users_by_service,
mock_add_user_to_service,
mock_accept_invite):
mock_add_user_to_service):
expected_service = service_one['id']
expected_redirect_location = 'http://localhost/services/{}/dashboard'.format(expected_service)
@@ -31,7 +30,6 @@ def test_existing_user_accept_invite_calls_api_and_redirects_to_dashboard(app_,
mock_check_invite_token.assert_called_with('thisisnotarealtoken')
mock_get_user_by_email.assert_called_with('invited_user@test.gov.uk')
mock_add_user_to_service.assert_called_with(expected_service, api_user_active.id, expected_permissions)
mock_accept_invite.assert_called_with(expected_service, sample_invite['id'])
assert response.status_code == 302
assert response.location == expected_redirect_location
@@ -61,9 +59,9 @@ def test_existing_user_with_no_permissions_accept_invite(app_,
assert response.status_code == 302
def test_existing_user_cant_accept_twice(app_,
mocker,
sample_invite):
def test_if_existing_user_accepts_twice_they_redirect_to_sign_in(app_,
mocker,
sample_invite):
sample_invite['status'] = 'accepted'
invite = InvitedUser(**sample_invite)
@@ -76,16 +74,16 @@ def test_existing_user_cant_accept_twice(app_,
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == 'Sign in'
flash_banners = page.find_all('div', class_='banner-default')
assert len(flash_banners) == 2
assert flash_banners[0].text.strip() == 'You have already accepted this invitation'
assert len(flash_banners) == 1
assert flash_banners[0].text.strip() == 'Please log in to access this page.'
def test_existing_of_service_get_message_that_they_are_already_part_of_service(app_,
mocker,
api_user_active,
sample_invite,
mock_get_user_by_email,
mock_accept_invite):
def test_existing_user_of_service_get_redirected_to_signin(app_,
mocker,
api_user_active,
sample_invite,
mock_get_user_by_email,
mock_accept_invite):
sample_invite['email_address'] = api_user_active.email_address
invite = InvitedUser(**sample_invite)
mocker.patch('app.invite_api_client.check_token', return_value=invite)
@@ -98,8 +96,8 @@ def test_existing_of_service_get_message_that_they_are_already_part_of_service(a
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == 'Sign in'
flash_banners = page.find_all('div', class_='banner-default')
assert len(flash_banners) == 2
assert flash_banners[0].text.strip() == 'You have already accepted an invitation to this service'
assert len(flash_banners) == 1
assert flash_banners[0].text.strip() == 'Please log in to access this page.'
def test_existing_signed_out_user_accept_invite_redirects_to_sign_in(app_,
@@ -109,8 +107,7 @@ def test_existing_signed_out_user_accept_invite_redirects_to_sign_in(app_,
mock_check_invite_token,
mock_get_user_by_email,
mock_get_users_by_service,
mock_add_user_to_service,
mock_accept_invite):
mock_add_user_to_service):
expected_service = service_one['id']
expected_permissions = ['send_messages', 'manage_service', 'manage_api_keys']
@@ -122,15 +119,13 @@ def test_existing_signed_out_user_accept_invite_redirects_to_sign_in(app_,
mock_check_invite_token.assert_called_with('thisisnotarealtoken')
mock_get_user_by_email.assert_called_with('invited_user@test.gov.uk')
mock_add_user_to_service.assert_called_with(expected_service, api_user_active.id, expected_permissions)
mock_accept_invite.assert_called_with(expected_service, sample_invite['id'])
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == 'Sign in'
flash_banners = page.find_all('div', class_='banner-default')
assert len(flash_banners) == 2
assert len(flash_banners) == 1
assert flash_banners[0].text.strip() == 'Please log in to access this page.'
assert flash_banners[1].text.strip() == 'You already have an account with GOV.UK Notify. Sign in to your account to accept this invitation.' # noqa
def test_new_user_accept_invite_calls_api_and_redirects_to_registration(app_,
@@ -138,8 +133,7 @@ def test_new_user_accept_invite_calls_api_and_redirects_to_registration(app_,
mock_check_invite_token,
mock_dont_get_user_by_email,
mock_add_user_to_service,
mock_get_users_by_service,
mock_accept_invite):
mock_get_users_by_service):
expected_redirect_location = 'http://localhost/register-from-invite'
@@ -160,8 +154,7 @@ def test_new_user_accept_invite_calls_api_and_views_registration_page(app_,
mock_check_invite_token,
mock_dont_get_user_by_email,
mock_add_user_to_service,
mock_get_users_by_service,
mock_accept_invite):
mock_get_users_by_service):
with app_.test_request_context():
with app_.test_client() as client:
@@ -219,8 +212,7 @@ def test_new_user_accept_invite_completes_new_registration_redirects_to_verify(a
mock_register_user,
mock_send_verify_code,
mock_get_users_by_service,
mock_add_user_to_service,
mock_accept_invite):
mock_add_user_to_service):
expected_service = service_one['id']
expected_email = sample_invite['email_address']
@@ -261,6 +253,59 @@ def test_new_user_accept_invite_completes_new_registration_redirects_to_verify(a
data['password'])
def test_signed_in_existing_user_cannot_use_anothers_invite(app_,
mocker,
api_user_active,
sample_invite,
mock_get_user,
mock_accept_invite):
invite = InvitedUser(**sample_invite)
mocker.patch('app.invite_api_client.check_token', return_value=invite)
mocker.patch('app.user_api_client.get_users_for_service', return_value=[api_user_active])
with app_.test_request_context():
with app_.test_client() as client:
client.login(api_user_active)
response = client.get(url_for('main.accept_invite', token='thisisnotarealtoken'), follow_redirects=True)
assert response.status_code == 403
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == '403'
flash_banners = page.find_all('div', class_='banner-dangerous')
assert len(flash_banners) == 1
assert flash_banners[0].text.strip() == "You can't accept an invite for another person."
def test_signed_out_existing_user_cannot_use_anothers_invite(app_,
mocker,
api_user_active,
sample_invite,
mock_get_user,
mock_get_user_by_email,
mock_verify_password,
mock_send_verify_code,
mock_accept_invite):
invite = InvitedUser(**sample_invite)
mocker.patch('app.invite_api_client.check_token', return_value=invite)
mocker.patch('app.user_api_client.get_users_for_service', return_value=[api_user_active])
with app_.test_request_context():
with app_.test_client() as client:
response = client.get(url_for('main.accept_invite', token='thisisnotarealtoken'), follow_redirects=True)
assert response.status_code == 200
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == 'Sign in'
response = client.post(url_for('main.sign_in'),
data={'email_address': 'test@user.gov.uk', 'password': 'somepassword'},
follow_redirects=True)
assert response.status_code == 403
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
assert page.h1.string.strip() == '403'
flash_banners = page.find_all('div', class_='banner-dangerous')
assert len(flash_banners) == 1
assert flash_banners[0].text.strip() == "You can't accept an invite for another person."
def test_new_invited_user_verifies_and_added_to_service(app_,
service_one,
sample_invite,