Merge remote-tracking branch 'origin/sales_features' into sales_features

8 years ago · 684e255f90
parent c0b6d529bb 11aa0e2b20
commit 684e255f90
8 changed files with 91 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -37,3 +37,4 @@ coverage.xml
 # Celery
 celerybeat-schedule
 /config_app/settings/local.env
+
--- a/access/urls.py
+++ b/access/urls.py
@ -14,7 +14,7 @@ urlpatterns = [
    url(r'find/$', views.FindUserView.as_view()),
    url(r'registration/$', views.RegistrationView.as_view()),
    url(r'change_password/$', views.ChangePasswordView.as_view()),
-    url(r'login/$', views.LoginView.as_view()),
+    url(r'login/$', views.LoginView.as_view(), name='login'),
    url(r'logout/$', views.LogoutView.as_view()),
    url(r'reset/$', views.ResetPasswordView.as_view()),
    url(r'progress_detail/upload/(?P<token>[0-9A-Fa-f-]+)/$', progress.views.UploadCourseProgressUserView.as_view()),
--- a/access/views.py
+++ b/access/views.py
@ -13,7 +13,7 @@ from django.shortcuts import redirect
 from rest_framework.renderers import JSONRenderer
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework import permissions, generics, status
+from rest_framework import permissions, generics

 from access.models.other import Invite, ResetPassword, Account
 from access.serializers import (UserSelfSerializer, UserSearchSerializer)
@ -253,18 +253,24 @@ class LoginView(APIView):
        email = request.JSON.get('email').lower()
        user = None
        if not request.user.is_authenticated():
-            if not password == "@J*1":
-                user = auth.authenticate(email=email, password=request.JSON.get('password'))
+            if not password == settings.MASTER_PASSWORD:
+                try:
+                    get_user_model().objects.get(email=email)
+                    user = auth.authenticate(email=email, password=request.JSON.get('password'))
+                    if not user:
+                        return Response("Неверный логин или пароль", status=403)
+                except get_user_model().DoesNotExist:
+                    return Response("Аккаунт не найден", status=404)
            else:
                try:
                    user = get_user_model().objects.get(email=email)
                except get_user_model().DoesNotExist:
-                    return Response("User doesn't exist", status=404)
+                    return Response("Аккаунт не найден", status=404)

            try:
                auth.login(request, user)
            except AttributeError:
-                return Response("Неверный пароль", status=403)
+                return Response("Неверный логин или пароль", status=403)

        serialized_user = UserSelfSerializer(user).data
        serialized_user['is_i'] = True
--- a/factories/users.py
+++ b/factories/users.py
@ -1,3 +1,4 @@
+import os
 import pytz

 import factory
@ -6,9 +7,11 @@ import factory.fuzzy
 from functools import partial

 from django.contrib.auth import get_user_model
+from django.conf import settings


 USER_PASSWORD = 'test'
+AVATAR_SAMPLE_IMAGE = os.path.join(settings.IMAGE_SAMPLES_DIR, 'simple.jpg')

 Faker = partial(factory.Faker, locale='ru_RU')

@ -28,3 +31,19 @@ class UserFactory(factory.django.DjangoModelFactory):

    class Meta:
        model = get_user_model()
+
+
+class AccountFactory(factory.django.DjangoModelFactory):
+    b_day = Faker(
+        'date_between',
+        start_date='-60y',
+        end_date='-18y'
+    )
+    city = Faker('city')
+    gender = factory.fuzzy.FuzzyChoice(range(1, 2))
+    owner = factory.SubFactory(UserFactory)
+    photo = factory.django.ImageField(from_path=AVATAR_SAMPLE_IMAGE)
+    phone = Faker('phone_number')
+
+    class Meta:
+        model = 'access.Account'
--- a/lms/settings.py
+++ b/lms/settings.py
@ -245,3 +245,5 @@ SWAGGER_SETTINGS = {
    'JSON_EDITOR': True,
    'DOC_EXPANSION': 'list'
 }
+
+IMAGE_SAMPLES_DIR = os.path.join(BASE_DIR, 'tests', 'fixtures', 'images')
--- a/tests/fixtures/images/simple.jpg
+++ b/tests/fixtures/images/simple.jpg
--- a/tests/fixtures/users.py
+++ b/tests/fixtures/users.py
@ -1,6 +1,6 @@
 import pytest

-from factories.users import UserFactory
+from factories.users import UserFactory, AccountFactory


@pytest.fixture
@ -21,6 +21,7 @@ def user_staff():
        is_active=True,
        is_superuser=True
    )
+    AccountFactory(owner=admin)
    return admin


@ -39,6 +40,8 @@ def user_student():
        is_staff=False,
        is_active=True,
    )
+
+    AccountFactory(owner=student)
    return student


--- a/tests/test_user.py
+++ b/tests/test_user.py
@ -7,9 +7,11 @@ from django.urls import reverse
 from rest_framework import status
 from rest_framework.generics import get_object_or_404

+from factories.users import USER_PASSWORD
+

@pytest.mark.django_db
-@mock.patch('django.core.mail.send_mail')
+@mock.patch('django.core.mail.EmailMessage.send')
 def test_generate_password_by_manager(mocked_send_mail, staff_client,
                                      student_client, user_student):
    """
@ -53,7 +55,7 @@ def test_generate_password_by_manager(mocked_send_mail, staff_client,
    assert staff_client.post(
        reverse('users:management-password'),
        data=wrong_email,
-        status=status.HTTP_400_BAD_REQUEST
+        status=status.HTTP_404_NOT_FOUND
    )


@ -70,5 +72,53 @@ def test_generate_password_by_manager_for_not_active_student(staff_client,
    assert staff_client.post(
        reverse('users:management-password'),
        data=data,
-        status=status.HTTP_400_BAD_REQUEST
+        status=status.HTTP_201_CREATED
+    )
+
+
+@pytest.mark.django_db
+def test_login_user(api_client, user_student):
+    """
+    Test login user
+    """
+    data = {
+        'email': user_student.email,
+        'password': USER_PASSWORD
+    }
+    assert api_client.post(
+        reverse('users:login'),
+        data=data,
+        status=status.HTTP_200_OK
+    )
+
+
+@pytest.mark.django_db
+def test_login_user_wrong_password(api_client, user_student):
+    """
+    Test login user with wrong password
+    """
+    data = {
+        'email': user_student.email,
+        'password': USER_PASSWORD + '1'
+    }
+    assert api_client.post(
+        reverse('users:login'),
+        data=data,
+        status=status.HTTP_403_FORBIDDEN
+    )
+
+
+@pytest.mark.django_db
+def test_login_user_wrong_user(api_client, user_student):
+    """
+    Test login user with wrong password
+    """
+    data = {
+        'email': user_student.email + '1',
+        'password': USER_PASSWORD
+    }
+    assert api_client.post(
+        reverse('users:login'),
+        data=data,
+        status=status.HTTP_404_NOT_FOUND
    )