From 61ce62b02627414e5d4c65d32146ba8dc89421c4 Mon Sep 17 00:00:00 2001 From: Michael Manfre Date: Sun, 20 Nov 2022 18:03:09 -0500 Subject: [PATCH] Enforce signups_allowed=False (#26) --- .pre-commit-config.yaml | 2 +- requirements-dev.txt | 1 + templates/auth/signup.html | 13 ++++- users/tests/models/__init__.py | 0 users/tests/{ => models}/test_identity.py | 0 users/tests/views/__init__.py | 0 users/tests/views/test_auth.py | 59 +++++++++++++++++++++++ users/views/auth.py | 4 ++ 8 files changed, 77 insertions(+), 2 deletions(-) create mode 100644 users/tests/models/__init__.py rename users/tests/{ => models}/test_identity.py (100%) create mode 100644 users/tests/views/__init__.py create mode 100644 users/tests/views/test_auth.py diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 98148fd..940fbbc 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,4 +35,4 @@ repos: rev: v0.982 hooks: - id: mypy - additional_dependencies: [types-pyopenssl, types-bleach] + additional_dependencies: [types-pyopenssl, types-bleach, types-mock] diff --git a/requirements-dev.txt b/requirements-dev.txt index 8879356..6be4cd3 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -3,6 +3,7 @@ pre-commit~=2.20.0 black==22.10.0 flake8==5.0.4 isort==5.10.1 +mock~=4.0.3 pre-commit~=2.20.0 pytest-django~=4.5.2 pytest-httpx~=0.21 diff --git a/templates/auth/signup.html b/templates/auth/signup.html index b1aaa50..7924c0a 100644 --- a/templates/auth/signup.html +++ b/templates/auth/signup.html @@ -7,13 +7,24 @@ {% csrf_token %}
Create An Account - {{ config.signup_text|safe|linebreaks }} + {% if config.signup_text %}{{ config.signup_text|safe|linebreaks }}{% endif %} + {% if config.signup_allowed %} {% for field in form %} {% include "forms/_field.html" %} {% endfor %} + {% else %} + {% if not config.signup_text %} +

Not accepting new users at this time

+ {% endif %} + {% endif %} +
+ + {% if config.signup_allowed %}
+ {% endif %} + {% endblock %} diff --git a/users/tests/models/__init__.py b/users/tests/models/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/users/tests/test_identity.py b/users/tests/models/test_identity.py similarity index 100% rename from users/tests/test_identity.py rename to users/tests/models/test_identity.py diff --git a/users/tests/views/__init__.py b/users/tests/views/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/users/tests/views/test_auth.py b/users/tests/views/test_auth.py new file mode 100644 index 0000000..22e1fb6 --- /dev/null +++ b/users/tests/views/test_auth.py @@ -0,0 +1,59 @@ +import mock +import pytest + +from core.models import Config +from users.models import User + + +@pytest.fixture +def config_system(): + # TODO: Good enough for now, but a better Config mocking system is needed + result = Config.load_system() + with mock.patch("core.models.Config.load_system", return_value=result): + yield result + + +@pytest.mark.django_db +def test_signup_disabled(client, config_system): + # Signup disabled and no signup text + config_system.signup_allowed = False + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" in content + assert "" not in content + + # Signup disabled with signup text configured + config_system.signup_text = "Go away!!!!!!" + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Go away!!!!!!" in content + + # Ensure direct POST doesn't side step guard + resp = client.post( + "/auth/signup/", data={"email": "test_signup_disabled@example.org"} + ) + assert resp.status_code == 200 + assert not User.objects.filter(email="test_signup_disabled@example.org").exists() + + # Signup enabled + config_system.signup_allowed = True + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert "Not accepting new users at this time" not in content + assert "" in content + + +@pytest.mark.django_db +def test_signup_invite_only(client, config_system): + config_system.signup_allowed = True + config_system.signup_invite_only = True + + resp = client.get("/auth/signup/") + assert resp.status_code == 200 + content = str(resp.content) + assert 'name="invite_code"' in content + + # TODO: Actually test this diff --git a/users/views/auth.py b/users/views/auth.py index 2257ea5..61e9a29 100644 --- a/users/views/auth.py +++ b/users/views/auth.py @@ -49,6 +49,10 @@ class Signup(FormView): raise forms.ValidationError("That is not a valid invite code") return invite_code + def clean(self): + if not Config.system.signup_allowed: + raise forms.ValidationError("Not accepting new users at this time") + def form_valid(self, form): user = User.objects.create(email=form.cleaned_data["email"]) # Auto-promote the user to admin if that setting is set