from django.urls import reverse from django.core import mail from rich.pretty import pprint from bs4 import BeautifulSoup from django.contrib.auth.models import Group import pytest @pytest.fixture def create_users(db, django_user_model): user1 = django_user_model.objects.create_user( "user1", "user1@user.com", "password" ) user2 = django_user_model.objects.create_user( "user2", "user2@user.com", "password" ) #g = Group.objects.create(name="cid_user_manager") #g.save() #user.groups.add(g) return user1, user2 @pytest.fixture def create_cid_manager(db, django_user_model): user = django_user_model.objects.create_user( "cid_user", "cid@user.com", "password1234" ) g = Group.objects.create(name="cid_user_manager") g.save() user.groups.add(g) return user def test_profile_access_and_management(db, client, create_users, create_cid_manager): response = client.get(reverse(f"profile")) # should redirect to login page assert response.status_code == 302 assert "accounts/login/" in response.url # Test login client.login(username="user1", password="password") response = client.get(reverse(f"profile")) assert response.status_code == 200 soup = BeautifulSoup(response.content, "html.parser") assert soup.find(id="username").text == "user1" assert soup.find(id="email").text == "user1@user.com" # Check the links to change password and update profile password_url = soup.find(id="password-change")["href"] print(password_url) password_change_response = client.get(password_url) assert password_change_response.status_code == 200 password_soup = BeautifulSoup(password_change_response.content, "html.parser") assert "Old password" in password_soup.text assert "New password" in password_soup.text update_profile = soup.find(id="update-profile-link")["href"] assert update_profile == reverse("account_profile_update", kwargs={"slug": "user1"}) # check we can't access another users profile response_fail = client.get(reverse("account_profile_update", kwargs={"slug": "user2"})) assert response_fail.status_code == 404 print(response_fail.content) # And that we can access our own update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"})) assert update_profile_response.status_code == 200 assert "peninsula_trainee" not in BeautifulSoup(update_profile_response.content, "html.parser").text update_response = client.post(reverse("account_profile_update", kwargs={"slug": "user1"}), { "registration_number": 1234567 }) assert update_response.status_code == 302 # we reirect back to profile page on form submission assert update_response.url == reverse("profile") # check that the form has updated update_profile_response = client.get(reverse("account_profile_update", kwargs={"slug": "user1"})) assert BeautifulSoup(update_profile_response.content, "html.parser").find(id="id_registration_number")["value"] @pytest.mark.django_db def test_create_user_reuses_existing_account(client, create_cid_manager, django_user_model): existing_user = django_user_model.objects.create_user( username="existing@example.com", email="existing@example.com", password="password123", first_name="Old", last_name="Name", ) client.force_login(create_cid_manager) response = client.post( reverse("create_user"), { "username": "existing@example.com", "first_name": "Updated", "last_name": "User", "grade": "", }, ) assert response.status_code == 302 assert response.url == reverse("accounts_list") existing_user.refresh_from_db() assert existing_user.first_name == "Updated" assert existing_user.last_name == "User" @pytest.mark.django_db def test_cid_manager_can_send_password_reset_from_account_profile(client, create_cid_manager, django_user_model): managed_user = django_user_model.objects.create_user( username="managed-user", email="managed@example.com", password="password123", ) client.force_login(create_cid_manager) response = client.post( reverse("account_send_password_reset", kwargs={"slug": managed_user.username}), {"next": reverse("account_profile", kwargs={"slug": managed_user.username})}, ) assert response.status_code == 302 assert "password_reset_action=sent" in response.url assert len(mail.outbox) == 1 assert mail.outbox[0].to == ["managed@example.com"]