test_decorators: Replace some deleted tests.

Commit 807a4428f6 (#29485) deleted the corresponding tests in TestAuthenticatedJsonPostViewDecorator. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-03-28 18:00:07 -07:00 · 2024-03-28 18:00:07 -07:00 · 8a7f61fcad
parent 416cba8746
commit 8a7f61fcad
2 changed files with 40 additions and 2 deletions
--- a/zerver/decorator.py
+++ b/zerver/decorator.py
@ -898,7 +898,7 @@ def authenticated_json_view(
        *args: ParamT.args,
        **kwargs: ParamT.kwargs,
    ) -> HttpResponse:
-        if not request.user.is_authenticated:  # nocoverage
+        if not request.user.is_authenticated:
            raise UnauthorizedError

        user_profile = request.user
@ -907,7 +907,7 @@ def authenticated_json_view(

        validate_account_and_subdomain(request, user_profile)

-        if user_profile.is_incoming_webhook:  # nocoverage
+        if user_profile.is_incoming_webhook:
            raise JsonableError(_("Webhook bots can only access webhooks"))

        process_client(request, user_profile, is_browser_view=True, query=view_func.__name__)
--- a/zerver/tests/test_decorators.py
+++ b/zerver/tests/test_decorators.py
@ -1141,6 +1141,14 @@ class TestAuthenticatedRequirePostDecorator(ZulipTestCase):


 class TestAuthenticatedJsonViewDecorator(ZulipTestCase):
+    def test_authenticated_json_view_if_user_not_logged_in(self) -> None:
+        user = self.example_user("hamlet")
+        self.assert_json_error_contains(
+            self._do_test(user.delivery_email),
+            "Not logged in: API authentication or user session required",
+            status_code=401,
+        )
+
    def test_authenticated_json_view_if_subdomain_is_invalid(self) -> None:
        user = self.example_user("hamlet")
        email = user.delivery_email
@ -1176,6 +1184,36 @@ class TestAuthenticatedJsonViewDecorator(ZulipTestCase):
            ],
        )

+    def test_authenticated_json_view_if_user_is_incoming_webhook(self) -> None:
+        bot = self.example_user("webhook_bot")
+        bot.set_password("test")
+        bot.save()
+        self.login_by_email(bot.email, password="test")
+        self.assert_json_error_contains(
+            self._do_test(bot.delivery_email), "Webhook bots can only access webhooks"
+        )
+
+    def test_authenticated_json_view_if_user_is_not_active(self) -> None:
+        user_profile = self.example_user("hamlet")
+        self.login_user(user_profile)
+        # we deactivate user manually because do_deactivate_user removes user session
+        change_user_is_active(user_profile, False)
+        self.assert_json_error_contains(
+            self._do_test(user_profile.delivery_email), "Account is deactivated", status_code=401
+        )
+
+    def test_authenticated_json_view_if_user_realm_is_deactivated(self) -> None:
+        user_profile = self.example_user("hamlet")
+        self.login_user(user_profile)
+        # we deactivate user's realm manually because do_deactivate_user removes user session
+        user_profile.realm.deactivated = True
+        user_profile.realm.save()
+        self.assert_json_error_contains(
+            self._do_test(user_profile.delivery_email),
+            "This organization has been deactivated",
+            status_code=401,
+        )
+
    def _do_test(self, user_email: str) -> "TestHttpResponse":
        data = {"password": initial_password(user_email)}
        return self.client_post(r"/accounts/webathena_kerberos_login/", data)