Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

test_decorators: Replace some deleted tests. 

Commit 807a4428f6 (#29485) deleted the
corresponding tests in TestAuthenticatedJsonPostViewDecorator.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg 2024-03-28 18:00:07 -07:00 committed by Tim Abbott
parent 416cba8746
commit 8a7f61fcad
2 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
zerver/decorator.py
View File

@ -898,7 +898,7 @@ def authenticated_json_view(
*args: ParamT.args, *args: ParamT.args,
**kwargs: ParamT.kwargs, **kwargs: ParamT.kwargs,
) -> HttpResponse: ) -> HttpResponse:
if not request.user.is_authenticated: # nocoverage if not request.user.is_authenticated:
raise UnauthorizedError raise UnauthorizedError
user_profile = request.user user_profile = request.user
@ -907,7 +907,7 @@ def authenticated_json_view(
validate_account_and_subdomain(request, user_profile) validate_account_and_subdomain(request, user_profile)
if user_profile.is_incoming_webhook: # nocoverage if user_profile.is_incoming_webhook:
raise JsonableError(_("Webhook bots can only access webhooks")) raise JsonableError(_("Webhook bots can only access webhooks"))
process_client(request, user_profile, is_browser_view=True, query=view_func.__name__) process_client(request, user_profile, is_browser_view=True, query=view_func.__name__)

38
zerver/tests/test_decorators.py
View File

@ -1141,6 +1141,14 @@ class TestAuthenticatedRequirePostDecorator(ZulipTestCase):
class TestAuthenticatedJsonViewDecorator(ZulipTestCase): class TestAuthenticatedJsonViewDecorator(ZulipTestCase):
def test_authenticated_json_view_if_user_not_logged_in(self) -> None:
user = self.example_user("hamlet")
self.assert_json_error_contains(
self._do_test(user.delivery_email),
"Not logged in: API authentication or user session required",
status_code=401,
)
def test_authenticated_json_view_if_subdomain_is_invalid(self) -> None: def test_authenticated_json_view_if_subdomain_is_invalid(self) -> None:
user = self.example_user("hamlet") user = self.example_user("hamlet")
email = user.delivery_email email = user.delivery_email
@ -1176,6 +1184,36 @@ class TestAuthenticatedJsonViewDecorator(ZulipTestCase):
], ],
) )
def test_authenticated_json_view_if_user_is_incoming_webhook(self) -> None:
bot = self.example_user("webhook_bot")
bot.set_password("test")
bot.save()
self.login_by_email(bot.email, password="test")
self.assert_json_error_contains(
self._do_test(bot.delivery_email), "Webhook bots can only access webhooks"
)
def test_authenticated_json_view_if_user_is_not_active(self) -> None:
user_profile = self.example_user("hamlet")
self.login_user(user_profile)
# we deactivate user manually because do_deactivate_user removes user session
change_user_is_active(user_profile, False)
self.assert_json_error_contains(
self._do_test(user_profile.delivery_email), "Account is deactivated", status_code=401
)
def test_authenticated_json_view_if_user_realm_is_deactivated(self) -> None:
user_profile = self.example_user("hamlet")
self.login_user(user_profile)
# we deactivate user's realm manually because do_deactivate_user removes user session
user_profile.realm.deactivated = True
user_profile.realm.save()
self.assert_json_error_contains(
self._do_test(user_profile.delivery_email),
"This organization has been deactivated",
status_code=401,
)
def _do_test(self, user_email: str) -> "TestHttpResponse": def _do_test(self, user_email: str) -> "TestHttpResponse":
data = {"password": initial_password(user_email)} data = {"password": initial_password(user_email)}
return self.client_post(r"/accounts/webathena_kerberos_login/", data) return self.client_post(r"/accounts/webathena_kerberos_login/", data)