Skip to content

Commit

Permalink
additional tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@erral
erral committed Nov 12, 2024
1 parent 4f3bb4f commit 2029667
Showing 1 changed file with 125 additions and 0 deletions.
125 changes: 125 additions & 0 deletions src/plone/restapi/tests/test_services_users.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1663,3 +1663,128 @@ def test_user_changes_email_when_login_with_email_and_uuid_userids(self):
},
)
self.assertTrue(new_login_with_new_email_response.ok)

def test_manager_changes_email_to_existing_when_login_with_email(self):
"""test that when login with email is enabled and a manager tries to change a user's email
to a previously existing one
"""
# enable use_email_as_login
security_settings = getAdapter(self.portal, ISecuritySchema)
security_settings.use_email_as_login = True
transaction.commit()

# Create user 1
response = self.api_session.post(
"/@users",
json={
"email": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(response.ok)
userid = response.json()["id"]

# Create user 2
response = self.api_session.post(
"/@users",
json={
"email": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(response.ok)

transaction.commit()

# Log in
anon_response = self.anon_api_session.post(
"/@login",
json={
"login": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(anon_response.ok)

# try to change the email to an existing one, it should fail
email_change_response = self.api_session.patch(
f"/@users/{userid}",
json={
"email": "[email protected]",
},
)
self.assertFalse(email_change_response.ok)

# Email was not changed, so log in with the old one
new_login_with_old_email_response = self.anon_api_session.post(
"/@login",
json={
"login": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(new_login_with_old_email_response.ok)

def test_user_changes_email_to_existing_one_when_login_with_email(self):
"""test that when login with email is enabled and the user changes their email
they can log in with the new email
"""
# enable use_email_as_login
security_settings = getAdapter(self.portal, ISecuritySchema)
security_settings.use_email_as_login = True
transaction.commit()

# Create user 1
response = self.api_session.post(
"/@users",
json={
"email": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(response.ok)
userid = response.json()["id"]

# Create user 2
response = self.api_session.post(
"/@users",
json={
"email": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(response.ok)
transaction.commit()

# log in with email
anon_response = self.anon_api_session.post(
"/@login",
json={
"login": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(anon_response.ok)
auth_token = anon_response.json().get("token")

user_api_session = RelativeSession(self.portal_url, test=self)
user_api_session.headers.update({"Accept": "application/json"})
user_api_session.headers.update({"Authorization": f"Bearer {auth_token}"})

# try to change e-mail to an existing one, it should fail
email_change_response = user_api_session.patch(
f"/@users/{userid}",
json={"email": "[email protected]"},
)

self.assertFalse(email_change_response.ok)

# email was not changed, so log in with the old one
new_login_with_old_email_response = self.anon_api_session.post(
"/@login",
json={
"login": "[email protected]",
"password": TEST_USER_PASSWORD,
},
)
self.assertTrue(new_login_with_old_email_response.ok)

0 comments on commit 2029667

Please sign in to comment.