Fakultas Ilmu Komputer UI

Commit 1363688c authored by Jonathan Christopher Jakub's avatar Jonathan Christopher Jakub
Browse files

Account creation accepts verified users and blocks existing user

parent 8947b2dc
......@@ -46,6 +46,8 @@ class AccountRegisterSerializer(serializers.ModelSerializer):
"phone_number",
"area",
"is_admin",
"is_verified",
"is_active",
]
def validate_password(self, value):
......
......@@ -113,6 +113,8 @@ class AccountViewTest(APITestCase):
"phone_number": self.faker.phone_number(),
"area": self.faker.city(),
"is_admin": False,
"is_verified": True,
"is_active": True,
}
response = self.client.post(path=url, data=data, format="json",)
......@@ -121,8 +123,13 @@ class AccountViewTest(APITestCase):
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(officer_current_count, officer_prev_count + 1)
new_officer = Account.objects.filter(email=_account_id)[0]
self.assertTrue(new_officer.is_verified)
self.assertTrue(new_officer.is_active)
# Have account creation log for the new officer
new_officer_id = Account.objects.filter(email=_account_id)[0].id
new_officer_id = new_officer.id
response = self.client.get(self.LOGS_URL)
response_string = response.rendered_content.decode("utf-8")
......@@ -131,6 +138,22 @@ class AccountViewTest(APITestCase):
f'"action_type":"{ACTIVITY_TYPE_CREATE}"', response_string
)
def test_create_existing_user_fails(self):
url = self.BASE_URL
data = {
"name": self.faker.name(),
"username": "user_1",
"password": "justpass",
"email": self.faker.email(),
"phone_number": self.faker.phone_number(),
"area": self.faker.city(),
"is_admin": False,
"is_verified": True,
"is_active": True,
}
response = self.client.post(path=url, data=data, format="json",)
self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
def test_create_new_account_fails_with_poor_password(self):
url = self.BASE_URL
_account_id = self.faker.email()
......
......@@ -55,13 +55,27 @@ class AccountViewSet(viewsets.ModelViewSet):
return AccountRegisterSerializer
return AccountSerializer
def perform_create(self, serializer):
def create(self, request):
serializer_class = self.get_serializer_class()
serializer = serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
username = serializer.validated_data.pop("username").lower()
password = serializer.validated_data.pop("password")
if User.objects.filter(username=username).exists():
return Response(
{"username" : ["User with that username already exists."]},
status=status.HTTP_409_CONFLICT
)
user = User.objects.create_user(username=username, password=password)
Account.objects.create(user=user, **serializer.validated_data)
return Response(
serializer.data, status=status.HTTP_201_CREATED,
)
def perform_update(self, serializer):
serializer.save()
if serializer.data["is_verified"] and serializer.data["is_active"]:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment