Fakultas Ilmu Komputer UI

Commit 4a72c2de authored by Jonathan Christopher Jakub's avatar Jonathan Christopher Jakub
Browse files

Merge branch 'bugfix/fix-verified-account-on-permission' into 'staging'

Bugfix: Fix is_verified on permission

See merge request !27
parents e675ad4f 93ced8ad
Pipeline #40161 passed with stages
in 3 minutes and 49 seconds
......@@ -28,3 +28,4 @@ class AccountFactory(factory.DjangoModelFactory):
phone_number = faker.phone_number()
area = faker.city()
is_active = True
is_verified = True
......@@ -88,9 +88,9 @@ class AccountViewTest(APITestCase):
"email": self.officer.email,
"phone_number": self.officer.phone_number,
"area": self.officer.area,
"is_admin": False,
"is_verified": False,
"is_active": True,
"is_admin": self.officer.is_admin,
"is_verified": self.officer.is_verified,
"is_active": self.officer.is_active,
}
self.assertJSONEqual(json.dumps(response.data), data)
......@@ -237,9 +237,9 @@ class AccountViewTest(APITestCase):
"email": self.admin.email,
"phone_number": self.admin.phone_number,
"area": self.admin.area,
"is_admin": True,
"is_verified": False,
"is_active": True,
"is_admin": self.admin.is_admin,
"is_verified": self.admin.is_verified,
"is_active": self.admin.is_active,
}
self.assertEqual(response.status_code, status.HTTP_200_OK)
......
......@@ -6,7 +6,11 @@ from django.core.exceptions import ObjectDoesNotExist
class IsAuthenticated(BasePermission):
def has_permission(self, request, view):
user = request.user
return user.is_authenticated and user.account.is_active
return (
user.is_authenticated
and user.account.is_active
and user.account.is_verified
)
class CreateOnly(BasePermission):
......
......@@ -20,26 +20,50 @@ class IsAuthenticatedPermissionTest(APITestCase):
self.permission = IsAuthenticated()
self.user_1 = UserFactory(username="user_1", password="justpass")
self.user_2 = UserFactory(username="user_2", password="justpass")
self.user_3 = UserFactory(username="user_3", password="justpass")
self.account_1 = AccountFactory(admin=True, user=self.user_1)
self.account_2 = AccountFactory(admin=False, user=self.user_2, is_active=False)
self.account_1 = AccountFactory(
admin=True,
user=self.user_1,
is_active=True,
is_verified=True
)
self.account_2 = AccountFactory(
admin=False,
user=self.user_2,
is_active=False,
is_verified=True
)
self.account_2 = AccountFactory(
admin=False,
user=self.user_3,
is_active=True,
is_verified=False
)
self.token_1, _ = Token.objects.get_or_create(user=self.user_1)
self.token_2, _ = Token.objects.get_or_create(user=self.user_2)
self.token_3, _ = Token.objects.get_or_create(user=self.user_3)
def test_has_permission_true_for_authenticated_user(self):
def test_has_permission_true_for_active_and_verified_user(self):
self.client = APIClient(HTTP_AUTHORIZATION=HEADER_PREFIX + self.token_1.key)
request = self.client.get("/").wsgi_request
request.user = self.user_1
self.assertTrue(self.permission.has_permission(request, None))
def test_has_permission_false_for_unauthenticated_user(self):
def test_has_permission_false_for_inactive_user(self):
self.client = APIClient(HTTP_AUTHORIZATION=HEADER_PREFIX + self.token_2.key)
request = self.client.get("/").wsgi_request
request.user = self.user_2
self.assertFalse(self.permission.has_permission(request, None))
def test_has_permission_false_for_unverified_user(self):
self.client = APIClient(HTTP_AUTHORIZATION=HEADER_PREFIX + self.token_3.key)
request = self.client.get("/").wsgi_request
request.user = self.user_3
self.assertFalse(self.permission.has_permission(request, None))
class CreateOnlyPermissionTest(APITestCase):
@classmethod
......
......@@ -82,9 +82,9 @@ class ActivityLogViewTest(APITestCase):
"email": self.account.email,
"phone_number": self.account.phone_number,
"area": self.account.area,
"is_admin": False,
"is_verified": False,
"is_active": True,
"is_admin": self.account.is_admin,
"is_verified": self.account.is_verified,
"is_active": self.account.is_active,
},
},
],
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment