zedfrigg/bookwyrm
1
0
Fork 0
Code Activity

Merge pull request #2879 from bookwyrm-social/reactivation-bug

Browse source 
Don't allow invalid account reactivation
This commit is contained in:
Mouse Reeve 2023-07-20 19:07:18 -07:00 committed by GitHub
commit c4d72829e9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
bookwyrm/tests/views/landing/test_register.py
View file

@ -347,11 +347,17 @@ class RegisterViews(TestCase):
self.settings.save()
self.local_user.is_active = False
self.local_user.allow_reactivation = True
self.local_user.deactivation_reason = "pending"
self.local_user.confirmation_code = "12345"
self.local_user.save(
broadcast=False,
update_fields=["is_active", "deactivation_reason", "confirmation_code"],
update_fields=[
"is_active",
"allow_reactivation",
"deactivation_reason",
"confirmation_code",
],
)
view = views.ConfirmEmailCode.as_view()
request = self.factory.get("")

21
bookwyrm/tests/views/preferences/test_delete_user.py
View file

@ -141,3 +141,24 @@ class DeleteUserViews(TestCase):
self.local_user.refresh_from_db()
self.assertTrue(self.local_user.is_active)
self.assertIsNone(self.local_user.deactivation_reason)
def test_reactivate_user_post_disallowed(self, _):
"""Reactivate action under the wrong circumstances"""
self.local_user.is_active = False
self.local_user.save(broadcast=False)
view = views.ReactivateUser.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse"
form.data["password"] = "password"
request = self.factory.post("", form.data)
request.user = self.local_user
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
with patch("bookwyrm.views.preferences.delete_user.login"):
view(request)
self.local_user.refresh_from_db()
self.assertFalse(self.local_user.is_active)