diff --git a/bookwyrm/forms.py b/bookwyrm/forms.py index 686ac8b1..152c2d76 100644 --- a/bookwyrm/forms.py +++ b/bookwyrm/forms.py @@ -35,7 +35,7 @@ class CustomForm(ModelForm): class LoginForm(CustomForm): class Meta: model = models.User - fields = ['username', 'password'] + fields = ['localname', 'password'] help_texts = {f: None for f in fields} widgets = { 'password': PasswordInput(), @@ -45,7 +45,7 @@ class LoginForm(CustomForm): class RegisterForm(CustomForm): class Meta: model = models.User - fields = ['username', 'email', 'password'] + fields = ['localname', 'email', 'password'] help_texts = {f: None for f in fields} widgets = { 'password': PasswordInput() diff --git a/bookwyrm/migrations/0030_auto_20201224_1939.py b/bookwyrm/migrations/0030_auto_20201224_1939.py new file mode 100644 index 00000000..6de5d37f --- /dev/null +++ b/bookwyrm/migrations/0030_auto_20201224_1939.py @@ -0,0 +1,19 @@ +# Generated by Django 3.0.7 on 2020-12-24 19:39 + +import bookwyrm.models.fields +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('bookwyrm', '0029_auto_20201221_2014'), + ] + + operations = [ + migrations.AlterField( + model_name='user', + name='localname', + field=models.CharField(max_length=255, null=True, unique=True, validators=[bookwyrm.models.fields.validate_localname]), + ), + ] diff --git a/bookwyrm/models/fields.py b/bookwyrm/models/fields.py index 6dd3b496..c6571ff4 100644 --- a/bookwyrm/models/fields.py +++ b/bookwyrm/models/fields.py @@ -26,11 +26,20 @@ def validate_remote_id(value): ) +def validate_localname(value): + ''' make sure localnames look okay ''' + if not re.match(r'^[A-Za-z\-_\.0-9]+$', value): + raise ValidationError( + _('%(value)s is not a valid username'), + params={'value': value}, + ) + + def validate_username(value): ''' make sure usernames look okay ''' - if not re.match(r'^[A-Za-z\-_\.]+$', value): + if not re.match(r'^[A-Za-z\-_\.0-9]+@[A-Za-z\-_\.0-9]+\.[a-z]{2,}$', value): raise ValidationError( - _('%(value)s is not a valid remote_id'), + _('%(value)s is not a valid username'), params={'value': value}, ) @@ -147,7 +156,7 @@ class RemoteIdField(ActivitypubFieldMixin, models.CharField): class UsernameField(ActivitypubFieldMixin, models.CharField): ''' activitypub-aware username field ''' - def __init__(self, activitypub_field='preferredUsername'): + def __init__(self, activitypub_field='preferredUsername', **kwargs): self.activitypub_field = activitypub_field # I don't totally know why pylint is mad at this, but it makes it work super( #pylint: disable=bad-super-call diff --git a/bookwyrm/models/user.py b/bookwyrm/models/user.py index f9120ff0..4cbe387f 100644 --- a/bookwyrm/models/user.py +++ b/bookwyrm/models/user.py @@ -1,4 +1,5 @@ ''' database schema for user data ''' +import re from urllib.parse import urlparse from django.apps import apps @@ -13,6 +14,7 @@ from bookwyrm.models.status import Status, Review from bookwyrm.settings import DOMAIN from bookwyrm.signatures import create_key_pair from bookwyrm.tasks import app +from bookwyrm.utils import regex from .base_model import OrderedCollectionPageMixin from .base_model import ActivitypubMixin, BookWyrmModel from .federated_server import FederatedServer @@ -49,7 +51,8 @@ class User(OrderedCollectionPageMixin, AbstractUser): localname = models.CharField( max_length=255, null=True, - unique=True + unique=True, + validators=[fields.validate_localname], ) # name is your display name, which you can change at will name = fields.CharField(max_length=100, null=True, blank=True) @@ -167,20 +170,17 @@ class User(OrderedCollectionPageMixin, AbstractUser): def save(self, *args, **kwargs): ''' populate fields for new local users ''' # this user already exists, no need to populate fields - if self.id: - return super().save(*args, **kwargs) - - if not self.local: + if not self.local and not re.match(regex.full_username, self.username): # generate a username that uses the domain (webfinger format) actor_parts = urlparse(self.remote_id) self.username = '%s@%s' % (self.username, actor_parts.netloc) return super().save(*args, **kwargs) + if self.id or not self.local: + return super().save(*args, **kwargs) + # populate fields for local users - self.remote_id = 'https://%s/user/%s' % (DOMAIN, self.username) - self.localname = self.username - self.username = '%s@%s' % (self.username, DOMAIN) - self.actor = self.remote_id + self.remote_id = 'https://%s/user/%s' % (DOMAIN, self.localname) self.inbox = '%s/inbox' % self.remote_id self.shared_inbox = 'https://%s/inbox' % DOMAIN self.outbox = '%s/outbox' % self.remote_id diff --git a/bookwyrm/templates/layout.html b/bookwyrm/templates/layout.html index 2e8fdcac..a2565840 100644 --- a/bookwyrm/templates/layout.html +++ b/bookwyrm/templates/layout.html @@ -119,15 +119,15 @@ {% else %}
- {% if request.path != '/login' and request.path != '/login/' %} + {% if request.path != '/login' and request.path != '/login/' and request.path != '/user-login' %}
{% csrf_token %}
- - + +
diff --git a/bookwyrm/templates/login.html b/bookwyrm/templates/login.html index ce5d9e41..40d57fa4 100644 --- a/bookwyrm/templates/login.html +++ b/bookwyrm/templates/login.html @@ -11,9 +11,9 @@ {% csrf_token %}
- +
- {{ login_form.username }} + {{ login_form.localname }}
diff --git a/bookwyrm/templates/snippets/register_form.html b/bookwyrm/templates/snippets/register_form.html index d6f5b98f..213ad1e7 100644 --- a/bookwyrm/templates/snippets/register_form.html +++ b/bookwyrm/templates/snippets/register_form.html @@ -1,10 +1,10 @@ {% csrf_token %}
- +
- +
- {% for error in register_form.username.errors %} + {% for error in register_form.localname.errors %}

{{ error | escape }}

{% endfor %}
diff --git a/bookwyrm/tests/activitypub/test_base_activity.py b/bookwyrm/tests/activitypub/test_base_activity.py index 4cdc2c70..8668c7e2 100644 --- a/bookwyrm/tests/activitypub/test_base_activity.py +++ b/bookwyrm/tests/activitypub/test_base_activity.py @@ -20,7 +20,8 @@ class BaseActivity(TestCase): def setUp(self): ''' we're probably going to re-use this so why copy/paste ''' self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') self.user.remote_id = 'http://example.com/a/b' self.user.save() diff --git a/bookwyrm/tests/models/test_base_model.py b/bookwyrm/tests/models/test_base_model.py index 604ba0d6..a18257f5 100644 --- a/bookwyrm/tests/models/test_base_model.py +++ b/bookwyrm/tests/models/test_base_model.py @@ -22,7 +22,8 @@ class BaseModel(TestCase): def test_remote_id_with_user(self): ''' format of remote id when there's a user object ''' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') instance = base_model.BookWyrmModel() instance.user = user instance.id = 1 @@ -51,7 +52,8 @@ class BaseModel(TestCase): def test_to_create_activity(self): ''' wrapper for ActivityPub "create" action ''' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') object_activity = { 'to': 'to field', 'cc': 'cc field', @@ -81,7 +83,8 @@ class BaseModel(TestCase): def test_to_delete_activity(self): ''' wrapper for Delete activity ''' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') MockSelf = namedtuple('Self', ('remote_id', 'to_activity')) mock_self = MockSelf( @@ -105,7 +108,8 @@ class BaseModel(TestCase): def test_to_update_activity(self): ''' ditto above but for Update ''' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') MockSelf = namedtuple('Self', ('remote_id', 'to_activity')) mock_self = MockSelf( @@ -129,7 +133,8 @@ class BaseModel(TestCase): def test_to_undo_activity(self): ''' and again, for Undo ''' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') MockSelf = namedtuple('Self', ('remote_id', 'to_activity')) mock_self = MockSelf( @@ -173,7 +178,8 @@ class BaseModel(TestCase): book = models.Edition.objects.create( title='Test Edition', remote_id='http://book.com/book') user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') user.remote_id = 'http://example.com/a/b' user.save() diff --git a/bookwyrm/tests/models/test_fields.py b/bookwyrm/tests/models/test_fields.py index 10c674d9..e87855f6 100644 --- a/bookwyrm/tests/models/test_fields.py +++ b/bookwyrm/tests/models/test_fields.py @@ -111,10 +111,17 @@ class ActivitypubFields(TestCase): self.assertEqual(instance.max_length, 150) self.assertEqual(instance.unique, True) with self.assertRaises(ValidationError): - instance.run_validators('one two') - instance.run_validators('a*&') - instance.run_validators('trailingwhite ') - self.assertIsNone(instance.run_validators('aksdhf')) + instance.run_validators('mouse') + instance.run_validators('mouseexample.com') + instance.run_validators('mouse@example.c') + instance.run_validators('@example.com') + instance.run_validators('mouse@examplecom') + instance.run_validators('one two@fish.aaaa') + instance.run_validators('a*&@exampke.com') + instance.run_validators('trailingwhite@example.com ') + self.assertIsNone(instance.run_validators('mouse@example.com')) + self.assertIsNone(instance.run_validators('mo-2use@ex3ample.com')) + self.assertIsNone(instance.run_validators('aksdhf@sdkjf-df.cm')) self.assertEqual(instance.field_to_activity('test@example.com'), 'test') @@ -173,7 +180,8 @@ class ActivitypubFields(TestCase): def test_privacy_field_set_activity_from_field(self): ''' translate between to/cc fields and privacy ''' user = User.objects.create_user( - 'rat', 'rat@rat.rat', 'ratword', local=True) + 'rat', 'rat@rat.rat', 'ratword', + local=True, localname='rat') public = 'https://www.w3.org/ns/activitystreams#Public' followers = '%s/followers' % user.remote_id @@ -230,7 +238,8 @@ class ActivitypubFields(TestCase): # it shouldn't match with this unrelated user: unrelated_user = User.objects.create_user( - 'rat', 'rat@rat.rat', 'ratword', local=True) + 'rat', 'rat@rat.rat', 'ratword', + local=True, localname='rat') # test receiving an unknown remote id and loading data responses.add( @@ -258,7 +267,8 @@ class ActivitypubFields(TestCase): # it shouldn't match with this unrelated user: unrelated_user = User.objects.create_user( - 'rat', 'rat@rat.rat', 'ratword', local=True) + 'rat', 'rat@rat.rat', 'ratword', + local=True, localname='rat') with patch('bookwyrm.models.user.set_remote_server.delay'): value = instance.field_from_activity(userdata) self.assertIsInstance(value, User) @@ -276,11 +286,13 @@ class ActivitypubFields(TestCase): ) userdata = json.loads(datafile.read_bytes()) user = User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') user.remote_id = 'https://example.com/user/mouse' user.save() User.objects.create_user( - 'rat', 'rat@rat.rat', 'ratword', local=True) + 'rat', 'rat@rat.rat', 'ratword', + local=True, localname='rat') value = instance.field_from_activity(userdata) self.assertEqual(value, user) @@ -290,9 +302,11 @@ class ActivitypubFields(TestCase): ''' test receiving a remote id of an existing object in the db ''' instance = fields.ForeignKey(User, on_delete=models.CASCADE) user = User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') User.objects.create_user( - 'rat', 'rat@rat.rat', 'ratword', local=True) + 'rat', 'rat@rat.rat', 'ratword', + local=True, localname='rat') value = instance.field_from_activity(user.remote_id) self.assertEqual(value, user) @@ -382,7 +396,8 @@ class ActivitypubFields(TestCase): def test_image_field(self): ''' storing images ''' user = User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') image_file = pathlib.Path(__file__).parent.joinpath( '../../static/images/default_avi.jpg') image = Image.open(image_file) diff --git a/bookwyrm/tests/models/test_import_model.py b/bookwyrm/tests/models/test_import_model.py index 3d890141..146c60a7 100644 --- a/bookwyrm/tests/models/test_import_model.py +++ b/bookwyrm/tests/models/test_import_model.py @@ -59,7 +59,8 @@ class ImportJob(TestCase): unknown_read_data['Date Read'] = '' user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') job = models.ImportJob.objects.create(user=user) self.item_1 = models.ImportItem.objects.create( job=job, index=1, data=currently_reading_data) diff --git a/bookwyrm/tests/models/test_relationship_models.py b/bookwyrm/tests/models/test_relationship_models.py index c5c619a0..a1232c1b 100644 --- a/bookwyrm/tests/models/test_relationship_models.py +++ b/bookwyrm/tests/models/test_relationship_models.py @@ -16,7 +16,8 @@ class Relationship(TestCase): outbox='https://example.com/users/rat/outbox', ) self.local_user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') self.local_user.remote_id = 'http://local.com/user/mouse' self.local_user.save() diff --git a/bookwyrm/tests/models/test_shelf_model.py b/bookwyrm/tests/models/test_shelf_model.py index 9cdc7311..2bce0a9c 100644 --- a/bookwyrm/tests/models/test_shelf_model.py +++ b/bookwyrm/tests/models/test_shelf_model.py @@ -9,7 +9,8 @@ class Shelf(TestCase): def setUp(self): ''' look, a shelf ''' self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') self.shelf = models.Shelf.objects.create( name='Test Shelf', identifier='test-shelf', user=self.user) diff --git a/bookwyrm/tests/models/test_status_model.py b/bookwyrm/tests/models/test_status_model.py index d98b8b18..a479a88b 100644 --- a/bookwyrm/tests/models/test_status_model.py +++ b/bookwyrm/tests/models/test_status_model.py @@ -16,7 +16,8 @@ class Status(TestCase): def setUp(self): ''' useful things for creating a status ''' self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') self.book = models.Edition.objects.create(title='Test Edition') image_file = pathlib.Path(__file__).parent.joinpath( diff --git a/bookwyrm/tests/models/test_user_model.py b/bookwyrm/tests/models/test_user_model.py index 0454fb40..b7a41eab 100644 --- a/bookwyrm/tests/models/test_user_model.py +++ b/bookwyrm/tests/models/test_user_model.py @@ -9,7 +9,8 @@ from bookwyrm.settings import DOMAIN class User(TestCase): def setUp(self): self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse@%s' % DOMAIN, 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') def test_computed_fields(self): ''' username instead of id here ''' diff --git a/bookwyrm/tests/test_broadcast.py b/bookwyrm/tests/test_broadcast.py index b8051219..0150fca8 100644 --- a/bookwyrm/tests/test_broadcast.py +++ b/bookwyrm/tests/test_broadcast.py @@ -7,10 +7,12 @@ from bookwyrm import models, broadcast class Book(TestCase): def setUp(self): self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') local_follower = models.User.objects.create_user( - 'joe', 'joe@mouse.mouse', 'jeoword', local=True) + 'joe', 'joe@mouse.mouse', 'jeoword', + local=True, localname='joe') self.user.followers.add(local_follower) with patch('bookwyrm.models.user.set_remote_server.delay'): diff --git a/bookwyrm/tests/test_incoming.py b/bookwyrm/tests/test_incoming.py index b8e3508e..5d8bd110 100644 --- a/bookwyrm/tests/test_incoming.py +++ b/bookwyrm/tests/test_incoming.py @@ -19,7 +19,8 @@ class Incoming(TestCase): def setUp(self): ''' we need basic things, like users ''' self.local_user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse@example.com', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') self.local_user.remote_id = 'https://example.com/user/mouse' self.local_user.save() with patch('bookwyrm.models.user.set_remote_server.delay'): @@ -486,6 +487,10 @@ class Incoming(TestCase): def test_handle_update_user(self): ''' update an existing user ''' + # we only do this with remote users + self.local_user.local = False + self.local_user.save() + datafile = pathlib.Path(__file__).parent.joinpath( 'data/ap_user.json') userdata = json.loads(datafile.read_bytes()) @@ -494,6 +499,8 @@ class Incoming(TestCase): incoming.handle_update_user({'object': userdata}) user = models.User.objects.get(id=self.local_user.id) self.assertEqual(user.name, 'MOUSE?? MOUSE!!') + self.assertEqual(user.username, 'mouse@example.com') + self.assertEqual(user.localname, 'mouse') def test_handle_update_edition(self): diff --git a/bookwyrm/tests/test_outgoing.py b/bookwyrm/tests/test_outgoing.py index 5e585b1d..e004d109 100644 --- a/bookwyrm/tests/test_outgoing.py +++ b/bookwyrm/tests/test_outgoing.py @@ -21,15 +21,16 @@ class Outgoing(TestCase): self.factory = RequestFactory() with patch('bookwyrm.models.user.set_remote_server'): self.remote_user = models.User.objects.create_user( - 'rat', 'rat@rat.com', 'ratword', + 'rat', 'rat@email.com', 'ratword', local=False, remote_id='https://example.com/users/rat', inbox='https://example.com/users/rat/inbox', outbox='https://example.com/users/rat/outbox', ) self.local_user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True, - localname='mouse', remote_id='https://example.com/users/mouse', + 'mouse@local.com', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse', + remote_id='https://example.com/users/mouse', ) datafile = pathlib.Path(__file__).parent.joinpath( @@ -175,10 +176,10 @@ class Outgoing(TestCase): def test_existing_user(self): ''' simple database lookup by username ''' - result = outgoing.handle_remote_webfinger('@mouse@%s' % DOMAIN) + result = outgoing.handle_remote_webfinger('@mouse@local.com') self.assertEqual(result, self.local_user) - result = outgoing.handle_remote_webfinger('mouse@%s' % DOMAIN) + result = outgoing.handle_remote_webfinger('mouse@local.com') self.assertEqual(result, self.local_user) @@ -398,7 +399,8 @@ class Outgoing(TestCase): def test_handle_status_mentions(self): ''' @mention a user in a post ''' user = models.User.objects.create_user( - 'rat', 'rat@rat.com', 'password', local=True) + 'rat@%s' % DOMAIN, 'rat@rat.com', 'password', + local=True, localname='rat') form = forms.CommentForm({ 'content': 'hi @rat', 'user': self.local_user.id, @@ -409,16 +411,17 @@ class Outgoing(TestCase): with patch('bookwyrm.broadcast.broadcast_task.delay'): outgoing.handle_status(self.local_user, form) status = models.Status.objects.get() + self.assertEqual(list(status.mention_users.all()), [user]) + self.assertEqual(models.Notification.objects.get().user, user) self.assertEqual( status.content, '

hi @rat

' % user.remote_id) - self.assertEqual(list(status.mention_users.all()), [user]) - self.assertEqual(models.Notification.objects.get().user, user) def test_handle_status_reply_with_mentions(self): ''' reply to a post with an @mention'ed user ''' user = models.User.objects.create_user( - 'rat', 'rat@rat.com', 'password', local=True) + 'rat', 'rat@rat.com', 'password', + local=True, localname='rat') form = forms.CommentForm({ 'content': 'hi @rat@example.com', 'user': self.local_user.id, diff --git a/bookwyrm/tests/test_signing.py b/bookwyrm/tests/test_signing.py index bf252764..0d55893d 100644 --- a/bookwyrm/tests/test_signing.py +++ b/bookwyrm/tests/test_signing.py @@ -31,11 +31,14 @@ Sender = namedtuple('Sender', ('remote_id', 'key_pair')) class Signature(TestCase): def setUp(self): self.mouse = User.objects.create_user( - 'mouse', 'mouse@example.com', '', local=True) + 'mouse@%s' % DOMAIN, 'mouse@example.com', '', + local=True, localname='mouse') self.rat = User.objects.create_user( - 'rat', 'rat@example.com', '', local=True) + 'rat@%s' % DOMAIN, 'rat@example.com', '', + local=True, localname='rat') self.cat = User.objects.create_user( - 'cat', 'cat@example.com', '', local=True) + 'cat@%s' % DOMAIN, 'cat@example.com', '', + local=True, localname='cat') private_key, public_key = create_key_pair() diff --git a/bookwyrm/tests/test_templatetags.py b/bookwyrm/tests/test_templatetags.py index 6956553e..004dd893 100644 --- a/bookwyrm/tests/test_templatetags.py +++ b/bookwyrm/tests/test_templatetags.py @@ -16,7 +16,8 @@ class TemplateTags(TestCase): def setUp(self): ''' create some filler objects ''' self.user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'mouseword', local=True) + 'mouse@example.com', 'mouse@mouse.mouse', 'mouseword', + local=True, localname='mouse') with patch('bookwyrm.models.user.set_remote_server.delay'): self.remote_user = models.User.objects.create_user( 'rat', 'rat@rat.rat', 'ratword', diff --git a/bookwyrm/tests/test_view_actions.py b/bookwyrm/tests/test_view_actions.py index b5ed6751..2e5258f6 100644 --- a/bookwyrm/tests/test_view_actions.py +++ b/bookwyrm/tests/test_view_actions.py @@ -18,7 +18,8 @@ class ViewActions(TestCase): def setUp(self): ''' we need basic things, like users ''' self.local_user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.com', 'mouseword', local=True) + 'mouse', 'mouse@mouse.com', 'mouseword', + local=True, localname='mouse') self.local_user.remote_id = 'https://example.com/user/mouse' self.local_user.save() self.group = Group.objects.create(name='editor') @@ -54,7 +55,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutria-user.user_nutria', + 'localname': 'nutria-user.user_nutria', 'password': 'mouseword', 'email': 'aa@bb.cccc' }) @@ -72,7 +73,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutria ', + 'localname': 'nutria ', 'password': 'mouseword', 'email': 'aa@bb.ccc' }) @@ -91,7 +92,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutria', + 'localname': 'nutria', 'password': 'mouseword', 'email': 'aa' }) @@ -105,7 +106,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nut@ria', + 'localname': 'nut@ria', 'password': 'mouseword', 'email': 'aa@bb.ccc' }) @@ -116,7 +117,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutr ia', + 'localname': 'nutr ia', 'password': 'mouseword', 'email': 'aa@bb.ccc' }) @@ -127,7 +128,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nut@ria', + 'localname': 'nut@ria', 'password': 'mouseword', 'email': 'aa@bb.ccc' }) @@ -143,7 +144,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutria ', + 'localname': 'nutria ', 'password': 'mouseword', 'email': 'aa@bb.ccc' }) @@ -161,7 +162,7 @@ class ViewActions(TestCase): request = self.factory.post( 'register/', { - 'username': 'nutria', + 'localname': 'nutria', 'password': 'mouseword', 'email': 'aa@bb.ccc', 'invite_code': 'testcode' @@ -172,23 +173,24 @@ class ViewActions(TestCase): self.assertEqual(response.status_code, 302) self.assertEqual(models.SiteInvite.objects.get().times_used, 1) - # invalid invite + # invite already used to max capacity request = self.factory.post( 'register/', { - 'username': 'nutria2', + 'localname': 'nutria2', 'password': 'mouseword', 'email': 'aa@bb.ccc', 'invite_code': 'testcode' }) - response = actions.register(request) + with self.assertRaises(PermissionDenied): + response = actions.register(request) self.assertEqual(models.User.objects.count(), 3) # bad invite code request = self.factory.post( 'register/', { - 'username': 'nutria3', + 'localname': 'nutria3', 'password': 'mouseword', 'email': 'aa@bb.ccc', 'invite_code': 'dkfkdjgdfkjgkdfj' @@ -379,7 +381,7 @@ class ViewActions(TestCase): def test_untag(self): ''' remove a tag from a book ''' tag = models.Tag.objects.create(name='A Tag!?') - user_tag = models.UserTag.objects.create( + models.UserTag.objects.create( user=self.local_user, book=self.book, tag=tag) request = self.factory.post( '', { diff --git a/bookwyrm/tests/test_views.py b/bookwyrm/tests/test_views.py index cc621eba..e94affb2 100644 --- a/bookwyrm/tests/test_views.py +++ b/bookwyrm/tests/test_views.py @@ -9,6 +9,7 @@ from django.test import TestCase from django.test.client import RequestFactory from bookwyrm import models, views +from bookwyrm.activitypub import ActivitypubResponse from bookwyrm.connectors import abstract_connector from bookwyrm.settings import DOMAIN, USER_AGENT @@ -28,7 +29,8 @@ class Views(TestCase): local=True ) self.local_user = models.User.objects.create_user( - 'mouse', 'mouse@mouse.mouse', 'password', local=True) + 'mouse@local.com', 'mouse@mouse.mouse', 'password', + local=True, localname='mouse') with patch('bookwyrm.models.user.set_remote_server.delay'): self.remote_user = models.User.objects.create_user( 'rat', 'rat@rat.com', 'ratword', @@ -52,7 +54,7 @@ class Views(TestCase): self.assertEqual( views.get_user_from_username('mouse'), self.local_user) self.assertEqual( - views.get_user_from_username('mouse@%s' % DOMAIN), self.local_user) + views.get_user_from_username('mouse@local.com'), self.local_user) with self.assertRaises(models.User.DoesNotExist): views.get_user_from_username('mojfse@example.com') @@ -343,7 +345,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.user_page(request, 'mouse') - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -361,7 +363,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.followers_page(request, 'mouse') - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -379,7 +381,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.following_page(request, 'mouse') - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -399,7 +401,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.status_page(request, 'mouse', status.id) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -419,7 +421,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.replies_page(request, 'mouse', status.id) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -448,7 +450,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.book_page(request, self.book.id) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -489,7 +491,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.editions_page(request, self.work.id) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -508,7 +510,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.author_page(request, author.id) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -529,7 +531,7 @@ class Views(TestCase): with patch('bookwyrm.views.is_api_request') as is_api: is_api.return_value = True result = views.tag_page(request, tag.identifier) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) @@ -550,18 +552,22 @@ class Views(TestCase): is_api.return_value = True result = views.shelf_page( request, self.local_user.username, shelf.identifier) - self.assertIsInstance(result, JsonResponse) + self.assertIsInstance(result, ActivitypubResponse) self.assertEqual(result.status_code, 200) def test_is_bookwyrm_request(self): - ''' tests the function that checks if a request came from a bookwyrm instance ''' + ''' checks if a request came from a bookwyrm instance ''' request = self.factory.get('', {'q': 'Test Book'}) self.assertFalse(views.is_bookworm_request(request)) - request = self.factory.get('', {'q': 'Test Book'}, - HTTP_USER_AGENT="http.rb/4.4.1 (Mastodon/3.3.0; +https://mastodon.social/)") + request = self.factory.get( + '', {'q': 'Test Book'}, + HTTP_USER_AGENT=\ + "http.rb/4.4.1 (Mastodon/3.3.0; +https://mastodon.social/)" + ) self.assertFalse(views.is_bookworm_request(request)) - request = self.factory.get('', {'q': 'Test Book'}, HTTP_USER_AGENT=USER_AGENT) + request = self.factory.get( + '', {'q': 'Test Book'}, HTTP_USER_AGENT=USER_AGENT) self.assertTrue(views.is_bookworm_request(request)) diff --git a/bookwyrm/view_actions.py b/bookwyrm/view_actions.py index eb09a37a..d27701b2 100644 --- a/bookwyrm/view_actions.py +++ b/bookwyrm/view_actions.py @@ -30,8 +30,8 @@ def user_login(request): ''' authenticate user login ''' login_form = forms.LoginForm(request.POST) - username = login_form.data['username'] - username = '%s@%s' % (username, DOMAIN) + localname = login_form.data['localname'] + username = '%s@%s' % (localname, DOMAIN) password = login_form.data['password'] user = authenticate(request, username=username, password=password) if user is not None: @@ -59,6 +59,8 @@ def register(request): raise PermissionDenied invite = get_object_or_404(models.SiteInvite, code=invite_code) + if not invite.valid(): + raise PermissionDenied else: invite = None @@ -67,13 +69,13 @@ def register(request): if not form.is_valid(): errors = True - username = form.data['username'].strip() + localname = form.data['localname'].strip() email = form.data['email'] password = form.data['password'] - # check username and email uniqueness - if models.User.objects.filter(localname=username).first(): - form.add_error('username', 'User with this username already exists') + # check localname and email uniqueness + if models.User.objects.filter(localname=localname).first(): + form.errors['localname'] = ['User with this username already exists'] errors = True if errors: @@ -83,8 +85,9 @@ def register(request): } return TemplateResponse(request, 'login.html', data) + username = '%s@%s' % (localname, DOMAIN) user = models.User.objects.create_user( - username, email, password, local=True) + username, email, password, localname=localname, local=True) if invite: invite.times_used += 1 invite.save() diff --git a/bw-dev b/bw-dev index bf5e8f75..ec962770 100755 --- a/bw-dev +++ b/bw-dev @@ -83,7 +83,7 @@ case "$1" in ;; pytest) shift 1 - execweb pytest "$@" + execweb pytest --no-cov-on-fail "$@" ;; test_report) execweb coverage report