From f62e9ff3a3386e0d6707aa1d3cbac800c4c61e60 Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Tue, 31 Jan 2017 16:46:04 +0100 Subject: [PATCH] don't associate user if PhantomJS response is erroneous (#14813) --- mandayejs/mandaye/utils.py | 2 +- mandayejs/mandaye/views.py | 3 +++ tests/test_mandayejs.py | 26 +++++++++++++++++++------- 3 files changed, 23 insertions(+), 8 deletions(-) diff --git a/mandayejs/mandaye/utils.py b/mandayejs/mandaye/utils.py index 0cd1979..3bcd995 100644 --- a/mandayejs/mandaye/utils.py +++ b/mandayejs/mandaye/utils.py @@ -44,7 +44,7 @@ def exec_phantom(data, script='do_login.js'): try: result = json.loads(stdout) except (ValueError,): - result = {"result": "failure, couldn't decode JSON"} + result = {"result": "json_error"} logger.error(stdout) if result.get('stderr'): diff --git a/mandayejs/mandaye/views.py b/mandayejs/mandaye/views.py index 79a2c45..6b32c72 100644 --- a/mandayejs/mandaye/views.py +++ b/mandayejs/mandaye/views.py @@ -162,6 +162,9 @@ def post_login_do(request, *args, **kwargs): elif result.get('result') == 'redirect': url = urlparse(result.get('url', '/')) url = url.path + elif result.get('result') == 'json_error': + messages.error(request, _('invalid response from server')) + url = resolve_url('associate') else: credentials.linked = True credentials.save() diff --git a/tests/test_mandayejs.py b/tests/test_mandayejs.py index 1735040..8d5ebc9 100644 --- a/tests/test_mandayejs.py +++ b/tests/test_mandayejs.py @@ -9,7 +9,7 @@ from django.conf import settings from django.core.management import call_command from django.http.request import HttpRequest, QueryDict from django.forms.fields import DateField -from django.test.client import RequestFactory +from django.test.client import RequestFactory, Client from django.core.urlresolvers import reverse from mandayejs.mandaye.models import UserCredentials @@ -246,16 +246,28 @@ def test_signed_api_delete(client_service, url_signed): @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') -def test_phantom_invalid_json(mocked_popen, caplog): +@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS) +def test_phantom_invalid_json(mocked_popen, caplog, user_john): expected_output = ('This is not a valid JSON', None) mocked_popen.return_value = MockedPopen(expected_output=expected_output) - result = exec_phantom(LOGIN_INFO) - for record in caplog.records(): - assert record.levelname == 'ERROR' - assert record.message == 'This is not a valid JSON' + UserCredentials.objects.create(user=user_john, + locators={ + 'login': 'johnny', 'password': 'jumper', + 'birth_date': '1995-06-11'}) + + client = Client() + client.login(username='john', password='john') + response = client.get(reverse('post-login-do')) + assert 'window.top.location = "/_mandaye/associate/"' in response.content - assert result['result'] == "failure, couldn't decode JSON" + for message in response.context['messages']: + assert message.level_tag == 'error' + assert message.message == 'invalid response from server' + + for record in caplog.records(): + if record.levelname == 'ERROR': + assert record.message == 'This is not a valid JSON' @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') -- 2.11.0