From 36dac6df18650d5c9cc8f7a442567269533d91cf Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Tue, 31 Jan 2017 16:46:04 +0100 Subject: [PATCH] don't associate user if PhantomJS response is erroneous (#14813) --- mandayejs/mandaye/utils.py | 4 ++-- mandayejs/mandaye/views.py | 3 +++ tests/test_mandayejs.py | 26 +++++++++++++++++++------- 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/mandayejs/mandaye/utils.py b/mandayejs/mandaye/utils.py index 0cd1979..0341b2a 100644 --- a/mandayejs/mandaye/utils.py +++ b/mandayejs/mandaye/utils.py @@ -44,8 +44,8 @@ def exec_phantom(data, script='do_login.js'): try: result = json.loads(stdout) except (ValueError,): - result = {"result": "failure, couldn't decode JSON"} - logger.error(stdout) + result = {"result": "json_error"} + logger.error("invalid json: %s" % stdout) if result.get('stderr'): logger.warning(result['stderr']) diff --git a/mandayejs/mandaye/views.py b/mandayejs/mandaye/views.py index 79a2c45..34a1615 100644 --- a/mandayejs/mandaye/views.py +++ b/mandayejs/mandaye/views.py @@ -159,6 +159,9 @@ def post_login_do(request, *args, **kwargs): elif result.get('result') == 'timeout': messages.error(request, _('server took too long to respond')) url = resolve_url('associate') + elif result.get('result') == 'json_error': + messages.error(request, _('invalid response from server')) + url = resolve_url('associate') elif result.get('result') == 'redirect': url = urlparse(result.get('url', '/')) url = url.path diff --git a/tests/test_mandayejs.py b/tests/test_mandayejs.py index 1735040..b0f05d2 100644 --- a/tests/test_mandayejs.py +++ b/tests/test_mandayejs.py @@ -9,7 +9,7 @@ from django.conf import settings from django.core.management import call_command from django.http.request import HttpRequest, QueryDict from django.forms.fields import DateField -from django.test.client import RequestFactory +from django.test.client import RequestFactory, Client from django.core.urlresolvers import reverse from mandayejs.mandaye.models import UserCredentials @@ -246,16 +246,28 @@ def test_signed_api_delete(client_service, url_signed): @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') -def test_phantom_invalid_json(mocked_popen, caplog): +@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS) +def test_phantom_invalid_json(mocked_popen, caplog, user_john): expected_output = ('This is not a valid JSON', None) mocked_popen.return_value = MockedPopen(expected_output=expected_output) - result = exec_phantom(LOGIN_INFO) - for record in caplog.records(): - assert record.levelname == 'ERROR' - assert record.message == 'This is not a valid JSON' + UserCredentials.objects.create(user=user_john, + locators={ + 'login': 'johnny', 'password': 'jumper', + 'birth_date': '1995-06-11'}) + + client = Client() + client.login(username='john', password='john') + response = client.get(reverse('post-login-do')) + assert 'window.top.location = "/_mandaye/associate/"' in response.content - assert result['result'] == "failure, couldn't decode JSON" + for message in response.context['messages']: + assert message.level_tag == 'error' + assert message.message == 'invalid response from server' + + for record in caplog.records(): + if record.levelname == 'ERROR': + assert record.message == 'invalid json: This is not a valid JSON' @mock.patch('mandayejs.mandaye.utils.subprocess.Popen') -- 2.11.0