BTHLABS-50: Safari Web extension

Co-authored-by: Tomek Wójcik <labs@tomekwojcik.pl> Co-committed-by: Tomek Wójcik <labs@tomekwojcik.pl>
2025-09-08 18:11:36 +00:00
parent ffecf780ee
commit b6d02dbe78
184 changed files with 7536 additions and 163 deletions
--- a/services/backend/tests/ui/views/integrations/extension/init.py
+++ b/services/backend/tests/ui/views/integrations/extension/init.py
--- a/services/backend/tests/ui/views/integrations/extension/test_authenticate.py
+++ b/services/backend/tests/ui/views/integrations/extension/test_authenticate.py
@@ -0,0 +1,68 @@
+# -*- coding: utf-8 -*-
+# type: ignore
+from __future__ import annotations
+
+import http
+
+from django.test import Client
+from django.urls import reverse
+import pytest
+from pytest_django import asserts
+
+from hotpocket_common.url import URL
+
+
+@pytest.mark.django_db
+def test_ok(authenticated_client: Client):
+    # When
+    result = authenticated_client.get(
+        reverse('ui.integrations.extension.authenticate'),
+        follow=False,
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FOUND
+    assert 'Location' in result.headers
+
+    redirect_url = URL(result.headers['Location'])
+    assert redirect_url.raw_path == reverse('ui.integrations.extension.post_authenticate')
+    assert 'auth_key' in redirect_url.query
+
+    assert 'extension_auth_key' in authenticated_client.session
+    assert authenticated_client.session['extension_auth_key'] == redirect_url.query['auth_key'][0]
+
+
+@pytest.mark.django_db
+def test_inactive_account(inactive_account_client: Client):
+    # When
+    result = inactive_account_client.get(
+        reverse('ui.integrations.extension.authenticate'),
+    )
+
+    # Then
+    asserts.assertRedirects(
+        result,
+        reverse(
+            'ui.accounts.login',
+            query=[('next', reverse('ui.integrations.extension.authenticate'))],
+        ),
+        fetch_redirect_response=False,
+    )
+
+
+@pytest.mark.django_db
+def test_anonymous(client: Client):
+    # When
+    result = client.get(
+        reverse('ui.integrations.extension.authenticate'),
+    )
+
+    # Then
+    asserts.assertRedirects(
+        result,
+        reverse(
+            'ui.accounts.login',
+            query=[('next', reverse('ui.integrations.extension.authenticate'))],
+        ),
+        fetch_redirect_response=False,
+    )
--- a/services/backend/tests/ui/views/integrations/extension/test_post_authenticate.py
+++ b/services/backend/tests/ui/views/integrations/extension/test_post_authenticate.py
@@ -0,0 +1,112 @@
+# -*- coding: utf-8 -*-
+# type: ignore
+from __future__ import annotations
+
+import http
+import uuid
+
+from django.test import Client
+from django.urls import reverse
+import pytest
+from pytest_django import asserts
+
+
+@pytest.fixture
+def auth_key():
+    return str(uuid.uuid4())
+
+
+@pytest.mark.django_db
+def test_ok(authenticated_client: Client, auth_key):
+    # Given
+    session = authenticated_client.session
+    session['extension_auth_key'] = auth_key
+    session.save()
+
+    # When
+    result = authenticated_client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+        data={
+            'auth_key': auth_key,
+        },
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.OK
+
+    asserts.assertTemplateUsed(
+        result, 'ui/integrations/extension/post_authenticate.html',
+    )
+
+
+@pytest.mark.django_db
+def test_auth_key_not_in_session(authenticated_client: Client, auth_key):
+    # When
+    result = authenticated_client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+        data={
+            'auth_key': auth_key,
+        },
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FORBIDDEN
+
+
+@pytest.mark.django_db
+def test_auth_key_not_request(authenticated_client: Client, auth_key):
+    # Given
+    session = authenticated_client.session
+    session['extension_auth_key'] = auth_key
+    session.save()
+
+    # When
+    result = authenticated_client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+        data={
+        },
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FORBIDDEN
+
+
+@pytest.mark.django_db
+def test_auth_key_mismatch(authenticated_client: Client, auth_key):
+    # Given
+    session = authenticated_client.session
+    session['extension_auth_key'] = auth_key
+    session.save()
+
+    # When
+    result = authenticated_client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+        data={
+            'auth_key': 'thisisntright',
+        },
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FORBIDDEN
+
+
+@pytest.mark.django_db
+def test_inactive_account(inactive_account_client: Client):
+    # When
+    result = inactive_account_client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FORBIDDEN
+
+
+@pytest.mark.django_db
+def test_anonymous(client: Client):
+    # When
+    result = client.get(
+        reverse('ui.integrations.extension.post_authenticate'),
+    )
+
+    # Then
+    assert result.status_code == http.HTTPStatus.FORBIDDEN