Merge 1ec8204 into 9acee8e

zentralopensource · Jul 1, 2024 · 368a9b8 · 368a9b8
2 parents 9acee8e + 1ec8204
commit 368a9b8
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 9 deletions.
diff --git a/server/accounts/management/commands/create_zentral_user.py b/server/accounts/management/commands/create_zentral_user.py
@@ -36,6 +36,14 @@ def print(self, *args):
             return
         self.stdout.write(" ".join(str(arg) for arg in args))
 
+    def check_options(self):
+        if self.service_account:
+            if self.superuser:
+                self.exit_with_error("A service account cannot be a super user", 5)
+            elif self.send_reset:
+                self.exit_with_error("A service account cannot receive a password reset", 6)
+            self.with_api_token = True
+
     def check_username(self, username):
         username = username.strip()
         if not username:
@@ -107,7 +115,7 @@ def create_or_update_user(self):
 
     def create_api_token(self):
         self.context["api_token_created"] = False
-        if self.with_api_token or self.service_account:
+        if self.with_api_token:
             if APIToken.objects.filter(user=self.user).exists():
                 self.print("Existing API token")
             else:
@@ -144,6 +152,7 @@ def handle(self, *args, **kwargs):
             "service_account": self.service_account,
             "superuser": self.superuser,
         }
+        self.check_options()
         self.check_username(kwargs["username"])
         self.check_email(kwargs["email"])
         self.check_user_conflict()

diff --git a/server/accounts/management/commands/delete_zentral_user.py b/server/accounts/management/commands/delete_zentral_user.py
@@ -11,9 +11,9 @@ def add_arguments(self, parser):
 
     def handle(self, *args, **kwargs):
         username = kwargs["username"]
-        deleted_user_count, _ = User.objects.filter(username=username).delete()
-        if deleted_user_count == 0:
+        deleted_objects_count, _ = User.objects.filter(username=username).delete()
+        if not deleted_objects_count:
             self.stderr.write("0 users deleted")
             sys.exit(11)
         else:
-            self.stdout.write(f"{deleted_user_count} user(s) deleted")
+            self.stdout.write("1 user deleted")
diff --git a/tests/server_accounts/test_create_zentral_user_cmd.py b/tests/server_accounts/test_create_zentral_user_cmd.py
@@ -18,6 +18,16 @@ def call_command(self, *args, **kwargs):
         )
         return out.getvalue()
 
+    def test_service_account_superuser(self):
+        with self.assertRaises(SystemExit) as cm:
+            self.call_command("yolo", "fomo@example.com", "--service-account", "--superuser")
+        self.assertEqual(cm.exception.code, 5)
+
+    def test_service_account_send_reset(self):
+        with self.assertRaises(SystemExit) as cm:
+            self.call_command("yolo", "fomo@example.com", "--service-account", "--send-reset")
+        self.assertEqual(cm.exception.code, 6)
+
     def test_create_user_invalid_username(self):
         with self.assertRaises(SystemExit) as cm:
             self.call_command(" ", "fomo@example.com")
@@ -119,7 +129,7 @@ def test_create_user_send_email(self):
 
     def test_superuser_service_account(self):
         result = json.loads(
-            self.call_command("yolo", "fomo@example.com", "--service-account", "--superuser", "--json")
+            self.call_command("yolo", "fomo@example.com", "--service-account", "--json")
         )
         api_token = result.pop("api_token")
         self.assertEqual(
@@ -128,7 +138,7 @@ def test_superuser_service_account(self):
              'created': True,
              'email': 'fomo@example.com',
              'service_account': True,
-             'superuser': True,
+             'superuser': False,
              'updated': False,
              'username': 'yolo'}
         )

diff --git a/tests/server_accounts/test_delete_zentral_user_cmd.py b/tests/server_accounts/test_delete_zentral_user_cmd.py
@@ -2,7 +2,7 @@
 from unittest.mock import patch
 from django.core.management import call_command
 from django.test import TestCase
-from accounts.models import User
+from accounts.models import APIToken, User
 
 
 class DeleteZentralUserTestCase(TestCase):
@@ -26,8 +26,9 @@ def test_delete_user_zero_users(self, sys_exit):
         self.assertEqual(stderr, "0 users deleted\n")
 
     def test_delete_one_user(self):
-        User.objects.create_user("yolo", "fomo@example.com")
+        user = User.objects.create_user("yolo", "fomo@example.com")
+        APIToken.objects.update_or_create_for_user(user),
         stdout, stderr = self.call_command("yolo")
-        self.assertEqual(stdout, "1 user(s) deleted\n")
+        self.assertEqual(stdout, "1 user deleted\n")
         self.assertEqual(stderr, "")
         self.assertFalse(User.objects.filter(username="yolo").exists())