From 15e947fa14e8b2feb4d650c7ec610682ee98c206 Mon Sep 17 00:00:00 2001 From: Andrzej Pragacz Date: Wed, 23 Mar 2022 11:32:13 +0100 Subject: [PATCH] Add REGISTER_FLOW_ENABLED setting (#186) --- rest_registration/api/views/register.py | 2 ++ rest_registration/settings_fields.py | 10 +++++++++ tests/api/views/register/test_register.py | 26 +++++++++++++++++++++-- 3 files changed, 36 insertions(+), 2 deletions(-) diff --git a/rest_registration/api/views/register.py b/rest_registration/api/views/register.py index dc40b6d..de420e0 100644 --- a/rest_registration/api/views/register.py +++ b/rest_registration/api/views/register.py @@ -31,6 +31,8 @@ def register(request): ''' Register new user. ''' + if not registration_settings.REGISTER_FLOW_ENABLED: + raise Http404() serializer_class = registration_settings.REGISTER_SERIALIZER_CLASS serializer = serializer_class(data=request.data, context={'request': request}) serializer.is_valid(raise_exception=True) diff --git a/rest_registration/settings_fields.py b/rest_registration/settings_fields.py index 65ebe62..9d4fd8a 100644 --- a/rest_registration/settings_fields.py +++ b/rest_registration/settings_fields.py @@ -66,6 +66,16 @@ def __new__( ] REGISTER_SETTINGS_FIELDS = [ + Field( + 'REGISTER_FLOW_ENABLED', + default=True, + help=dedent("""\ + If enabled, then users are able to register (create new account). + + One can disable it if for instance accounts should not be registered + by external users but rather should be created only by admin user. + """), + ), Field( 'REGISTER_SERIALIZER_CLASS', default='rest_registration.api.serializers.DefaultRegisterUserSerializer', # noqa: E501, diff --git a/tests/api/views/register/test_register.py b/tests/api/views/register/test_register.py index 2c6d1e3..73fad03 100644 --- a/tests/api/views/register/test_register.py +++ b/tests/api/views/register/test_register.py @@ -9,9 +9,16 @@ from rest_framework import status from rest_registration.signers.register import RegisterSigner -from tests.helpers.api_views import assert_response_status_is_created +from tests.helpers.api_views import ( + assert_response_is_not_found, + assert_response_status_is_created +) from tests.helpers.constants import REGISTER_VERIFICATION_URL, VERIFICATION_FROM_EMAIL -from tests.helpers.email import assert_one_email_sent, capture_sent_emails +from tests.helpers.email import ( + assert_no_email_sent, + assert_one_email_sent, + capture_sent_emails +) from tests.helpers.settings import override_rest_registration_settings from tests.helpers.text import assert_one_url_line_in_text from tests.helpers.timer import capture_time @@ -432,6 +439,21 @@ def test_ok_when_faulty_verification_template_selector( assert_valid_register_verification_email(sent_email, user, timer) +@pytest.mark.django_db +@override_rest_registration_settings({ + 'REGISTER_FLOW_ENABLED': False, +}) +def test_fail_when_register_flow_disabled( + settings_with_register_verification, + api_view_provider, api_factory): + data = _get_register_user_data(password='testpassword') + request = api_factory.create_post_request(data) + with capture_sent_emails() as sent_emails: + response = api_view_provider.view_func(request) + assert_response_is_not_found(response) + assert_no_email_sent(sent_emails) + + def assert_user_state_matches_data(user, data, verified=False): assert user.username == data['username'] assert user.email == data['email']