Develop tests and document '/api​/accounts​/activate​/'

Fix #226
Changes to be committed:
	modified:   api/scripts/method_specific/GET_activate_account.py
	modified:   api/scripts/utilities/DbUtils.py
	modified:   api/views.py
	new file:   tests/test_views/test_api_account_activate.py
	modified:   tests/test_views/test_api_account_new.py

Author: HadleyKing

api/scripts/method_specific/GET_activate_account.py

@@ -29,7 +29,6 @@ def GET_activate_account(username, temp_identifier):
         An HttpResponse that allows its data to be rendered into
         arbitrary media types.
     """
-    # Activate an account that is stored in the temporary table.
 
     db_utils = DbUtils.DbUtils()
 
@@ -46,24 +45,9 @@ def GET_activate_account(username, temp_identifier):
         credential_try = db_utils.activate_account(p_email=username)
 
         if len(credential_try) > 0:
-            # Everything went fine.
-            return Response(
-                {
-                    "activation_success": True,
-                    "activation_url": settings.PUBLIC_HOSTNAME + "/login/",
-                    "username": credential_try[0],
-                    "status": status.HTTP_201_CREATED,
-                },
-                status=status.HTTP_201_CREATED,
-            )
+            return Response(status=status.HTTP_200_OK,)
 
         # The credentials weren't good.
-        return Response(
-            {"activation_success": False, "status": status.HTTP_403_FORBIDDEN},
-            status=status.HTTP_403_FORBIDDEN,
-        )
+        return Response(status=status.HTTP_403_FORBIDDEN)
 
-    return Response(
-        {"activation_success": False, "status": status.HTTP_424_FAILED_DEPENDENCY},
-        status=status.HTTP_424_FAILED_DEPENDENCY,
-    )
+    return Response(status=status.HTTP_403_FORBIDDEN)

api/scripts/utilities/DbUtils.py

@@ -377,6 +377,7 @@ def activate_account(self, p_email):
 
         # Save the user.
         user.save()
+
         # Automatically add the user to the bco_drafter and bco_publisher groups.
         user.groups.add(Group.objects.get(name="bco_drafter"))
         user.groups.add(Group.objects.get(name="bco_publisher"))

api/views.py

@@ -138,9 +138,13 @@ class ApiAccountsActivateUsernameTempIdentifier(APIView):
 
     --------------------
 
-    This is a request to activate a new account.  This is open to anyone to
-    activate a new account, as long as they have a valid token generated by this host.  This allows
-    other users to act as the verification layer in addition to the system.
+    This endpoint is a GET request to activate a new account.  
+    To activate an account during registration we receive an email or a
+    temporary identifier to authenticate and activate account. This endpoint
+    will check the validity of the provided temporary identifier for a specific
+    user account. This is open to anyone to activate a new account, as long as
+    they have a valid token generated by this host.  This allows other users
+    to act as the verification layer in addition to the system.
 
     """
 
@@ -174,18 +178,15 @@ class ApiAccountsActivateUsernameTempIdentifier(APIView):
     @swagger_auto_schema(
         manual_parameters=auth,
         responses={
-            201: "Account has been authorized.",
-            208: "Account has already been authorized.",
+            200: "Account has been activated.",
             403: "Requestor's credentials were rejected.",
-            424: "Account has not been registered.",
         },
         tags=["Account Management"],
     )
     def get(self, request, username: str, temp_identifier: str):
         check_get(request)
         checked = None
         if checked is None:
-            # Pass the request to the handling function
             return GET_activate_account(
                 username=username, temp_identifier=temp_identifier
             )

tests/test_views/test_api_account_activate.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+
+"""Test Account Activation 
+Test for '200: Account has been authorized.', '404: Credentials not found.',
+and '403: Requestor's credentials were rejected.'
+"""
+
+import time
+from django.test import TestCase, Client
+
+class ApiAccountsActivateTestCase(TestCase):
+    fixtures = ['tests/fixtures/test_data']
+
+    def setUp(self):
+        self.client = Client()
+        data = {
+            'hostname': 'UserDB',
+            'email': '[email protected]',
+            'token': 'SampleToken'
+        }
+        
+        self.initial_response = self.client.post('/api/accounts/new/', data=data).json()
+
+    def test_account_activated_forbidden(self):
+        """Test for '403: Requestor's credentials were rejected.'
+        """
+
+        bad_link = self.initial_response['activation_link']+ "bad_content"
+        response = self.client.get(bad_link)
+        self.assertEqual(response.status_code, 403)

tests/test_views/test_api_account_new.py

@@ -1,7 +1,9 @@
 #!/usr/bin/env python3
 
-"""Add Account
-Tests for 
+"""New Account 
+Test for '201: Account creation request is successful.', '400: Bad
+request format.', and '409: Account has already been authenticated or
+requested.'
 """
 
 from django.test import TestCase, Client