From 341ea2d54db4a91d558e3dbb064a163b55583c01 Mon Sep 17 00:00:00 2001
From: Sam <samuel.molina@enreda.coop>
Date: Fri, 12 Mar 2021 10:39:17 +0000
Subject: [PATCH] create_company_user endpoint open for auth and anon users

---
 back_latienda/permissions.py |  1 +
 core/tests.py                | 51 ++++++++++++++++++++++++++++++++++--
 core/views.py                |  2 +-
 3 files changed, 51 insertions(+), 3 deletions(-)

diff --git a/back_latienda/permissions.py b/back_latienda/permissions.py
index 1d1cf51..4d9cb9f 100644
--- a/back_latienda/permissions.py
+++ b/back_latienda/permissions.py
@@ -85,3 +85,4 @@ class YourOwnUserPermissions(permissions.BasePermission):
             return True
         else:
             return False
+
diff --git a/core/tests.py b/core/tests.py
index 2ed7ca1..840a5a1 100644
--- a/core/tests.py
+++ b/core/tests.py
@@ -535,11 +535,58 @@ class CreateCompanyUserTest(APITestCase):
         # create user
         self.email = "user@mail.com"
         self.password = ''.join(random.choices(string.ascii_uppercase, k = 10))
-        self.user = self.factory(email=self.email, is_active=False)
+        self.user = self.factory(email=self.email, is_active=True)
         self.user.set_password(self.password)
         self.user.save()
 
-    def test_succesful_creation(self):
+    def test_auth_user_can_create(self):
+        # instances data
+        data = {
+            'user': {
+                'email': 'test@email.com',
+                'full_name': 'TEST NAME',
+                'password': 'VENTILADORES1234499.89',
+            },
+            'company': {
+                'cif': 'qwerewq',
+                'company_name': 'qwerewq',
+                'short_name': 'qwerewq',
+                'web_link': 'http://qwerewq.com',
+                'shop': True,
+                'shop_link': 'http://qwerewq.com',
+                'platform': 'PRESTASHOP',
+                'email': 'test@email.com',
+                'logo': None,
+                'city': None,
+                'address': 'qwer qewr 5',
+                'geo': {'longitude': 1.0, 'latitude': 1.0},
+                'phone': '1234',
+                'mobile': '4321',
+                'other_phone': '41423',
+                'description': 'dfgfdgdfg',
+                'shop_rss_feed': 'http://qwerewq.com',
+                'sale_terms': 'tewrnmfew f ewfrfew ewewew f',
+                'shipping_cost': '12.25',
+                'sync': False
+            }
+        }
+
+        # Authenticate
+        token = get_tokens_for_user(self.user)
+        self.client.credentials(HTTP_AUTHORIZATION=f"Bearer {token['access']}")
+
+        response = self.client.post(self.endpoint, data=data, format='json')
+
+        self.assertEquals(response.status_code, 201)
+        self.assertEquals(len(mail.outbox), 1)
+        # user exists and it's inactice
+        self.assertTrue(self.model.objects.get(email='test@email.com'))
+        self.assertFalse(self.model.objects.get(email='test@email.com').is_active)
+        self.assertTrue(Company.objects.get(cif='qwerewq'))
+        # assert verification email
+        self.assertTrue(len(mail.outbox) == 1)
+
+    def test_anon_user_can_create(self):
         data = {
             'user': {
                 'email': 'test@email.com',
diff --git a/core/views.py b/core/views.py
index bc9afd0..a1acef1 100644
--- a/core/views.py
+++ b/core/views.py
@@ -104,7 +104,7 @@ class ChangeUserPasswordView(UpdateAPIView):
 
 
 @api_view(['POST',])
-@permission_classes([CustomUserPermissions,])
+@permission_classes([AllowAny])
 def create_company_user(request):
     """
     Create non-validated company and associated managing user