Org applications can now only be made by a user when a program allows it.
To do this a new access_type has been added called apply. This ensures that users can only used the seeded version of create.
Also the review_overview now has his own access type to ensure the separability of hosts for different sponsors in case of org app reviews.
Note that the access checks for hosts are broken and only give access to developers at the moment.
Patch by: Lennard de Rijk
Reviewed by: to-be-reviewed
TOKEN_GENERATOR_TESTS = """
>>> from django.contrib.auth.models import User, AnonymousUser
>>> from django.contrib.auth.tokens import PasswordResetTokenGenerator
>>> from django.conf import settings
>>> u = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
>>> p0 = PasswordResetTokenGenerator()
>>> tk1 = p0.make_token(u)
>>> p0.check_token(u, tk1)
True
Tests to ensure we can use the token after n days, but no greater.
Use a mocked version of PasswordResetTokenGenerator so we can change
the value of 'today'
>>> class Mocked(PasswordResetTokenGenerator):
... def __init__(self, today):
... self._today_val = today
... def _today(self):
... return self._today_val
>>> from datetime import date, timedelta
>>> p1 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS))
>>> p1.check_token(u, tk1)
True
>>> p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1))
>>> p2.check_token(u, tk1)
False
"""