Beispiel #1
0
def test_must_not_let_admin_set_role_to_admin():
    email = '[email protected]&role=admin'

    r = encode_query(
        profile_for(email)
    )

    e = 'role=user&[email protected]&role=admin&uid=10'

    assert(e != r)
    assert(2 == r.count('&'))
    assert(3 == r.count('='))
Beispiel #2
0
def encode_profile(profile):
    """Encode the profile so the order of the keys is fixed to email, uid, role

    :param profile: The profile to encode
    :returns: The profile query string
    :rtype: str

    """

    query = []
    for i in ['email', 'uid', 'role']:
        query.append(encode_query({i: profile[i]}))
    return '&'.join(query)
Beispiel #3
0
def test_encode_query_works_for_ints():
    i = {'foo': 'bar', 'uid': 2, 'zap': 'zaz&zle'}
    e = 'foo=bar&uid=2&zap=zazzle'

    assert (e == encode_query(i))
Beispiel #4
0
def test_encode_query_removes_given_characters():
    i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zaz-_zle'}
    e = 'foo=bar&baz=qux&zap=zazzle'

    assert (e == encode_query(i, remove='_-'))
Beispiel #5
0
def test_encode_query_removes_ambersand():
    i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zaz&zle'}
    e = 'foo=bar&baz=qux&zap=zazzle'

    assert (e == encode_query(i))
Beispiel #6
0
def test_encode_query():
    i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zazzle'}
    e = 'foo=bar&baz=qux&zap=zazzle'

    assert (e == encode_query(i))
Beispiel #7
0
def test_profile_encoding():
    profile = profile_for('*****@*****.**')
    e = 'role=user&[email protected]&uid=10'
    r = encode_query(profile)
    assert(e == r)