def test_check_password(self): user = User(password="******") assert user.password != "test" assert not user.check_password("test!") assert user.check_password("test")
def test_can_delete(self): assert not self.comment.permissions.delete.allows(AnonymousIdentity()) identity = Identity(self.user.id) identity.provides.update(self.user.provides) assert self.comment.permissions.delete.allows(identity) user = User(username="******", email="*****@*****.**") db.session.add(user) db.session.commit() identity = Identity(user.id) assert not self.comment.permissions.delete.allows(identity) user.role = User.MODERATOR identity.provides.update(user.provides) assert self.comment.permissions.delete.allows(identity) user.role = User.ADMIN del user.provides identity.provides.update(user.provides) assert self.comment.permissions.delete.allows(identity)
def test_check_openid(self): user = User(openid="google") assert user.openid != "google" assert not user.check_openid("test") assert user.check_openid("google")
def test_follow(self): user = User(username="******", email="*****@*****.**") db.session.add(user) assert user.get_following().count() == 0 user2 = User(username="******", email="*****@*****.**") db.session.add(user2) assert user2.get_followers().count() == 0 db.session.commit() user.follow(user2) db.session.commit() assert user.get_following().count() == 1 assert user.get_following().first().id == user2.id assert user2.get_followers().count() == 1 assert user2.get_followers().first().id == user.id
def test_can_delete(self): assert not self.post.permissions.delete.allows(AnonymousIdentity()) identity = Identity(self.user.id) identity.provides.update(self.user.provides) assert self.post.permissions.delete.allows(identity) user = User(username="******", email="*****@*****.**") db.session.add(user) db.session.commit() identity = Identity(user.id) assert not self.post.permissions.delete.allows(identity) user.role = User.MODERATOR identity.provides.update(user.provides) assert self.post.permissions.delete.allows(identity) user.role = User.ADMIN del user.provides identity.provides.update(user.provides) assert self.post.permissions.delete.allows(identity)
def test_gravatar(self): user = User() assert user.gravatar == '' user = User(email="*****@*****.**") assert user.gravatar == "f40aca99b2ca1491dbf6ec55597c4397"
def test_following(self): user = User() assert user.following == set() user.following = set([1]) assert user.following == set([1])
def test_followers(self): user = User() assert user.followers == set() user.followers = set([1]) assert user.followers == set([1])
def test_gravatar_url(self): user = User() assert user.gravatar_url(80) == '' user = User(email="*****@*****.**") assert user.gravatar_url(80) == \ "http://www.gravatar.com/avatar/f40aca99b2ca1491dbf6ec55597c4397.jpg?s=80"
def test_is_friend(self): user = User(username="******", email="*****@*****.**") db.session.add(user) assert user.get_following().count() == 0 user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() assert not user.is_friend(user2) assert not user2.is_friend(user) user.follow(user2) db.session.commit() assert not user.is_friend(user2) assert not user2.is_friend(user)
def test_restricted(self): db.session.delete(self.post) db.session.delete(self.comment) user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) post = Post(title="test", author=user, access=Post.PRIVATE) db.session.add(post) db.session.commit() comment = Comment(author=user, post=post, comment="test") db.session.add(comment) db.session.commit() assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 0 assert Comment.query.restricted(user2).count() == 0 post.access = Post.PUBLIC db.session.commit() posts = Post.query.restricted(user) assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 1 assert Comment.query.restricted(user2).count() == 1 post.access = Post.FRIENDS db.session.commit() assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 0 assert Comment.query.restricted(user2).count() == 0 user2.follow(user) user.follow(user2) db.session.commit() assert Comment.query.restricted(user2).count() == 1
def signup(): if 'openid' not in session: abort(403) form = OpenIdSignupForm(next=request.args.get("next"), username=request.args.get("name"), email=request.args.get("email")) if form.validate_on_submit(): user = User(openid=session.pop('openid')) form.populate_obj(user) db.session.add(user) db.session.commit() session.permanent = True identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %%s") % user.username, "success") next_url = form.next.data or \ url_for("user.posts", username=user.username) return redirect(next_url) return render_template("openid/signup.html", form=form)
def signup(): form = SignupForm(next=request.args.get("next")) if form.validate_on_submit(): user = User() form.populate_obj(user) db.session.add(user) db.session.commit() identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) flash(_("Welcome, %(name)s", name=user.username), "success") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for('user.posts', username=user.username) return redirect(next_url) return render_template("account/signup.html", form=form)
def test_delete_post_logged_in_as_admin(self): user = self.create_user(False) admin_user = User(username="******", email="*****@*****.**", password="******", role=User.ADMIN) db.session.add(admin_user) db.session.commit() self.login(login="******", password="******") post = Post(author=user, title="test", description="test") db.session.add(post) db.session.commit() with mail.record_messages() as outbox: response = self.client.post("/post/%d/delete/" % post.id) assert response.json['success'] assert Post.query.count() == 0 assert len(outbox) == 1
def test_can_vote(self): assert not self.post.permissions.vote.allows(AnonymousIdentity()) identity = Identity(self.user.id) identity.provides.update(self.user.provides) assert not self.post.permissions.vote.allows(identity) user = User(username="******", email="*****@*****.**") db.session.add(user) db.session.commit() identity = Identity(user.id) identity.provides.update(user.provides) assert self.post.permissions.vote.allows(identity) votes = self.post.votes votes.add(user.id) self.post.votes = votes del self.post.permissions assert not self.post.permissions.vote.allows(identity)
def test_login(self): response = self.client.get("/acct/login/") self.assert_200(response) response = self.client.post("/acct/login/", data={"login" : "tester", "password" : "test"}) self.assert_200(response) assert "invalid login" in response.data user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) db.session.commit() response = self.client.post("/acct/login/", data={"login" : "tester", "password" : "test"}) self.assert_redirects(response, "/user/tester/") response = self.client.post("/acct/login/", data={"login" : "tester", "password" : "test", "next" : "/submit/"}) self.assert_redirects(response, "/submit/")
def create_user(self): user = User(username="******", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() return user
def create_user(self, login=False): user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) db.session.commit() if login: self.login(login="******", password="******") return user
def test_submit_logged_in(self): user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) db.session.commit() self.login(login="******", password="******") response = self.client.get("/submit/") self.assert_200(response)
def test_restricted(self): db.session.delete(self.post) user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) assert user.id post = Post(title="test", author=user, access=Post.PRIVATE) db.session.add(post) db.session.commit() posts = Post.query.restricted(user) assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 0 assert Post.query.restricted(user2).count() == 0 post.access = Post.PUBLIC db.session.commit() posts = Post.query.restricted(user) assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 1 assert Post.query.restricted(user2).count() == 1 post.access = Post.FRIENDS db.session.commit() assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 0 assert Post.query.restricted(user2).count() == 0 user2.follow(user) user.follow(user2) db.session.commit() assert Post.query.restricted(user2).count() == 1
def test_can_access(self): user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) post = Post(title="test", author_id=user.id, access=Post.PRIVATE) assert post.can_access(user) assert post.can_access(admin) assert not post.can_access(user2) assert not post.can_access(None) post.access = Post.PUBLIC assert post.can_access(user) assert post.can_access(admin) assert post.can_access(user2) assert post.can_access(None) post.access = Post.FRIENDS assert post.can_access(user) assert post.can_access(admin) assert not post.can_access(user2) assert not post.can_access(None) user.follow(user2) user2.follow(user) assert post.can_access(user2)
def test_votes(self): comment = Comment() user = User(username="******", email="*****@*****.**") db.session.add(user) db.session.commit() assert comment.votes == set([]) comment.vote(user) assert user.id in comment.votes
def createuser(username=None, password=None, email=None, role=None): """ Create a new user """ if username is None: while True: username = prompt("Username") user = User.query.filter(User.username==username).first() if user is not None: print "Username %s is already taken" % username else: break if email is None: while True: email = prompt("Email address") user = User.query.filter(User.email==email).first() if user is not None: print "Email %s is already taken" % email else: break if password is None: password = prompt_pass("Password") while True: password_again = prompt_pass("Password again") if password != password_again: print "Passwords do not match" else: break roles = ( (User.MEMBER, "member"), (User.MODERATOR, "moderator"), (User.ADMIN, "admin"), ) if role is None: role = prompt_choices("Role", roles, resolve=int, default=User.MEMBER) user = User(username=username, email=email, password=password, role=role) db.session.add(user) db.session.commit() print "User created with ID", user.id
def test_votes(self): assert self.post.votes == set([]) user = User(username="******", email="*****@*****.**") db.session.add(user) db.session.commit() self.post.vote(user) assert user.id in self.post.votes post = Post.query.get(self.post.id) assert user.id in post.votes
def test_edit_comment_not_logged_in_as_author(self): comment = self.create_comment() user = User(username="******", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() self.login(login="******", password="******") response = self.client.get("/comment/%d/edit/" % comment.id) self.assert_403(response)
def test_view_post(self): response = self.client.get("/post/1/") self.assert_404(response) user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) db.session.commit() post = Post(author=user, title="test", description="test") db.session.add(post) db.session.commit() response = self.client.get("/post/%d/" % post.id) self.assert_200(response) for i in xrange(100): user = User(username="******" % i, email="tester=%d.gmail.com" % i, password="******") comment = Comment(post=post, author=user, comment="a comment") db.session.add(user) db.session.add(comment) db.session.commit() response = self.client.get("/post/%d/" % post.id) self.assert_200(response)
def test_authenticate_good_email(self): user = User(username=u"tester", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() auth_user, is_auth = \ User.query.authenticate("*****@*****.**", "test!") assert auth_user.id == user.id assert is_auth
def setUp(self): super(TestPost, self).setUp() self.user = User(username="******", email="*****@*****.**", password="******") db.session.add(self.user) self.post = Post(title="testing", link="http://reddit.com", author=self.user) db.session.add(self.post) db.session.commit()
def test_latest(self): user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) for i in xrange(100): post = Post(author=user, link="http://reddit.com", title="test post") db.session.add(post) db.session.commit()
def create_comment(self): user = User(username="******", email="*****@*****.**", password="******") post = Post(author=user, title="test") comment = Comment(post=post, author=user, comment="test") db.session.add_all([user, post, comment]) db.session.commit() comment_added.send(post) return comment
def test_tag_cloud_with_posts(self): user = User(username="******", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() for i in xrange(20): post = Post(author=user, title="test", tags="Music, comedy, IT crowd") db.session.add(post) db.session.commit() for i in xrange(10): post = Post(author=user, title="test", tags="Twitter, YouTube, funny") db.session.add(post) db.session.commit() post = Post(author=user, title="test", tags="Beer, parties, kegs") db.session.add(post) db.session.commit() assert Tag.query.count() == 9 tags = Tag.query.cloud() for tag in tags: if tag.name in ("it crowd", "music", "comedy"): assert tag.size == 10 elif tag.name in ("twitter", "youtube", "funny"): assert tag.size == 5 elif tag.name in ("beer", "parties", "kegs"): assert tag.size == 1
def test_get_following(self): user = User(username="******", email="*****@*****.**") db.session.add(user) assert user.get_following().count() == 0 user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() user.following = set([user2.id]) assert user.get_following().count() == 1 assert user.get_following().first().id == user2.id assert user.is_following(user2)
def test_edit_existing_post_not_logged_in_as_author(self): post = Post(author=self.create_user(False), title="test", description="test") db.session.add(post) db.session.commit() user = User(username="******", password="******", email="*****@*****.**") db.session.add(user) db.session.commit() self.login(login="******", password="******") response = self.client.get("/post/%d/edit/" % post.id) self.assert_403(response)
def setUp(self): super(TestFeeds, self).setUp() user = User(username="******", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() for i in xrange(20): post = Post(author=user, tags="programming", title="TESTING", description="test") db.session.add(post) db.session.commit()
def test_check_openid_if_password_none(self): user = User() assert not user.check_openid("test")
def test_can_receive_mail(self): user = User(username="******", email="*****@*****.**") db.session.add(user) assert user.get_following().count() == 0 user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() id1 = Identity(user.id) id2 = Identity(user2.id) id1.provides.update(user.provides) id2.provides.update(user2.provides) assert not user.permissions.send_message.allows(id2) assert not user2.permissions.send_message.allows(id1) user.follow(user2) db.session.commit() del user.permissions del user2.permissions assert not user.permissions.send_message.allows(id2) assert not user2.permissions.send_message.allows(id1) user2.follow(user) user.receive_email = True del user.permissions del user2.permissions assert user.permissions.send_message.allows(id2) assert not user2.permissions.send_message.allows(id1) user2.receive_email = True del user.permissions del user2.permissions assert user.permissions.send_message.allows(id2) assert user2.permissions.send_message.allows(id1) user.unfollow(user2) del user.permissions del user2.permissions assert not user.permissions.send_message.allows(id2) assert not user2.permissions.send_message.allows(id1)
def test_add_comment(self): response = self.client.get("/post/1/addcomment/") self.assert_401(response) user = User(username="******", email="*****@*****.**", password="******") db.session.add(user) db.session.commit() self.login(login="******", password="******") response = self.client.get("/post/1/addcomment/") self.assert_404(response) post = Post(author=user, title="test", link="http://reddit.com") db.session.add(post) db.session.commit() response = self.client.get("/post/%d/addcomment/" % post.id) self.assert_200(response) response = self.client.get("/post/%d/1/reply/" % post.id) with mail.record_messages() as outbox: response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"}) assert len(outbox) == 0 comment = Comment.query.first() self.assert_redirects(response, comment.url) # reply to this comment response = self.client.get("/post/%d/%d/reply/" % (post.id, comment.id)) self.assert_200(response) with mail.record_messages() as outbox: response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "hello"}) assert len(outbox) == 0 assert Comment.query.count() == 2 reply = Comment.query.filter(Comment.parent_id == comment.id).first() assert reply.comment == "hello" self.assert_redirects(response, reply.url) # another user user2 = User(username="******", email="*****@*****.**", password="******") db.session.add(user2) db.session.commit() self.login(login="******", password="******") with mail.record_messages() as outbox: response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"}) assert len(outbox) == 0 user.email_alerts = True db.session.add(user) db.session.commit() assert User.query.filter(User.email_alerts == True).count() == 1 with mail.record_messages() as outbox: response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"}) assert len(outbox) == 1 with mail.record_messages() as outbox: response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "testing"}) assert len(outbox) == 1 # double check author doesn't receive own emails self.login(login="******", password="******") with mail.record_messages() as outbox: response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "hello"}) assert len(outbox) == 0