def test_change_second_user(session, client):
with session() as session:
new_user_1 = register_user(session, 'sabmiller',
'ColdAsTheRockies', 'Coors', 'Light')
session.add(new_user_1)
session.commit()
perm = set_user_permission(session, 'admin', new_user_1.id)
session.add(perm)
session.commit()
new_user_2 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_2)
session.commit()
perm_2 = set_user_permission(session, 'user', new_user_2.id)
session.add(perm_2)
session.commit()
user_permission = session.query(Permission).filter_by(
name='user').first()
admin_permission = session.query(Permission).filter_by(
name='admin').first()
user_perm_2 = session.query(UserPermission).filter_by(
user_id=new_user_2.id).first()
assert user_perm_2.permission_id == user_permission.id
change_user_permission(session, new_user_2.id)
session.commit()
assert user_perm_2.permission_id == admin_permission.id
change_user_permission(session, new_user_2.id)
session.commit()
assert user_perm_2.permission_id == user_permission.id
def test_is_admin(session, client):
with session() as session:
new_user_1 = register_user(session, 'especial1925', 'ABInBev',
'Grupo', 'Modelo')
session.add(new_user_1)
session.commit()
# First user must always be admin even though we are asking for user
perm_1 = set_user_permission(session, 'user', new_user_1.id)
session.add(perm_1)
session.commit()
test_with_authenticated_user(session)
admin = is_admin(session, new_user_1)
assert admin
new_user_2 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_2)
session.commit()
perm_2 = set_user_permission(session, 'admin', new_user_2.id)
session.add(perm_2)
session.commit()
# Now that there is a second user, change first user to 'user'
change_user_permission(session, new_user_1.id)
session.commit()
admin = is_admin(session, new_user_1)
assert not admin
def test_set_user_permission_multiple_users(session, client):
with session() as session:
user = register_user(session, 'diageo', 'St._Jamess_Gate_Dublin',
'Arthur', 'Guinness')
session.add(user)
session.commit()
perm = set_user_permission(session, 'admin', user.id)
session.add(perm)
session.commit()
admin_perm = session.query(Permission).filter_by(
name='admin').first()
user_perm = session.query(UserPermission).filter_by(
user_id=user.id).first()
assert admin_perm.id == user_perm.permission_id
new_user_2 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_2)
session.commit()
perm_2 = set_user_permission(session, 'user', new_user_2.id)
session.add(perm_2)
session.commit()
user_permission = session.query(Permission).filter_by(
name='user').first()
user2_perm = session.query(UserPermission).filter_by(
user_id=new_user_2.id).first()
assert user_permission.id == user2_perm.permission_id
def test_register_already_exists(session):
with session() as session:
with pytest.raises(Exception) as exc:
new_user = register_user(session, 'cmorgan',
'LiveLikeTheCaptain', 'Captain',
'Morgan')
session.add(new_user)
session.commit()
register_user(session, 'cmorgan', 'LiveLikeTheCaptain',
'Captain', 'Morgan')
assert str(exc.value) == 'Username already used'
def test_get_all_users(session):
with session() as session:
new_user_1 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_1)
session.commit()
new_user_2 = register_user(session, 'especial1925', 'ABInBev',
'Grupo', 'Modelo')
session.add(new_user_2)
session.commit()
users = get_all_users(session)
assert type(users) == list
assert len(users) == 2
assert new_user_1 in users and new_user_2 in users
def test_valid_user(session):
with session() as session:
new_user = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user)
session.commit()
user = get_user(session, 'anheuserbusch', 'DillyDilly')
assert type(user) == User
assert user.first_name == 'Bud'
assert user.last_name == 'Light'
assert user.username == 'anheuserbusch'
def test_password_hashed(session):
with session() as session:
new_user = register_user(session, 'cmorgan', 'LiveLikeTheCaptain',
'Captain', 'Morgan')
session.add(new_user)
session.commit()
user = session.query(User).filter_by(username='******').first()
assert user.first_name == 'Captain'
assert user.last_name == 'Morgan'
assert user.username == 'cmorgan'
assert user.password != 'LiveLikeTheCaptain'
def test_get_user_with_permissions(session, client):
with session() as session:
new_user_1 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_1)
session.commit()
perm_1 = set_user_permission(session, 'admin', new_user_1.id)
session.add(perm_1)
session.commit()
new_user_2 = register_user(session, 'especial1925', 'ABInBev',
'Grupo', 'Modelo')
session.add(new_user_2)
session.commit()
perm_2 = set_user_permission(session, 'user', new_user_2.id)
session.add(perm_2)
session.commit()
user = get_user_with_permissions(session, new_user_1.id)
assert new_user_1 in user
assert perm_1 in user
assert user.User.first_name == 'Bud'
assert user.Permission.name == 'admin'
def test_delete_user(session):
with session() as session:
new_user = register_user(session, 'sabmiller', 'ColdAsTheRockies',
'Coors', 'Light')
session.add(new_user)
session.commit()
assert len(session.query(User).all()) == 1
assert delete_user(session, new_user.id)
assert len(session.query(User).all()) == 0
# Bad session provided
assert not delete_user(session.query, 1)
def test_user_typing(session):
with app.app_context():
with app.test_request_context():
with session() as session_s:
new_user = register_user(session_s, 'anheuserbusch',
'DillyDilly', 'Bud', 'Light')
session_s.add(new_user)
session_s.commit()
login_user(new_user)
request.sid = 10
request.namespace = 'Namespace'
f_session['name'] = 'Alex'
typing('A user joined')
def test_get_all_users_with_permissions(session, client):
with session() as session:
new_user_1 = register_user(session, 'anheuserbusch', 'DillyDilly',
'Bud', 'Light')
session.add(new_user_1)
session.commit()
perm_1 = set_user_permission(session, 'admin', new_user_1.id)
session.add(perm_1)
session.commit()
new_user_2 = register_user(session, 'especial1925', 'ABInBev',
'Grupo', 'Modelo')
session.add(new_user_2)
session.commit()
perm_2 = set_user_permission(session, 'user', new_user_2.id)
session.add(perm_2)
session.commit()
users = get_all_users_with_permissions(session)
assert new_user_1 in users[0] or new_user_1 in users[1]
assert new_user_2 in users[0] or new_user_2 in users[1]
assert perm_1 in users[0] or perm_1 in users[1]
assert perm_2 in users[0] or perm_2 in users[1]
assert len(users) == 2
def test_change_only_admin(session, client):
with session() as session:
user = register_user(session, 'diageo', 'St._Jamess_Gate_Dublin',
'Arthur', 'Guinness')
session.add(user)
session.commit()
perm = set_user_permission(session, 'admin', user.id)
session.add(perm)
session.commit()
with pytest.raises(Exception) as exc:
change_user_permission(session, user.id)
assert str(exc.value) == 'Cannot remove last admin'
def test_user_already_registered(client, session):
with session() as session:
new_user = register_user(
session, 'sabmiller', 'ColdAsTheRockies', 'Coors', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
data = {'username': '******', 'password': '******',
'password_conf': 'ColdAsTheRockies', 'first_name': 'Coors', 'last_name': 'Light'}
resp = client.post('/register', data=data, follow_redirects=True)
assert b'Username already used' in resp.data
def test_delete_user_bad_json(client, session):
with session() as session:
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
resp = client.delete('/admin', json={'bad_key': new_user.id})
assert resp.status_code == 400
assert resp.json == {'msg': 'A known value was not supplied'}
def test_delete_user(client, session):
with session() as session:
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
new_user = register_user(
session, 'especial1925', 'ABInBev', 'Grupo', 'Modelo')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'user', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
delete_id = new_user.id
resp = client.delete('/admin', json={'user': delete_id})
assert resp.status_code == 200
assert resp.json == {
'msg': f'User with ID {delete_id} successfully deleted'}
def test_patch_user(client, session):
with session() as session:
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
new_user = register_user(
session, 'especial1925', 'ABInBev', 'Grupo', 'Modelo')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'user', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
user_id = new_user.id
resp = client.patch('/admin', json={'user': user_id})
assert resp.status_code == 200
assert resp.json == {
'msg': f'User permissions changed for ID {user_id}'}
def test_home_logged_in(client, session):
with session() as session:
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
data = {'username': '******',
'password': '******', 'room': 'AFakeRoom'}
resp = client.post('/', data=data, follow_redirects=True)
assert resp.status_code == 200
assert b'<title>Socks Chat | Chat</title>' in resp.data
assert b'AFakeRoom' in resp.data
with client.session_transaction() as session:
assert session.get('name', '') == 'Bud Light'
assert session.get('room', '') == 'AFakeRoom'
def test_set_user_permission(session, client):
with session() as session:
user = register_user(session, 'diageo', 'St._Jamess_Gate_Dublin',
'Arthur', 'Guinness')
session.add(user)
session.commit()
perm = set_user_permission(session, 'admin', user.id)
session.add(perm)
session.commit()
admin_perm = session.query(Permission).filter_by(
name='admin').first()
user_perm = session.query(UserPermission).filter_by(
user_id=user.id).first()
assert user_perm.permission_id == admin_perm.id
def test_patch_control(client, session):
from app.main.admin import get_admin_control_by_name
with session() as session:
control_id = get_admin_control_by_name(session, 'new_users').id
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
resp = client.patch('/admin', json={'control': control_id})
assert resp.status_code == 200
assert resp.json == {
'msg': f'Control ID: {control_id} successfull changed'}
def test_admin_page(client, session):
with session() as session:
new_user = register_user(
session, 'sabmiller', 'ColdAsTheRockies', 'Coors', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'admin', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
resp = client.get('/admin')
assert b'<title>Socks Chat | Admin</title>' in resp.data
assert b'''<span class="horizontal">
new_users''' in resp.data
assert b'''sabmiller''' in resp.data
assert b'''Coors Light''' in resp.data
assert b'''<span class="horizontal">\n new_users''' in resp.data
def test_user_already_logged_in(client, session):
with session() as session:
new_user = register_user(
session, 'anheuserbusch', 'DillyDilly', 'Bud', 'Light')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'user', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
with client.session_transaction() as f_session:
f_session['username'] = '******'
f_session['name'] = 'Bud Light'
f_session['room'] = 'ABInBev'
resp = client.get('/', follow_redirects=True)
assert b'<title>Socks Chat | Chat</title>' in resp.data
def test_patch_user_bad_json(client, session):
with session() as session:
new_user = register_user(
session, 'especial1925', 'ABInBev', 'Grupo', 'Modelo')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'user', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
user_id = new_user.id
with patch('app.main.routes.routes.change_user_permission', side_effect=BaseException('user_permission_err')):
resp = client.patch(
'/admin', json={'bad_key': user_id}, follow_redirects=True)
assert resp.status_code == 400
assert resp.json == {'msg': 'A known value was not supplied'}
def test_patch_control_exception(client, session):
from app.main.admin import get_admin_control_by_name
with session() as session:
control_id = get_admin_control_by_name(session, 'new_users').id
new_user = register_user(
session, 'especial1925', 'ABInBev', 'Grupo', 'Modelo')
session.add(new_user)
session.commit()
perm = set_user_permission(session, 'user', new_user.id)
session.add(perm)
session.commit()
test_with_authenticated_user(session)
with patch('app.main.routes.routes.get_admin_control_by_id', side_effect=Exception('admin_switch_err')):
resp = client.patch(
'/admin', json={'control': control_id}, follow_redirects=True)
assert resp.status_code == 500
assert resp.json == {
'msg': 'Something went wrong changing the control'}
def register():
admin = is_admin(g.session, current_user)
form = RegisterForm()
# Check if 'new_users' is turned on or off
if not get_admin_control_by_name(g.session, 'new_users').value:
return render_template(
'register.html',
form=form,
admin=admin,
msg='New user registration has been disabled at this time',
svg=Markup(svg_contents('./app/static/socks.svg')))
if request.method == 'GET':
return render_template('register.html',
form=form,
svg=Markup(
svg_contents('./app/static/socks.svg')))
elif request.method == 'POST':
if form.validate_on_submit():
username = request.form.get('username')
password = request.form.get('password')
password_conf = request.form.get('password_conf')
first_name = request.form.get('first_name')
last_name = request.form.get('last_name')
if password != password_conf:
return render_template(
'register.html',
form=form,
admin=admin,
msg='Passwords did not match',
svg=Markup(svg_contents('./app/static/socks.svg')))
try:
new_user = register_user(g.session, username, password,
first_name, last_name)
try:
# add the new user to the database
g.session.add(new_user)
g.session.commit()
except:
g.session.rollback()
raise Exception('Error adding new user')
# Set user's role as 'user'
user_permission = set_user_permission(g.session, 'user',
new_user.id)
try:
# add the new user's related permission to the database
g.session.add(user_permission)
g.session.commit()
except:
g.session.rollback()
raise Exception('Error setting user permissions')
except Exception as err:
return render_template(
'register.html',
form=form,
admin=admin,
msg=str(err),
svg=Markup(svg_contents('./app/static/socks.svg')))
except:
return render_template(
'register.html',
form=form,
admin=admin,
msg=f'Unexpected error: {sys.exc_info()[0]}',
svg=Markup(svg_contents('./app/static/socks.svg')))
else:
return render_template('register.html',
form=form,
admin=admin,
msg='Not all required fields provided',
svg=Markup(
svg_contents('./app/static/socks.svg')))
flash('Registration successful')
return redirect(url_for('.index'))
def test_register_unique(session):
with session() as session:
resp = register_user(session, 'cmorgan', 'LiveLikeTheCaptain',
'Captain', 'Morgan')
assert type(resp) == User
