def test_get_spec_apps(self):
        apps = _db_get_spec_apps("http://justatest.com")
        assert len(apps) == 1

        # Add a second spec (which should NOT be retrieved) for further testing.
        app2 = api.create_app("UTApp (1)", "translate", "http://different.com", "{'spec':'http://different.com'}")
        apps = _db_get_spec_apps("http://justatest.com")
        # Should still be 1. The new app is of a different spec.
        assert len(apps) == 1

        # Add a second spec (which should be retrieved) for further testing.
        app2 = api.create_app("UTApp2", "translate", "http://justatest.com", "{'spec':'http://justatest.com'}")
        apps = _db_get_spec_apps("http://justatest.com")
        # Should now be 2.
        assert len(apps) == 2
Ejemplo n.º 2
0
    def test_created_app_persists(self):
        rv = self.login("testuser", "password")

        # import readline # optional, will allow Up/Down/History in the console
        # import code
        # vars = globals().copy()
        # vars.update(locals())
        # shell = code.InteractiveConsole(vars)
        # shell.interact()

        # Create an App for the tests.
        self.tapp = api.create_app("UTApp", "dummy", None, "{}")
        self.tapp = api.get_app_by_name("UTApp")
        api.set_var(self.tapp, "TestVar", "TestValue")

        rv = self.login("testuser", "password")
        app = api.get_app_by_name("UTApp")

        assert app is not None

        vars = api.get_all_vars(app)

        assert len(vars) == 1

        var = vars[0]

        assert var.name == "TestVar"
        assert var.value == "TestValue"
Ejemplo n.º 3
0
    def test_delete_app(self):
        app = api.create_app("UTAppDel", "dummy", "{}")
        assert app is not None

        api.delete_app(app)
        app = api.get_app_by_name("UTAppDel")
        assert app is None
    def test_get_ownerships(self):

        # There should be no ownerships declared on the spec.
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 0

        # We now declare 1 ownership.
        _db_declare_ownership(self.tapp, "test_TEST")
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 1

        # We now create a second app for further testing.
        app2 = api.create_app("UTApp2", "translate", "{'spec':'http://justatest.com'}")
        api.add_var(app2, "spec", "http://justatest.com")

        # Ensure we still have 1 ownership.
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 1

        # Add a second ownership for another language.
        _db_declare_ownership(app2, "testen_TESTEN")
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 2

        # Ensure that the ownerships are right.
        firstOwnership = next(o for o in ownerships if o.value == "test_TEST")
        assert firstOwnership.app == self.tapp
        secondOwnership = next(o for o in ownerships if o.value == "testen_TESTEN")
        assert secondOwnership.app == app2
Ejemplo n.º 5
0
 def setUp(self):
     from appcomposer.appstorage import api
     super(AppCreatedComposerTest, self).setUp()
     try:
         self.tapp = api.create_app("UTApp", "dummy", None, "{}")
     except:
         self.tearDown()
         raise
Ejemplo n.º 6
0
def new():
    next_url = request.args.get('next', '') or request.form.get('next', '')
    name = request.args.get("name")
    if name is None:
        return "Missing parameter: name", 400
    owner = current_user()
    app = create_app(name, owner, "dummy", "{'message':'Hello world'}")
    return "Application created"
    def test_translate_default_autoaccept(self):
        with self.flask_app:
            rv = self.login("testuser", "password")
            app = api.create_app("UTApp", "translate", '{"spec":"http://justatest.com", "bundles":{}}')
            api.add_var(app, "spec", "http://justatest.com")

            # Test that autoaccept is True (it's the default).
            bm = BundleManager.create_from_existing_app(json.loads(app.data))
            assert bm.get_autoaccept() == True
    def test_translate_default_autoaccept(self):
        with self.flask_app:
            rv = self.login("testuser", "password")
            app = api.create_app("UTApp", "translate", "http://justatest.com", '{"spec":"http://justatest.com", "bundles":{}}')

            # Test that autoaccept is True (it's the default).
            full_app_data = load_appdata_from_db(app)
            bm = BundleManager.create_from_existing_app(full_app_data)
            assert bm.get_autoaccept() == True
Ejemplo n.º 9
0
    def test_create_app(self):
        app = api.create_app("UTApp", "dummy", "{}")
        assert app is not None
        assert app.name == "UTApp"

        id = app.unique_id  # TODO: Probably no point for App to have two different unique ids.
        app = None
        app = api.get_app(id)
        assert app is not None
        assert app.name == "UTApp"
        assert app.owner == current_user()
    def test_find_unique_name_for_app(self):
        # There is no conflict, so the name should be exactly the chosen one.
        name = find_unique_name_for_app("UTAPPDoesntExist")
        assert name == "UTAPPDoesntExist"

        # There is a conflict, so the name should include a number, starting at 1.
        name = find_unique_name_for_app("UTApp")
        assert name == "UTApp (1)"

        # We create a new app so that we can force a second conflict.
        app2 = api.create_app("UTApp (1)", "translate", "http://justatest.com", "{'spec':'http://justatest.com'}")
        name = find_unique_name_for_app("UTApp")
        assert name == "UTApp (2)"
    def test_get_diff_specs(self):
        """
        Check that we can retrieve a list of all specs from the DB. Because we don't re-create
        a test DB explicitly, the checks are limited.
        """
        specs = _db_get_diff_specs()
        assert "http://justatest.com" in specs

        app2 = api.create_app("UTApp2", "translate", "ATESTSPEC", "{'spec':'ATESTSPEC'}")

        specs = _db_get_diff_specs()
        assert "http://justatest.com" in specs
        assert "ATESTSPEC" in specs
Ejemplo n.º 12
0
    def setUp(self):
        appcomposer.app.config['DEBUG'] = True
        appcomposer.app.config['TESTING'] = True
        appcomposer.app.config['CSRF_ENABLED'] = False
        appcomposer.app.config["SECRET_KEY"] = 'secret'
        self.flask_app = appcomposer.app.test_client()
        self.flask_app.__enter__()

        self._cleanup()

        self.flask_app.get("/")
        rv = self.login("testuser", "password")

        # Create a test application.
        self.tapp = api.create_app("UTApp", "translate", "http://fake.spec", "{}", False)
Ejemplo n.º 13
0
def new():
    # If we receive a get we just want to show the page.
    if request.method == "GET":
        return render_template("composers/dummy/new.html")
    # If we receive a post we have filled the page and are creating the app.
    elif request.method == "POST":
        name = request.form["name"]

        try:
            app = appstorage.create_app(name, "dummy", data='{"text":""}')
        except appstorage.AppExistsException:
            flash(gettext("An App with that name exists already"), "error")
            return render_template("composers/dummy/new.html", name=name)

        return redirect(url_for("dummy.edit", appid=app.unique_id))
Ejemplo n.º 14
0
    def test_conflicting_composer_proposal(self):
        """
        Check that there is no mistake when there is a conflicting composer using the same appvar names.
        """
        # We now declare add 1 proposal to the app.
        add_var(self.tapp, "proposal", "{}")

        # We now create a non-translate app.
        app2 = api.create_app("UTApp2", "dummy", "{'spec':'http://justatest.com'}")
        # We add 1 proposal to the app with the same spec but different composer type.
        add_var(app2, "proposal", "{}")

        # Get the proposals for our app.
        proposals = _db_get_proposals(self.tapp)
        assert len(proposals) == 1
Ejemplo n.º 15
0
    def setUp(self):
        appcomposer.app.config['DEBUG'] = True
        appcomposer.app.config['TESTING'] = True
        appcomposer.app.config['CSRF_ENABLED'] = False
        appcomposer.app.config["SECRET_KEY"] = 'secret'
        self.flask_app = appcomposer.app.test_client()
        self.flask_app.__enter__()

        rv = self.login("testuser", "password")

        # In case the test failed before, start from a clean state.
        self._cleanup()

        # Create an App for the tests.
        self.tapp = api.create_app("UTApp", "translate", "http://justatest.com", '{"spec":"http://justatest.com"}')
    def test_conflicting_composer(self):
        """
        Check that there is no mistake when there is a conflicting composer using the same appvar names.
        """
        # We now declare 1 ownership.
        _db_declare_ownership(self.tapp, "test_TEST")
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 1

        # We now create a non-translate app.
        app2 = api.create_app("UTApp2", "dummy", "http://justatest.com", "{'spec':'http://justatest.com'}")
        api.add_var(app2, "ownership", "test_TEST")

        # Make sure that even though we added an ownership on an app with the same spec, it won't be
        # taken into account because it is a DUMMY and not a TRANSLATE composer.
        assert len(ownerships) == 1
    def test_delete_is_csrf_protected(self):
        """
        Ensure that app delete is not vulnerable to CSRF exploits.
        """
        # Create utapp1 in utuser1
        with self.flask_app:
            rv = self.login("utuser1", "password")
            assert session["logged_in"] == True
            app = api.create_app("utapp1", "translate", "http://justatest.com", '{"spec":"http://justatest.com", "bundles":{}}')
            self.appid = app.unique_id

        # Try to delete the app with the CSRF enabled.
        flask_instance.config["CSRF_ENABLED"] = True
        rv = self.flask_app.post("/composers/translate/delete", data={"appid": self.appid, "delete": "Delete"},
            follow_redirects=True)
        assert rv.status_code == 400  # We are not complying with the CSRF code, so an error 400 should be returned.
    def test_transfer_ownership(self):
        """
        Tests the method to transfer ownership.
        """
        # We now declare 1 ownership.
        _db_declare_ownership(self.tapp, "test_TEST")
        ownerships = _db_get_ownerships("http://justatest.com")
        assert len(ownerships) == 1
        # We now create a second app for further testing.
        app2 = api.create_app("UTApp2", "translate", "http://justatest.com", "{'spec':'http://justatest.com'}")

        # We transfer the ownership to the second app.
        _db_transfer_ownership("test_TEST", self.tapp, app2)

        # Verify that the ownership has indeed been transferred..
        owner = _db_get_lang_owner_app("http://justatest.com", "test_TEST")
        assert owner == app2
Ejemplo n.º 19
0
    def setUp(self):
        appcomposer.app.config['DEBUG'] = True
        appcomposer.app.config['TESTING'] = True
        appcomposer.app.config['CSRF_ENABLED'] = False
        appcomposer.app.config["SECRET_KEY"] = 'secret'
        self.flask_app = appcomposer.app.test_client()
        self.flask_app.__enter__()

        rv = self.login("testuser", "password")

        # In case the test failed before, start from a clean state.
        self._cleanup()

        # Create an App for the tests.
        self.tapp = api.create_app("UTApp", "translate", '{"spec":"http://justatest.com"}')

        # Because it's a translate app it needs an spec when it is created, and that is in fact required by some of the tests.
        api.add_var(self.tapp, "spec", "http://justatest.com")
    def test_view_other_user_app(self):
        """
        Viewing an app that does not belong to the user SHOULD be allowed.
        """

        # Create utapp1 in utuser1
        with self.flask_app:
            rv = self.login("utuser1", "password")
            assert session["logged_in"] == True
            app = api.create_app("utapp1", "translate", "http://justatest.com", '{"spec":"http://justatest.com", "bundles":{}}')
            self.appid = app.unique_id

        # Login as utuser2 to check whether he can indeed view the app.
        # It SHOULD be view-able by anyone.
        rv = self.login("utuser2", "password")
        rv = self.flask_app.get("/composers/translate/selectlang?appid="+self.appid)
        assert rv.status_code == 200
        assert "utapp1" in rv.data
    def test_delete_other_user_app(self):
        """
        Deleting an app that does not belong to the user SHOULD NOT be allowed (and return a 401 error).
        """

        # Create utapp1 in utuser1
        with self.flask_app:
            rv = self.login("utuser1", "password")
            app = api.create_app("utapp1", "translate", "http://justatest.com", '{"spec":"http://justatest.com"}')
            self.appid = app.unique_id

        # Login as utuser2 to check whether he can indeed view the app.
        # It SHOULD be view-able by anyone.
        with self.flask_app:
            rv = self.login("utuser2", "password")
            rv = self.flask_app.post("/composers/translate/delete", data={"appid": app.unique_id, "delete": "Delete"}, follow_redirects=True)
            assert rv.status_code == 401  # Make sure deletion is NOT ALLOWED from a different user.
            app = db.session.query(App).filter_by(unique_id=self.appid)
            assert app is not None  # Make sure the app still exists.
    def test_delete_csrf_field_appears(self):
        """
        Ensure that a csrf field is added to the delete view form.
        """
        # Create utapp1 in utuser1
        with self.flask_app:
            rv = self.login("utuser1", "password")
            assert session["logged_in"] == True
            app = api.create_app("utapp1", "translate", "http://justatest.com", '{"spec":"http://justatest.com", "bundles":{}}')
            self.appid = app.unique_id

        # GET the app delete view with CSRF enabled.
        flask_instance.config["CSRF_ENABLED"] = True
        rv = self.flask_app.get("/composers/translate/delete?" +
                                urllib.urlencode({"appid": self.appid, "delete": "Delete"}))

        # Check whether there is indeed a _csrf_token field
        print rv.data
        assert "_csrf_token" in rv.data
        assert re.search("^.*?<input.*?hidden.*?_csrf_token.*?$", rv.data, re.MULTILINE) is not None
Ejemplo n.º 23
0
def adapt_duplicate(appid):
    app = get_app(appid)
    if app is None:
        return render_template("composers/errors.html", message="Application not found")

    form = DuplicationForm()

    if form.validate_on_submit():

        # Protect against CSRF attacks.
        if not verify_csrf(request):
            return render_template("composers/errors.html",
                                   message="Request does not seem to come from the right source (csrf check)"), 400

        existing_app = get_app_by_name(form.name.data)
        if existing_app:
            if not form.name.errors:
                form.name.errors = []
            form.name.errors.append(lazy_gettext("You already have an application with this name"))
        else:
            new_app = create_app(form.name.data, 'adapt', app.spec.url, app.data)
            for appvar in app.appvars:  # Copy every appvar for the original app as well.
                add_var(new_app, appvar.name, appvar.value)

            return redirect(url_for('.adapt_edit', appid=new_app.unique_id))

    if not form.name.data:
        counter = 2
        potential_name = ''
        while counter < 1000:
            potential_name = '%s (%s)' % (app.name, counter)

            existing_app = get_app_by_name(potential_name)
            if not existing_app:
                break
            counter += 1

        form.name.data = potential_name

    return render_template("composers/adapt/duplicate.html", form=form, app=app)
Ejemplo n.º 24
0
    def setUp(self):
        appcomposer.app.config['DEBUG'] = True
        appcomposer.app.config['TESTING'] = True
        appcomposer.app.config['CSRF_ENABLED'] = False
        appcomposer.app.config["SECRET_KEY"] = 'secret'
        self.flask_app = appcomposer.app.test_client()
        self.flask_app.__enter__()

        rv = self.login("testuser", "password")

        # In case the test failed before, start from a clean state.
        self._cleanup()

        # import readline # optional, will allow Up/Down/History in the console
        # import code
        # vars = globals().copy()
        # vars.update(locals())
        # shell = code.InteractiveConsole(vars)
        # shell.interact()

        # Create an App for the tests.
        self.tapp = api.create_app("UTApp", "dummy", None, "{}")
    def setUp(self):
        appcomposer.app.config["DEBUG"] = True
        appcomposer.app.config["TESTING"] = True
        appcomposer.app.config["CSRF_ENABLED"] = False
        appcomposer.app.config["SECRET_KEY"] = "secret"

        self._cleanup()

        self.flask_app = appcomposer.app.test_client()
        with self.flask_app:
            rv = self.login("testuser", "password")

            # import readline # optional, will allow Up/Down/History in the console
            # import code
            # vars = globals().copy()
            # vars.update(locals())
            # shell = code.InteractiveConsole(vars)
            # shell.interact()

            # Create an App for the tests.
            self.tapp = api.create_app("UTApp", "dummy", None, "{}")
            self.tapp = api.get_app_by_name("UTApp")
            api.set_var(self.tapp, "TestVar", "TestValue")
Ejemplo n.º 26
0
def adapt_create(adaptor_type):
    """
    adapt_create()
    Loads the form for creating new adaptor apps and the list of adaptor apps from a specific type.
    @return: The app unique id.
    """

    def build_edit_link(app):
        return url_for("adapt.adapt_edit", appid=app.unique_id)


    if adaptor_type not in ADAPTORS:
        flash("Invalid adaptor type", "error")
        return render_template('composers/adapt/create.html', apps=[], adaptor_type=adaptor_type,
                               build_edit_link=build_edit_link)

    app_plugin = ADAPTORS[adaptor_type]

    apps = appstorage.get_my_apps(adaptor_type=adaptor_type)

    # If a get request is received, we just show the new app form and the list of adaptor apps
    if request.method == "GET":
        return render_template('composers/adapt/create.html', apps=apps, adaptor_type=adaptor_type,
                               build_edit_link=build_edit_link)


    # If a post is received, we are creating an adaptor app.
    elif request.method == "POST":

        # Protect against CSRF attacks.
        if not verify_csrf(request):
            return render_template("composers/errors.html",
                                   message="Request does not seem to come from the right source (csrf check)"), 400

        # We read the app details provided by the user
        name = request.form["app_name"]
        app_description = request.form["app_description"]

        if not name:
            flash("An application name is required", "error")
            return render_template("composers/adapt/create.html", name=name, apps=apps, adaptor_type=adaptor_type,
                                   build_edit_link=build_edit_link)

        if not app_description:
            app_description = ""

        # Build the basic JSON schema of the adaptor app
        data = {
            'adaptor_version': '1',
            'name': unicode(name),
            'description': unicode(app_description),
            'adaptor_type': unicode(adaptor_type)
        }

        # Fill with the initial structure
        data.update(app_plugin['initial'])

        # URL was originally added in a later stage in case it could be changed, but not anymore.
        # TODO: The app_plugin["initial"] seems to tend to contain an url field set to NULL. This is why we
        # initialize the URL here instead of the first data initialization. This should be tidied up to be
        # less confusing.
        appurl = unicode(request.values.get("appurl"))
        data['url'] = appurl

        #Dump the contents of the previous block and check if an app with the same name exists.
        # (TODO): do we force different names even if the apps belong to another adaptor type?
        app_data = json.dumps(data)

        print "INITIAL DATA: " + app_data

        try:
            # This is where the App object itself is created.
            app = appstorage.create_app(name, 'adapt', appurl, app_data, description=app_description)
            appstorage.add_var(app, 'adaptor_type', unicode(adaptor_type))
        except appstorage.AppExistsException:
            flash("An App with that name already exists", "error")
            return render_template("composers/adapt/create.html", name=name, apps=apps, adaptor_type=adaptor_type,
                                   build_edit_link=build_edit_link)

        return redirect(url_for("adapt.adapt_edit", appid=app.unique_id))