def test_approved_feed_population(self):
"""Ensure only approved users get approved posts but in there feed."""
# Create a user to test creating post
user1 = create_account('user1', '*****@*****.**', 'Password')
user2 = create_account('user2', '*****@*****.**', 'Password')
user3 = create_account('user3', '*****@*****.**', 'Password')
follow_user(user2, user1)
follow_user(user3, user1)
approve_user(user1, user2)
create_post(user1, 'user1', 'Test post', permission=K.PERM_APPROVED)
self.assertEqual(len(get_feed(user2).items), 1)
self.assertEqual(len(get_feed(user3).items), 0)
def test_approved_feed_population(self):
"""Ensure only approved users get approved posts but in there feed."""
# Create a user to test creating post
user1 = create_account('user1', '*****@*****.**', 'Password')
user2 = create_account('user2', '*****@*****.**', 'Password')
user3 = create_account('user3', '*****@*****.**', 'Password')
follow_user(user2, user1)
follow_user(user3, user1)
approve_user(user1, user2)
create_post(user1, 'user1', 'Test post',
permission=K.PERM_APPROVED)
self.assertEqual(len(get_feed(user2).items), 1)
self.assertEqual(len(get_feed(user3).items), 0)
def test_approved_unapproved_is_approved(self):
"""Ensure a user can approve and unapprove a follower. Also test the
checking of this state"""
user1 = create_account('user1', '*****@*****.**', 'Password')
user2 = create_account('user2', '*****@*****.**', 'Password')
user3 = create_account('user3', '*****@*****.**', 'Password')
# User should not be following a user
self.assertFalse(is_approved(user1, user2))
# User can't approve a user he is not following
self.assertFalse(approve_user(user1, user2))
# Follow wrong way round. The user to be approved must follow you
follow_user(user1, user2)
self.assertFalse(approve_user(user1, user2))
self.assertFalse(is_approved(user1, user2))
# Correct way round
follow_user(user2, user1)
self.assertTrue(approve_user(user1, user2))
self.assertTrue(is_approved(user1, user2))
# Try an un-approved a non follower
self.assertFalse(is_approved(user1, user3))
self.assertFalse(unapprove_user(user1, user3))
# Try and un-approve a non approved follower
follow_user(user3, user1)
self.assertFalse(is_approved(user1, user3))
self.assertFalse(unapprove_user(user1, user3))
# Un-approve an approved folloer
self.assertTrue(is_approved(user1, user2))
self.assertTrue(unapprove_user(user1, user2))
self.assertFalse(is_approved(user1, user2))
# Ensure a user is un-approved if they stop following you
# and you had approved them
self.assertTrue(approve_user(user1, user2))
self.assertTrue(is_approved(user1, user2))
unfollow_user(user2, user1)
self.assertFalse(is_approved(user1, user2))
def approve(username):
"""Follow a user."""
redirect_url = handle_next(request, url_for('users.followers',
username=current_user.get('username')))
user_id = get_uid(username)
# If we don't get a uid from the username the page doesn't exist
if user_id is None:
abort(404)
if user_id != current_user.get('_id'):
if approve_user(current_user.get('_id'), user_id):
flash('You have put your trust %s' % username, 'success')
else:
flash('You can\'t trust a user who is not following you',
'error')
else:
flash('You should already trust yourself ;-P', 'information')
return redirect(redirect_url)
def approve(username):
"""Follow a user."""
redirect_url = handle_next(
request,
url_for('users.followers', username=current_user.get('username')))
user_id = get_uid(username)
# If we don't get a uid from the username the page doesn't exist
if user_id is None:
abort(404)
if user_id != current_user.get('_id'):
if approve_user(current_user.get('_id'), user_id):
flash('You have put your trust %s' % username, 'success')
else:
flash('You can\'t trust a user who is not following you', 'error')
else:
flash('You should already trust yourself ;-P', 'information')
return redirect(redirect_url)
def test_permissions(self):
"""Ensure only users with the correct permissions can see posts"""
user1 = create_account('user1', '*****@*****.**', 'Password')
activate(user1)
post1 = create_post(user1, 'user1', 'Test public', permission=0)
post2 = create_post(user1, 'user1', 'Test pjuu', permission=1)
post3 = create_post(user1, 'user1', 'Test approved', permission=2)
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertNotIn('Test pjuu', resp.data)
self.assertNotIn('Test approved', resp.data)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post2))
self.assertEqual(resp.status_code, 403)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post3))
self.assertEqual(resp.status_code, 403)
# Create a user and check we can see the Pjuu-wide post
user2 = create_account('user2', '*****@*****.**', 'Password')
activate(user2)
self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
})
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertIn('Test pjuu', resp.data)
self.assertNotIn('Test approved', resp.data)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post2))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post3))
self.assertEqual(resp.status_code, 403)
# Have user1 approve user2 and ensure he can see all posts
# User2 needs to be following user1
follow_user(user2, user1)
approve_user(user1, user2)
self.assertTrue(is_approved(user1, user2))
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertIn('Test pjuu', resp.data)
self.assertIn('Test approved', resp.data)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post2))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(
url_for('posts.view_post', username='******', post_id=post3))
self.assertEqual(resp.status_code, 200)
def test_permissions(self):
"""Ensure only users with the correct permissions can see posts"""
user1 = create_account('user1', '*****@*****.**', 'Password')
activate(user1)
post1 = create_post(user1, 'user1', 'Test public', permission=0)
post2 = create_post(user1, 'user1', 'Test pjuu', permission=1)
post3 = create_post(user1, 'user1', 'Test approved', permission=2)
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertNotIn('Test pjuu', resp.data)
self.assertNotIn('Test approved', resp.data)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post2))
self.assertEqual(resp.status_code, 403)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post3))
self.assertEqual(resp.status_code, 403)
# Create a user and check we can see the Pjuu-wide post
user2 = create_account('user2', '*****@*****.**', 'Password')
activate(user2)
self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
})
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertIn('Test pjuu', resp.data)
self.assertNotIn('Test approved', resp.data)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post2))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post3))
self.assertEqual(resp.status_code, 403)
# Have user1 approve user2 and ensure he can see all posts
# User2 needs to be following user1
follow_user(user2, user1)
approve_user(user1, user2)
self.assertTrue(is_approved(user1, user2))
resp = self.client.get(url_for('users.profile', username='******'))
self.assertIn('Test public', resp.data)
self.assertIn('Test pjuu', resp.data)
self.assertIn('Test approved', resp.data)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post1))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post2))
self.assertEqual(resp.status_code, 200)
resp = self.client.get(url_for('posts.view_post', username='******',
post_id=post3))
self.assertEqual(resp.status_code, 200)