def test_invite_new_user_to_association(self, user, send_invitation_mail):
user.email = "*****@*****.**"
session = Client().session()
association = Association(name='prancing ponies')
session.add(association)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=association.association_id))
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(association.association_id),
data={'email': '*****@*****.**'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'ok', 'action': 'invited'})
invite = session.query(AssociationInvite).one()
eq_(invite.email, '*****@*****.**')
eq_(invite.association_id, association.association_id)
send_invitation_mail.assert_called_once_with(
'*****@*****.**',
'*****@*****.**',
'prancing ponies',
'http://localhost/accept_invitation/{0}/'.format(invite.token))
def new_rad_by_name():
if not g.user:
return error_response('login required')
try:
parse(request.form['rad'])
except ParseError as e:
return error_response('parse error: {0}'.format(e.message))
session = Client().session()
lib_name = request.form['lib']
association_id = request.form['association_id']
try:
find_association(association_id)
except NoResultFound:
return error_response('no such association')
try:
lib = session.query(Lib).\
filter(Lib.name == lib_name).\
filter(Lib.association_id == association_id).\
one()
except NoResultFound:
return error_response("no such lib '{0}'".format(lib_name))
rad = Rad(created_by=g.user.user_id,
lib_id=lib.lib_id,
rad=request.form['rad'])
session.add(rad)
radlibs.lib.decache_lib(lib.name, lib.association_id)
return {
'status': 'ok',
'rad_id': rad.rad_id,
}
def edit_rad(rad_id):
if rad_id == 0:
abort(404)
if not g.user:
return error_response('login required')
try:
parse(request.form['rad'])
except ParseError as e:
return error_response('parse error: {0}'.format(e.message))
session = Client().session()
try:
(rad, lib) = session.query(Rad, Lib).\
join(Lib).\
join(Association).\
join(UserAssociation).\
filter(UserAssociation.user_id == g.user.user_id).\
filter(Rad.rad_id == rad_id).\
one()
except NoResultFound:
return error_response('no such rad')
rad.rad = request.form['rad']
session.add(rad)
radlibs.lib.decache_lib(lib.name, lib.association_id)
return {'status': 'ok'}
def test_no_such_lib_raises_keyerror(self, g):
session = Client().session()
association = Association(name="prancing ponies")
session.add(association)
session.flush()
g.association_id = association.association_id
radlibs.lib.load_lib('Loot')
def test_generate_token(self):
session = Client().session()
user = User()
session.add(user)
session.flush()
token = EmailVerificationToken.generate(user)
eq_(len(token.token), 32)
def test_generate(self):
session = Client().session()
association = Association(name='crazy train')
session.add(association)
session.flush()
invite = AssociationInvite.generate(association.association_id,
'*****@*****.**')
def test_breadcrumb_for_an_association(self):
session = Client().session()
association = Association(name="Harpy")
session.add(association)
session.flush()
with app.app_context():
crumb = breadcrumb_for(association)
eq_(crumb, ('Harpy', 'http://localhost/association/{0}'.format(
association.association_id)))
def register():
db_session = Client().session()
user = User(
email=request.form['email'],
identifier=session['partial_user']['identifier'])
db_session.add(user)
db_session.flush()
token = EmailVerificationToken.generate(user)
send_verification_mail(
user, url_for('verify_email', token=token.token, _external=True))
session['user'] = {'email': user.email, 'identifier': user.identifier}
return redirect(request.form['redirect_uri'])
def test_accept_invite_prompts_for_login(self):
session = Client().session()
association = Association(name="tower of power")
session.add(association)
session.flush()
invite = AssociationInvite.generate(association.association_id,
'*****@*****.**')
session.flush()
response = self.app.get('/accept_invitation/{0}/'.format(invite.token))
eq_(response.status_code, 200)
assert 'Please create an account' in response.data,\
"Response didn't prompt for login"
def test_test_radlib_requires_login(self):
session = Client().session()
association = Association(name="somebody's private stuff")
session.add(association)
session.flush()
response = self.app.post(
'/association/{0}/test_radlib'.format(association.association_id),
data={'rad': 'I ate some <Food>'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': 'login required'})
def test_bypass_login__existing_user(self):
session = Client().session()
user = User(identifier='http://www.facebook.com/itsme',
email='*****@*****.**')
session.add(user)
session.flush()
response = self.app.post('/login_bypass', data={
'email': '*****@*****.**',
'identifier': 'http://www.facebook.com/itsme',
})
eq_(response.status_code, 302)
eq_(response.headers['Location'], 'http://localhost/')
def test_hmac_auth__invalid_datetime_format(self):
session = Client().session()
user = User(api_key='hurfdurf')
session.add(user)
session.flush()
response = self.app.post(
'/test_authorization', data={'user_id': user.user_id,
'signature': 'johnhancock',
'time': 'beer:30',
'other_param': 'frabjous'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'error', 'error': 'not logged in'})
def test_hmac_auth__user_has_no_api_key(self):
session = Client().session()
user = User()
session.add(user)
session.flush()
time = datetime.datetime.utcnow().strftime('%Y%m%dT%H:%M:%S')
signature = "mloop droop"
response = self.app.post(
'/test_authorization', data={'user_id': user.user_id,
'signature': signature,
'time': time,
'other_param': 'frabjous'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'error', 'error': 'not logged in'})
def test_accept_invite_while_unverified_verifies_email(self, user):
user.email = '*****@*****.**'
user.email_verified_at = None
session = Client().session()
association = Association(name="tower of power")
session.add(association)
session.flush()
invite = AssociationInvite.generate(association.association_id,
'*****@*****.**')
session.flush()
response = self.app.get('/accept_invitation/{0}/'.format(invite.token))
eq_(response.status_code, 302, response.data)
del(user)
user = session.query(User).one()
assert user.email_verified_at, "Email wasn't verified"
def test_add_new_rad__requires_correct_user(self, user):
session = Client().session()
other_user = User()
association_id = self.create_association(other_user)
lib = Lib(name="Song", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/{0}/rad/new'.format(lib.lib_id),
data={'rad': '<Song_which_never_ends>'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': 'no such lib'})
def token_url():
token = request.form['token']
api_params = {
'token': token,
'apiKey': os.environ['ENGAGE_API_KEY'],
'format': 'json',
}
response = requests.get('https://rpxnow.com/api/v2/auth_info',
params=api_params)
auth_info = json.loads(response.text)
if 'profile' not in auth_info:
return make_response('An error occurred interacting with your '
'identity provider. Since that does not '
'usually happen unless you are a radlibs '
'developer, here is the error in all its '
'terrible beauty: ' + response.text)
identifier = auth_info['profile']['identifier']
email = auth_info['profile'].get('email')
redirect_uri = request.form.get('redirect_uri', '/')
db_session = Client().session()
try:
user = db_session.query(User).\
filter(User.identifier == identifier).\
one()
except NoResultFound:
if email:
existing_users = db_session.query(User).\
filter(User.email == email).\
all()
if existing_users:
provider = provider_for_identifier(
existing_users[0].identifier)
return render_template(
'identifier_mismatch.html.jinja',
existing_provider=provider)
user = User(email=email,
identifier=identifier,
email_verified_at=utcnow())
db_session.add(user)
else:
session['partial_user'] = {'identifier': identifier}
return redirect(url_for('show_registration',
redirect_uri=redirect_uri))
session['user'] = {'identifier': identifier, 'email': email}
return redirect(redirect_uri)
def test_add_new_rad__requires_user(self):
session = Client().session()
association = Association(name='Partytown')
session.add(association)
session.flush()
lib = Lib(name="Animal", association_id=association.association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/{0}/rad/new'.format(lib.lib_id),
data={'rad': 'what is happening'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': 'login required'})
def test_add_user_to_association_requires_correct_login(self, user):
session = Client().session()
association = Association(name='prancing ponies')
session.add(association)
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(association.association_id),
data={'email': '*****@*****.**'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': 'no such association'})
def create_association():
if not g.user:
abort(401)
name = request.form['name']
session = Client().session()
association = Association(name=name)
session.add(association)
session.flush()
user_association = UserAssociation(
user_id=g.user.user_id,
association_id=association.association_id)
session.add(user_association)
return redirect(url_for('manage_association',
association_id=association.association_id))
def test_test_radlib_with_unknown_lib(self, user):
session = Client().session()
association = Association(name="pdx python")
session.add(association)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=association.association_id))
response = self.app.post(
'/association/{0}/test_radlib'.format(association.association_id),
data={'rad': 'I ate some <Food>'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': "no such lib 'Food'"})
def test_create_new_lib__lib_already_exists(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Rant", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post(
'/association/{0}/lib/new'.format(association_id),
data={"name": "Rant"})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': 'lib already exists'
})
def test_edit_rad(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Band", association_id=association_id)
session.add(lib)
session.flush()
rad = Rad(lib_id=lib.lib_id,
created_by=user.user_id,
rad='Huey Lewis and the Nws')
session.add(rad)
session.flush()
response = self.app.post('/lib/rad/{0}/edit'.format(rad.rad_id),
data={'rad': 'Huey Lewis and the News'})
eq_(response.status_code, 200, response.data)
body = json.loads(response.data)
eq_(body, {'status': 'ok'})
def test_new_rad_by_name__missing_params(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Song", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/rad/new', data={
'lib': 'Song',
'rad': 'Stairway to <Location>',
})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': "missing param 'association_id'"
})
def test_add_new_rad_by_name__syntax_error(self, user):
session = Client().session()
association_id = self.create_association(user)
lib = Lib(name="Song", association_id=association_id)
session.add(lib)
session.flush()
response = self.app.post('/lib/rad/new', data={
'association_id': association_id,
'lib': 'Song',
'rad': 'All you need is <Emotion',
})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {'status': 'error',
'error': "parse error: Unexpected token '<' at line 1 "
"character 17 of 'All you need is <Emotion'"})
def test_invite__invalid_email_address(self, user):
session = Client().session()
watercooler = Association(name='watercooler')
session.add(watercooler)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=watercooler.association_id))
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(watercooler.association_id),
data={'email': 'not a valid email'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {'status': 'error',
'error': "invalid email address 'not a valid email'"})
def verify_email(token):
db_session = Client().session()
try:
verification_token = db_session.query(EmailVerificationToken).\
filter(EmailVerificationToken.token == token).\
one()
user = db_session.query(User).\
filter(User.user_id == verification_token.user_id).\
one()
except NoResultFound:
abort(404)
user.email_verified_at = utcnow()
db_session.add(user)
db_session.delete(verification_token)
return render_template('verification_complete.html.jinja')
def test_verify_email(self):
session = Client().session()
user = User()
session.add(user)
session.flush()
token = EmailVerificationToken.generate(user)
response = self.app.get('/verify_email/{0}'.format(token.token))
eq_(response.status_code, 200, response.data)
assert 'Thanks!' in response.data, 'response was rude'
del(user)
user = session.query(User).one()
assert user.email_verified_at, "email wasn't verified!"
tokens = session.query(EmailVerificationToken).all()
eq_(tokens, [])
def test_test_radlib_with_syntactically_invalid_rad(self, user):
session = Client().session()
association = Association(name="pdx python")
session.add(association)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=association.association_id))
response = self.app.post(
'/association/{0}/test_radlib'.format(association.association_id),
data={'rad': 'I ate some Food>'})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {
'status': 'error',
'error': "Unexpected token '>' at line 1 character 16 of "
"'I ate some Food>'"})
def bypass_login():
if not app.config['DEBUG']:
abort(404)
db_session = Client().session()
email = request.form['email']
identifier = request.form['identifier']
try:
user = db_session.query(User).\
filter(User.identifier == identifier).\
one()
except NoResultFound:
user = User()
user.email = email
user.identifier = identifier
db_session.add(user)
session['user'] = {'identifier': identifier, 'email': email}
return redirect('/')
def test_invite__user_is_already_in_the_association(self, user):
session = Client().session()
watercooler = Association(name='watercooler')
session.add(watercooler)
session.flush()
session.add(UserAssociation(user_id=user.user_id,
association_id=watercooler.association_id))
session.flush()
response = self.app.post(
'/association/{0}/invite_user'.format(watercooler.association_id),
data={'email': user.email})
eq_(response.status_code, 200)
body = json.loads(response.data)
eq_(body, {'status': 'error',
'error': 'already in association'})