def test_cabin_role(self, test_client, mongo_db, template_user):
template_user.roles = ["cabin_stayer"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/location")
assert response.status_code == 200
assert b"<!-- location_cabin.html -->" in response.data
def test_submit_page_no_change(self, test_client):
log_in(test_client)
response = test_client.post("/auth/edit_profile",
data={},
follow_redirects=True)
assert (b"""<!-- guest.html -->
<head>
<meta charset="UTF-8">
<title> t_default </title>
</head>
<body>
<h1>User t_default, with id: """ in response.data)
assert (b"""
<ul>
<li>Name: t_default</li>
<li>Email: [email protected]</li>
<li>Roles:
None
</li>
<li>Party:
None
</li>
</ul>
<a href="/auth/edit_profile">Edit</a>
</body>""" in response.data)
def test_rsvp_first_visit(test_client):
"""
GIVEN a flask app
WHEN a user first visits '/rsvp'
THEN check that the 'Current Status:' data displays
"""
log_in(test_client)
response = test_client.get("/rsvp")
assert b"Current Status: []" in response.data
def test_index_logged_in(test_client):
"""
GIVEN a Flask App
WHEN the '/' page is requested, and a user is logged in
THEN check that the response is personalized
"""
log_in(test_client)
response = test_client.get("/", follow_redirects=True)
assert response.status_code == 200
assert b"<!-- Home.html -->" in response.data
def test_dress_code_auth_user_no_dress_code_roles(self, test_client):
"""
GIVEN a flask app
WHEN a auth user with no dress_code roles requests '/dress_code'
THEN check that they are shown '/dress_code/default.html'
"""
log_in(test_client, username="******")
response = test_client.get("/dress_code")
assert response.status_code == 200
assert b"/dress_code/default.html" in response.data
def test_dress_code_auth_user_groomsman_role(self, test_client):
"""
GIVEN a flask app
WHEN a auth user width the groomsman role requests '/dress_code'
THEN check that they are redirected to '/dress_code/groomsmen'
"""
log_in(test_client, username="******")
response = test_client.get("/dress_code")
assert response.status_code == 200
assert b"/dress_code/groomsmen.html" in response.data
def test_dress_code_auth_user_wedding_party_role(self, test_client):
"""
GIVEN a flask app
WHEN a auth user width the wedding_party role requests '/dress_code'
THEN check that they are redirected to '/dress_code/wedding_party'
"""
log_in(test_client, username="******")
response = test_client.get("/dress_code")
assert response.status_code == 200
assert b"/dress_code/wedding_party.html" in response.data
def test_auth_user_with_admin_role(self, test_client):
"""
GIVEN a flask app
WHEN an authorized user w/ the admin role requests '/admin'
THEN check that the page is rendered
"""
log_in(test_client, username="******")
response = test_client.get("/admin", follow_redirects=True)
assert response.status_code == 200
assert b"<h1>Guests:</h1>" in response.data
assert b"User t_admin," in response.data
def test_admin_and_admin_guests(self, test_client):
"""
GIVEN a flask app
CHECK that the routes '/admin' and '/admin/guest' return the same content
"""
log_in(test_client, username="******")
response_1 = test_client.get("/admin/")
response_2 = test_client.get("/admin/guests", follow_redirects=True)
assert response_1.status_code == 200
assert response_2.status_code == 200
assert response_1.data == response_2.data
def test_rsvp_submit_form_empty_status(test_client):
"""
GIVEN a flask app
WHEN the user submits '/rsvp' where the form.status and form.plus_one_status is not provided
THEN check that the value in the db is unchanged
"""
log_in(test_client)
response = test_client.post(
"/rsvp", data={"diet": ["no pork", "no gluten", "no nuts"]})
assert response.status_code == 200
assert response.data.count(b"[This field is required.]") == 2
def test_logout_auth_user(test_client):
"""
GIVEN a flask app
WHEN an authorized user logs out
THEN check that the user was logged out successfully
"""
log_in(test_client)
response = test_client.get("auth/logout", follow_redirects=True)
assert response.status_code == 200
# assert b"<!-- index.html -->" in response.data # Removed -- COVID
assert b"You have been logged out." in response.data
def test_requires_roles_with_valid_roles(template_user, test_client, mongo_db):
"""
GIVEN a Flask app
WHEN a user attempts to access a restricted route that they HAVE the roles to access
THEN Check that the user successfully accesses the route
"""
template_user.roles = ["test_role"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_requires_roles")
assert response.status_code == 200
assert b"Access Granted" in response.data
def test_roles_cannot_access_user_has_no_roles(test_client, template_user, mongo_db):
"""
GIVEN a Flask app,
WHEN a user with no roles attemps to access a route decorated with @roles_required
THEN check that the user is redirected to the restricted page
"""
template_user.roles = None
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_roles_cannot_access", follow_redirects=True)
assert response.status_code == 200
assert b"Access Granted" in response.data
def test_auth_user_without_admin_role(self, test_client):
"""
GIVEN a flask app
WHEN an authorized user w/o the admin role requests '/admin'
THEN check that they are redirected to '/auth/unauthorized_role'
"""
log_in(test_client)
response = test_client.get("/admin", follow_redirects=True)
assert response.status_code == 200
assert (
b"you lack the required roles to view your requested page." in response.data
)
def test_roles_cannot_access_valid(template_user, test_client, mongo_db):
"""
GIVEN a flask app
WHEN a user attempts to access a route that they don't have a role that cannot access
THEN check that they are redirected to the restricted
"""
template_user.roles = ["any role under the sun"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_roles_cannot_access")
assert response.status_code == 200
assert b"Access Granted" in response.data
def test_roles_cannot_access_invalid(template_user, test_client, mongo_db):
"""
GIVEN a flask app
WHEN a user attempts to access a route that they have a role that cannot access
THEN check that they are redirected to the 'You don't have the roles' page
"""
template_user.roles = ["test_role_cannot_access"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_roles_cannot_access", follow_redirects=True)
assert response.status_code == 200
assert b"you lack the required roles to view your requested page." in response.data
def test_login_when_user_is_authenticated(test_client):
"""
GIVEN a flask app
WHEN the '/login' page is requested by an authenticated user
THEN check that the user is redirected to '/' and a message is flashed
"""
log_in(test_client, username="******", password="******")
response = test_client.post("/auth/login", follow_redirects=True)
assert response.status_code == 200
assert b"<!-- Home.html -->" in response.data
assert b'<link href="static/base.css"' in response.data
assert b"You are already logged in!" in response.data
def test_requires_roles_with_invalid_roles(template_user, test_client,
mongo_db):
"""
GIVEN a Flask app
WHEN a user attempts to access a restricted route that they DO NOT HAVE the roles to access
THEN Check that the user is redirected successfully to the unauthorized page
"""
template_user.roles = ["test_role_fail"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_requires_roles", follow_redirects=True)
assert response.status_code == 200
assert b"you lack the required roles to view your requested page." in response.data
def test_register_current_user_is_authenticated(test_client, mongo_db,
new_guest):
"""
GIVEN a flask app
WHEN a authenticated user attempts to register
THEN check that they are redirected to the index page
"""
new_guest.add_to_mongodb(mongo_db)
log_in("username", "password", test_client)
response = test_client.post("/auth/register", follow_redirects=True)
assert response.status_code == 200
assert b"Hi username!" in response.data
assert b"You are already logged in! No need to register." in response.data
def test_dress_code_auth_user_groomsman_and_wedding_party_roles(
self, test_client, template_user, mongo_db):
"""
GIVEN a flask app
WHEN a auth user width the groomsman and wedding_party roles requests '/dress_code'
THEN check that they are redirected to '/dress_code/groomsmen'
"""
template_user.roles = ["groomsman", "wedding_party"]
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/dress_code")
assert response.status_code == 200
assert b"/dress_code/groomsmen.html" in response.data
def test_login_when_user_is_authenticated(new_guest, test_client, mongo_db):
"""
GIVEN a flask app
WHEN the '/login' page is requested by an authenticated user
THEN check that the user is redirected to '/' and a message is flashed
"""
new_guest.add_to_mongodb(mongo_db)
log_in("username", "password", test_client)
response = test_client.post("/auth/login", follow_redirects=True)
assert response.status_code == 200
assert b"Home Page" in response.data
assert b"Hi username!" in response.data
assert b"You are already logged in!" in response.data
def test_admin_guest_view_default_guest(test_client, mongo_db):
"""
GIVEN a flask app
WHEN '/auth/guests/<guest_id>' is requested with 't_default's ID
THEN check that 't_default's data is displayed
"""
log_in(test_client, username="******")
response = test_client.get(f"/admin/guest/{get_guest_id(mongo_db)}",
follow_redirects=True)
assert response.status_code == 200
assert b"<title> t_default </title>" in response.data
assert b"<li>Name: t_default</li>" in response.data
assert b"<li>Email: [email protected]</li>" in response.data
assert b"<li>Roles:\n \n None" in response.data
def test_register_current_user_is_authenticated(test_client, mongo_db,
template_user):
"""
GIVEN a flask app
WHEN a authenticated user attempts to register
THEN check that they are redirected to the index page
"""
template_user.add_to_collection(mongo_db.guests)
log_in(test_client)
response = test_client.post("/auth/register", follow_redirects=True)
assert response.status_code == 200
assert b"<!-- Home.html -->" in response.data
assert b'<link href="static/base.css"' in response.data
assert b"You are already logged in! No need to register." in response.data
def test_template_render(self, test_client):
"""
GIVEN a flask app
WHEN the '/admin' page is requested by the appropriate user
THEN check that the template displays all registered users appropriately
"""
log_in(test_client, username="******")
response = test_client.get("/admin", follow_redirects=True)
assert response.status_code == 200
assert b"<h1>Guests:</h1>" in response.data
assert b"User t_admin," in response.data
assert b"User t_groomsman" in response.data
assert b"User t_bridesmaid" in response.data
assert b"User t_wedding_party" in response.data
assert b"User t_default" in response.data
def test_requires_roles_user_has_no_roles(test_client, template_user,
mongo_db):
"""
GIVEN a Flask app,
WHEN a user with no roles attemps to access a route decorated with @roles_required
THEN check that the user is redirected to the 'you don't have the required roles' page
"""
template_user.roles = None
template_user.add_to_collection(mongo_db.guests)
log_in(test_client, username="******")
response = test_client.get("/test_requires_roles", follow_redirects=True)
assert response.status_code == 200
assert (
b"You are seeing this page because you lack the required roles to view your requested page."
in response.data)
def test_submit_page_change_all(self, test_client, mongo_db):
log_in(test_client)
user_id = mongo_db.guests.find_one({"name": "t_default"})["_id"]
response = test_client.post(
"/auth/edit_profile",
data={
"username": "******",
"name": "new_name",
"email": "*****@*****.**",
},
)
assert response.status_code == 302 # Redirected
user = mongo_db.guests.find_one({"_id": user_id})
assert user["name"] == "new_name"
assert user["username"] == "new_username"
assert user["email"] == "*****@*****.**"
def test_rsvp_first_entry(test_client):
"""
GIVEN a flask app
When a user submits '/rsvp' for the first time
THEN check that the data updates in the DB and on the page.
"""
log_in(test_client)
response = test_client.post(
"/rsvp",
data={
"diet": ["no pork", "no gluten", "no nuts"],
"status": "yes",
"plus_one_status": "undecided",
},
)
assert response.status_code == 200
assert b"Current Status: yes" in response.data
assert b"Current Status: undecided" in response.data
def test_requires_roles_with_valid_roles(new_guest, test_client, mongo_db):
"""
GIVEN a Flask app
WHEN a user attempts to access a restricted route that they HAVE the roles to access
THEN Check that the user successfully accesses the route
"""
new_guest.roles = ["test_role"]
new_guest.add_to_mongodb(mongo_db)
assert log_in("username", "password", test_client)
response = test_client.get("/test_requires_roles")
assert response.status_code == 200
assert b"Access Granted" in response.data
def test_view_page(self, test_client):
log_in(test_client)
response = test_client.get("/auth/edit_profile")
assert response.status_code == 200
assert b"<!-- guest_edit.html -->" in response.data
def test_photos_view(test_client):
log_in(test_client)
response = test_client.get("/photos")
assert response.status_code == 200
assert b"<!-- photos.html -->" in response.data
