def test_callback_with_permissions(self, post_mock):
url = "{}/users/info".format(settings.TSURU_HOST)
httpretty.register_uri(
httpretty.GET, url, status=200,
body='{"Permissions": [{"Name":"healing.read"}, {"Name": "", "ContextType": "global"}]}'
)
response_mock = mock.Mock(status_code=200)
response_mock.json.return_value = {"token": "xpto"}
post_mock.return_value = response_mock
request = RequestFactory().get('/', {"code": "somecode"})
request.META['HTTP_HOST'] = 'localhost:3333'
request.session = {"next_url": "/apps"}
response = Callback.as_view()(request)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, "/apps")
self.assertEqual(request.session["tsuru_token"], "type xpto")
self.assertDictEqual(request.session["permissions"], {"healing": True, "admin": True})
expected_url = 'http://localhost:8080/auth/login'
expected_data = {
"redirectUrl": "http://localhost:3333/auth/callback/",
"code": "somecode"
}
post_mock.assert_called_with(expected_url, data=expected_data)
def test_admin_timeline_prunes_user_output(self):
"""multiple users in timeline is confusing."""
admin = self.User.objects.create(username="******", email="*****@*****.**")
admin.is_staff = True
admin.is_superuser = True
admin.save()
# create a drip campaign that will surely give us duplicates.
model_drip = Drip.objects.create(
name="A Custom Week Ago", subject_template="HELLO {{ user.username }}", body_html_template="KETTEHS ROCK!"
)
QuerySetRule.objects.create(
drip=model_drip,
field_name="date_joined",
lookup_type="gte",
field_value=(timezone.now() - timedelta(days=1)).isoformat(),
)
# then get it's admin view.
rf = RequestFactory()
timeline_url = reverse(
"admin:drip_timeline", kwargs={"drip_id": model_drip.id, "into_past": 3, "into_future": 3}
)
request = rf.get(timeline_url)
request.user = admin
match = resolve(timeline_url)
response = match.func(request, *match.args, **match.kwargs)
# check that our admin (not excluded from test) is shown once.
self.assertEqual(unicode(response.content).count(admin.email), 1)
def test_add_unit(self, put, get):
data = {
"name": "app1",
"units": [
{"Ip": "10.10.10.10"},
{"Ip": "9.9.9.9"},
],
}
response_mock = Mock(status_code=200)
response_mock.json.return_value = data
get.return_value = response_mock
data = {"units": '10'}
request = RequestFactory().post("/", data)
request.session = {"tsuru_token": "admin"}
ChangeUnit.as_view()(request, app_name="app_name")
put.assert_called_with(
'{}/apps/app_name/units'.format(settings.TSURU_HOST),
data='8',
headers={'authorization': 'admin'}
)
get.assert_called_with(
'{}/apps/app_name'.format(settings.TSURU_HOST),
headers={'authorization': 'admin'}
)
def test_error_handlers(self):
self.assertTrue(urls.handler404.endswith('.handler404'))
factory = RequestFactory()
request = factory.get('/')
response = handler404(request)
self.assertEqual(response.status_code, 404)
self.assertIn('404 Not Found!!', unicode(response))
def test_redirect_to_the_app_detail_page(self, get):
data = {
"name": "app1",
"units": [
{"Ip": "10.10.10.10"},
{"Ip": "9.9.9.9"},
],
}
response_mock = Mock(status_code=200)
response_mock.json.return_value = data
get.return_value = response_mock
data = {"units": '2'}
request = RequestFactory().post("/", data)
request.session = {"tsuru_token": "admin"}
response = ChangeUnit.as_view()(request, app_name="app_name")
self.assertEqual(302, response.status_code)
self.assertEqual("/apps/app_name/", response.items()[1][1])
get.assert_called_with(
'{}/apps/app_name'.format(settings.TSURU_HOST),
headers={'authorization': 'admin'}
)
class InValidStockRSRTestCase(TestCase):
"""Testing request to stock RSR.
invalid hosts :
- "invalid_host"
- ""
"""
def setUp(self):
"""Setup."""
self.factory = RequestFactory()
self.req_not_found_host = self.factory.get('/', {}, HTTP_HOST='not-found.akvo.org')
self.req_not_found_host2 = self.factory.get('/', {}, HTTP_HOST='not-found.test.akvo.org')
self.req_invalid_host = self.factory.get('/', {}, HTTP_HOST='invalid_host')
self.req_empty_host = self.factory.get('/', {}, HTTP_HOST='')
def test_is_rsr_host(self):
"""Test request to normal RSR host."""
self.assertFalse(_is_rsr_host(self.req_not_found_host.get_host()))
self.assertFalse(_is_rsr_host(self.req_not_found_host2.get_host()))
with self.assertRaises(DisallowedHost):
_is_rsr_host(self.req_invalid_host.get_host())
with self.assertRaises(DisallowedHost):
_is_rsr_host(self.req_empty_host.get_host())
def test_email_address_created(self):
factory = RequestFactory()
request = factory.get('/accounts/login/callback/')
request.user = AnonymousUser()
SessionMiddleware().process_request(request)
MessageMiddleware().process_request(request)
User = get_user_model()
user = User()
setattr(user, account_settings.USER_MODEL_USERNAME_FIELD, 'test')
setattr(user, account_settings.USER_MODEL_EMAIL_FIELD, '*****@*****.**')
account = SocialAccount(user=user, provider='openid', uid='123')
sociallogin = SocialLogin(account)
complete_social_login(request, sociallogin)
user = User.objects.get(
**{account_settings.USER_MODEL_USERNAME_FIELD: 'test'}
)
self.assertTrue(
SocialAccount.objects.filter(user=user, uid=account.uid).exists()
)
self.assertTrue(
EmailAddress.objects.filter(user=user, email=user_email(user)).exists()
)
class GetNextTests(TestCase):
def setUp(self):
self.factory = RequestFactory()
def test_no_param(self):
"""If next isn't in the POST params, return None."""
request = self.factory.post('/')
eq_(views._get_next(request), None)
def test_is_safe(self):
"""Return the value of next if it is considered safe."""
request = self.factory.post('/', {'next': '/asdf'})
request.get_host = lambda: 'myhost'
with patch.object(views, 'is_safe_url', return_value=True) as is_safe_url:
eq_(views._get_next(request), '/asdf')
is_safe_url.assert_called_with('/asdf', host='myhost')
def test_isnt_safe(self):
"""If next isn't safe, return None."""
request = self.factory.post('/', {'next': '/asdf'})
request.get_host = lambda: 'myhost'
with patch.object(views, 'is_safe_url', return_value=False) as is_safe_url:
eq_(views._get_next(request), None)
is_safe_url.assert_called_with('/asdf', host='myhost')
def test_send_mail(self, fake_messages):
"""Test EmailRepsForm email sending functionality."""
data = {"subject": "Test email subject", "body": "Test email body", "functional_area": self.functional_area.id}
form = EmailRepsForm(data=data)
ok_(form.is_valid())
area = self.functional_area
UserFactory.create_batch(20, userprofile__functional_areas=[area])
factory = RequestFactory()
request = factory.request()
request.user = UserFactory.create()
reps = User.objects.filter(userprofile__functional_areas__name=area)
form.send_email(request, reps)
eq_(len(mail.outbox), 20)
address = lambda u: "%s %s <%s>" % (u.first_name, u.last_name, u.email)
recipients = map(address, reps)
receivers = []
for i in range(0, len(mail.outbox)):
eq_(mail.outbox[i].subject, data["subject"])
eq_(mail.outbox[i].body, data["body"])
receivers.append(mail.outbox[i].to[0])
eq_(set(receivers), set(recipients))
fake_messages.assert_called_with(ANY, "Email sent successfully.")
class LogoutTests(TestCase):
def setUp(self):
self.factory = RequestFactory()
_get_next_patch = patch('django_browserid.views._get_next')
self._get_next = _get_next_patch.start()
self.addCleanup(_get_next_patch.stop)
def test_redirect(self):
"""Include LOGOUT_REDIRECT_URL in the response."""
request = self.factory.post('/')
logout = views.Logout.as_view()
self._get_next.return_value = None
with patch.object(views.Logout, 'redirect_url', '/test/foo'):
with patch('django_browserid.views.auth.logout') as auth_logout:
response = logout(request)
auth_logout.assert_called_with(request)
eq_(response.status_code, 200)
self.assert_json_equals(response.content, {'redirect': '/test/foo'})
def test_redirect_next(self):
"""
If _get_next returns a URL, use it for the redirect parameter.
"""
request = self.factory.post('/')
logout = views.Logout.as_view()
self._get_next.return_value = '/test/bar'
with patch.object(views.Logout, 'redirect_url', '/test/foo'):
with patch('django_browserid.views.auth.logout'):
response = logout(request)
self.assert_json_equals(response.content, {'redirect': '/test/bar'})
class CsrfTokenTests(TestCase):
def setUp(self):
self.factory = RequestFactory()
self.view = views.CsrfToken()
def test_lazy_token_called(self):
"""
If the csrf_token variable in the RequestContext is a lazy
callable, make sure it is called during the view.
"""
global _lazy_csrf_token_called
_lazy_csrf_token_called = False
# I'd love to use a Mock here instead, but lazy doesn't behave
# well with Mocks for some reason.
def _lazy_csrf_token():
global _lazy_csrf_token_called
_lazy_csrf_token_called = True
return 'asdf'
csrf_token = lazy(_lazy_csrf_token, six.text_type)()
request = self.factory.get('/browserid/csrf/')
with patch('django_browserid.views.RequestContext') as RequestContext:
RequestContext.return_value = {'csrf_token': csrf_token}
response = self.view.get(request)
eq_(response.status_code, 200)
eq_(response.content, b'asdf')
ok_(_lazy_csrf_token_called)
def test_never_cache(self):
request = self.factory.get('/browserid/csrf/')
response = self.view.get(request)
eq_(response['Cache-Control'], 'max-age=0')
def __init__(self, request=None):
# Get basic auth (username/password) for
# xqueue connection if it's in the settings
if settings.XQUEUE_INTERFACE.get('basic_auth') is not None:
requests_auth = HTTPBasicAuth(
*settings.XQUEUE_INTERFACE['basic_auth'])
else:
requests_auth = None
if request is None:
factory = RequestFactory()
self.request = factory.get('/')
else:
self.request = request
self.xqueue_interface = XQueueInterface(
settings.XQUEUE_INTERFACE['url'],
settings.XQUEUE_INTERFACE['django_auth'],
requests_auth,
)
self.whitelist = CertificateWhitelist.objects.all()
self.restricted = UserProfile.objects.filter(allow_certificate=False)
self.use_https = True
def call_view(
self,
view_name,
mock_request,
user=None,
post_params=None,
view_args=None
):
self._set_mock_request_data(
mock_request,
{
"user_id": str(self.student.id),
"group_id": self.student_cohort.id,
"closed": False,
"type": "thread"
}
)
mock_request.return_value.status_code = 200
request = RequestFactory().post("dummy_url", post_params or {})
request.user = user or self.student
request.view_name = view_name
return getattr(views, view_name)(
request,
course_id=self.course.id.to_deprecated_string(),
thread_id="dummy",
**(view_args or {})
)
def create_get_request(user, path):
rf = RequestFactory()
get_request = rf.get(path)
get_request.user = user
get_request.session = dict()
return get_request
def test_should_use_detail_template(self):
request = RequestFactory().get("/")
request.session = {"tsuru_token":"admin"}
with mock.patch("requests.get") as get:
get.return_value = mock.Mock(status_code=200, json={})
response = AppDetail.as_view()(request, app_name="app1")
self.assertEqual("apps/details.html", response.template_name)
def test_new_user(self):
"""Tests that new users get redirected to new_user page"""
# Create a user that has no profile--this is the sign that the
# user is new!
new_user = UserFactory(profile=None)
self.client_login_user(new_user)
# Now do some ridiculous setup so we can call login_success()
# on the Verify and see if it did what it should be doing.
# FIXME - this can go away post django-browserid 0.9
new_user.backend = 'django_browserid.auth.BrowserIDBackend'
post_request = RequestFactory().post(reverse('browserid.login'))
post_request.user = new_user
post_request.session = self.client.session
fv = FjordVerify()
fv.user = new_user
fv.request = post_request
resp = fv.login_success()
eq_(200, resp.status_code)
body = json.loads(resp.content)
eq_(body['redirect'], reverse('new-user-view'))
def test_should_redirect_to_login_page_if_user_is_not_authenticated(self):
request = RequestFactory().get('/')
request.session = {}
response = StubView.as_view()(request)
self.assertIsInstance(response, HttpResponseRedirect)
expected_url = "%s?next=%s" % (reverse('login'), request.path)
self.assertEqual(expected_url, response['Location'])
def test_login_blocked_for_non_standard_login_views_with_msg(self):
"""
Check that a view wich returns the expected status code and the
expected message is causing the IP to be locked out.
"""
@watch_login(status_code=401, msg='Invalid credentials')
def fake_api_401_login_view_without_msg(request):
""" Fake the api login with 401 """
return HttpResponse('Sorry, Invalid credentials',
status=401)
request_factory = RequestFactory()
request = request_factory.post('api/login')
request.user = AnonymousUser()
request.session = SessionStore()
request.META['HTTP_X_FORWARDED_FOR'] = '192.168.24.24'
for _ in range(3):
fake_api_401_login_view_without_msg(request)
data_out = utils.get_blocked_ips()
self.assertEqual(data_out, [])
fake_api_401_login_view_without_msg(request)
data_out = utils.get_blocked_ips()
self.assertEqual(data_out, ['192.168.24.24'])
def dump_app(id, **kw):
from mkt.webapps.serializers import AppSerializer
# Because @robhudson told me to.
# Note: not using storage because all these operations should be local.
target_dir = os.path.join(settings.DUMPED_APPS_PATH, 'apps',
str(id / 1000))
target_file = os.path.join(target_dir, str(id) + '.json')
try:
obj = Webapp.objects.get(pk=id)
except Webapp.DoesNotExist:
task_log.info(u'Webapp does not exist: {0}'.format(id))
return
req = RequestFactory().get('/')
req.user = AnonymousUser()
req.REGION = RESTOFWORLD
if not os.path.exists(target_dir):
os.makedirs(target_dir)
task_log.info('Dumping app {0} to {1}'.format(id, target_file))
res = AppSerializer(obj, context={'request': req}).data
json.dump(res, open(target_file, 'w'), cls=JSONEncoder)
return target_file
class GetNetTest(TestCase):
def setUp(self):
self.factory = RequestFactory()
self.url = reverse('calendar:list')
def test_valid_next(self):
url = self.url + '?cal_next=1'
req = self.factory.get(url)
net = get_net(req)
self.assertEqual(net, 1)
def test_valid_prev(self):
url = self.url + '?cal_prev=1'
req = self.factory.get(url)
net = get_net(req)
self.assertEqual(net, -1)
def test_invalid(self):
url = self.url + '?cal_next=nann'
req = self.factory.get(url)
net = get_net(req)
self.assertEqual(net, 0)
def test_valid_next_and_prev(self):
url = self.url + '?cal_next=1&cal_prev=2'
req = self.factory.get(url)
net = get_net(req)
self.assertEqual(net, -1)
def test_create_account(self):
# Create a new account, which should have empty account settings by default.
create_account(self.USERNAME, self.PASSWORD, self.EMAIL)
# Retrieve the account settings
user = User.objects.get(username=self.USERNAME)
request = RequestFactory().get("/api/user/v1/accounts/")
request.user = user
account_settings = get_account_settings(request)
# Expect a date joined field but remove it to simplify the following comparison
self.assertIsNotNone(account_settings['date_joined'])
del account_settings['date_joined']
# Expect all the values to be defaulted
self.assertEqual(account_settings, {
'username': self.USERNAME,
'email': self.EMAIL,
'name': u'',
'gender': None,
'goals': None,
'is_active': False,
'level_of_education': None,
'mailing_address': None,
'year_of_birth': None,
'country': None,
'bio': None,
'profile_image': {
'has_image': False,
'image_url_full': request.build_absolute_uri('/static/default_50.png'),
'image_url_small': request.build_absolute_uri('/static/default_10.png'),
},
'requires_parental_consent': True,
'language_proficiencies': [],
})
def _verify_cohort_settings_response(self, expected_response):
""" Verify that the response was successful and matches the expected JSON payload. """
request = RequestFactory().get("dummy_url")
request.user = AdminFactory()
response = cohorting_settings(request, unicode(self.course.id))
self.assertEqual(200, response.status_code)
self.assertEqual(expected_response, json.loads(response.content))
def testGetSubdomainMiddleware5(self):
"Test GetSubdomainMiddleware.process_request populates the variables we need correctly"
rf = RequestFactory(domain = 'boox.notfoo.tld')
request = rf.request()
middleware = GetSubdomainMiddleware()
middleware.process_request(request)
self.assertEqual(request.META['domain'], 'boox.notfoo.tld')
def test_returns_valid_view(self):
rf = RequestFactory()
request = rf.get('/page-1/')
request.user = AnonymousUser()
response = page_dispatch(request)
self.assertEqual(200, response.status_code)
self.assertIsInstance(response, TemplateResponse)
def test_serialize_object_with_cache_copy(self):
"""Testing WebAPIResource.serialize_object always returns a copy of
the cached data
"""
class TestObject(object):
my_field = 'abc'
request = RequestFactory().request()
request.user = User()
resource = WebAPIResource()
resource.fields = {
'my_field': {
'type': six.text_type,
}
}
obj = TestObject()
# We check this three times, since prior to Djblets 2.0.20, we would
# first return a copy of the newly-generated data, then the cached
# copy of the original data, and then the cached copy again (which
# would no longer be untouched).
data = resource.serialize_object(obj, request=request)
self.assertIn('my_field', data)
del data['my_field']
data = resource.serialize_object(obj, request=request)
self.assertIn('my_field', data)
del data['my_field']
data = resource.serialize_object(obj, request=request)
self.assertIn('my_field', data)
def __init__(self, request=None):
# MakoMiddleware Note:
# Line below has the side-effect of writing to a module level lookup
# table that will allow problems to render themselves. If this is not
# present, problems that a student hasn't seen will error when loading,
# causing the grading system to under-count the possible score and
# inflate their grade. This dependency is bad and was probably recently
# introduced. This is the bandage until we can trace the root cause.
m = MakoMiddleware()
# Get basic auth (username/password) for
# xqueue connection if it's in the settings
if settings.XQUEUE_INTERFACE.get('basic_auth') is not None:
requests_auth = HTTPBasicAuth(
*settings.XQUEUE_INTERFACE['basic_auth'])
else:
requests_auth = None
if request is None:
factory = RequestFactory()
self.request = factory.get('/')
else:
self.request = request
self.xqueue_interface = XQueueInterface(
settings.XQUEUE_INTERFACE['url'],
settings.XQUEUE_INTERFACE['django_auth'],
requests_auth,
)
self.whitelist = CertificateWhitelist.objects.all()
self.restricted = UserProfile.objects.filter(allow_certificate=False)
class LoginViewTestCase(unittest.TestCase):
def setUp(self):
self.factory = RequestFactory()
def test_get(self):
request = self.factory.get(reverse("account_login"))
request.user = AnonymousUser()
response = LoginView.as_view()(request)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.template_name, ["account/login.html"])
def test_get_disabled(self):
request = self.factory.get(reverse("account_login"))
request.user = AnonymousUser()
response = LoginDisabledView.as_view()(request)
self.assertEqual(response.status_code, 200)
def test_post_disabled(self):
request = self.factory.post(reverse("account_login"))
request.user = AnonymousUser()
response = LoginDisabledView.as_view()(request)
self.assertEqual(response.status_code, 403)
def test_custom_redirect_field(self):
request = self.factory.request()
request.GET = {"next_page": "/profile/"}
form = LoginUsernameForm({"username": "******", "password": "******"})
view = LoginRedirectView(request=request, redirect_field_name="next_page")
self.assertEqual("/profile/", view.form_valid(form)["Location"])
def test_toc_toy_from_section(self):
chapter = 'Overview'
chapter_url = '%s/%s/%s' % ('/courses', self.course_name, chapter)
section = 'Welcome'
factory = RequestFactory()
request = factory.get(chapter_url)
field_data_cache = FieldDataCache.cache_for_descriptor_descendents(
self.toy_course.id, self.portal_user, self.toy_course, depth=2)
expected = ([{'active': True, 'sections':
[{'url_name': 'Toy_Videos', 'display_name': u'Toy Videos', 'graded': True,
'format': u'Lecture Sequence', 'due': None, 'active': False},
{'url_name': 'Welcome', 'display_name': u'Welcome', 'graded': True,
'format': '', 'due': None, 'active': True},
{'url_name': 'video_123456789012', 'display_name': 'Test Video', 'graded': True,
'format': '', 'due': None, 'active': False},
{'url_name': 'video_4f66f493ac8f', 'display_name': 'Video', 'graded': True,
'format': '', 'due': None, 'active': False}],
'url_name': 'Overview', 'display_name': u'Overview'},
{'active': False, 'sections':
[{'url_name': 'toyvideo', 'display_name': 'toyvideo', 'graded': True,
'format': '', 'due': None, 'active': False}],
'url_name': 'secret:magic', 'display_name': 'secret:magic'}])
actual = render.toc_for_course(self.portal_user, request, self.toy_course, chapter, section, field_data_cache)
for toc_section in expected:
self.assertIn(toc_section, actual)
def test_context_processor(self):
""" Test wishlist_items context processor. """
# Create one item for testing
item = G(WishlistItem)
# Request factory and request
factory = RequestFactory()
request = factory.get('/')
# Anonymous user
request.user = AnonymousUser()
# No context for anonymous users
result = wishlist_items(request)
self.assertEquals(result, {})
# User set, should return items for user
request.user = item.user
result = wishlist_items(request)
self.assertEquals(len(result['wishlist_items']), 1)
self.assertEquals(
result['wishlist_items'][0],
WishlistItem.objects.for_user(user=item.user)[0]
)
def test_valid_key(self):
"""Make sure the key is valid"""
actual_ip_plus_desc = actual_ip_plus_context(
lambda req: req.POST.get('description', 'no description')
)
url = reverse('feedback')
factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP='192.168.100.101')
# create a request with this as the description
desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16
req = factory.post(url, {
'description': desc
})
key = actual_ip_plus_desc(req)
# Key can't exceed memcached 250 character max
length = len(key)
assert length < 250
# Key must be a string
assert isinstance(key, str)
# create a request with this as the description
second_desc = u'\u62e9\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d' * 16
second_req = factory.post(url, {
'description': second_desc
})
second_key = actual_ip_plus_desc(second_req)
# Two descriptions with the same ip address should produce
# different keys.
assert key != second_key
def setUp(self):
super(VerifyCourseKeyDecoratorTests, self).setUp()
self.request = RequestFactory().get("foo")
self.valid_course_id = "edX/test/1"
self.invalid_course_id = "edX/"
def test_download_template(self, render_mock):
req = RequestFactory().get('/firefox/new/')
req.locale = 'en-US'
views.new(req)
render_mock.assert_called_once_with(
req, 'firefox/new/trailhead/download.html', ANY)
def _request(self, data, expected_status=200, locale='en-US'):
req = RequestFactory().post('/', data)
req.locale = locale
resp = views.send_to_device_ajax(req)
assert resp.status_code == expected_status
return json.loads(resp.content)
class ViewTestCase(RepoTestCase):
def setUp(self):
super(ViewTestCase, self).setUp()
# Many tests needs access to the request factory.
self.factory = RequestFactory()
# Create user
self.user = User.objects.create_user(
'testuser',
'*****@*****.**',
'testpassword',
first_name='Weblate Test',
)
# Create profile for him
Profile.objects.create(user=self.user)
# Create project to have some test base
self.subproject = self.create_subproject()
self.project = self.subproject.project
# Login
self.client.login(username='******', password='******')
# Prepopulate kwargs
self.kw_project = {'project': self.project.slug}
self.kw_subproject = {
'project': self.project.slug,
'subproject': self.subproject.slug,
}
self.kw_translation = {
'project': self.project.slug,
'subproject': self.subproject.slug,
'lang': 'cs',
}
self.kw_lang_project = {
'project': self.project.slug,
'lang': 'cs',
}
# Store URL for testing
self.translation_url = self.get_translation().get_absolute_url()
self.project_url = self.project.get_absolute_url()
self.subproject_url = self.subproject.get_absolute_url()
def make_manager(self):
"""
Makes user a Manager.
"""
group = Group.objects.get(name='Managers')
self.user.groups.add(group)
def get_request(self, *args, **kwargs):
'''
Wrapper to get fake request object.
'''
request = self.factory.get(*args, **kwargs)
request.user = self.user
setattr(request, 'session', 'session')
messages = FallbackStorage(request)
setattr(request, '_messages', messages)
return request
def get_translation(self):
return self.subproject.translation_set.get(language_code='cs')
def get_unit(self, source='Hello, world!\n'):
translation = self.get_translation()
return translation.unit_set.get(source__startswith=source)
def change_unit(self, target):
unit = self.get_unit()
unit.target = target
unit.save_backend(self.get_request('/'))
def edit_unit(self, source, target, **kwargs):
'''
Does edit single unit using web interface.
'''
unit = self.get_unit(source)
params = {
'checksum': unit.checksum,
'target_0': target,
}
params.update(kwargs)
return self.client.post(self.get_translation().get_translate_url(),
params)
def assertRedirectsOffset(self, response, exp_path, exp_offset):
'''
Asserts that offset in response matches expected one.
'''
self.assertEqual(response.status_code, 302)
# We don't use all variables
# pylint: disable=W0612
scheme, netloc, path, query, fragment = urlsplit(response['Location'])
self.assertEqual(path, exp_path)
exp_offset = 'offset=%d' % exp_offset
self.assertTrue(exp_offset in query,
'Offset %s not in %s' % (exp_offset, query))
def assertPNG(self, response):
'''
Checks whether response contains valid PNG image.
'''
# Check response status code
self.assertEqual(response.status_code, 200)
self.assertPNGData(response.content)
def assertPNGData(self, content):
"""Checks whether data is PNG image"""
# Try to load PNG with PIL
image = Image.open(BytesIO(content))
self.assertEqual(image.format, 'PNG')
def assertSVG(self, response):
"""
Checks whether response is a SVG image.
"""
# Check response status code
self.assertEqual(response.status_code, 200)
dom = minidom.parseString(response.content)
self.assertEqual(dom.firstChild.nodeName, 'svg')
def assertBackend(self, expected_translated):
'''
Checks that backend has correct data.
'''
translation = self.get_translation()
store = translation.subproject.file_format_cls(
translation.get_filename(), None)
messages = set()
translated = 0
for unit in store.all_units():
if not unit.is_translatable():
continue
checksum = unit.get_checksum()
self.assertFalse(checksum in messages,
'Duplicate string in in backend file!')
if unit.is_translated():
translated += 1
self.assertEqual(
translated, expected_translated,
'Did not found expected number of ' +
'translations ({0} != {1}).'.format(translated,
expected_translated))
def setUp(self):
super(MiddlewareTest, self).setUp()
self.rf = RequestFactory()
self.middleware = LocaleAndAppURLMiddleware()
def split_eq(url, locale, app, path):
rf = RequestFactory()
prefixer = urlresolvers.Prefixer(rf.get(url))
actual = (prefixer.locale, prefixer.app, prefixer.shortened_path)
assert actual == (locale, app, path)
class MiddlewareTest(TestCase):
"""Tests that the locale and app redirection work properly."""
def setUp(self):
super(MiddlewareTest, self).setUp()
self.rf = RequestFactory()
self.middleware = LocaleAndAppURLMiddleware()
def test_redirection(self):
redirections = {
'/': '/en-US/firefox/',
'/en-US': '/en-US/firefox/',
'/firefox': '/en-US/firefox/',
'/android': '/en-US/android/',
# Make sure we don't mess with trailing slashes.
'/addon/1/': '/en-US/firefox/addon/1/',
'/addon/1': '/en-US/firefox/addon/1',
# Check an invalid locale.
'/sda/firefox/addon/1': '/en-US/firefox/addon/1',
# Check a consolidated language (e.g. es-* -> es).
'/es-ES/firefox/addon/1': '/es/firefox/addon/1',
'/es-PE/firefox/addon/1': '/es/firefox/addon/1',
# /developers doesn't get an app.
'/developers': '/en-US/developers',
# Check basic use-cases with a 'lang' GET parameter:
'/?lang=fr': '/fr/firefox/',
'/addon/1/?lang=fr': '/fr/firefox/addon/1/',
'/addon/1?lang=fr': '/fr/firefox/addon/1',
'/firefox?lang=fr': '/fr/firefox/',
'/developers?lang=fr': '/fr/developers',
}
for path, location in redirections.items():
response = self.middleware.process_request(self.rf.get(path))
assert response.status_code == 302
assert response['Location'] == location
def process(self, *args, **kwargs):
self.request = self.rf.get(*args, **kwargs)
return self.middleware.process_request(self.request)
def test_no_redirect(self):
# /services doesn't get an app or locale.
response = self.process('/services')
assert response is None
# Things matching settings.SUPPORTED_NONAPPS_NONLOCALES_REGEX don't get
# a redirect either, even if they have a lang GET parameter.
with self.settings(SUPPORTED_NONAPPS_NONLOCALES_REGEX=r'^lol'):
response = self.process('/lol?lang=fr')
assert self.request.LANG == 'fr'
assert response is None
response = self.process('/lol')
assert self.request.LANG == 'en-US'
assert response is None
def test_v3_api_no_redirect(self):
response = self.process('/api/v3/some/endpoint/')
assert response is None
response = self.process('/api/v4/some/endpoint/')
assert response is None
def test_v1_api_is_identified_as_api_request(self):
response = self.process('/en-US/firefox/api/')
assert response is None
assert self.request.LANG == 'en-US'
assert self.request.is_legacy_api
# double-check _only_ /api/ is marked as .is_api
response = self.process('/en-US/firefox/apii/')
assert response is None
assert self.request.LANG == 'en-US'
assert not self.request.is_legacy_api
def test_vary(self):
response = self.process('/')
assert response['Vary'] == 'Accept-Language, User-Agent'
response = self.process('/firefox')
assert response['Vary'] == 'Accept-Language'
response = self.process('/en-US')
assert response['Vary'] == 'User-Agent'
def test_no_redirect_with_script(self):
response = self.process('/services', SCRIPT_NAME='/oremj')
assert response is None
def test_get_app(self):
def check(url, expected, ua):
response = self.process(url, HTTP_USER_AGENT=ua)
assert response['Location'] == expected
check('/en-US/', '/en-US/firefox/', 'Firefox')
# Android can found by its user agent.
check('/en-US/', '/en-US/android/', 'Fennec/12.0.1')
check('/en-US/', '/en-US/android/', 'Fennec/12')
check('/en-US/', '/en-US/android/', 'Fennec/11.0')
# And the user agent changed again.
check(
'/en-US/', '/en-US/android/',
'Mozilla/5.0 (Android; Mobile; rv:17.0) Gecko/17.0 Firefox/17.0')
# And the user agent yet changed again.
check('/en-US/', '/en-US/android/',
'Mozilla/5.0 (Mobile; rv:18.0) Gecko/18.0 Firefox/18.0')
# And the tablet user agent yet changed again!
check(
'/en-US/', '/en-US/android/',
'Mozilla/5.0 (Android; Tablet; rv:18.0) Gecko/18.0 Firefox/18.0')
def test_get_lang(self):
def check(url, expected):
response = self.process(url)
self.assertUrlEqual(response['Location'], expected)
check('/services?lang=fr', '/services')
check('/en-US/firefox?lang=fr', '/fr/firefox/')
check('/de/admin/?lang=fr&foo=bar', '/fr/admin/?foo=bar')
check('/en-US/firefox/?lang=fake', '/en-US/firefox/')
check('/firefox/?lang=fr', '/fr/firefox/')
check('/firefox/?lang=fake', '/en-US/firefox/')
check('/en-US/extensions/?foo=fooval&bar=barval&lang=fr',
'/fr/firefox/extensions/?foo=fooval&bar=barval')
check('/en-US/firefox?lang=es-PE', '/es/firefox/')
class BaseDueDateTests(ModuleStoreTestCase):
"""
Base class that verifies that due dates are rendered correctly on a page
"""
__test__ = False
def get_text(self, course): # pylint: disable=unused-argument
"""Return the rendered text for the page to be verified"""
raise NotImplementedError
def set_up_course(self, **course_kwargs):
"""
Create a stock course with a specific due date.
:param course_kwargs: All kwargs are passed to through to the :class:`CourseFactory`
"""
course = CourseFactory.create(**course_kwargs)
chapter = ItemFactory.create(category='chapter', parent_location=course.location) # pylint: disable=no-member
section = ItemFactory.create(category='sequential', parent_location=chapter.location, due=datetime(2013, 9, 18, 11, 30, 00))
vertical = ItemFactory.create(category='vertical', parent_location=section.location)
ItemFactory.create(category='problem', parent_location=vertical.location)
course = modulestore().get_course(course.id) # pylint: disable=no-member
self.assertIsNotNone(course.get_children()[0].get_children()[0].due)
return course
def setUp(self):
super(BaseDueDateTests, self).setUp()
self.request_factory = RequestFactory()
self.user = UserFactory.create()
self.request = self.request_factory.get("foo")
self.request.user = self.user
self.time_with_tz = "due Sep 18, 2013 at 11:30 UTC"
self.time_without_tz = "due Sep 18, 2013 at 11:30"
def test_backwards_compatability(self):
# The test course being used has show_timezone = False in the policy file
# (and no due_date_display_format set). This is to test our backwards compatibility--
# in course_module's init method, the date_display_format will be set accordingly to
# remove the timezone.
course = self.set_up_course(due_date_display_format=None, show_timezone=False)
text = self.get_text(course)
self.assertIn(self.time_without_tz, text)
self.assertNotIn(self.time_with_tz, text)
# Test that show_timezone has been cleared (which means you get the default value of True).
self.assertTrue(course.show_timezone)
def test_defaults(self):
course = self.set_up_course()
text = self.get_text(course)
self.assertIn(self.time_with_tz, text)
def test_format_none(self):
# Same for setting the due date to None
course = self.set_up_course(due_date_display_format=None)
text = self.get_text(course)
self.assertIn(self.time_with_tz, text)
def test_format_plain_text(self):
# plain text due date
course = self.set_up_course(due_date_display_format="foobar")
text = self.get_text(course)
self.assertNotIn(self.time_with_tz, text)
self.assertIn("due foobar", text)
def test_format_date(self):
# due date with no time
course = self.set_up_course(due_date_display_format=u"%b %d %y")
text = self.get_text(course)
self.assertNotIn(self.time_with_tz, text)
self.assertIn("due Sep 18 13", text)
def test_format_hidden(self):
# hide due date completely
course = self.set_up_course(due_date_display_format=u"")
text = self.get_text(course)
self.assertNotIn("due ", text)
def test_format_invalid(self):
# improperly formatted due_date_display_format falls through to default
# (value of show_timezone does not matter-- setting to False to make that clear).
course = self.set_up_course(due_date_display_format=u"%%%", show_timezone=False)
text = self.get_text(course)
self.assertNotIn("%%%", text)
self.assertIn(self.time_with_tz, text)
def setUp(self):
super(TestCourseWaffleFlag, self).setUp()
request = RequestFactory().request()
crum.set_current_request(request)
RequestCache.clear_request_cache()
def setUp(self):
super(StartDateTests, self).setUp()
self.request_factory = RequestFactory()
self.user = UserFactory.create()
self.request = self.request_factory.get("foo")
self.request.user = self.user
def namespaced_request():
rf = RequestFactory()
return rf.get('/namespaced_path/test/')
class ViewsTestCase(ModuleStoreTestCase):
"""
Tests for views.py methods.
"""
def setUp(self):
super(ViewsTestCase, self).setUp()
self.course = CourseFactory.create()
self.chapter = ItemFactory.create(category='chapter', parent_location=self.course.location) # pylint: disable=no-member
self.section = ItemFactory.create(category='sequential', parent_location=self.chapter.location, due=datetime(2013, 9, 18, 11, 30, 00))
self.vertical = ItemFactory.create(category='vertical', parent_location=self.section.location)
self.component = ItemFactory.create(category='problem', parent_location=self.vertical.location)
self.course_key = self.course.id
self.user = UserFactory(username='******', password='******', email='*****@*****.**')
self.date = datetime(2013, 1, 22, tzinfo=UTC)
self.enrollment = CourseEnrollment.enroll(self.user, self.course_key)
self.enrollment.created = self.date
self.enrollment.save()
self.request_factory = RequestFactory()
chapter = 'Overview'
self.chapter_url = '%s/%s/%s' % ('/courses', self.course_key, chapter)
self.org = u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"
self.org_html = "<p>'+Stark/Industries+'</p>"
@unittest.skipUnless(settings.FEATURES.get('ENABLE_SHOPPING_CART'), "Shopping Cart not enabled in settings")
@patch.dict(settings.FEATURES, {'ENABLE_PAID_COURSE_REGISTRATION': True})
def test_course_about_in_cart(self):
in_cart_span = '<span class="add-to-cart">'
# don't mock this course due to shopping cart existence checking
course = CourseFactory.create(org="new", number="unenrolled", display_name="course")
request = self.request_factory.get(reverse('about_course', args=[course.id.to_deprecated_string()]))
request.user = AnonymousUser()
response = views.course_about(request, course.id.to_deprecated_string())
self.assertEqual(response.status_code, 200)
self.assertNotIn(in_cart_span, response.content)
# authenticated user with nothing in cart
request.user = self.user
response = views.course_about(request, course.id.to_deprecated_string())
self.assertEqual(response.status_code, 200)
self.assertNotIn(in_cart_span, response.content)
# now add the course to the cart
cart = shoppingcart.models.Order.get_cart_for_user(self.user)
shoppingcart.models.PaidCourseRegistration.add_to_order(cart, course.id)
response = views.course_about(request, course.id.to_deprecated_string())
self.assertEqual(response.status_code, 200)
self.assertIn(in_cart_span, response.content)
def test_user_groups(self):
# depreciated function
mock_user = MagicMock()
mock_user.is_authenticated.return_value = False
self.assertEqual(views.user_groups(mock_user), [])
def test_get_current_child(self):
self.assertIsNone(views.get_current_child(MagicMock()))
mock_xmodule = MagicMock()
mock_xmodule.position = -1
mock_xmodule.get_display_items.return_value = ['one', 'two']
self.assertEqual(views.get_current_child(mock_xmodule), 'one')
mock_xmodule_2 = MagicMock()
mock_xmodule_2.position = 3
mock_xmodule_2.get_display_items.return_value = []
self.assertIsNone(views.get_current_child(mock_xmodule_2))
def test_redirect_to_course_position(self):
mock_module = MagicMock()
mock_module.descriptor.id = 'Underwater Basketweaving'
mock_module.position = 3
mock_module.get_display_items.return_value = []
self.assertRaises(Http404, views.redirect_to_course_position,
mock_module, views.CONTENT_DEPTH)
def test_invalid_course_id(self):
response = self.client.get('/courses/MITx/3.091X/')
self.assertEqual(response.status_code, 404)
def test_incomplete_course_id(self):
response = self.client.get('/courses/MITx/')
self.assertEqual(response.status_code, 404)
def test_index_invalid_position(self):
request_url = '/'.join([
'/courses',
self.course.id.to_deprecated_string(),
'courseware',
self.chapter.location.name,
self.section.location.name,
'f'
])
self.client.login(username=self.user.username, password="******")
response = self.client.get(request_url)
self.assertEqual(response.status_code, 404)
@unittest.skip
def test_unicode_handling_in_url(self):
url_parts = [
'/courses',
self.course.id.to_deprecated_string(),
'courseware',
self.chapter.location.name,
self.section.location.name,
'1'
]
self.client.login(username=self.user.username, password="******")
for idx, val in enumerate(url_parts):
url_parts_copy = url_parts[:]
url_parts_copy[idx] = val + u'χ'
request_url = '/'.join(url_parts_copy)
response = self.client.get(request_url)
self.assertEqual(response.status_code, 404)
def test_registered_for_course(self):
self.assertFalse(views.registered_for_course('Basketweaving', None))
mock_user = MagicMock()
mock_user.is_authenticated.return_value = False
self.assertFalse(views.registered_for_course('dummy', mock_user))
mock_course = MagicMock()
mock_course.id = self.course_key
self.assertTrue(views.registered_for_course(mock_course, self.user))
@override_settings(PAID_COURSE_REGISTRATION_CURRENCY=["USD", "$"])
def test_get_cosmetic_display_price(self):
"""
Check that get_cosmetic_display_price() returns the correct price given its inputs.
"""
registration_price = 99
self.course.cosmetic_display_price = 10
# Since registration_price is set, it overrides the cosmetic_display_price and should be returned
self.assertEqual(views.get_cosmetic_display_price(self.course, registration_price), "$99")
registration_price = 0
# Since registration_price is not set, cosmetic_display_price should be returned
self.assertEqual(views.get_cosmetic_display_price(self.course, registration_price), "$10")
self.course.cosmetic_display_price = 0
# Since both prices are not set, there is no price, thus "Free"
self.assertEqual(views.get_cosmetic_display_price(self.course, registration_price), "Free")
def test_jump_to_invalid(self):
# TODO add a test for invalid location
# TODO add a test for no data *
request = self.request_factory.get(self.chapter_url)
self.assertRaisesRegexp(Http404, 'Invalid course_key or usage_key', views.jump_to,
request, 'bar', ())
@unittest.skip
def test_no_end_on_about_page(self):
# Toy course has no course end date or about/end_date blob
self.verify_end_date('edX/toy/TT_2012_Fall')
@unittest.skip
def test_no_end_about_blob(self):
# test_end has a course end date, no end_date HTML blob
self.verify_end_date("edX/test_end/2012_Fall", "Sep 17, 2015")
@unittest.skip
def test_about_blob_end_date(self):
# test_about_blob_end_date has both a course end date and an end_date HTML blob.
# HTML blob wins
self.verify_end_date("edX/test_about_blob_end_date/2012_Fall", "Learning never ends")
def verify_end_date(self, course_id, expected_end_text=None):
"""
Visits the about page for `course_id` and tests that both the text "Classes End", as well
as the specified `expected_end_text`, is present on the page.
If `expected_end_text` is None, verifies that the about page *does not* contain the text
"Classes End".
"""
request = self.request_factory.get("foo")
request.user = self.user
# TODO: Remove the dependency on MakoMiddleware (by making the views explicitly supply a RequestContext)
MakoMiddleware().process_request(request)
result = views.course_about(request, course_id)
if expected_end_text is not None:
self.assertContains(result, "Classes End")
self.assertContains(result, expected_end_text)
else:
self.assertNotContains(result, "Classes End")
def test_chat_settings(self):
mock_user = MagicMock()
mock_user.username = "******"
mock_course = MagicMock()
mock_course.id = "a/b/c"
# Stub this out in the case that it's not in the settings
domain = "jabber.edx.org"
settings.JABBER_DOMAIN = domain
chat_settings = views.chat_settings(mock_course, mock_user)
# Test the proper format of all chat settings
self.assertEqual(chat_settings['domain'], domain)
self.assertEqual(chat_settings['room'], "a-b-c_class")
self.assertEqual(chat_settings['username'], "johndoe@%s" % domain)
# TODO: this needs to be changed once we figure out how to
# generate/store a real password.
self.assertEqual(chat_settings['password'], "johndoe@%s" % domain)
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': True})
def test_course_mktg_about_coming_soon(self):
# We should not be able to find this course
url = reverse('mktg_about_course', kwargs={'course_id': 'no/course/here'})
response = self.client.get(url, {'org': self.org})
self.assertIn('Coming Soon', response.content)
# Verify that the checkbox is not displayed
self._email_opt_in_checkbox(response)
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': True})
@ddt.data(
# One organization name
(u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ", u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"),
# Two organization names
(",".join([u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"] * 2), u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + " and " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"),
# Three organization names
(",".join([u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"] * 3), u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + ", " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + ", " + "and " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ")
)
@ddt.unpack
def test_course_mktg_register(self, org, org_name_string):
response = self._load_mktg_about(org=org)
self.assertIn('Enroll in', response.content)
self.assertNotIn('and choose your student track', response.content)
# Verify that the checkbox is displayed
self._email_opt_in_checkbox(response, org_name_string)
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': True})
@ddt.data(
# One organization name
(u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ", u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"),
# Two organization names
(",".join([u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"] * 2), u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + " and " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"),
# Three organization names
(",".join([u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ"] * 3), u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + ", " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ" + ", " + "and " + u"ꜱᴛᴀʀᴋ ɪɴᴅᴜꜱᴛʀɪᴇꜱ")
)
@ddt.unpack
def test_course_mktg_register_multiple_modes(self, org, org_name_string):
CourseMode.objects.get_or_create(
mode_slug='honor',
mode_display_name='Honor Code Certificate',
course_id=self.course_key
)
CourseMode.objects.get_or_create(
mode_slug='verified',
mode_display_name='Verified Certificate',
course_id=self.course_key
)
response = self._load_mktg_about(org=org)
self.assertIn('Enroll in', response.content)
self.assertIn('and choose your student track', response.content)
# Verify that the checkbox is displayed
self._email_opt_in_checkbox(response, org_name_string)
# clean up course modes
CourseMode.objects.all().delete()
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': True})
def test_course_mktg_no_organization_name(self):
# Don't pass an organization name as a GET parameter, even though the email
# opt-in feature is enabled.
response = response = self._load_mktg_about()
# Verify that the checkbox is not displayed
self._email_opt_in_checkbox(response)
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': False})
def test_course_mktg_opt_in_disabled(self):
# Pass an organization name as a GET parameter, even though the email
# opt-in feature is disabled.
response = self._load_mktg_about(org=self.org)
# Verify that the checkbox is not displayed
self._email_opt_in_checkbox(response)
@patch.dict(settings.FEATURES, {'ENABLE_MKTG_EMAIL_OPT_IN': True})
def test_course_mktg_organization_html(self):
response = self._load_mktg_about(org=self.org_html)
# Verify that the checkbox is displayed with the organization name
# in the label escaped as expected.
self._email_opt_in_checkbox(response, cgi.escape(self.org_html))
@patch.dict(settings.FEATURES, {
'IS_EDX_DOMAIN': True,
'ENABLE_MKTG_EMAIL_OPT_IN': True
})
def test_mktg_about_language_edx_domain(self):
# Since we're in an edx-controlled domain, and our marketing site
# supports only English, override the language setting
# and use English.
response = self._load_mktg_about(language='eo', org=self.org_html)
self.assertContains(response, "Enroll in")
self.assertContains(response, "and learn about its other programs")
@patch.dict(settings.FEATURES, {'IS_EDX_DOMAIN': False})
def test_mktg_about_language_openedx(self):
# If we're in an OpenEdX installation,
# may want to support languages other than English,
# so respect the language code.
response = self._load_mktg_about(language='eo')
self.assertContains(response, u"Énröll ïn".encode('utf-8'))
def test_submission_history_accepts_valid_ids(self):
# log into a staff account
admin = AdminFactory()
self.client.login(username=admin.username, password='******')
url = reverse('submission_history', kwargs={
'course_id': self.course_key.to_deprecated_string(),
'student_username': '******',
'location': self.component.location.to_deprecated_string(),
})
response = self.client.get(url)
# Tests that we do not get an "Invalid x" response when passing correct arguments to view
self.assertFalse('Invalid' in response.content)
def test_submission_history_xss(self):
# log into a staff account
admin = AdminFactory()
self.client.login(username=admin.username, password='******')
# try it with an existing user and a malicious location
url = reverse('submission_history', kwargs={
'course_id': self.course_key.to_deprecated_string(),
'student_username': '******',
'location': '<script>alert("hello");</script>'
})
response = self.client.get(url)
self.assertFalse('<script>' in response.content)
# try it with a malicious user and a non-existent location
url = reverse('submission_history', kwargs={
'course_id': self.course_key.to_deprecated_string(),
'student_username': '******',
'location': 'dummy'
})
response = self.client.get(url)
self.assertFalse('<script>' in response.content)
def _load_mktg_about(self, language=None, org=None):
"""Retrieve the marketing about button (iframed into the marketing site)
and return the HTTP response.
Keyword Args:
language (string): If provided, send this in the 'Accept-Language' HTTP header.
org (string): If provided, send the string as a GET parameter.
Returns:
Response
"""
# Log in as an administrator to guarantee that we can access the button
admin = AdminFactory()
self.client.login(username=admin.username, password='******')
# If provided, set the language header
headers = {}
if language is not None:
headers['HTTP_ACCEPT_LANGUAGE'] = language
url = reverse('mktg_about_course', kwargs={'course_id': unicode(self.course_key)})
if org:
return self.client.get(url, {'org': org}, **headers)
else:
return self.client.get(url, **headers)
def _email_opt_in_checkbox(self, response, org_name_string=None):
"""Check if the email opt-in checkbox appears in the response content."""
checkbox_html = '<input id="email-opt-in" type="checkbox" name="opt-in" class="email-opt-in" value="true" checked>'
if org_name_string:
# Verify that the email opt-in checkbox appears, and that the expected
# organization name is displayed.
self.assertContains(response, checkbox_html, html=True)
self.assertContains(response, org_name_string)
else:
# Verify that the email opt-in checkbox does not appear
self.assertNotContains(response, checkbox_html, html=True)
def setUp(self):
self.factory = RequestFactory()
self.middleware = RequestMiddle()
self.request_store = RequestStore
self.user = get_user_model().objects.get(id=1)
def test_get(self):
response = self.client.get(self.url)
request = RequestFactory().get(self.url)
self.validate_schema(request, response)
class ModuleRenderTestCase(LoginEnrollmentTestCase):
def setUp(self):
self.location = ['i4x', 'edX', 'toy', 'chapter', 'Overview']
self.course_id = 'edX/toy/2012_Fall'
self.toy_course = modulestore().get_course(self.course_id)
self.mock_user = UserFactory()
self.mock_user.id = 1
self.request_factory = RequestFactory()
# Construct a mock module for the modulestore to return
self.mock_module = MagicMock()
self.mock_module.id = 1
self.dispatch = 'score_update'
# Construct a 'standard' xqueue_callback url
self.callback_url = reverse('xqueue_callback',
kwargs=dict(course_id=self.course_id,
userid=str(self.mock_user.id),
mod_id=self.mock_module.id,
dispatch=self.dispatch))
def test_get_module(self):
self.assertEqual(
None,
render.get_module('dummyuser', None, 'invalid location', None,
None))
def test_module_render_with_jump_to_id(self):
"""
This test validates that the /jump_to_id/<id> shorthand for intracourse linking works assertIn
expected. Note there's a HTML element in the 'toy' course with the url_name 'toyjumpto' which
defines this linkage
"""
mock_request = MagicMock()
mock_request.user = self.mock_user
course = get_course_with_access(self.mock_user, self.course_id, 'load')
model_data_cache = ModelDataCache.cache_for_descriptor_descendents(
self.course_id, self.mock_user, course, depth=2)
module = render.get_module(self.mock_user, mock_request,
['i4x', 'edX', 'toy', 'html', 'toyjumpto'],
model_data_cache, self.course_id)
# get the rendered HTML output which should have the rewritten link
html = module.get_html()
# See if the url got rewritten to the target link
# note if the URL mapping changes then this assertion will break
self.assertIn(
'/courses/' + self.course_id + '/jump_to_id/vertical_test', html)
def test_modx_dispatch(self):
self.assertRaises(Http404, render.modx_dispatch, 'dummy', 'dummy',
'invalid Location', 'dummy')
mock_request = MagicMock()
mock_request.FILES.keys.return_value = ['file_id']
mock_request.FILES.getlist.return_value = ['file'] * (
settings.MAX_FILEUPLOADS_PER_INPUT + 1)
self.assertEquals(
render.modx_dispatch(mock_request, 'dummy', self.location,
'dummy').content,
json.dumps({
'success':
'Submission aborted! Maximum %d files may be submitted at once'
% settings.MAX_FILEUPLOADS_PER_INPUT
}))
mock_request_2 = MagicMock()
mock_request_2.FILES.keys.return_value = ['file_id']
inputfile = Stub()
inputfile.size = 1 + settings.STUDENT_FILEUPLOAD_MAX_SIZE
inputfile.name = 'name'
filelist = [inputfile]
mock_request_2.FILES.getlist.return_value = filelist
self.assertEquals(
render.modx_dispatch(mock_request_2, 'dummy', self.location,
'dummy').content,
json.dumps({
'success':
'Submission aborted! Your file "%s" is too large (max size: %d MB)'
% (inputfile.name, settings.STUDENT_FILEUPLOAD_MAX_SIZE /
(1000**2))
}))
mock_request_3 = MagicMock()
mock_request_3.POST.copy.return_value = {'position': 1}
mock_request_3.FILES = False
mock_request_3.user = self.mock_user
inputfile_2 = Stub()
inputfile_2.size = 1
inputfile_2.name = 'name'
self.assertIsInstance(
render.modx_dispatch(mock_request_3, 'goto_position',
self.location, self.course_id), HttpResponse)
self.assertRaises(Http404, render.modx_dispatch, mock_request_3,
'goto_position', self.location, 'bad_course_id')
self.assertRaises(Http404, render.modx_dispatch, mock_request_3,
'goto_position',
['i4x', 'edX', 'toy', 'chapter', 'bad_location'],
self.course_id)
self.assertRaises(Http404, render.modx_dispatch, mock_request_3,
'bad_dispatch', self.location, self.course_id)
def test_xqueue_callback_success(self):
"""
Test for happy-path xqueue_callback
"""
fake_key = 'fake key'
xqueue_header = json.dumps({'lms_key': fake_key})
data = {
'xqueue_header': xqueue_header,
'xqueue_body': 'hello world',
}
# Patch getmodule to return our mock module
with patch('courseware.module_render.find_target_student_module'
) as get_fake_module:
get_fake_module.return_value = self.mock_module
# call xqueue_callback with our mocked information
request = self.request_factory.post(self.callback_url, data)
render.xqueue_callback(request, self.course_id, self.mock_user.id,
self.mock_module.id, self.dispatch)
# Verify that handle ajax is called with the correct data
request.POST['queuekey'] = fake_key
self.mock_module.handle_ajax.assert_called_once_with(
self.dispatch, request.POST)
def test_xqueue_callback_missing_header_info(self):
data = {
'xqueue_header': '{}',
'xqueue_body': 'hello world',
}
with patch('courseware.module_render.find_target_student_module'
) as get_fake_module:
get_fake_module.return_value = self.mock_module
# Test with missing xqueue data
with self.assertRaises(Http404):
request = self.request_factory.post(self.callback_url, {})
render.xqueue_callback(request, self.course_id,
self.mock_user.id, self.mock_module.id,
self.dispatch)
# Test with missing xqueue_header
with self.assertRaises(Http404):
request = self.request_factory.post(self.callback_url, data)
render.xqueue_callback(request, self.course_id,
self.mock_user.id, self.mock_module.id,
self.dispatch)
def test_get_score_bucket(self):
self.assertEquals(render.get_score_bucket(0, 10), 'incorrect')
self.assertEquals(render.get_score_bucket(1, 10), 'partial')
self.assertEquals(render.get_score_bucket(10, 10), 'correct')
# get_score_bucket calls error cases 'incorrect'
self.assertEquals(render.get_score_bucket(11, 10), 'incorrect')
self.assertEquals(render.get_score_bucket(-1, 10), 'incorrect')
def test_anonymous_modx_dispatch(self):
dispatch_url = reverse('modx_dispatch',
args=[
'edX/toy/2012_Fall',
'i4x://edX/toy/videosequence/Toy_Videos',
'goto_position'
])
response = self.client.post(dispatch_url, {'position': 2})
self.assertEquals(403, response.status_code)
def unnamed_request():
rf = RequestFactory()
return rf.get('/unnamed_path/')
def setUp(self):
"""Setup test case by adding primary user."""
super(SSLClientTest, self).setUp()
self.client = Client()
self.factory = RequestFactory()
self.mock = Mock()
def setUp(self):
self.factory = RequestFactory()
def setUp(self):
super().setUp()
request = RequestFactory().request()
self.addCleanup(crum.set_current_request, None)
crum.set_current_request(request)
RequestCache.clear_all_namespaces()
def test_toc_toy_from_section(self):
chapter = 'Overview'
chapter_url = '%s/%s/%s' % ('/courses', self.course_name, chapter)
section = 'Welcome'
factory = RequestFactory()
request = factory.get(chapter_url)
model_data_cache = ModelDataCache.cache_for_descriptor_descendents(
self.toy_course.id, self.portal_user, self.toy_course, depth=2)
expected = ([{
'active':
True,
'sections': [{
'url_name': 'Toy_Videos',
'display_name': u'Toy Videos',
'graded': True,
'format': u'Lecture Sequence',
'due': None,
'active': False
}, {
'url_name': 'Welcome',
'display_name': u'Welcome',
'graded': True,
'format': '',
'due': None,
'active': True
}, {
'url_name': 'video_123456789012',
'display_name': 'Test Video',
'graded': True,
'format': '',
'due': None,
'active': False
}, {
'url_name': 'video_4f66f493ac8f',
'display_name': 'Video',
'graded': True,
'format': '',
'due': None,
'active': False
}],
'url_name':
'Overview',
'display_name':
u'Overview'
}, {
'active':
False,
'sections': [{
'url_name': 'toyvideo',
'display_name': 'toyvideo',
'graded': True,
'format': '',
'due': None,
'active': False
}],
'url_name':
'secret:magic',
'display_name':
'secret:magic'
}])
actual = render.toc_for_course(self.portal_user, request,
self.toy_course, chapter, section,
model_data_cache)
for toc_section in expected:
self.assertIn(toc_section, actual)
def setUp(self):
self.maxDiff = None
self.request = RequestFactory().get("/")
self.request.session = {"tsuru_token": "admin"}
class TestPasswordPolicy(TestCase):
"""
Go through some password policy tests to make sure things are properly working
"""
def setUp(self):
super(TestPasswordPolicy, self).setUp()
self.url = reverse('create_account')
self.request_factory = RequestFactory()
self.url_params = {
'username': '******',
'email': '*****@*****.**',
'name': 'username',
'terms_of_service': 'true',
'honor_code': 'true',
}
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 6})
])
def test_password_length_too_short(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password is too short. It must contain at least 6 characters.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 6})
])
def test_password_length_long_enough(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MaximumLengthValidator',
{'max_length': 12})
])
def test_password_length_too_long(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password is too long. It must contain no more than 12 characters.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.UppercaseValidator',
{'min_upper': 3})
])
def test_password_not_enough_uppercase(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password must contain at least 3 uppercase letters.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.UppercaseValidator',
{'min_upper': 3})
])
def test_password_enough_uppercase(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.LowercaseValidator',
{'min_lower': 3})
])
def test_password_not_enough_lowercase(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password must contain at least 3 lowercase letters.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.LowercaseValidator',
{'min_lower': 3})
])
def test_password_enough_lowercase(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.PunctuationValidator',
{'min_punctuation': 3})
])
def test_not_enough_punctuations(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password must contain at least 3 punctuation marks.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.PunctuationValidator',
{'min_punctuation': 3})
])
def test_enough_punctuations(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.NumericValidator',
{'min_numeric': 3})
])
def test_not_enough_numeric_characters(self):
# The unicode ២ is the number 2 in Khmer and the ٧ is the Arabic-Indic number 7
self.url_params['password'] = u'thisShouldFail២٧'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password must contain at least 3 numbers.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.NumericValidator',
{'min_numeric': 3})
])
def test_enough_numeric_characters(self):
# The unicode ២ is the number 2 in Khmer
self.url_params['password'] = u'thisShouldPass២33'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.AlphabeticValidator',
{'min_alphabetic': 3})
])
def test_not_enough_alphabetic_characters(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password must contain at least 3 letters.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.AlphabeticValidator',
{'min_alphabetic': 3})
])
def test_enough_alphabetic_characters(self):
self.url_params['password'] = u'𝒯𝓗Ï𝓼𝒫å𝓼𝓼𝔼𝓼'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 3}),
create_validator_config(
'util.password_policy_validators.UppercaseValidator',
{'min_upper': 3}),
create_validator_config(
'util.password_policy_validators.NumericValidator',
{'min_numeric': 3}),
create_validator_config(
'util.password_policy_validators.PunctuationValidator',
{'min_punctuation': 3}),
])
def test_multiple_errors_fail(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
errstring = (
"This password must contain at least 3 uppercase letters. "
"This password must contain at least 3 numbers. "
"This password must contain at least 3 punctuation marks.")
self.assertEqual(obj['value'], errstring)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 3}),
create_validator_config(
'util.password_policy_validators.UppercaseValidator',
{'min_upper': 3}),
create_validator_config(
'util.password_policy_validators.LowercaseValidator',
{'min_lower': 3}),
create_validator_config(
'util.password_policy_validators.NumericValidator',
{'min_numeric': 3}),
create_validator_config(
'util.password_policy_validators.PunctuationValidator',
{'min_punctuation': 3}),
])
def test_multiple_errors_pass(self):
self.url_params['password'] = u'tH1s Sh0u!d P3#$!'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'django.contrib.auth.password_validation.CommonPasswordValidator')
])
def test_common_password_fail(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 400)
obj = json.loads(response.content)
self.assertEqual(
obj['value'],
"This password is too common.",
)
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'django.contrib.auth.password_validation.CommonPasswordValidator')
])
def test_common_password_pass(self):
self.url_params['password'] = '******'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 6}),
create_validator_config(
'util.password_policy_validators.MaximumLengthValidator',
{'max_length': 75}),
])
def test_with_unicode(self):
self.url_params['password'] = u'四節比分和七年前'
response = self.client.post(self.url, self.url_params)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
@override_settings(AUTH_PASSWORD_VALIDATORS=[
create_validator_config(
'util.password_policy_validators.MinimumLengthValidator',
{'min_length': 6})
],
SESSION_ENGINE='django.contrib.sessions.backends.cache')
def test_ext_auth_password_length_too_short(self):
"""
Tests that even if password policy is enforced, ext_auth registrations aren't subject to it
"""
self.url_params['password'] = u'aaa' # shouldn't pass validation
request = self.request_factory.post(self.url, self.url_params)
request.site = SiteFactory.create()
# now indicate we are doing ext_auth by setting 'ExternalAuthMap' in the session.
request.session = import_module(
settings.SESSION_ENGINE).SessionStore() # empty session
extauth = ExternalAuthMap(
external_id='*****@*****.**',
external_email='*****@*****.**',
internal_password=self.url_params['password'],
external_domain='shib:https://idp.stanford.edu/')
request.session['ExternalAuthMap'] = extauth
request.user = AnonymousUser()
with patch('edxmako.request_context.get_current_request',
return_value=request):
response = create_account(request)
self.assertEqual(response.status_code, 200)
obj = json.loads(response.content)
self.assertTrue(obj['success'])
class test_user(TestCase):
""" Cargamos Proyectos, tipos de Item y Tipos de Atributo de prueba en la base de datos """
fixtures = ['proyectos.json'] + ['tipos_item.json'] + [
'tipos_atributo.json'
] + ['users.json'] + ['lista_atributos.json']
def setUp(self):
""" Inicializamos la variable factory que posteriormente nos permitira cargar
un request para utilizarlo en las visata.
"""
self.factory = RequestFactory()
def testadministrarTipoAtributo(self):
self.user = User.objects.get(pk=1)
request = self.factory.get(
'/adm_proyectos/gestionar/1/adm_tipos_atributo/')
request.user = self.user
response = administrarTipoAtributo(
request,
1) #Pasamos a la pagina de administracion de Tipos de Atributo
self.assertEqual(response.status_code, 200)
print 'Test de adminitracion de tipo de Atributo ejecutado exitosamente.'
def testtipoAtributoNuevo(self):
self.user = User.objects.get(pk=1)
request = self.factory.post(
'/adm_proyectos/gestionar/1/adm_tipos_atributo/nuevo/', {
'Nombre_tipo_atributo': 'Detalle',
'Tipo_de_dato': 'Texto',
'Precision': '0',
'Longitud': '5',
'Obligatorio': 'N',
'Descripcion': ''
})
request.user = self.user
response = tipoAtributoNuevo(request, 1)
print response
self.assertEqual(response.status_code, 200)
tipo_atributo = TipoAtributo.objects.get(nombre='Detalle')
print tipo_atributo
def testModificarRol(self):
self.user = User.objects.get(pk=1)
print Roles.objects.all()
request = self.factory.post(
'/adm_roles/modificar/2/', {
'Nombre_de_Rol': 'pruebaRol3',
'Permisos': ['crear_usuarios'],
'Descripcion': 'Agregamos crear usuarios'
})
request.user = self.user
response = modificarRol(request, 2)
print response.status_code
self.assertEqual(response.status_code, 200)
rol = Roles.objects.get(name='pruebaRol3')
print rol
print Roles.objects.all()
print 'Test de Modificar Rol ejecutado exitosamente.'
if __name__ == '__main__':
unittest.main()
class ResetPasswordTests(EventTestMixin, CacheIsolationTestCase):
""" Tests that clicking reset password sends email, and doesn't activate the user
"""
request_factory = RequestFactory()
ENABLED_CACHES = ['default']
def setUp(self):
super(ResetPasswordTests,
self).setUp('student.views.management.tracker')
self.user = UserFactory.create()
self.user.is_active = False
self.user.save()
self.token = default_token_generator.make_token(self.user)
self.uidb36 = int_to_base36(self.user.id)
self.user_bad_passwd = UserFactory.create()
self.user_bad_passwd.is_active = False
self.user_bad_passwd.password = UNUSABLE_PASSWORD_PREFIX
self.user_bad_passwd.save()
@patch('student.views.management.render_to_string',
Mock(side_effect=mock_render_to_string, autospec=True))
def test_user_bad_password_reset(self):
"""Tests password reset behavior for user with password marked UNUSABLE_PASSWORD_PREFIX"""
bad_pwd_req = self.request_factory.post(
'/password_reset/', {'email': self.user_bad_passwd.email})
bad_pwd_resp = password_reset(bad_pwd_req)
# If they've got an unusable password, we return a successful response code
self.assertEquals(bad_pwd_resp.status_code, 200)
obj = json.loads(bad_pwd_resp.content)
self.assertEquals(
obj, {
'success': True,
'value': "('registration/password_reset_done.html', [])",
})
self.assert_no_events_were_emitted()
@patch('student.views.management.render_to_string',
Mock(side_effect=mock_render_to_string, autospec=True))
def test_nonexist_email_password_reset(self):
"""Now test the exception cases with of reset_password called with invalid email."""
bad_email_req = self.request_factory.post(
'/password_reset/', {'email': self.user.email + "makeItFail"})
bad_email_resp = password_reset(bad_email_req)
# Note: even if the email is bad, we return a successful response code
# This prevents someone potentially trying to "brute-force" find out which
# emails are and aren't registered with edX
self.assertEquals(bad_email_resp.status_code, 200)
obj = json.loads(bad_email_resp.content)
self.assertEquals(
obj, {
'success': True,
'value': "('registration/password_reset_done.html', [])",
})
self.assert_no_events_were_emitted()
@patch('student.views.management.render_to_string',
Mock(side_effect=mock_render_to_string, autospec=True))
def test_password_reset_ratelimited(self):
""" Try (and fail) resetting password 30 times in a row on an non-existant email address """
cache.clear()
for i in xrange(30):
good_req = self.request_factory.post(
'/password_reset/',
{'email': 'thisdoesnotexist{0}@foo.com'.format(i)})
good_resp = password_reset(good_req)
self.assertEquals(good_resp.status_code, 200)
# then the rate limiter should kick in and give a HttpForbidden response
bad_req = self.request_factory.post(
'/password_reset/', {'email': '*****@*****.**'})
bad_resp = password_reset(bad_req)
self.assertEquals(bad_resp.status_code, 403)
self.assert_no_events_were_emitted()
cache.clear()
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls',
"Test only valid in LMS")
@patch('django.core.mail.send_mail')
@patch('student.views.management.render_to_string',
Mock(side_effect=mock_render_to_string, autospec=True))
def test_reset_password_email(self, send_email):
"""Tests contents of reset password email, and that user is not active"""
good_req = self.request_factory.post('/password_reset/',
{'email': self.user.email})
good_req.user = self.user
dop_client = ClientFactory()
dop_access_token = AccessTokenFactory(user=self.user,
client=dop_client)
RefreshTokenFactory(user=self.user,
client=dop_client,
access_token=dop_access_token)
dot_application = dot_factories.ApplicationFactory(user=self.user)
dot_access_token = dot_factories.AccessTokenFactory(
user=self.user, application=dot_application)
dot_factories.RefreshTokenFactory(user=self.user,
application=dot_application,
access_token=dot_access_token)
good_resp = password_reset(good_req)
self.assertEquals(good_resp.status_code, 200)
self.assertFalse(
dop_models.AccessToken.objects.filter(user=self.user).exists())
self.assertFalse(
dop_models.RefreshToken.objects.filter(user=self.user).exists())
self.assertFalse(
dot_models.AccessToken.objects.filter(user=self.user).exists())
self.assertFalse(
dot_models.RefreshToken.objects.filter(user=self.user).exists())
obj = json.loads(good_resp.content)
self.assertEquals(
obj, {
'success': True,
'value': "('registration/password_reset_done.html', [])",
})
(subject, msg, from_addr, to_addrs) = send_email.call_args[0]
self.assertIn("Password reset", subject)
self.assertIn(
"You're receiving this e-mail because you requested a password reset",
msg)
self.assertEquals(
from_addr,
configuration_helpers.get_value('email_from_address',
settings.DEFAULT_FROM_EMAIL))
self.assertEquals(len(to_addrs), 1)
self.assertIn(self.user.email, to_addrs)
self.assert_event_emitted(
SETTING_CHANGE_INITIATED,
user_id=self.user.id,
setting=u'password',
old=None,
new=None,
)
#test that the user is not active
self.user = User.objects.get(pk=self.user.pk)
self.assertFalse(self.user.is_active)
re.search(
r'password_reset_confirm/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/',
msg).groupdict()
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls',
"Test only valid in LMS")
@patch('django.core.mail.send_mail')
@ddt.data((False, 'http://'), (True, 'https://'))
@ddt.unpack
def test_reset_password_email_https(self, is_secure, protocol, send_email):
"""
Tests that the right url protocol is included in the reset password link
"""
req = self.request_factory.post('/password_reset/',
{'email': self.user.email})
req.is_secure = Mock(return_value=is_secure)
req.user = self.user
password_reset(req)
_, msg, _, _ = send_email.call_args[0]
expected_msg = "Please go to the following page and choose a new password:\n\n" + protocol
self.assertIn(expected_msg, msg)
self.assert_event_emitted(SETTING_CHANGE_INITIATED,
user_id=self.user.id,
setting=u'password',
old=None,
new=None)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls',
"Test only valid in LMS")
@patch('django.core.mail.send_mail')
@ddt.data(('Crazy Awesome Site', 'Crazy Awesome Site'), ('edX', 'edX'))
@ddt.unpack
def test_reset_password_email_site(self, site_name, platform_name,
send_email):
"""
Tests that the right url domain and platform name is included in
the reset password email
"""
with patch("django.conf.settings.PLATFORM_NAME", platform_name):
with patch("django.conf.settings.SITE_NAME", site_name):
req = self.request_factory.post('/password_reset/',
{'email': self.user.email})
req.user = self.user
password_reset(req)
_, msg, _, _ = send_email.call_args[0]
reset_msg = "you requested a password reset for your user account at {}"
reset_msg = reset_msg.format(site_name)
self.assertIn(reset_msg, msg)
sign_off = "The {} Team".format(platform_name)
self.assertIn(sign_off, msg)
self.assert_event_emitted(SETTING_CHANGE_INITIATED,
user_id=self.user.id,
setting=u'password',
old=None,
new=None)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls',
"Test only valid in LMS")
@patch("openedx.core.djangoapps.site_configuration.helpers.get_value",
fake_get_value)
@patch('django.core.mail.send_mail')
def test_reset_password_email_configuration_override(self, send_email):
"""
Tests that the right url domain and platform name is included in
the reset password email
"""
req = self.request_factory.post('/password_reset/',
{'email': self.user.email})
req.get_host = Mock(return_value=None)
req.user = self.user
password_reset(req)
_, msg, from_addr, _ = send_email.call_args[0]
reset_msg = "you requested a password reset for your user account at {}".format(
fake_get_value('platform_name'))
self.assertIn(reset_msg, msg)
self.assert_event_emitted(SETTING_CHANGE_INITIATED,
user_id=self.user.id,
setting=u'password',
old=None,
new=None)
self.assertEqual(from_addr, "*****@*****.**")
@ddt.data(
('invalidUid', 'invalid_token'),
(None, 'invalid_token'),
('invalidUid', None),
)
@ddt.unpack
def test_reset_password_bad_token(self, uidb36, token):
"""Tests bad token and uidb36 in password reset"""
if uidb36 is None:
uidb36 = self.uidb36
if token is None:
token = self.token
bad_request = self.request_factory.get(
reverse("password_reset_confirm",
kwargs={
"uidb36": uidb36,
"token": token
}))
password_reset_confirm_wrapper(bad_request, uidb36, token)
self.user = User.objects.get(pk=self.user.pk)
self.assertFalse(self.user.is_active)
def test_reset_password_good_token(self):
"""Tests good token and uidb36 in password reset"""
url = reverse("password_reset_confirm",
kwargs={
"uidb36": self.uidb36,
"token": self.token
})
good_reset_req = self.request_factory.get(url)
password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.is_active)
def test_password_reset_fail(self):
"""Tests that if we provide mismatched passwords, user is not marked as active."""
self.assertFalse(self.user.is_active)
url = reverse('password_reset_confirm',
kwargs={
'uidb36': self.uidb36,
'token': self.token
})
request_params = {
'new_password1': 'password1',
'new_password2': 'password2'
}
confirm_request = self.request_factory.post(url, data=request_params)
# Make a password reset request with mismatching passwords.
resp = password_reset_confirm_wrapper(confirm_request, self.uidb36,
self.token)
# Verify the response status code is: 200 with password reset fail and also verify that
# the user is not marked as active.
self.assertEqual(resp.status_code, 200)
self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
def test_password_reset_prevent_auth_user_writes(self):
with waffle().override(PREVENT_AUTH_USER_WRITES, True):
url = reverse("password_reset_confirm",
kwargs={
"uidb36": self.uidb36,
"token": self.token
})
for request in [
self.request_factory.get(url),
self.request_factory.post(url)
]:
response = password_reset_confirm_wrapper(
request, self.uidb36, self.token)
assert response.context_data[
'err_msg'] == SYSTEM_MAINTENANCE_MSG
self.user.refresh_from_db()
assert not self.user.is_active
@override_settings(PASSWORD_MIN_LENGTH=2)
@override_settings(PASSWORD_MAX_LENGTH=10)
@ddt.data(
{
'password': '******',
'error_message': 'Enter a password with at least 2 characters.',
}, {
'password': '******',
'error_message': 'Enter a password with at most 10 characters.',
})
def test_password_reset_with_invalid_length(self, password_dict):
"""Tests that if we provide password characters less then PASSWORD_MIN_LENGTH,
or more than PASSWORD_MAX_LENGTH, password reset will fail with error message.
"""
url = reverse('password_reset_confirm',
kwargs={
'uidb36': self.uidb36,
'token': self.token
})
request_params = {
'new_password1': password_dict['password'],
'new_password2': password_dict['password']
}
confirm_request = self.request_factory.post(url, data=request_params)
# Make a password reset request with minimum/maximum passwords characters.
response = password_reset_confirm_wrapper(confirm_request, self.uidb36,
self.token)
self.assertEqual(response.context_data['err_msg'],
password_dict['error_message'])
@patch('student.views.management.password_reset_confirm')
@patch("openedx.core.djangoapps.site_configuration.helpers.get_value",
fake_get_value)
def test_reset_password_good_token_configuration_override(
self, reset_confirm):
"""Tests password reset confirmation page for site configuration override."""
url = reverse("password_reset_confirm",
kwargs={
"uidb36": self.uidb36,
"token": self.token
})
good_reset_req = self.request_factory.get(url)
password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
confirm_kwargs = reset_confirm.call_args[1]
self.assertEquals(confirm_kwargs['extra_context']['platform_name'],
'Fake University')
self.user = User.objects.get(pk=self.user.pk)
self.assertTrue(self.user.is_active)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls',
"Test only valid in LMS")
@patch('django.core.mail.send_mail')
@ddt.data('Crazy Awesome Site', 'edX')
def test_reset_password_email_subject(self, platform_name, send_email):
"""
Tests that the right platform name is included in
the reset password email subject
"""
with patch("django.conf.settings.PLATFORM_NAME", platform_name):
req = self.request_factory.post('/password_reset/',
{'email': self.user.email})
req.user = self.user
password_reset(req)
subj, _, _, _ = send_email.call_args[0]
self.assertIn(platform_name, subj)
def setUp(self):
self.page = CFGOVPage(title='Test', slug='test')
self.factory = RequestFactory()
self.request = self.factory.get('/')
def has_instructor_tab(user, course):
"""Returns true if the "Instructor" tab is shown."""
request = RequestFactory().request()
request.user = user
tabs = get_course_tab_list(request, course)
return len([tab for tab in tabs if tab.name == 'Instructor']) == 1
def setUp(self):
self.req = RequestFactory().get('/')
self.res = HttpResponse()
def setUp(self):
""" Inicializamos la variable factory que posteriormente nos permitira cargar
un request para utilizarlo en las visata.
"""
self.factory = RequestFactory()
def setUpClass(cls):
super(TestConditionalContentAccess, cls).setUpClass()
cls.factory = RequestFactory()
ContentTypeGatingConfig.objects.create(enabled=True,
enabled_as_of=datetime(
2018, 1, 1))
class TestCFGOVPage(TestCase):
def setUp(self):
self.page = CFGOVPage(title='Test', slug='test')
self.factory = RequestFactory()
self.request = self.factory.get('/')
def test_post_preview_cache_key_contains_page_id(self):
save_new_page(self.page)
key = self.page.post_preview_cache_key
self.assertIn(str(self.page.id), key)
@mock.patch('builtins.super')
def test_serve_calls_super_on_non_ajax_request(self, mock_super):
self.page.serve(self.request)
mock_super.assert_called_with(CFGOVPage, self.page)
mock_super().serve.assert_called_with(self.request)
@mock.patch('v1.models.base.CFGOVPage.serve_post')
def test_serve_calls_serve_post_on_post_request(self, mock_serve_post):
self.request = self.factory.post('/')
self.page.serve(self.request)
mock_serve_post.assert_called_with(self.request)
def test_serve_post_returns_400_for_no_form_id(self):
request = self.factory.post('/')
response = self.page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_returns_json_400_for_no_form_id(self):
request = self.factory.post('/',
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
response = self.page.serve_post(request)
self.assertEqual(response.content, b'{"result": "error"}')
self.assertEqual(response.status_code, 400)
def test_serve_post_returns_400_for_invalid_form_id_wrong_parts(self):
request = self.factory.post('/', {'form_id': 'foo'})
response = self.page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_returns_400_for_invalid_form_id_invalid_field(self):
request = self.factory.post('/', {'form_id': 'form-foo-2'})
response = self.page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_returns_400_for_invalid_form_id_invalid_index(self):
page = BrowsePage(title='test', slug='test')
request = self.factory.post('/', {'form_id': 'form-content-99'})
response = page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_returns_400_for_invalid_form_id_non_number_index(self):
page = BrowsePage(title='test', slug='test')
request = self.factory.post('/', {'form_id': 'form-content-abc'})
response = page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_returns_400_for_invalid_form_id_no_form_present(self):
page = BrowsePage(title='test', slug='test')
page.content = blocks.StreamValue(page.content.stream_block,
[{
'type': 'full_width_text',
'value': []
}], True)
save_new_page(page)
request = self.factory.post('/', {'form_id': 'form-content-0'})
response = page.serve_post(request)
self.assertIsInstance(response, HttpResponseBadRequest)
def test_serve_post_valid_calls_feedback_block_handler(self):
"""A valid post should call the feedback block handler.
This returns a redirect to the calling page and also uses the
Django messages framework to set a message.
"""
page = BrowsePage(title='test', slug='test')
page.content = blocks.StreamValue(page.content.stream_block,
[{
'type': 'feedback',
'value': 'something'
}], True)
save_new_page(page)
request = self.factory.post('/', {'form_id': 'form-content-0'})
SessionMiddleware().process_request(request)
MessageMiddleware().process_request(request)
response = page.serve_post(request)
self.assertEqual((response.status_code, response['Location']),
(302, request.path))
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_gets_streamfield_from_page_using_form_id(
self, mock_getattr, mock_get_context, mock_get_template,
mock_response):
mock_getattr.return_value = mock.MagicMock()
mock_get_context.return_value = mock.MagicMock()
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
self.page.serve_post(self.request)
mock_getattr.assert_called_with(self.page, 'content', None)
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_calls_module_get_result(self, mock_getattr,
mock_get_context,
mock_get_template,
mock_response):
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
self.page.serve_post(self.request)
module = mock_getattr()[0]
module.block.get_result.assert_called_with(self.page, self.request,
module.value, True)
@mock.patch('v1.models.base.isinstance')
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_returns_result_if_response(self, mock_getattr,
mock_get_context,
mock_get_template,
mock_response,
mock_isinstance):
mock_getattr.return_value = mock.MagicMock()
mock_get_context.return_value = mock.MagicMock()
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
result = self.page.serve_post(self.request)
module = mock_getattr()[0]
self.assertEqual(result, module.block.get_result())
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_calls_get_context(self, mock_getattr, mock_get_context,
mock_get_template, mock_response):
mock_getattr.return_value = mock.MagicMock()
mock_get_context.return_value = mock.MagicMock()
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
self.page.serve_post(self.request)
self.assertTrue(mock_get_context.called)
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_sets_context(self, mock_getattr, mock_get_context,
mock_get_template, mock_response):
context = {'form_modules': {'content': {}}}
mock_getattr.return_value = mock.MagicMock()
mock_get_context.return_value = context
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
self.page.serve_post(self.request)
module = mock_getattr()[0]
self.assertIn(0, context['form_modules']['content'])
self.assertEqual(module.block.get_result(),
context['form_modules']['content'][0])
@mock.patch('v1.models.base.TemplateResponse')
@mock.patch('v1.models.base.CFGOVPage.get_template')
@mock.patch('v1.models.base.CFGOVPage.get_context')
@mock.patch('v1.models.base.getattr')
def test_serve_post_returns_template_response_if_result_not_response(
self, mock_getattr, mock_get_context, mock_get_template,
mock_response):
mock_getattr.return_value = mock.MagicMock()
mock_get_context.return_value = mock.MagicMock()
self.request = self.factory.post(
'/', {'form_id': 'form-content-0'},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
result = self.page.serve_post(self.request)
mock_response.assert_called_with(self.request, mock_get_template(),
mock_get_context())
self.assertEqual(result, mock_response())
