def test_validate_form(self): """ Test the validation of the form """ # get default form data form = get_default_form(self.model_without_author) form_data = dict((key, form[key].value()) for key in form.fields) form_data.update(dict(csrf_token=None, comment='comment')) # test valid form form = FlagForm(self.model_without_author, copy(form_data)) self.assertTrue(form.is_valid()) # test bad security hash data = copy(form_data) data['security_hash'] = 'zz' + data['security_hash'][2:] form = FlagForm(self.model_without_author, data) self.assertFalse(form.is_valid()) self.assertEqual(len(form['security_hash'].errors), 1) self.assertTrue(len(form.security_errors()) == 1) # test bad timestamp data = copy(form_data) data['timestamp'] = str(int(time.time()) - (3 * 60 * 60)) form = FlagForm(self.model_without_author, data) self.assertFalse(form.is_valid()) self.assertEqual(len(form['timestamp'].errors), 1) # test missing comment data = copy(form_data) del data['comment'] form = FlagForm(self.model_without_author, data) self.assertFalse(form.is_valid())
def test_create_form(self): """ Test the creation of the form """ flag_settings.ALLOW_COMMENTS = False form = get_default_form(self.model_without_author) # check the used form self.assertTrue(isinstance(form, FlagForm)) self.assertFalse(isinstance(form, FlagFormWithCreator)) # check data self.assertEqual(form['object_pk'].value(), str(self.model_without_author.id)) self.assertEqual(form['content_type'].value(), '%s.%s' % ( self.model_without_author._meta.app_label, self.model_without_author._meta.module_name)) # check security self.assertTrue('timestamp' in form.fields) self.assertTrue('security_hash' in form.fields) # check with_author form = get_default_form(self.model_with_author, 'author') self.assertTrue(isinstance(form, FlagFormWithCreator)) self.assertEqual(form['creator_field'].value(), 'author') # check with_status form = get_default_form(self.model_without_author, with_status=True) self.assertTrue(isinstance(form, FlagFormWithStatus)) self.assertEqual(form['status'].field.choices, flag_settings.get_for_model( self.model_without_author, 'STATUSES')) # check with_status and with_author form = get_default_form(self.model_with_author, 'author', with_status=True) self.assertTrue(isinstance(form, FlagFormWithCreatorAndStatus)) self.assertEqual(form['creator_field'].value(), 'author') self.assertEqual(form['status'].field.choices, flag_settings.get_for_model( self.model_with_author, 'STATUSES'))
def flag(context, content_object, creator_field=None, with_status=False): """ This templatetag will display a form to flag the given object. If the `creator_field` is given, the field will be added to the form in an hidden input. If the `with_status` is True, a `status` will be added """ if not content_object: return {} request = context.get('request', None) form = get_default_form(content_object, creator_field, with_status) return dict(form=form, next=get_next(request))
def test_post_view(self): """ Test the "flag" view """ # get default form data form = get_default_form(self.model_without_author) form_data = dict((key, form[key].value()) for key in form.fields) form_data.update(dict(csrf_token=None, comment='comment')) url = reverse('flag') # not authenticated resp = self.client.post(url, copy(form_data)) self.assertTrue(isinstance(resp, HttpResponseRedirect)) self.assertTrue('?next=%s' % url in resp['Location']) self.assertEqual(FlagInstance.objects.count(), 0) # authenticated user self.client.login(username='******' % self.USER_BASE, password=self.USER_BASE) resp = self.client.post(url, copy(form_data)) self.assertTrue(isinstance(resp, HttpResponseRedirect)) self.assertEqual(FlagInstance.objects.count(), 1) flagged_content = FlaggedContent.objects.get_for_object( self.model_without_author) self.assertEqual(flagged_content.count, 1) self.assertEqual(flagged_content.flag_instances.all()[0].comment, 'comment') # bad object data = copy(form_data) data['object_pk'] = 'foo' resp = self.client.post(url, data) self.assertTrue(isinstance(resp, FlagBadRequest)) # creator cform = get_default_form(self.model_with_author, 'author') self.assertTrue('creator_field' in cform.fields) cform_data = dict((key, cform[key].value()) for key in cform.fields) cform_data.update(dict(csrf_token=None, comment='comment')) resp = self.client.post(url, cform_data) self.assertTrue(isinstance(resp, HttpResponseRedirect)) self.assertEqual(FlagInstance.objects.count(), 2) self.assertEqual(FlaggedContent.objects.get_for_object( self.model_with_author).count, 1) # bad security data = copy(form_data) data['security_hash'] = 'zz' + data['security_hash'][2:] resp = self.client.post(url, data) self.assertTrue(isinstance(resp, FlagBadRequest)) # no comment allowed flag_settings.ALLOW_COMMENTS = False data = copy(form_data) resp = self.client.post(url, data) self.assertTrue('<ul class="errorlist"><li>You are not allowed to add ' 'a comment</li></ul>' in resp.content) del data['comment'] resp = self.client.post(url, data) flagged_content = FlaggedContent.objects.get_for_object( self.model_without_author) self.assertEqual(flagged_content.count, 2) self.assertIsNone(flagged_content.flag_instances.all()[0].comment) # limit by user flag_settings.LIMIT_SAME_OBJECT_FOR_USER = 2 flagged_content = FlaggedContent.objects.get_for_object( self.model_without_author) count_before = flagged_content.count resp = self.client.post(url, copy(form_data)) flagged_content = FlaggedContent.objects.get_for_object( self.model_without_author) self.assertEqual(flagged_content.count, count_before) flag_settings.LIMIT_SAME_OBJECT_FOR_USER = 0 # error : return to confirm page flag_settings.ALLOW_COMMENTS = True data = copy(form_data) del data['comment'] # missing comment data['next'] = '/foobar/' resp = self.client.post(url, data) self.assertEqual(resp.status_code, 200) self.assertTrue(isinstance(resp.context['form'], FlagForm)) self.assertEqual(resp.context['next'], data['next']) # test get access resp = self.client.get(url) self.assertTrue(isinstance(resp, FlagBadRequest)) # test with_status data = copy(form_data) data['status'] = 2 # user is not staff resp = self.client.post(url, data) self.assertTrue(isinstance(resp, FlagBadRequest)) # user is staff self.client.logout() self.client.login(username=self.staff_user, password=self.USER_BASE) count_before_obj = FlagInstance.objects.count() count_before_inst = FlaggedContent.objects.get_for_object( self.model_without_author).count resp = self.client.post(url, data) flagged_content = FlaggedContent.objects.get_for_object( self.model_without_author) self.assertEqual(flagged_content.status, 2) # we have a new flag instance self.assertEqual(FlagInstance.objects.count(), count_before_obj + 1) # but the flag's count for this object is the same self.assertEqual(flagged_content.count, count_before_inst) # creator and status form = get_default_form(self.model_with_author, creator_field='author') data = dict((key, form[key].value()) for key in form.fields) data.update(dict(csrf_token=None, comment='comment')) data['status'] = 3 resp = self.client.post(url, data) flagged_content = FlaggedContent.objects.get_for_object( self.model_with_author) self.assertEqual(flagged_content.status, 3) self.assertEqual(flagged_content.moderator.id, self.staff_user.id)
# get the flagged_content, and test if it can be flagged by the user try: flagged_content = FlaggedContent.objects.get_for_object(content_object) try: flagged_content.assert_can_be_flagged_by_user(request.user) except FlagUserNotTrustedException, e: # we don't do anything here for now # because we want the user to continue without noticing # he can't really add a flag (yes, this is evil) pass except FlagException, e: messages.error(request, unicode(e)) return redirect(next) except ObjectDoesNotExist: # if the FlaggedContent does not exists, the object was never flagged # so we know that we can continue pass # define the form form = form or get_default_form(content_object, creator_field, with_status) # ready to render context = dict(content_object=content_object, form=form, next=next) templates = [ 'flag/confirm_%s_%s.html' % (app_label, object_name), 'flag/confirm.html' ] return render(request, templates, context)
return FlagBadRequest(str(e)) creator_field = request.GET.get("creator_field", None) # get the flagged_content, and test if it can be flagged by the user try: flagged_content = FlaggedContent.objects.get_for_object(content_object) try: flagged_content.assert_can_be_flagged_by_user(request.user) except FlagUserNotTrustedException, e: # we don't do anything here for now # because we want the user to continue without noticing # he can't really add a flag (yes, this is evil) pass except FlagException, e: messages.error(request, unicode(e)) return redirect(next) except ObjectDoesNotExist: # if the FlaggedContent does not exists, the object was never flagged # so we know that we can continue pass # define the form form = form or get_default_form(content_object, creator_field, with_status) # ready to render context = dict(content_object=content_object, form=form, next=next) templates = ["flag/confirm_%s_%s.html" % (app_label, object_name), "flag/confirm.html"] return render(request, templates, context)