Example #1
0
def users_cant_see_other_users_expenses(tester):
    """Check that the expenses are displayed only for the correct owner"""
    username, password = Helpers.create_user(tester)

    # Frank can create a category to log his expenses
    cat_name = Helpers.generate_string()
    Helpers.create_a_category(tester, category_name=cat_name, is_income=False)

    amount = random.randint(1, 90000)
    expense_date = str(date.today())
    note = Helpers.generate_string()

    # Frank enters some data
    Helpers.create_entry(tester,
                         amount,
                         category_name=cat_name,
                         note=note,
                         expense_date=expense_date,
                         is_income=False,
                         verify_creation=True)

    Helpers.logout_user(tester)

    # Guido can not see Frank's expense
    Helpers.create_user(tester)
    Helpers.visit_and_verify_expense(tester,
                                     amount=amount,
                                     category_name=cat_name,
                                     note=note,
                                     should_exist=False)
    Helpers.logout_user(tester)
def test_can_create_multiple_monthly_budgets(tester):
    # Frank creates a category to log expenses related his rent
    category_name = Helpers.generate_string()
    Helpers.create_a_category(tester, category_name)

    budget_date = datetime.date.today().replace(day=1)
    amount = 7000
    Helpers.create_a_monthly_budget(tester, category_name=category_name,
                                    amount=amount, date=budget_date)

    # Frank logs a fraction of his rent (he got confused with this previous
    # apartment)
    wrong_amt = 4000
    note = 'First month of rent'
    rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d")
    is_income = False
    Helpers.create_entry(tester, amount=wrong_amt, category_name=category_name,
                         note=note, expense_date=rent_date, is_income=is_income)

    # FIX ME: we're not displaying the monthly bugets anymore!!!

    # Frank notices the home page shows that amount he has set
    # url = reverse('budgets:home')
    # tester.browser.get(f"{tester.live_server_url}{url}")

    # table = tester.browser.find_element_by_id('id_expenses_total')
    # Helpers.find_text_inside_table(tester, str(amount), table)
    # Helpers.find_text_inside_table(tester, category_name, table)

    # # Frank notices that the home page is showing he still has room for
    # # spending, in the Rent category
    # url = reverse('budgets:home')
    # tester.browser.get(f"{tester.live_server_url}{url}")
    # remainder = amount - wrong_amt
    # table = tester.browser.find_element_by_id('id_expenses_total')
    # formatted_amount = f'{remainder:n}'
    # Helpers.find_text_inside_table(tester, str(formatted_amount), table)

    # Frank also notices the amount is green, meaning he still has room for
    # spending!
    # TODO, check for "text-danger" class

    # Frank notices his error and logs the full amount of the rent
    # creating a new expenses (Frank can't find how to edit an entry)
    remainder = 5000
    note = Helpers.generate_string()
    rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d")
    is_income = False
    Helpers.create_entry(tester, amount=remainder, category_name=category_name,
                         note=note, expense_date=rent_date,
                         is_income=is_income)
Example #3
0
def test_expenses_page_can_show_old_expenses(tester):
    """Check that old expenses are shown if a given url is used"""
    text = 'Rent'
    Helpers.create_a_category(tester, category_name=text)

    amount = 4000
    note = 'Second month of rent'
    second_date = date.today().replace(day=1)
    second_date_ymd = second_date.strftime("%Y-%m-%d")
    is_income = False
    Helpers.create_entry(tester,
                         amount=amount,
                         category_name=text,
                         note=note,
                         expense_date=second_date_ymd,
                         is_income=is_income)

    # Frank visits the expenses page
    note = 'First month of rent'
    delta = timedelta(weeks=10)
    first_rent_date = second_date - delta
    first_rent_date_ym = first_rent_date.strftime("%Y-%m")
    first_rent_date_ymd = first_rent_date.strftime("%Y-%m-%d")
    verify_creation = False
    Helpers.create_entry(tester,
                         amount,
                         category_name=text,
                         note=note,
                         expense_date=first_rent_date_ymd,
                         is_income=is_income,
                         verify_creation=verify_creation)

    # Frank visit the expenses page using a parameter
    # (Frank manually changes the URL as he can not find any dropdown yet)
    expense_url = reverse('budgets:expenses')
    url = f"{tester.live_server_url}{expense_url}/{first_rent_date_ym}"
    tester.browser.get(url)

    formatted_amount = f'{amount:n}'
    # Frank notices that this URL does not show entries from other months
    Helpers.verify_expense_was_created(tester,
                                       amount=amount,
                                       category_name=text,
                                       note=note)
Example #4
0
def users_cant_create_expenses_with_other_users_categories(tester):
    """Check that the expenses can not be created with other users's categories
    """
    # Frank logs in
    Helpers.create_user(tester)

    # Frank creates multiple categories
    for _ in range(3):
        cat_name = Helpers.generate_string()
        Helpers.create_a_category(tester,
                                  category_name=cat_name,
                                  is_income=False)
        category_id = Helpers.get_category_id_from_category_name(
            tester, cat_name)

    # Frank confirm the id of the last category he created... he "has a plan"
    category_id = Helpers.get_category_id_from_category_name(tester, cat_name)

    # Frank knows some javascript, and he tries to fiddle with the form values
    # ## ES6 syntax, will work in recent (2015/2016+ versions) FF and Chromium
    js_function = 'Array.from(document.getElementsByTagName("option")).forEach(function(item) {item.value = "X"});'
    js_function = js_function.replace('X', str(category_id))
    tester.browser.execute_script(js_function)

    amount = random.randint(1, 90000)
    expense_date = str(date.today())
    note = Helpers.generate_string()

    # Frank enters some data, he wants to make sure his js does not break the
    # app
    # Frank also confirm that even after executing this js, the expense was
    # created correctly
    Helpers.create_entry(tester,
                         amount,
                         category_name=cat_name,
                         note=note,
                         expense_date=expense_date,
                         is_income=False,
                         verify_creation=True,
                         js_to_execute=js_function)

    # Franks challenges Guido to create an expense with a category he made
    # Franks share his js script with Guido (Guido does not know any js!)

    # Guido accepts to test out Frank's js and verify the app works correctly
    Helpers.create_user(tester)

    # Guido creates a category
    cat_name = Helpers.generate_string()
    Helpers.create_a_category(tester, category_name=cat_name, is_income=False)

    # Guido enters some data, and execute the js code he got from Frank
    # If the app is not checking for tampering the form values, this will fail
    Helpers.create_entry(tester,
                         amount,
                         category_name=cat_name,
                         note=note,
                         expense_date=expense_date,
                         is_income=False,
                         verify_creation=False,
                         js_to_execute=js_function)

    # Guido confirms the app is not deceived by this trivial attack
    Helpers.visit_and_verify_expense(tester,
                                     amount=amount,
                                     category_name=cat_name,
                                     note=note,
                                     should_exist=False)
Example #5
0
def test_only_expenses_in_range_are_shown(tester):
    """Check that expenses are correctly filtered when using a given url"""

    # Frank creates 2 expenses for January 2020
    text = Helpers.generate_string()
    Helpers.create_a_category(tester, category_name=text)

    # Frank is not going to check if the expenses are created as he always does
    # Frank now believes into this sowftware!
    is_income = False
    # We skip verication because...the function is old and broke down due to
    # the new redirect to /expense/create on success ?
    # TODO: check if this is the case, and fix it if needed
    verify_creation = False

    amount = 4000
    note = Helpers.generate_string()
    date = "2020-01-01"
    Helpers.create_entry(tester,
                         amount,
                         category_name=text,
                         note=note,
                         expense_date=date,
                         is_income=is_income,
                         verify_creation=verify_creation)

    second_amount = 4200
    second_date = "2020-01-07"
    second_note = Helpers.generate_string()
    Helpers.create_entry(tester,
                         second_amount,
                         category_name=text,
                         note=second_note,
                         expense_date=date,
                         is_income=is_income,
                         verify_creation=verify_creation)

    # Frank has changed his mind: "Testing is important" he says.
    # Frank then enters a special URL to check the expenses creation...but he
    # enters the wrong end date
    expense_url = reverse('budgets:expenses')
    url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-02"
    tester.browser.get(url)

    # Frank notices the first expenses is shown. Frank is so happy
    formatted_amount = f'{amount:,}'
    Helpers.verify_expense_was_created(tester,
                                       amount=formatted_amount,
                                       category_name=text,
                                       note=note)

    # TODO: verify the second expenses is NOT shown
    # Frank can not see the second expenses! Frank wonders whether the
    # software has really saved the second expenses or not

    # Frank then gets very anxious... but then Frank breathes, and re-types the
    # URL. He notices he had typed the wrong one: "Silly me!" he mumbles.
    expense_url = reverse('budgets:expenses')
    url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-07"
    tester.browser.get(url)
    formatted_second_amount = f'{second_amount:,}'

    # Frank now sees both expenses, he smiles. Frank is so relieved now
    Helpers.verify_expense_was_created(tester,
                                       formatted_amount,
                                       category_name=text,
                                       note=note)
    Helpers.verify_expense_was_created(tester,
                                       amount=formatted_second_amount,
                                       category_name=text,
                                       note=second_note)

    # Then, Frank remembers he also bought something during December 2019
    # He really wants to keep track of all his expenses!
    third_amount = 4200
    third_note = Helpers.generate_string()
    older_date = "2019-12-31"
    Helpers.create_entry(tester,
                         amount=third_amount,
                         category_name=text,
                         note=third_note,
                         expense_date=older_date,
                         is_income=is_income,
                         verify_creation=verify_creation)

    # Frank then enters a special URL that allows him to only show expenses
    # broken down by months
    expense_url = reverse('budgets:expenses')
    url = f"{tester.live_server_url}{expense_url}/2019-12-01/2019-12-31"
    tester.browser.get(url)

    formatted_third_amount = f'{third_amount:,}'
    Helpers.verify_expense_was_created(tester,
                                       amount=formatted_third_amount,
                                       category_name=text,
                                       note=third_note)

    # TODO: Frank then want to see all expenses
    expense_url = reverse('budgets:expenses')
    url = f"{tester.live_server_url}{expense_url}/2019-12-01/2020-01-31"