def test_anonymous_user_read_given_blogpost(self): """Test anonymous users can read a given blogpost""" with self.flask_app.test_request_context('/'): app = AppFactory.create() blogpost = BlogpostFactory.create(app=app) assert_not_raises(Exception, getattr(require, 'blogpost').read, blogpost)
def test_admin_read_blogposts_for_given_hidden_app(self): """Test admin can read blogposts of a given hidden project""" with self.flask_app.test_request_context('/'): admin = UserFactory.create() app = AppFactory.create(hidden=1) assert self.mock_admin.id != app.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').read, app_id=app.id)
def test_admin_authenticated_user_delete_blogpost(self): """Test authenticated user can delete any blogpost if is admin""" with self.flask_app.test_request_context('/'): admin = UserFactory.create() blogpost = BlogpostFactory.create() assert self.mock_admin.id != blogpost.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').delete, blogpost)
def test_admin_delete_anonymous_taskrun(self): """Test admins can delete anonymously posted taskruns""" with self.flask_app.test_request_context('/'): anonymous_taskrun = AnonymousTaskRunFactory.create() assert_not_raises(Exception, getattr(require, 'taskrun').delete, anonymous_taskrun)
def test_anonymous_user_create_first_taskrun(self): """Test anonymous user can create a taskrun for a given task if he hasn't already done it""" with self.flask_app.test_request_context('/'): taskrun = AnonymousTaskRunFactory.build() assert_not_raises(Exception, getattr(require, 'taskrun').create, taskrun)
def test_admin_delete_user_taskrun(self): """Test admins can delete taskruns posted by authenticated users""" with self.flask_app.test_request_context('/'): user_taskrun = TaskRunFactory.create() assert self.mock_admin.id != user_taskrun.user.id assert_not_raises(Exception, getattr(require, 'taskrun').delete, user_taskrun)
def test_admin_read_given_blogpost_hidden_app(self): """Test admin can read a given blogpost of a hidden project""" with self.flask_app.test_request_context('/'): admin = UserFactory.create() app = AppFactory.create(hidden=1) blogpost = BlogpostFactory.create(app=app) assert self.mock_admin.id != app.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').read, blogpost)
def test_owner_read_given_blogpost(self): """Test authenticated user can read a given blogpost if is the project owner""" with self.flask_app.test_request_context('/'): owner = UserFactory.create_batch(2)[1] app = AppFactory.create(owner=owner) blogpost = BlogpostFactory.create(app=app) assert self.mock_authenticated.id == app.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').read, blogpost)
def test_non_owner_authenticated_user_read_blogposts_for_given_app(self): """Test authenticated user can read blogposts of a given project if is not the project owner""" with self.flask_app.test_request_context('/'): app = AppFactory.create() user = UserFactory.create() assert self.mock_authenticated.id != app.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').read, app_id=app.id)
def test_authenticated_user_create_first_taskrun(self): """Test authenticated user can create a taskrun for a given task if he hasn't already done it""" with self.flask_app.test_request_context('/'): taskrun = TaskRunFactory.build() assert self.mock_authenticated.id == taskrun.user.id assert_not_raises(Exception, getattr(require, 'taskrun').create, taskrun)
def test_owner_delete_blogpost(self): """Test authenticated user can delete a blogpost if is the post owner""" with self.flask_app.test_request_context('/'): owner = UserFactory.create_batch(2)[1] app = AppFactory.create() blogpost = BlogpostFactory.create(app=app, owner=owner) assert self.mock_authenticated.id == blogpost.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').delete, blogpost)
def test_owner_read_blogposts_for_given_hidden_app(self): """Test authenticated user can read blogposts of a given hidden project if is the project owner""" with self.flask_app.test_request_context('/'): owner = UserFactory.create_batch(2)[1] app = AppFactory.create(owner=owner, hidden=1) assert self.mock_authenticated.id == app.owner.id assert_not_raises(Exception, getattr(require, 'blogpost').read, app_id=app.id)
def test_anonymous_user_read(self): """Test anonymous user can read any taskrun""" with self.flask_app.test_request_context('/'): anonymous_taskrun = AnonymousTaskRunFactory.create() user_taskrun = TaskRunFactory.create() assert_not_raises(Exception, getattr(require, 'taskrun').read, anonymous_taskrun) assert_not_raises(Exception, getattr(require, 'taskrun').read, user_taskrun)
def test_authenticated_user_delete_other_users_taskrun(self): """Test authenticated user cannot delete a taskrun if it was created by another authenticated user, but can delete his own taskruns""" with self.flask_app.test_request_context('/'): own_taskrun = TaskRunFactory.create() other_users_taskrun = TaskRunFactory.create() assert self.mock_authenticated.id == own_taskrun.user.id assert self.mock_authenticated.id != other_users_taskrun.user.id assert_not_raises(Exception, getattr(require, 'taskrun').delete, own_taskrun) assert_raises(Forbidden, getattr(require, 'taskrun').delete, other_users_taskrun)
def test_anonymous_user_create_repeated_taskrun(self): """Test anonymous user cannot create a taskrun for a task to which he has previously posted a taskrun""" with self.flask_app.test_request_context('/'): task = TaskFactory.create() taskrun1 = AnonymousTaskRunFactory.create(task=task) taskrun2 = AnonymousTaskRunFactory.build(task=task) assert_raises(Forbidden, getattr(require, 'taskrun').create, taskrun2) # But the user can still create taskruns for different tasks task2 = TaskFactory.create(app=task.app) taskrun3 = AnonymousTaskRunFactory.build(task=task2) assert_not_raises(Exception, getattr(require, 'taskrun').create, taskrun3)
def test_authenticated_user_read(self): """Test authenticated user can read any taskrun""" with self.flask_app.test_request_context('/'): own_taskrun = TaskRunFactory.create() anonymous_taskrun = AnonymousTaskRunFactory.create() other_users_taskrun = TaskRunFactory.create() assert self.mock_authenticated.id == own_taskrun.user.id assert self.mock_authenticated.id != other_users_taskrun.user.id assert_not_raises(Exception, getattr(require, 'taskrun').read, anonymous_taskrun) assert_not_raises(Exception, getattr(require, 'taskrun').read, other_users_taskrun) assert_not_raises(Exception, getattr(require, 'taskrun').read, own_taskrun)
def test_anonymous_user_read_blogposts_for_given_app(self): """Test anonymous users can read blogposts of a given project""" with self.flask_app.test_request_context('/'): app = AppFactory.create() assert_not_raises(Exception, getattr(require, 'blogpost').read, app_id=app.id)