def test_must_not_let_admin_set_role_to_admin():
email = '[email protected]&role=admin'
r = encode_query(
profile_for(email)
)
e = 'role=user&[email protected]&role=admin&uid=10'
assert(e != r)
assert(2 == r.count('&'))
assert(3 == r.count('='))
def encode_profile(profile):
"""Encode the profile so the order of the keys is fixed to email, uid, role
:param profile: The profile to encode
:returns: The profile query string
:rtype: str
"""
query = []
for i in ['email', 'uid', 'role']:
query.append(encode_query({i: profile[i]}))
return '&'.join(query)
def test_encode_query_works_for_ints():
i = {'foo': 'bar', 'uid': 2, 'zap': 'zaz&zle'}
e = 'foo=bar&uid=2&zap=zazzle'
assert (e == encode_query(i))
def test_encode_query_removes_given_characters():
i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zaz-_zle'}
e = 'foo=bar&baz=qux&zap=zazzle'
assert (e == encode_query(i, remove='_-'))
def test_encode_query_removes_ambersand():
i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zaz&zle'}
e = 'foo=bar&baz=qux&zap=zazzle'
assert (e == encode_query(i))
def test_encode_query():
i = {'foo': 'bar', 'baz': 'qux', 'zap': 'zazzle'}
e = 'foo=bar&baz=qux&zap=zazzle'
assert (e == encode_query(i))
def test_profile_encoding():
profile = profile_for('*****@*****.**')
e = 'role=user&[email protected]&uid=10'
r = encode_query(profile)
assert(e == r)