def users_cant_see_other_users_expenses(tester):
"""Check that the expenses are displayed only for the correct owner"""
username, password = Helpers.create_user(tester)
# Frank can create a category to log his expenses
cat_name = Helpers.generate_string()
Helpers.create_a_category(tester, category_name=cat_name, is_income=False)
amount = random.randint(1, 90000)
expense_date = str(date.today())
note = Helpers.generate_string()
# Frank enters some data
Helpers.create_entry(tester,
amount,
category_name=cat_name,
note=note,
expense_date=expense_date,
is_income=False,
verify_creation=True)
Helpers.logout_user(tester)
# Guido can not see Frank's expense
Helpers.create_user(tester)
Helpers.visit_and_verify_expense(tester,
amount=amount,
category_name=cat_name,
note=note,
should_exist=False)
Helpers.logout_user(tester)
def test_can_create_multiple_monthly_budgets(tester):
# Frank creates a category to log expenses related his rent
category_name = Helpers.generate_string()
Helpers.create_a_category(tester, category_name)
budget_date = datetime.date.today().replace(day=1)
amount = 7000
Helpers.create_a_monthly_budget(tester, category_name=category_name,
amount=amount, date=budget_date)
# Frank logs a fraction of his rent (he got confused with this previous
# apartment)
wrong_amt = 4000
note = 'First month of rent'
rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d")
is_income = False
Helpers.create_entry(tester, amount=wrong_amt, category_name=category_name,
note=note, expense_date=rent_date, is_income=is_income)
# FIX ME: we're not displaying the monthly bugets anymore!!!
# Frank notices the home page shows that amount he has set
# url = reverse('budgets:home')
# tester.browser.get(f"{tester.live_server_url}{url}")
# table = tester.browser.find_element_by_id('id_expenses_total')
# Helpers.find_text_inside_table(tester, str(amount), table)
# Helpers.find_text_inside_table(tester, category_name, table)
# # Frank notices that the home page is showing he still has room for
# # spending, in the Rent category
# url = reverse('budgets:home')
# tester.browser.get(f"{tester.live_server_url}{url}")
# remainder = amount - wrong_amt
# table = tester.browser.find_element_by_id('id_expenses_total')
# formatted_amount = f'{remainder:n}'
# Helpers.find_text_inside_table(tester, str(formatted_amount), table)
# Frank also notices the amount is green, meaning he still has room for
# spending!
# TODO, check for "text-danger" class
# Frank notices his error and logs the full amount of the rent
# creating a new expenses (Frank can't find how to edit an entry)
remainder = 5000
note = Helpers.generate_string()
rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d")
is_income = False
Helpers.create_entry(tester, amount=remainder, category_name=category_name,
note=note, expense_date=rent_date,
is_income=is_income)
def test_expenses_page_can_show_old_expenses(tester):
"""Check that old expenses are shown if a given url is used"""
text = 'Rent'
Helpers.create_a_category(tester, category_name=text)
amount = 4000
note = 'Second month of rent'
second_date = date.today().replace(day=1)
second_date_ymd = second_date.strftime("%Y-%m-%d")
is_income = False
Helpers.create_entry(tester,
amount=amount,
category_name=text,
note=note,
expense_date=second_date_ymd,
is_income=is_income)
# Frank visits the expenses page
note = 'First month of rent'
delta = timedelta(weeks=10)
first_rent_date = second_date - delta
first_rent_date_ym = first_rent_date.strftime("%Y-%m")
first_rent_date_ymd = first_rent_date.strftime("%Y-%m-%d")
verify_creation = False
Helpers.create_entry(tester,
amount,
category_name=text,
note=note,
expense_date=first_rent_date_ymd,
is_income=is_income,
verify_creation=verify_creation)
# Frank visit the expenses page using a parameter
# (Frank manually changes the URL as he can not find any dropdown yet)
expense_url = reverse('budgets:expenses')
url = f"{tester.live_server_url}{expense_url}/{first_rent_date_ym}"
tester.browser.get(url)
formatted_amount = f'{amount:n}'
# Frank notices that this URL does not show entries from other months
Helpers.verify_expense_was_created(tester,
amount=amount,
category_name=text,
note=note)
def users_cant_create_expenses_with_other_users_categories(tester):
"""Check that the expenses can not be created with other users's categories
"""
# Frank logs in
Helpers.create_user(tester)
# Frank creates multiple categories
for _ in range(3):
cat_name = Helpers.generate_string()
Helpers.create_a_category(tester,
category_name=cat_name,
is_income=False)
category_id = Helpers.get_category_id_from_category_name(
tester, cat_name)
# Frank confirm the id of the last category he created... he "has a plan"
category_id = Helpers.get_category_id_from_category_name(tester, cat_name)
# Frank knows some javascript, and he tries to fiddle with the form values
# ## ES6 syntax, will work in recent (2015/2016+ versions) FF and Chromium
js_function = 'Array.from(document.getElementsByTagName("option")).forEach(function(item) {item.value = "X"});'
js_function = js_function.replace('X', str(category_id))
tester.browser.execute_script(js_function)
amount = random.randint(1, 90000)
expense_date = str(date.today())
note = Helpers.generate_string()
# Frank enters some data, he wants to make sure his js does not break the
# app
# Frank also confirm that even after executing this js, the expense was
# created correctly
Helpers.create_entry(tester,
amount,
category_name=cat_name,
note=note,
expense_date=expense_date,
is_income=False,
verify_creation=True,
js_to_execute=js_function)
# Franks challenges Guido to create an expense with a category he made
# Franks share his js script with Guido (Guido does not know any js!)
# Guido accepts to test out Frank's js and verify the app works correctly
Helpers.create_user(tester)
# Guido creates a category
cat_name = Helpers.generate_string()
Helpers.create_a_category(tester, category_name=cat_name, is_income=False)
# Guido enters some data, and execute the js code he got from Frank
# If the app is not checking for tampering the form values, this will fail
Helpers.create_entry(tester,
amount,
category_name=cat_name,
note=note,
expense_date=expense_date,
is_income=False,
verify_creation=False,
js_to_execute=js_function)
# Guido confirms the app is not deceived by this trivial attack
Helpers.visit_and_verify_expense(tester,
amount=amount,
category_name=cat_name,
note=note,
should_exist=False)
def test_only_expenses_in_range_are_shown(tester):
"""Check that expenses are correctly filtered when using a given url"""
# Frank creates 2 expenses for January 2020
text = Helpers.generate_string()
Helpers.create_a_category(tester, category_name=text)
# Frank is not going to check if the expenses are created as he always does
# Frank now believes into this sowftware!
is_income = False
# We skip verication because...the function is old and broke down due to
# the new redirect to /expense/create on success ?
# TODO: check if this is the case, and fix it if needed
verify_creation = False
amount = 4000
note = Helpers.generate_string()
date = "2020-01-01"
Helpers.create_entry(tester,
amount,
category_name=text,
note=note,
expense_date=date,
is_income=is_income,
verify_creation=verify_creation)
second_amount = 4200
second_date = "2020-01-07"
second_note = Helpers.generate_string()
Helpers.create_entry(tester,
second_amount,
category_name=text,
note=second_note,
expense_date=date,
is_income=is_income,
verify_creation=verify_creation)
# Frank has changed his mind: "Testing is important" he says.
# Frank then enters a special URL to check the expenses creation...but he
# enters the wrong end date
expense_url = reverse('budgets:expenses')
url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-02"
tester.browser.get(url)
# Frank notices the first expenses is shown. Frank is so happy
formatted_amount = f'{amount:,}'
Helpers.verify_expense_was_created(tester,
amount=formatted_amount,
category_name=text,
note=note)
# TODO: verify the second expenses is NOT shown
# Frank can not see the second expenses! Frank wonders whether the
# software has really saved the second expenses or not
# Frank then gets very anxious... but then Frank breathes, and re-types the
# URL. He notices he had typed the wrong one: "Silly me!" he mumbles.
expense_url = reverse('budgets:expenses')
url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-07"
tester.browser.get(url)
formatted_second_amount = f'{second_amount:,}'
# Frank now sees both expenses, he smiles. Frank is so relieved now
Helpers.verify_expense_was_created(tester,
formatted_amount,
category_name=text,
note=note)
Helpers.verify_expense_was_created(tester,
amount=formatted_second_amount,
category_name=text,
note=second_note)
# Then, Frank remembers he also bought something during December 2019
# He really wants to keep track of all his expenses!
third_amount = 4200
third_note = Helpers.generate_string()
older_date = "2019-12-31"
Helpers.create_entry(tester,
amount=third_amount,
category_name=text,
note=third_note,
expense_date=older_date,
is_income=is_income,
verify_creation=verify_creation)
# Frank then enters a special URL that allows him to only show expenses
# broken down by months
expense_url = reverse('budgets:expenses')
url = f"{tester.live_server_url}{expense_url}/2019-12-01/2019-12-31"
tester.browser.get(url)
formatted_third_amount = f'{third_amount:,}'
Helpers.verify_expense_was_created(tester,
amount=formatted_third_amount,
category_name=text,
note=third_note)
# TODO: Frank then want to see all expenses
expense_url = reverse('budgets:expenses')
url = f"{tester.live_server_url}{expense_url}/2019-12-01/2020-01-31"