def testapp(request): app = create_app('impression.settings.TestConfig') client = app.test_client() db.app = app db.create_all() if getattr(request.module, "create_user", True): admin = User(username="******", password="******") admin.insert() my_role = Role(name='admin') my_role.insert() admin.add_roles('admin') non_admin = User(username="******", password="******") non_admin.insert() safe_commit() def teardown(): db.session.remove() db.drop_all() request.addfinalizer(teardown) return client
def admin_users_edit_post(): payload = get_payload(request) user_id = payload.get('user_id') if user_id: user = User.get(user_id) return_value = success('All profile values have been updated.') else: user = User() user.insert() return_value = success('User created.') if not payload.get('password'): return jsonify(failure('You must set a password for new users')) if not payload.get('email'): return jsonify(failure('You must set an email for new users')) if not payload.get('name'): return jsonify(failure('You must set a name for new users')) for key in payload: if key == 'password': user.set_password(payload[key]) elif key != 'user_id': setattr(user, key, payload[key]) g.user.insert() safe_commit() return jsonify(return_value)
def create_user(): return_value = success('The user was created.') payload = get_payload(request) user = User(username=payload.get('email'), password=payload.get('password'), name=payload.get('name')) valid = user.validate() if valid['success']: user.insert() safe_commit() return_value['id'] = user.id else: del(user) return_value = valid return jsonify(return_value)
def create_user(): return_value = success('The user was created.') payload = get_payload(request) hashed_password = generate_password_hash(payload.get('password')) user = User() user.email = payload.get('email') user.name = payload.get('name') user.password = hashed_password valid = user.validate() if valid['success']: user.insert() safe_commit() return_value['id'] = user.id else: del(user) return_value = valid return jsonify(return_value)
class impressionTestCase(unittest.TestCase): def setUp(self): impression.app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///test.db' impression.app.config['TESTING'] = True self.app = impression.app.test_client() # Drop and create DB. impression.db.drop_all(bind=[None]) impression.db.create_all(bind=[None]) key = '{0:02X}'.format(randrange(36**50)) self.api_key = ApiKey(key=key, name='test-key') self.api_key.insert() self.s = TimestampSigner(key) safe_commit() hashed_password = generate_password_hash('password-123') # Create a user to update and delete later. self.user = User(name="Test User", email='*****@*****.**', admin=True, openid='', password=hashed_password) self.user.insert() safe_commit() def tearDown(self): impression.db.drop_all(bind=[None]) def test_upload(self): filename = 'test.txt' post_data = { 'file': (StringIO("This is a test file."), filename), 'name': 'Test File', 'user_id': self.user.id } rv = self.app.post('/upload_ajax', data=post_data, follow_redirects=True) self.assertEquals(rv.status_code, 200) data = json.loads(rv.data) self.assertEquals(data['messages'][0], 'The file was uploaded.') afile = File.get(data['id']) self.assertEquals(data['id'], afile.id) the_file = os.path.join(impression.app.config['UPLOAD_FOLDER'], filename) self.assertTrue(os.path.isfile(the_file)) # Delete the file we uploaded os.unlink(the_file) def test_content_create(self): api_key = self.s.sign(self.api_key.name) ''' CREATE ''' post_data = { 'title': 'This is a test page', 'body': 'Blah blah blah', 'type': 'post', 'user_id': self.user.id } # Try to create the content with no API key rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Create the content. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The content was created.') content_id = data['id'] # Make sure that we can grab the content from the DB. content = Content.get(content_id) self.assertIsNotNone(content) self.assertEquals(content.title, post_data['title']) # Try to create the same content again. This should fail. rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That post or page exists already.') # Clean up! content.delete() safe_commit() # Create the content. This should work fine. post_data['api_key'] = api_key post_data['type'] = 'page' rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The content was created.') content_id = data['id'] # Make sure that we can grab the content from the DB. content = Content.get(content_id) self.assertIsNotNone(content) self.assertEquals(content.title, post_data['title']) # Try to create the same content again. This should fail. rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That post or page exists already.') # Clean up! content.delete() safe_commit() def test_content_retrieve(self): user_id = self.user.id ''' RETRIEVE ''' # Create some content using the model directly... content = Content(title="Test Content", published=True, type="post", body="blah blah blah", user_id=self.user.id) content.insert() content1 = content.to_dict() content2 = Content(title="Test Content 2", published=True, type="post", body="blah blah blah", user_id=self.user.id) content2.insert() content2 = content2.to_dict() content3 = Content(title="Test Content 3", published=True, type="post", body="blah blah blah", user_id=self.user.id) content3.insert() content3 = content3.to_dict() content4 = Content(title="Test Content 4", published=True, type="post", body="blah blah blah", user_id=self.user.id) content4.insert() content4 = content4.to_dict() safe_commit() post_data = { 'id': content.id } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['contents'][0]) self.assertIsNotNone(data['messages']) content = Content.get(data['contents'][0]['id']) self.assertEquals(content.title, data['contents'][0]['title']) self.assertEquals(content.body, data['contents'][0]['body']) self.assertEquals(user_id, data['contents'][0]['user_id']) post_data = { 'content_type': 'post', 'page_size': 3 } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) # There should be three posts. self.assertEquals(data['contents'][0]['title'], content4['title']) self.assertEquals(data['contents'][1]['title'], content3['title']) self.assertEquals(data['contents'][2]['title'], content2['title']) # And only three posts returned self.assertTrue(len(data['contents']) == 3) # Posts should be in the right order self.assertTrue(data['contents'][1]['published_on'] < data['contents'][0]['published_on']) self.assertIsNotNone(data['messages']) post_data = { 'content_type': 'post', 'current_page': 2, 'page_size': 3 } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) # There should be one post. self.assertEquals(data['contents'][0]['title'], content1['title']) # And only one post returned self.assertTrue(len(data['contents']) == 1) def test_user_create(self): api_key = self.s.sign(self.api_key.name) ''' CREATE ''' post_data = { 'name': 'Testy McTesterson', 'email': '*****@*****.**', 'password': '******', } # Try to create the user with no API key rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Create the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The user was created.') user_id = data['id'] # Make sure that we can grab the user from the DB. user = User.get(user_id) self.assertIsNotNone(user) self.assertEquals(user.name, 'Testy McTesterson') # Try to create the same user again. This should fail. rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That user exists already.') # Clean up! user.delete() safe_commit() def test_user_retrieve(self): api_key = self.s.sign(self.api_key.name) ''' RETRIEVE ''' post_data = { 'id': self.user.id } # Try to retrieve the user with no API key rv = self.app.post('/user_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Retrieve the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['user']) self.assertEquals(data['user']['name'], 'Test User') def test_user_update(self): api_key = self.s.sign(self.api_key.name) ''' UPDATE ''' post_data = { 'name': 'New Person', 'email': '*****@*****.**', 'password': '******', 'id': self.user.id } # Try to update the user with no API key rv = self.app.post('/user_update', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # update the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_update', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['user']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The user was updated.') # Make sure that we can grab the user from the DB. user = User.get(self.user.id) self.assertIsNotNone(user) self.assertEquals(data['user']['name'], 'New Person') self.assertEquals(user.name, 'New Person') self.assertTrue(check_password_hash(user.password, 'newperson123')) def test_user_delete(self): api_key = self.s.sign(self.api_key.name) ''' DELETE ''' # Delete the user. post_data = { 'id': self.user.id } # Try to delete the user with no API key rv = self.app.post('/user_delete', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Removing should work now. post_data['api_key'] = api_key rv = self.app.post('/user_delete', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) user = User.get(self.user.id) self.assertIsNone(user)
class impressionTestCase(unittest.TestCase): def setUp(self): app.config["CACHE_TYPE"] = "null" # Use memory DB app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///:memory:' app.config['TESTING'] = True self.app = app.test_client() # Create DB. db.drop_all() db.create_all() safe_commit() key = '{0:02X}'.format(randrange(36**50)) self.api_key = ApiKey(key=key, name='test-key') self.api_key.insert() self.s = TimestampSigner(key) hashed_password = generate_password_hash('password-123') # Create a user to update and delete later. self.user = User(name="Test User", email='*****@*****.**', admin=True, openid='', password=hashed_password) self.user.insert() # Available Themes themes = ['Stock Bootstrap 3', 'amelia', 'cerulean', 'cosmo', 'cyborg', 'darkly', 'flatly', 'lumen', 'readable', 'simplex', 'slate', 'spacelab', 'superhero', 'united', 'yeti'] syntax_themes = ['autumn.css', 'borland.css', 'bw.css', 'colorful.css', 'default.css', 'emacs.css', 'friendly.css', 'fruity.css', 'github.css', 'manni.css', 'monokai.css', 'murphy.css', 'native.css', 'pastie.css', 'perldoc.css', 'tango.css', 'trac.css', 'vim.css', 'vs.css', 'zenburn.css'] # Create some system settings Setting(name='blog-title', vartype='str', system=True).insert() Setting(name='blog-copyright', vartype='str', system=True).insert() Setting(name='cache-timeout', vartype='int', system=True, value=0).insert() Setting(name='posts-per-page', vartype='int', system=True, value=4).insert() Setting(name='bootstrap-theme', vartype='str', system=True, value='yeti', allowed=json.dumps(themes)).insert() Setting(name='syntax-highlighting-theme', vartype='str', system=True, value='monokai.css', allowed=json.dumps(syntax_themes)).insert() Setting(name='custom-front-page', vartype='str', system=True).insert() safe_commit() def tearDown(self): db.drop_all() db.session.commit() def test_upload(self): filename = 'test.txt' the_file = os.path.join(app.config['UPLOAD_FOLDER'], filename) if os.path.isfile(the_file): os.unlink(the_file) post_data = { 'file': (StringIO("This is a test file."), filename), 'name': 'Test File', 'user_id': self.user.id } rv = self.app.post('/upload_ajax', data=post_data, follow_redirects=True) self.assertEquals(rv.status_code, 200) data = json.loads(rv.data) self.assertEquals(data['messages'][0], 'The file was uploaded.') afile = File.get(data['id']) self.assertEquals(data['id'], afile.id) self.assertTrue(os.path.isfile(the_file)) # Delete the file we uploaded os.unlink(the_file) def test_content_create(self): api_key = self.s.sign(self.api_key.name) ''' CREATE ''' post_data = { 'title': 'This is a test page', 'body': 'Blah blah blah', 'type': 'post', 'published': 1, 'user_id': self.user.id } # Try to create the content with no API key rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Create the content. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The content was created.') content_id = data['id'] # Make sure that we can grab the content from the DB. content = Content.get(content_id) self.assertIsNotNone(content) self.assertEquals(content.title, post_data['title']) # Try to create the same content again. This should fail. rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That post or page exists already.') # Clean up! content.delete() safe_commit() # Create the content. This should work fine. post_data['api_key'] = api_key post_data['type'] = 'page' rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The content was created.') content_id = data['id'] # Make sure that we can grab the content from the DB. content = Content.get(content_id) self.assertIsNotNone(content) self.assertEquals(content.title, post_data['title']) # Try to create the same content again. This should fail. rv = self.app.post('/content_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That post or page exists already.') # Clean up! content.delete() safe_commit() def test_content_retrieve(self): user_id = self.user.id ''' RETRIEVE ''' # Create some content using the model directly... content = Content(title="Test Content", published=True, type="post", body="blah blah blah", user_id=self.user.id) content.insert() content1 = content.to_dict() content2 = Content(title="Test Content 2", published=True, type="post", body="blah blah blah", user_id=self.user.id) content2.insert() content2 = content2.to_dict() content3 = Content(title="Test Content 3", published=True, type="post", body="blah blah blah", user_id=self.user.id) content3.insert() content3 = content3.to_dict() content4 = Content(title="Test Content 4", published=True, type="post", body="blah blah blah", user_id=self.user.id) content4.insert() content4 = content4.to_dict() safe_commit() post_data = { 'id': content.id } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['contents'][0]) self.assertIsNotNone(data['messages']) content = Content.get(data['contents'][0]['id']) self.assertEquals(content.title, data['contents'][0]['title']) self.assertEquals(content.body, data['contents'][0]['body']) self.assertEquals(user_id, data['contents'][0]['user_id']) post_data = { 'content_type': 'post', 'page_size': 3 } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) # There should be three posts. self.assertEquals(data['contents'][0]['title'], content4['title']) self.assertEquals(data['contents'][1]['title'], content3['title']) self.assertEquals(data['contents'][2]['title'], content2['title']) # And only three posts returned self.assertTrue(len(data['contents']) == 3) # Posts should be in the right order self.assertTrue(data['contents'][1]['published_on'] < data['contents'][0]['published_on']) self.assertIsNotNone(data['messages']) post_data = { 'content_type': 'post', 'current_page': 2, 'page_size': 3 } # retrieve the content. This should work fine. rv = self.app.post('/content_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) # There should be one post. self.assertEquals(data['contents'][0]['title'], content1['title']) # And only one post returned self.assertTrue(len(data['contents']) == 1) def test_user_create(self): api_key = self.s.sign(self.api_key.name) ''' CREATE ''' post_data = { 'name': 'Testy McTesterson', 'email': '*****@*****.**', 'password': '******', } # Try to create the user with no API key rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Create the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['id']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The user was created.') user_id = data['id'] # Make sure that we can grab the user from the DB. user = User.get(user_id) self.assertIsNotNone(user) self.assertEquals(user.name, 'Testy McTesterson') # Try to create the same user again. This should fail. rv = self.app.post('/user_create', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'That user exists already.') # Clean up! user.delete() safe_commit() def test_user_retrieve(self): api_key = self.s.sign(self.api_key.name) ''' RETRIEVE ''' post_data = { 'id': self.user.id } # Try to retrieve the user with no API key rv = self.app.post('/user_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Retrieve the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_retrieve', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['user']) self.assertEquals(data['user']['name'], 'Test User') def test_user_update(self): api_key = self.s.sign(self.api_key.name) ''' UPDATE ''' post_data = { 'name': 'New Person', 'email': '*****@*****.**', 'password': '******', 'id': self.user.id } # Try to update the user with no API key rv = self.app.post('/user_update', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # update the user. This should work fine. post_data['api_key'] = api_key rv = self.app.post('/user_update', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) self.assertTrue(data['user']) self.assertIsNotNone(data['messages']) self.assertEquals(data['messages'][0], 'The user was updated.') # Make sure that we can grab the user from the DB. user = User.get(self.user.id) self.assertIsNotNone(user) self.assertEquals(data['user']['name'], 'New Person') self.assertEquals(user.name, 'New Person') self.assertTrue(check_password_hash(user.password, 'newperson123')) @unittest.skip("Skipping this since the API is changing") def test_user_delete(self): api_key = self.s.sign(self.api_key.name) ''' DELETE ''' # Delete the user. post_data = { 'id': self.user.id } # Try to delete the user with no API key rv = self.app.post('/admin/users/delete', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertFalse(data['success']) # Removing should work now. post_data['api_key'] = api_key rv = self.app.post('/user_delete', data=post_data, follow_redirects=True) data = json.loads(rv.data) self.assertTrue(data['success']) user = User.get(self.user.id) self.assertIsNone(user)