def test_empty_db_search(client): empty_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "michouchou").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter["searched_words"] = "" filter_parameter["search_by_keyword"] = False filter_parameter['search_table'] = Publishing result = query_maker(filter_parameter) assert 0 == len(result)
def test_post_empty_search(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "channelwriter").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter["searched_words"] = "" filter_parameter["search_by_keyword"] = False filter_parameter['search_table'] = Post result = query_maker(filter_parameter) assert 3 == len(result)
def test_writer_basic2_search(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "channelwriter").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter["searched_words"] = "" filter_parameter["search_by_keyword"] = False filter_parameter['search_table'] = Publishing result = query_maker(filter_parameter) assert 3 == len(result) assert [9, 10, 11] == sorted([pub.post_id for pub in result])
def test_post_content_title_keyboard_search(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "michouchou").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = True filter_parameter["searched_words"] = "drawings any middleton saw" filter_parameter["search_by_keyword"] = True filter_parameter['search_table'] = Post result = query_maker(filter_parameter) assert 2 == len(result) assert [2, 3] == sorted([pub.id for pub in result])
def test_post_content_keyword_search(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "channelmoder").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = False filter_parameter["search_in_content"] = True filter_parameter["searched_words"] = "him it" filter_parameter["search_by_keyword"] = True filter_parameter['search_table'] = Post result = query_maker(filter_parameter) assert 2 == len(result) assert [4, 7] == sorted([pub.id for pub in result])
def test_Post_basic(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "channelwriter").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter["searched_words"] = "men instrument" filter_parameter["search_by_keyword"] = False filter_parameter['search_table'] = Post result = query_maker(filter_parameter) assert len(result) == 2 assert [9, 10] == sorted([pub.id for pub in result])
def test_sql_injections(client): """ Check if the search module prevents SQL injections: - Get publications from all users instead of only this user's :return: """ populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "michouchou").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter[ "searched_words"] = 'you\'ve been PWn3d by XxxxSUCKERHACKERxxxX" OR 1=1 ;-- ' filter_parameter["search_by_keyword"] = False filter_parameter["order_by"] = "post_id" filter_parameter["is_asc"] = True filter_parameter['search_table'] = Publishing result = query_maker(filter_parameter) assert 0 == len(result)
def test_time_period_search(client): populate_db() filter_parameter = dict() filter_parameter["user"] = db.session.query(User).filter( User.id == "michouchou").first() filter_parameter["channels"] = [1, 2, 3, 4] filter_parameter["states"] = [0, 1, 2] filter_parameter["search_in_title"] = True filter_parameter["search_in_content"] = False filter_parameter["searched_words"] = "" filter_parameter["search_by_keyword"] = False filter_parameter["order_by"] = "post_id" filter_parameter["is_asc"] = True filter_parameter["date_from"] = "2017-05-07" filter_parameter["date_until"] = "2019-07-07" filter_parameter['search_table'] = Publishing result = query_maker(filter_parameter) assert 3 == len(result) assert [2, 3, 5] == [pub.post_id for pub in result] filter_parameter["date_from"] = "2020-05-07" filter_parameter["date_until"] = "2021-07-07" result = query_maker(filter_parameter) assert 0 == len(result) filter_parameter["date_from"] = "2000-05-07" filter_parameter["date_until"] = "2001-07-07" result = query_maker(filter_parameter) assert 0 == len(result) filter_parameter["date_from"] = "2020-05-07" filter_parameter["date_until"] = "2017-07-07" result = query_maker(filter_parameter) assert 0 == len(result) filter_parameter["date_from"] = "2018-11-16" filter_parameter.pop("date_until", None) result = query_maker(filter_parameter) assert 1 == len(result) assert [5] == [pub.post_id for pub in result] filter_parameter.pop("date_from", None) filter_parameter["date_until"] = "2018-11-15" result = query_maker(filter_parameter) assert 1 == len(result) assert [2] == [pub.post_id for pub in result]