class TestAddSubmissionView(TestCase): def __init__(self, *args, **kwargs): super(TestAddSubmissionView, self).__init__(*args, **kwargs) # Add context and template to the response on_template_render = curry(store_rendered_templates, {}) signals.template_rendered.connect(on_template_render, dispatch_uid="template-render") def setUp(self): self.factory = RequestFactory() self.ideation = MagicMock() def test_add_submission_get(self): request = self.factory.get('/') request.user = AnonymousUser() request.development = development_mock response = views.add_submission(request, self.ideation) eq_(response.status_code, 200) def test_invalid_form(self): request = self.factory.post('/', BLANK_EXTERNALS) request.user = AnonymousUser() request.development = development_mock response = views.add_submission(request, self.ideation) eq_(response.status_code, 200)
class GetNextUrlTests(TestCase): def setUp(self): super(GetNextUrlTests, self).setUp() self.r = RequestFactory() self.patcher = patch('django.contrib.sites.models.Site.objects') mock = self.patcher.start() mock.get_current.return_value.domain = 'su.mo.com' def tearDown(self): self.patcher.stop() super(GetNextUrlTests, self).tearDown() def test_query_string(self): """Query-strings remain intact.""" r = self.r.get('/', {'next': '/new?f=b'}) eq_('/new?f=b', get_next_url(r)) def test_good_host_https(self): """Full URLs work with valid hosts.""" r = self.r.post('/users/login', {'next': 'https://su.mo.com/kb/new'}) eq_('https://su.mo.com/kb/new', get_next_url(r)) def test_post(self): """'next' in POST overrides GET.""" r = self.r.post('/?next=/foo', {'next': '/bar'}) eq_('/bar', get_next_url(r)) def test_get(self): """'next' can be a query-string parameter.""" r = self.r.get('/users/login', {'next': '/kb/new'}) eq_('/kb/new', get_next_url(r)) def test_referer(self): """Use HTTP referer if nothing else.""" r = self.r.get('/') r.META['HTTP_REFERER'] = 'http://su.mo.com/new' eq_('http://su.mo.com/new', get_next_url(r)) def test_bad_host_https(self): r = self.r.get('/', {'next': 'https://example.com'}) eq_(None, get_next_url(r)) def test_bad_host_protocol_relative(self): """Protocol-relative URLs do not let bad hosts through.""" r = self.r.get('/', {'next': '//example.com'}) eq_(None, get_next_url(r))
def req_factory_factory(url, user=None, post=False, data=None): """Creates a request factory, logged in with the user.""" req = RequestFactory() if post: req = req.post(url, data or {}) else: req = req.get(url, data or {}) if user: req.amo_user = user req.user = user.user req.groups = req.user.get_profile().groups.all() return req
class GetNextUrlTests(TestCase): def setUp(self): super(GetNextUrlTests, self).setUp() self.r = RequestFactory() self.patcher = patch('django.contrib.sites.models.Site.objects') mock = self.patcher.start() mock.get_current.return_value.domain = 'su.mo.com' def tearDown(self): self.patcher.stop() super(GetNextUrlTests, self).tearDown() def test_https(self): """Verify that protocol and domain get removed for https.""" r = self.r.post('/users/login', {'next': 'https://su.mo.com/kb/new?f=b'}) eq_('/kb/new?f=b', get_next_url(r)) def test_http(self): """Verify that protocol and domain get removed for http.""" r = self.r.post('/users/login', {'next': 'http://su.mo.com/kb/new'}) eq_('/kb/new', get_next_url(r))
def req_factory_factory(url, user=None, post=False, data=None): """Creates a request factory, logged in with the user.""" req = RequestFactory() if post: req = req.post(url, data or {}) else: req = req.get(url, data or {}) if user: req.amo_user = UserProfile.objects.get(id=user.id) req.user = user req.groups = user.groups.all() req.check_ownership = partial(check_ownership, req) return req
def req_factory_factory(url, user=None, post=False, data=None): """Creates a request factory, logged in with the user.""" req = RequestFactory() if post: req = req.post(url, data or {}) else: req = req.get(url, data or {}) if user: req.amo_user = RequestUser.objects.get(id=user.id) req.user = user.user req.groups = req.user.get_profile().groups.all() req.APP = None req.check_ownership = partial(check_ownership, req) return req
def req_factory_factory(url='', user=None, post=False, data=None, **kwargs): """Creates a request factory, logged in with the user.""" req = RequestFactory() if post: req = req.post(url, data or {}) else: req = req.get(url, data or {}) if user: req.user = UserProfile.objects.get(id=user.id) req.groups = user.groups.all() else: req.user = AnonymousUser() req.check_ownership = partial(check_ownership, req) req.REGION = kwargs.pop('region', mkt.regions.REGIONS_CHOICES[0][1]) req.API_VERSION = 2 for key in kwargs: setattr(req, key, kwargs[key]) return req
class TestClosedPhaseRequiredDecorator(TestCase): def setUp(self): self.factory = RequestFactory() self.request = self.factory.get('/') self.request.ideation = phase_mock def test_decorator_defaults(self): response = mock_phase_view(self.request, phase='ideation') eq_(response.status_code, 403) def test_phase_method_allowed(self): response = mock_phase_view_get(self.request, phase='ideation') eq_(response['phase'], 'ideation') def test_phase_method_not_allowed(self): request = self.factory.post('/', {}) request.ideation = phase_mock response = mock_phase_view_get(request, phase='ideation') eq_(response.status_code, 403)
class TestClient(object): def __init__(self): ConsumerModel.objects.create(name='test', key='test', secret='test', status='accepted') self.url = 'http://testserver/subscriptions/subscribe/' self.consumer = oauth.Consumer(key='test', secret='test') self.signature_method = oauth.SignatureMethod_HMAC_SHA1() # we're only using 2-legged auth, no need for tokens self.token = None self.params = { 'oauth_version': '1.0', 'oauth_nonce': oauth.generate_nonce(), 'oauth_timestamp': int(time.time()), } self.c = Client() self.rf = RequestFactory() def tearDown(self): ConsumerModel.objects.filter(key='test').delete() def headers(self, method='POST', **kwargs): params = self.params.copy() params.update(kwargs) req = oauth.Request(method=method, url=self.url, parameters=params) req.sign_request(self.signature_method, self.consumer, self.token) return req.to_header() def subscribe(self, **kwargs): header = self.headers(**kwargs) return self.c.post(self.url, kwargs, **header) def subscribe_request(self, **kwargs): header = self.headers(**kwargs) return self.rf.post(self.url, kwargs, **header) def read(self, **kwargs): header = self.headers(method="GET", **kwargs) return self.c.get(self.url, kwargs, **header)
class TestPhaseRequiredDecorator(TestCase): def setUp(self): self.factory = RequestFactory() self.request = self.factory.get('/') self.request.ideation = phase_mock def test_method_allowed(self): response = mock_view(self.request, phase='ideation') eq_(response['phase'], 'ideation') def test_method_not_allowed(self): request = self.factory.post('/', {}) request.ideation = phase_mock response = mock_view(request, phase='ideation') eq_(response.status_code, 403) @raises(ImproperlyConfigured) def test_invalid_phase(self): mock_view(self.request, phase='development') def test_defaults(self): response = mock_default_view(self.request, phase='ideation') eq_(response.status_code, 403)
class ViewsTests(TestCase): def setUp(self): super(ViewsTests, self).setUp() self.factory = RequestFactory() self.u = get_user('ccarlos') self.c = get_user('CTO') def _create_lets(self): f = forms.LetsForm(creator=self.u, data={'content': 'Hello', 'category': CAT_OTHR}) return f.save() def test_delete_own_lets(self): e = self._create_lets() url = reverse('diary.delete', args=[e.id]) request = self.factory.post(url) request.user = self.u response = views.delete(request, lets_id=e.id) eq_(response.status_code, 302) # Assert object was deleted. assert not models.Lets.objects.filter(creator=self.u).exists() def test_delete_someones_entry(self): """Delete someone else's lets object.""" e = self._create_lets() url = reverse('lets.delete', args=[e.id]) request = self.factory.post(url) request.user = self.c fn = lambda: views.delete(request, lets_id=e.id) self.assertRaises(PermissionDenied, fn) def test_vote_ipm(self): visits = get_users_and_visits(self.u, self.c)[2] before = visits[0].mojo e = self._create_lets() url = reverse('lets.like', args=[e.id]) request = self.factory.post(url) request.user = self.c views.like_lets(request, lets_id=e.id) visits = get_users_and_visits(self.u, self.c)[2] after = visits[0].mojo eq_(before + IPM_POINTS['lets_like']['per'], after) def test_view_activities(self): from users.forms import SettingsForm from users.models import Setting request = self.factory.get(reverse('lets')) request.user = self.u views.activities(request) eq_('lets', Setting.get_for_user(self.u, 'home_tab')) form = SettingsForm(data={'home_tab': 'stream'}) form.is_valid() form.save_for_user(request.user) eq_('stream', Setting.get_for_user(self.u, 'home_tab')) views.activities(request) eq_('lets', Setting.get_for_user(self.u, 'home_tab'))
class ViewsTests(TestCase): def setUp(self): super(ViewsTests, self).setUp() self.factory = RequestFactory() self.c = get_user('CTO') self.u = get_user('zinoma') self.f = forms.DiaryForm(creator=self.u, data={'text': 's' * 500}) self.e = self.f.save() def test_new_entry(self): # Since user doesn't have an entry, we check if the # new diary form is displayed. url = reverse('diary.new') request = self.factory.get(url) request.user = self.c response = views.new(request) eq_(response.status_code, 200) page_content = response.content contains(page_content, 'Write your entry here...') contains(page_content, 'action=\"/diary/new') def test_existing_entry(self): url = reverse('diary.list_all', args=[self.u.username]) request = self.factory.get(url) request.user = self.u response = views.list_personal(request, username=self.u.username) eq_(response.status_code, 200) page_content = response.content contains(page_content, '/diary/user/zinoma/%d/%d/%d' % (self.e.created_day.year, self.e.created_day.month, self.e.created_day.day)) contains(page_content, 'entry/%d/delete' % (self.e.id)) def test_edit_entry(self): url = reverse('diary.edit', args=[self.e.id]) request = self.factory.get(url) request.user = self.u response = views.edit(request, diary_id=self.e.id) eq_(response.status_code, 200) page_content = response.content # In edit form box, assert initial contents are displayed. contains(page_content, 's' * 500) contains(page_content, 'diary/entry/%d/edit' % (self.e.id)) def test_edit_someones_entry(self): """Edit someone else's entry.""" url = reverse('diary.edit', args=[self.e.id]) request = self.factory.get(url) request.user = self.c fn = lambda: views.edit(request, diary_id=self.e.id) self.assertRaises(PermissionDenied, fn) def test_edit_update_entry(self): url = reverse('diary.edit', args=[self.e.id]) request = self.factory.post(url, {'text': 'x' * 500}) request.user = self.u response = views.edit(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) # Was the diary entry changed? url = reverse('diary.list_all', args=[self.u.username]) request = self.factory.get(url) request.user = self.u response = views.list_personal(request, username=self.u.username) eq_(response.status_code, 200) # Yes, indeed. contains(response.content, 'x' * 500) def test_reply_diary(self): url = reverse('diary.reply', args=[self.e.id]) request = self.factory.post(url, {'text': 'ha' * 10}) request.user = self.u response = views.reply(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) # Was the diary comment created? url = reverse('diary.single', kwargs=get_kwargs_for_diary_id(self.e.id)) request = self.factory.get(url) request.user = self.u response = views.single(request, username=self.u.username, year=self.e.created_day.year, month=self.e.created_day.month, day=self.e.created_day.day) eq_(response.status_code, 200) # Yes, indeed. contains(response.content, 'ha' * 10) def test_delete_own_reply(self): """Delete own comment on owned diary.""" url = reverse('diary.reply', args=[self.e.id]) request = self.factory.post(url, {'text': 'ha' * 10}) request.user = self.u response = views.reply(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) assert Comment.objects.filter(diary=self.e.id, creator=self.u).exists() comm = get_object_or_404(Comment, diary=self.e.id, creator=self.u) url = reverse('diary.delete_comment', args=[comm.id]) request = self.factory.post(url) request.user = self.u response = views.delete_comment(request, comment_id=comm.id) assert not (Comment.objects.filter(diary=self.e.id, creator=self.u). exists()) def test_delete_someones_reply(self): """Delete someone else's comment as the owner of the entry.""" url = reverse('diary.reply', args=[self.e.id]) request = self.factory.post(url, {'text': 'ha' * 10}) request.user = self.c response = views.reply(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) assert Comment.objects.filter(diary=self.e.id, creator=self.c).exists() comm = get_object_or_404(Comment, diary=self.e.id, creator=self.c) url = reverse('diary.delete_comment', args=[comm.id]) request = self.factory.post(url) request.user = self.u response = views.delete_comment(request, comment_id=comm.id) assert not (Comment.objects.filter(diary=self.e.id, creator=self.c). exists()) def test_delete_someones_reply_not_owner(self): """Delete someone else's comment as NOT the owner of the entry.""" url = reverse('diary.reply', args=[self.e.id]) request = self.factory.post(url, {'text': 'ha' * 10}) request.user = self.u response = views.reply(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) assert Comment.objects.filter(diary=self.e.id, creator=self.u).exists() comm = get_object_or_404(Comment, diary=self.e.id, creator=self.u) url = reverse('diary.delete_comment', args=[comm.id]) request = self.factory.post(url) request.user = self.c fn = lambda: views.delete_comment(request, comment_id=comm.id) self.assertRaises(PermissionDenied, fn) def test_delete_own_reply_diff_diary(self): """Delete own comment as NOT the owner of the entry.""" url = reverse('diary.reply', args=[self.e.id]) request = self.factory.post(url, {'text': 'ha' * 10}) request.user = self.c response = views.reply(request, diary_id=self.e.id) # Is HttpResponseRedirect called (based on a valid form)? eq_(response.status_code, 302) assert Comment.objects.filter(diary=self.e.id, creator=self.c).exists() comm = get_object_or_404(Comment, diary=self.e.id, creator=self.c) url = reverse('diary.delete_comment', args=[comm.id]) request = self.factory.post(url) request.user = self.c response = views.delete_comment(request, comment_id=comm.id) assert not (Comment.objects.filter(diary=self.e.id, creator=self.c). exists()) def test_delete_existing_entry(self): url = reverse('diary.delete', args=[self.e.id]) request = self.factory.post(url) request.user = self.u response = views.delete(request, diary_id=self.e.id) # Assert a redirect took place. eq_(response.status_code, 302) # Was the diary entry deleted? url = reverse('diary.list_all', args=[self.u.username]) request = self.factory.get(url) request.user = self.u response = views.list_personal(request, username=self.u.username) eq_(response.status_code, 200) # Yes, indeed. not_contains(response.content, 'a' * 500) def test_delete_someones_entry(self): """Delete someone else's entry.""" url = reverse('diary.delete', args=[self.e.id]) request = self.factory.post(url) request.user = self.c fn = lambda: views.delete(request, diary_id=self.e.id) self.assertRaises(PermissionDenied, fn)