def test_index():
with global_user(random_string(5)) as global_user_name:
res = web_client().get('/')
assert res.status == '200 OK'
d = pq(res.data)
assert d('h1').text() == "%s's blog" % (global_user_name, )
def test_security_header():
with global_user(random_string(5)):
res = web_client().get('/')
assert res.status == '200 OK'
assert res.headers['X-Frame-Options'] == 'DENY'
assert res.headers['X-Content-Type-Options'] == 'nosniff'
assert res.headers['X-XSS-Protection'] == '1;mode=block'
assert res.headers['Content-Security-Policy'] == "default-src 'self'"
def test_ensure_global_user_created():
db = DB()
with global_user(random_string(10)) as global_user_name:
assert UserLoader.find_by_name(db, global_user_name) is None
user = UserAction.ensure_global_user_created(db)
assert user.name == global_user_name
# Check no exceptions raises
user_again = UserAction.ensure_global_user_created(db)
assert user_again.id == user.id
def test_entry():
db = DB()
with global_user(random_string(5)):
blog = BlogAction.ensure_global_blog_created(db)
entry = create_entry(blog=blog)
res1 = web_client().get('/entry/' + str(entry.id))
assert res1.status == '200 OK'
d = pq(res1.data)
res2 = web_client().get('/entry/0')
assert res2.status == '404 NOT FOUND'
def test_post_create_entry_bad_request():
with global_user(random_string(5)), web_client() as wc:
res1 = wc.post('/-/post', data=dict())
assert res1.status == '400 BAD REQUEST'
res2 = wc.post('/-/post',
data=dict(
title='はろー',
body='こんにちは',
blog_id=-1,
))
assert res2.status == '400 BAD REQUEST'
def test_ensure_global_blog_created():
db = DB()
with global_user(random_string(10)) as global_user_name:
assert UserLoader.find_by_name(db, global_user_name) is None
blog = BlogAction.ensure_global_blog_created(db)
found_user = UserLoader.find_by_name(db, global_user_name)
assert blog.owner_id == found_user.id
# Check no exeception raises
blog_again = BlogAction.ensure_global_blog_created(db)
assert blog_again.id == blog.id
def test_post_create_entry():
db = DB()
with global_user(random_string(5)), web_client() as wc:
blog = BlogAction.ensure_global_blog_created(db)
res = wc.post('/-/post',
data=dict(
title='はろー',
body='こんにちは',
blog_id=blog.id,
))
assert res.status == '302 FOUND'
assert res.headers['Location'] == url_for('index', _external=True)
entry = EntryLoader.find_entries(db, blog.id, limit=1)[0]
assert entry.title == 'はろー'
assert entry.body == 'こんにちは'
def test_index_with_entries():
db = DB()
with global_user(random_string(5)):
blog = BlogAction.ensure_global_blog_created(db)
entries = []
with freeze_time('2017-01-13 12:00:02'):
entries.append(create_entry(blog=blog))
with freeze_time('2017-01-13 12:00:01'):
entries.append(create_entry(blog=blog))
with freeze_time('2017-01-13 12:00:00'):
entries.append(create_entry(blog=blog))
res = web_client().get('/')
assert res.status == '200 OK'
d = pq(res.data)
assert [int(d(a).attr('data-entry-id'))
for a in d('.entry')] == [e.id for e in entries]
def test_post_show_form():
with global_user(random_string(5)):
res = web_client().get('/-/post')
assert res.status == '200 OK'
