def test_get_close_db(app): with app.app_context(): db = get_db() assert db is get_db() with pytest.raises(sqlite3.ProgrammingError) as e: db.execute('SELECT 1') assert 'closed' in str(e.value)
def index(): db = get_db() zadania = db.execute( 'SELECT z.id, zadanie, zrobione, data_pub, id_user, email' ' FROM zadania z JOIN users u ON z.id_user = u.id' ' ORDER BY data_pub DESC').fetchall() return render_template('zadania/index.html', zadania=zadania)
def register(): if request.method == 'POST': email = request.form['email'] haslo = request.form['haslo'] db = get_db() error = None if not email: error = 'Email jest wymagany.' elif not haslo: error = 'Hasło jest wymagane.' if error is None: try: db.execute( "INSERT INTO users (email, haslo) VALUES (?, ?)", (email, generate_password_hash(haslo)), ) db.commit() except db.IntegrityError: error = f"Adres już zarejestrowany: {email}." else: return redirect(url_for("auth.login")) flash(error) return render_template('auth/register.html')
def app(): db_fd, db_path = tempfile.mkstemp() app = create_app({ 'TESTING': True, 'DATABASE': db_path, }) with app.app_context(): init_db() get_db().executescript(_data_sql) yield app os.close(db_fd) os.unlink(db_path)
def test_register(client, app): assert client.get('/auth/register').status_code == 200 response = client.post('/auth/register', data={'email': 'a', 'haslo': 'a'}) assert response.headers["Location"] == "/auth/login" with app.app_context(): assert get_db().execute( "SELECT * FROM users WHERE email = 'a'", ).fetchone() is not None
def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: g.user = get_db().execute('SELECT * FROM users WHERE id = ?', (user_id, )).fetchone()
def test_delete(client, auth, app): auth.login() response = client.post('/1/usun') assert response.headers["Location"] == "/" with app.app_context(): db = get_db() zadanie = db.execute('SELECT * FROM zadania WHERE id = 1').fetchone() assert zadanie is None
def test_update(client, auth, app): auth.login() assert client.get('/1/edytuj').status_code == 200 client.post('/1/edytuj', data={'zadanie': 'poprawione'}) with app.app_context(): db = get_db() post = db.execute('SELECT * FROM zadania WHERE id = 1').fetchone() assert post['zadanie'] == 'poprawione'
def test_create(client, auth, app): auth.login() assert client.get('/dodaj').status_code == 200 client.post('/dodaj', data={'zadanie': 'nowe'}) with app.app_context(): db = get_db() count = db.execute('SELECT COUNT(id) FROM zadania').fetchone()[0] assert count == 2
def get_zadanie(id, check_author=True): zadanie = get_db().execute( 'SELECT z.id, zadanie, zrobione, data_pub, id_user, email' ' FROM zadania z JOIN users u ON z.id_user = u.id' ' WHERE z.id = ?', (id, )).fetchone() if zadanie is None: abort(404, f"Zadanie id {id} nie istnieje.") if check_author and zadanie['id_user'] != g.user['id']: abort(403) return zadanie
def test_author_required(app, client, auth): # change the post author to another user with app.app_context(): db = get_db() db.execute('UPDATE zadania SET id_user = 2 WHERE id = 1') db.commit() auth.login() # current user can't modify other user's post assert client.post('/1/edytuj').status_code == 403 assert client.post('/1/usun').status_code == 403 # current user doesn't see edit link assert b'href="/1/edytuj"' not in client.get('/').data
def dodaj(): if request.method == 'POST': zadanie = request.form['zadanie'] error = None if not zadanie: error = 'Zadanie nie może być puste.' if error is not None: flash(error) else: db = get_db() db.execute( 'INSERT INTO zadania (id_user, zadanie)' ' VALUES (?, ?)', (g.user['id'], zadanie)) db.commit() return redirect(url_for('zadania.index')) return render_template('zadania/dodaj.html')
def edytuj(id): zadanie = get_zadanie(id) if request.method == 'POST': zadanie = request.form['zadanie'] error = None if not zadanie: error = 'Zadanie nie może być puste.' if error is not None: flash(error) else: db = get_db() db.execute('UPDATE zadania SET zadanie = ?' ' WHERE id = ?', (zadanie, id)) db.commit() return redirect(url_for('zadania.index')) return render_template('zadania/edytuj.html', zadanie=zadanie)
def login(): if request.method == 'POST': email = request.form['email'] haslo = request.form['haslo'] db = get_db() error = None user = db.execute('SELECT * FROM users WHERE email = ?', (email, )).fetchone() if user is None: error = 'Błędny email.' elif not check_password_hash(user['haslo'], haslo): error = 'Błędne hasło.' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('index')) flash(error) return render_template('auth/login.html')
def zmien_status(id, status): get_zadanie(id) db = get_db() db.execute('UPDATE zadania SET zrobione = ?' ' WHERE id = ?', (status, id)) db.commit() return redirect(url_for('zadania.index'))
def usun(id): get_zadanie(id) db = get_db() db.execute('DELETE FROM zadania WHERE id = ?', (id, )) db.commit() return redirect(url_for('zadania.index'))