def test_users(self):
# add two users
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u1 = User('john')
u1.email = '*****@*****.**'
u1.password = '******'
u1.confirmed = True
u1.roles.append(r)
u2 = User('susan')
u2.email = '*****@*****.**'
u2.password = '******'
u2.confirmed = True
u2.roles.append(r)
db.session.add_all([u1, u2])
db.session.commit()
# get users
# 以u2通过验证,得到u1的用户信息
response = self.client.get(url_for('api.get_user', id=u1.id),
headers=self.get_api_headers(
'susan', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['username'] == 'john')
# 以u2通过验证,得到u2的用户信息
response = self.client.get(url_for('api.get_user', id=u2.id),
headers=self.get_api_headers(
'susan', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['username'] == 'susan')
def test_duplicate_email_change_token(self):
user1 = User('test1')
user1.email = '*****@*****.**'
user1.password = '******'
user2 = User('test2')
user2.email = '*****@*****.**'
user2.password = '******'
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user2.generate_email_change_token('*****@*****.**')
self.assertFalse(user2.change_email(token))
self.assertTrue(user2.email == '*****@*****.**')
def test_invalid_reset_token(self):
user1 = User('test1')
user2 = User('test2')
user1.password = '******'
user2.password = '******'
user1.email = '*****@*****.**'
user2.email = '*****@*****.**'
db.session.add(user1)
db.session.add(user2)
db.session.commit()
token = user1.generate_reset_token(user1.email)
self.assertFalse(user2.reset_password(token, 'puppy'))
self.assertTrue(user2.check_password('dog'))
def register(request):
if request.method == "POST":
uf = UserFormRegister(request.POST)
if uf.is_valid():
userName = uf.cleaned_data['userName']
password = uf.cleaned_data['password']
email = uf.cleaned_data['email']
if User.objects.get(userName = userName) != None:
uf = UserFormRegister()
return render_to_response('register.html', {'uf': uf}, context_instance = RequestContext(request))
user = User()
user.userName = userName
user.password = password
user.email = email
user.save()
response = render_to_response('success.html', {'username': userName})
response.set_cookie('username', userName, 3600)
return response
else:
uf = UserFormRegister()
return render_to_response('register.html', {'uf': uf}, context_instance = RequestContext(request))
def create_admin(email, password):
user = User()
user.email = email
user.password = password
user.type = 'admin'
user.active = True
user.save()
def setUp(self):
# Bug workarounds: Flask Admin和Flask Restful扩展中,
# 它们会为应用生成蓝图对象并在内部保存起来,但在应用销毁时不会主动将其移除。
admin._views = []
rest_api.resources = []
self.app = create_app('test')
# 必须push context,否则会报错误
self.app_context = self.app.app_context()
self.app_context.push()
self.client = self.app.test_client(use_cookies=True)
# Bug workaround: 如果不在webapp目录中运行,
# 则Flask SQLAlchemy的初始化代码就不能正确地在应用对象中进行初始化
db.app = self.app
db.create_all()
# create role and user
# 由于下面有个test_register_and_login测试,要注册新用户,
# 在register路由中会默认添加上'poster'和'default'角色,因此这里要先创建两种角色
poster = Role('poster')
poster.description = 'poster role'
default = Role('default')
default.description = 'default role'
db.session.add(poster)
db.session.add(default)
test_user = User('test')
test_user.email = '*****@*****.**'
test_user.password = '******'
test_user.confirmed = True
test_user.roles.append(poster)
db.session.add(test_user)
db.session.commit()
def test_token_auth(self):
# add a user
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u = User('john')
u.email = '*****@*****.**'
u.password = '******'
u.confirmed = True
u.roles.append(r)
db.session.add(u)
db.session.commit()
# issue a request with a bad token
response = self.client.get(url_for('api.get_posts'),
headers=self.get_api_headers(
'bad-token', ''))
self.assertTrue(response.status_code == 401)
# get a token
response = self.client.get(url_for('api.get_token'),
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('token'))
token = json_response['token']
# issue a request with the token
response = self.client.get(url_for('api.get_posts'),
headers=self.get_api_headers(token, ''))
self.assertTrue(response.status_code == 200)
def test_valid_email_change_token(self):
user1 = User('test1')
user1.email = '*****@*****.**'
user1.password = '******'
db.session.add(user1)
db.session.commit()
token = user1.generate_email_change_token('*****@*****.**')
self.assertTrue(user1.change_email(token))
self.assertTrue(user1.email == '*****@*****.**')
def test_follows(self):
u1 = User('test1')
u1.email = '*****@*****.**'
u1.password = '******'
u2 = User('test2')
u2.email = '*****@*****.**'
u2.password = '******'
db.session.add(u1)
db.session.add(u2)
db.session.commit()
self.assertFalse(u1.is_following(u2))
self.assertFalse(u1.is_followed_by(u2))
timestamp_before = datetime.datetime.utcnow()
u1.follow(u2)
db.session.add(u1)
db.session.commit()
timestamp_after = datetime.datetime.utcnow()
self.assertTrue(u1.is_following(u2))
self.assertFalse(u1.is_followed_by(u2))
self.assertTrue(u2.is_followed_by(u1))
self.assertTrue(u1.followings.count() == 1)
self.assertTrue(u2.followers.count() == 1)
f = u1.followings.all()[-1]
self.assertTrue(f.following == u2)
self.assertTrue(timestamp_before <= f.timestamp <= timestamp_after)
f = u2.followers.all()[-1]
self.assertTrue(f.follower == u1)
u1.unfollow(u2)
db.session.add(u1)
db.session.commit()
self.assertTrue(u1.followings.count() == 0)
self.assertTrue(u2.followers.count() == 0)
self.assertTrue(Follow.query.count() == 0)
u2.follow(u1)
db.session.add(u1)
db.session.add(u2)
db.session.commit()
db.session.delete(u2)
db.session.commit()
self.assertTrue(Follow.query.count() == 0)
def test_valid_reset_token(self):
user = User('test')
user.password = '******'
user.email = '*****@*****.**'
db.session.add(user)
# 只有commit了才能拿到id,以便生成token
db.session.commit()
token = user.generate_reset_token(user.email)
self.assertTrue(user.reset_password(token, 'dog'))
self.assertTrue(user.check_password('dog'))
def register():
form = RegisterForm()
if form.validate_on_submit():
user = User()
user.set_password(form.password.data)
user.username = form.username.data
user.email = form.email.data
db.session.add(user)
db.session.commit()
flash('You can now login ')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', form=form)
def test_unconfirmed_account(self):
# add an unconfirmed user
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u = User('john')
u.email = '*****@*****.**'
u.password = '******'
u.confirmed = False
u.roles.append(r)
db.session.add(u)
db.session.commit()
# get list of posts with the unconfirmed account
response = self.client.get(url_for('api.get_posts'),
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 403)
def test_bad_auth(self):
# add a user
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u = User('john')
u.email = '*****@*****.**'
u.password = '******'
u.confirmed = True
u.roles.append(r)
db.session.add(u)
db.session.commit()
# authenticate with bad password
response = self.client.get(url_for('api.get_posts'),
headers=self.get_api_headers('john', 'dog'))
self.assertTrue(response.status_code == 401)
def register():
form = RegisterForm()
if form.validate_on_submit():
user = User()
user.set_password(form.password.data)
user.username = form.username.data
user.email = form.email.data
user.name = form.name.data
user.headimg = '/static/headimg/default.jpg'
user.location = '北京'
db.session.add(user)
db.session.commit()
flash('You can now login ')
return redirect(url_for('auth.login'))
return render_template('auth/register.html',
form=form,
backgroundpic='/static/img/post1_bg.jpg')
def register(request):
message = ''
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password1')
password2 = request.POST.get('password2')
email = request.POST.get('email')
if username and password and password2 and email:
# 去除左右两边空格
username = username.strip()
# 验证是否在数据库
# 数据库里没有这个用户
if password != password2:
message = '密码不一致'
return render(request, 'register.html', locals())
else:
user = User.objects.filter(name=username)
if user:
message = '用户已存在'
return render(request, 'register.html', locals())
else:
username = request.POST.get('username')
password = request.POST.get('password1')
print('-----------------')
print(password)
email = request.POST.get('email')
ine = User()
ine.name = username
ine.password = password
ine.email = email
ine.save()
return redirect('/webapp/login/')
return render(request,'register.html',locals())
return render(request,'register.html')
def register():
form = RegisterForm()
if form.validate_on_submit():
user = User(form.username.data)
user.set_password(form.password.data)
user.activated = True
user.email = form.email.data
user.roles.append(Role.query.filter_by(title='default').first())
db.session.add(user)
db.session.commit()
session['username'] = form.username.data
# 生成头像
image_size = 40
img = render_identicon(
str(user.id ^ int(time.time()))[::-1], image_size)
img.save(
os.path.join(main_blueprint.root_path, "..", "static", 'uploads',
'avatars', '%s.jpg' % user.username))
return redirect(url_for('.index'))
return render_template('register.html', form=form)
def create_user():
# Getting JSON data
data = request.get_json()
# Checking that all data has been submitted
if "name" not in data or "email" not in data or "subject" not in data:
abort(config.http_bad_request, {"message": config.error_bad_request})
# Creating new user
user = User(data['name'])
user.email = data['email']
user.subject = data['subject']
db.session.add(user)
db.session.commit()
# Sending response
return jsonify(message=config.msg_user_created,
user={
"id": user.id,
"name": user.name
}), config.http_created
def post(self):
args = register_post.parse_args()
args_username = args['username']
user = User.query.filter_by(username=args_username).first()
args_password = args['password']
args_email = args['email']
new_user = User(username=args_username, password=args_password)
new_user.create_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M")
new_user.email = args_email
d = {
"username": new_user.username
}
try:
new_user.save()
if args_email:
result = send_email('xilixjd blog', [args_email], '欢迎注册')
return d, 202, {'Location': url_for('emails.get_status', id=result.id)}
else:
return d, 202
except:
new_user.roll_back()
return None, 404
def setup():
db.create_all()
admin_role = Role("admin")
admin_role.description = "admin"
db.session.add(admin_role)
default_role = Role("default")
default_role.description = "default"
db.session.add(default_role)
guest_role = Role("guest")
guest_role.description = "guest"
db.session.add(guest_role)
db.session.commit()
admin = User("Admin")
admin.nickname = "管理员"
admin.email = "*****@*****.**"
admin.set_password('admin')
admin.roles.append(admin_role)
db.session.add(admin)
official = User("PublicOfficial")
official.nickname = "公共库用户"
official.email = "*****@*****.**"
official.set_password('official')
admin.roles.append(admin_role)
db.session.add(official)
db.session.commit()
# 创建原始公共库目录(共5个)
script1 = Script('always_work.sg')
script1.content = """Strategy T1:
return 1"""
script1.description = "永远合作"
script1.user = official
script1.is_private = False
db.session.add(script1)
script2 = Script('random_example.sg')
script2.content = "Strategy T2:i = RANDOM(1);if(i==0){return 0}else{return 1}"
script2.description = "`听天由命`,背叛与合作的几率为 50% (RANDOM 为系统范围内真随机)"
script2.user = official
script2.is_private = False
db.session.add(script2)
script3 = Script('slow_work.sg')
script3.content = "Strategy T3:if(COUNT == 1){return 1}else{return CUR}"
script3.description = "`慢半拍`:开局合作,随后一直跟随对方上一轮的选择"
script3.user = official
script3.is_private = False
db.session.add(script3)
script4 = Script('elusive_work.sg')
script4.content = "Strategy T4:if (COUNT == 1){return 1}else {i = RANDOM(9);if (i == 9){return 0}else{return CUR}}"
script4.description = "改进版`慢半拍`,开局合作,随后随机自我背叛,大几率跟随对方上一轮的选择"
script4.user = official
script4.is_private = False
db.session.add(script4)
script5 = Script('never_forgive.sg')
script5.content = "Strategy T5:if(FLAG){return 0}else{return 1}"
script5.description = "永不原谅,只要对方存在过背叛行为,就一直背叛"
script5.user = official
script5.is_private = False
db.session.add(script5)
db.session.commit()
# 创建文章评论
comment1 = Comment('comment1')
comment1.user = admin
comment2 = Comment('comment2')
comment2.user = official
comment3 = Comment('comment3')
comment3.user = admin
db.session.add(comment1)
db.session.add(comment2)
db.session.add(comment3)
db.session.commit()
post1 = Post('Post1', 'Content1')
post1.user = official
post1.category = PostCategory.General
post1.comments.append(comment1)
post1.comments.append(comment2)
post2 = Post('Post2', 'Content2')
post2.user = admin
post2.category = PostCategory.Feedback
post2.comments.append(comment3)
db.session.add(post1)
db.session.add(post2)
db.session.commit()
# -*- coding: utf-8 -*-
"""
结合tests/test_ui.py使用
"""
from webapp import create_app
from webapp.models import db, User, Role
app = create_app('test')
# Bug workaround
db.app = app
db.create_all()
default = Role("default")
poster = Role("poster")
db.session.add(default)
db.session.add(poster)
test_user = User("test")
test_user.password = '******'
test_user.confirmed = True
test_user.email = '*****@*****.**'
test_user.roles.append(poster)
db.session.add(test_user)
db.session.commit()
app.run()
def test_posts(self):
# add a user
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u = User('john')
u.email = '*****@*****.**'
u.password = '******'
u.confirmed = True
u.roles.append(r)
db.session.add(u)
db.session.commit()
# write an empty post, will raise ValidationError
response = self.client.post(url_for('api.new_post'),
headers=self.get_api_headers(
'john', 'cat'),
data=json.dumps({'text': ''}))
self.assertTrue(response.status_code == 400)
# write a post
response = self.client.post(url_for('api.new_post'),
headers=self.get_api_headers(
'john', 'cat'),
data=json.dumps({
'title':
'title of the post',
'text':
'body of the *blog* post'
}))
self.assertTrue(response.status_code == 201)
url = response.headers.get('Location')
self.assertIsNotNone(url)
# get the new post
response = self.client.get(url,
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['url'] == url)
self.assertTrue(json_response['title'] == 'title of the post')
self.assertTrue(json_response['text'] == 'body of the *blog* post')
json_post = json_response
# get the post from the user
response = self.client.get(url_for('api.get_user_posts', id=u.id),
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('posts'))
self.assertTrue(json_response.get('count', 0) == 1)
self.assertTrue(json_response['posts'][0] == json_post)
# get the post from the user as a follower
# 没有实现自关注,因此这里得不到
response = self.client.get(url_for('api.get_user_following_posts',
id=u.id),
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertListEqual(json_response.get('posts'), [])
self.assertTrue(json_response.get('count', -1) == 0)
# edit post
response = self.client.put(url,
headers=self.get_api_headers('john', 'cat'),
data=json.dumps({
'title': 'updated title',
'text': 'updated body'
}))
# self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['url'] == url)
self.assertTrue(json_response['text'] == 'updated body')
self.assertTrue(json_response['title'] == 'updated title')
def insert_data():
with app.app_context():
# 不需要在这里创建库,应该使用数据库升级命令`db upgrade`来创建库
# db.create_all()
# 这里设定了3种角色
role_admin = Role(name='admin')
role_admin.description = "administrator role"
role_poster = Role(name='poster')
role_poster.description = "the registered user role"
role_default = Role(name='default')
role_default.description = 'the unregistered user role'
db.session.add(role_admin)
db.session.add(role_poster)
db.session.add(role_default)
# add User
admin = User(username='******')
admin.email = '*****@*****.**'
admin.password = '******'
admin.confirmed = True
admin.roles.append(role_admin)
admin.roles.append(role_poster)
admin.roles.append(role_default)
db.session.add(admin)
user01 = User(username='******')
user01.email = '*****@*****.**'
user01.password = '******'
user01.confirmed = True
user01.roles.append(role_poster)
user01.roles.append(role_default)
db.session.add(user01)
user02 = User(username='******')
user02.email = '*****@*****.**'
user02.password = '******'
user02.confirmed = True
user02.roles.append(role_poster)
user02.roles.append(role_default)
db.session.add(user02)
# add Tag and Post
tag_one = Tag('Python')
tag_two = Tag('Flask')
tag_three = Tag('SQLAlechemy')
tag_four = Tag('Jinja')
tag_list = [tag_one, tag_two, tag_three, tag_four]
s = "Example Text"
for i in xrange(1, 101):
new_post = Post("Post {}".format(i))
if i % 2:
new_post.user = user01
else:
new_post.user = user02
new_post.publish_date = datetime.datetime.utcnow()
new_post.text = s
new_post.tags = random.sample(tag_list, random.randint(1, 3))
db.session.add(new_post)
# add comment
comment01 = Comment()
comment01.name = 'comment01'
comment01.text = 'comment text'
comment01.post_id = 99
comment01.date = datetime.datetime.utcnow()
db.session.add(comment01)
comment02 = Comment()
comment02.name = 'comment02'
comment02.text = 'comment text'
comment02.post_id = 100
comment02.date = datetime.datetime.utcnow()
db.session.add(comment02)
db.session.commit()
def test_comments(self):
# add two users
r = Role.query.filter_by(name='poster').first()
self.assertIsNotNone(r)
u1 = User('john')
u1.email = '*****@*****.**'
u1.password = '******'
u1.confirmed = True
u1.roles.append(r)
u2 = User('susan')
u2.email = '*****@*****.**'
u2.password = '******'
u2.confirmed = True
u2.roles.append(r)
db.session.add_all([u1, u2])
db.session.commit()
# add a post
post = Post(title='title of the post')
post.text = 'body of the post'
post.user = u1
db.session.add(post)
db.session.commit()
# write a comment
response = self.client.post(url_for('api.new_post_comment',
id=post.id),
headers=self.get_api_headers(
'susan', 'dog'),
data=json.dumps({
'name':
'comment name',
'text':
'Good [post](http://example.com)!'
}))
self.assertTrue(response.status_code == 201)
json_response = json.loads(response.data.decode('utf-8'))
url = response.headers.get('Location')
self.assertIsNotNone(url)
self.assertTrue(json_response['name'] == 'comment name')
self.assertTrue(
json_response['text'] == 'Good [post](http://example.com)!')
# get the new comment
response = self.client.get(url,
headers=self.get_api_headers('john', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['url'] == url)
self.assertTrue(json_response['name'] == 'comment name')
self.assertTrue(
json_response['text'] == 'Good [post](http://example.com)!')
# add another comment
comment = Comment(name='another comment name')
comment.text = 'Thank you!'
comment.user = u1
comment.post = post
db.session.add(comment)
db.session.commit()
# get the two comments from the post
response = self.client.get(url_for('api.get_post_comments',
id=post.id),
headers=self.get_api_headers(
'susan', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('comments'))
self.assertTrue(json_response.get('count', 0) == 2)
# get all the comments
response = self.client.get(url_for('api.get_comments', id=post.id),
headers=self.get_api_headers(
'susan', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('comments'))
self.assertTrue(json_response.get('count', 0) == 2)