def test_blog_escapes(client):
"""HTML tags like <marquee> shouldn't appear in blog titles."""
post = make_new_post(title="<marquee>Whee!</marquee>")
response = client.get('/blog')
base_test.check_response(response)
assert "<marquee>".encode('utf-8') not in response.data
def test_view_bug_page(client):
"""When we have made a bug, check that its page exists."""
new_bug = make_new_bug()
response = client.get('/service/bug/{}'.format(new_bug.id))
base_test.check_response(response)
assert new_bug.title.encode('utf-8') in response.data
def test_new_bug_overview(client):
"""After making a bug, we should see it in the overview."""
new_bug = make_new_bug()
response = client.get('/service/bug')
base_test.check_response(response)
assert new_bug.title.encode('utf-8') in response.data
def test_post_overview(client):
"""Make a blog post and ensure it shows up on the front page."""
post = make_new_post()
response = client.get('/blog')
base_test.check_response(response)
assert post.title.encode('utf-8') in response.data
def test_editing_updates_values(client, blog_user):
"""When editing a blog post, the last updated time should be automatically
changed to be right when the update was sent out."""
# give us the right amount of auth
author = blog_user()
ensure_logged_in(client, author)
# make a post that is very old
post = make_new_post(commit_change=False)
post.last_updated = datetime.fromtimestamp(0)
db.session.add(post)
db.session.commit()
before_update = datetime.now()
# update it a bit
edit_url = '/blog/{}/edit'.format(post.id)
base_test.check_response(client.post(edit_url, data={
"contents": str(uuid4()),
}, follow_redirects=True))
# and check that it has changed
updated_post = BlogPost.query.get(post.id)
assert updated_post.last_updated >= before_update
def ensure_logged_in(client, user):
"""Log in as the given user, raising an error if it fails.
The user must be made by one of the test_user factories, e.g. god_user.
Otherwise, the password is inaccessible because storing plaintext passwords is a Bad Thing.
"""
response = login_as(client, user)
base_test.check_response(response)
assert b'You were logged in' in response.data
return response
def test_edit_blog(client, blog_user):
"""Make a blog post via the web interface and ensure it shows up on the front page."""
post = make_new_post()
edit_url = '/blog/{}/edit'.format(post.id)
# require the right amount of auth - you need to be logged in
base_test.check_response(client.get(edit_url), expected=403)
# but when you're logged in, you can post
author = blog_user()
ensure_logged_in(client, author)
base_test.check_response(client.get(edit_url))
# then post the required data
title = str(uuid4())
contents = str(uuid4())
response = client.post(edit_url, data={
"title": title,
"contents": contents,
}, follow_redirects=True)
base_test.check_response(response)
# and check it appears in the blog posts
response = client.get('/blog')
base_test.check_response(response)
assert title.encode('utf-8') in response.data
assert contents.encode('utf-8') in response.data
def test_shadow_valid(client, god_user, test_user):
"""Shadowing a user makes them the current_user and you the shadow_user."""
god = god_user()
test = test_user()
assert b'You were logged in' in login(client, god.nickname, "").data
response = shadow_user(client, test.id)
assert response.status_code == 200
assert session['current_user'] == test.id
assert session['shadow_user'] == god.id
assert get_logged_in() == test
# after shadowing, you should also be able to unshadow
base_test.check_response(shadow_user(client, None))
assert session['current_user'] == god.id
assert 'shadow_user' not in session or session['shadow_user'] is None
assert get_logged_in() == god
def test_new_bug(client):
"""Make a new bug via the form and verify we get the correct page."""
title = str(uuid4())
priority = choice(list(BugPriority))
status = choice(list(BugStatus))
description = str(uuid4())
response = client.post(
'/service/bug/new',
data={
"title": title,
"priority": priority.name,
"status": status.name,
"description": description,
},
follow_redirects=True,
)
base_test.check_response(response)
assert title.encode('utf-8') in response.data
assert priority.value.encode('utf-8') in response.data
assert status.value.encode('utf-8') in response.data
assert description.encode('utf-8') in response.data
def test_view_nonexistent_bug_page(client):
"""When the bug id is wrong, we should get an error page."""
response = client.get('/service/bug/-1')
base_test.check_response(response, 404)
def test_empty_bug_overview(client):
"""Viewing the bug overview with no bugs shouldn't produce an error."""
response = client.get('/service/bug')
base_test.check_response(response)
assert b'No bugs' in response.data
def test_private_accessibility(client):
"""Check that private posts can't be seen through url manipulation."""
post_private = make_new_post(public=False)
response = client.get('/blog/{}'.format(post_private.id))
base_test.check_response(response, expected=403)