def test_captcha_validate_fail(self):
"""Assert an error when the captcha fails validation."""
request = mock.Mock()
request.errors = Errors()
request.errors.status = None
request.registry.settings = validators.config
request.user = None
# We'll cheat since we know the captcha.secret and figure out the solution.
plainkey, value = captcha.math_generator(None, validators.config)
cipherkey = captcha.encrypt(plainkey, validators.config)
request.session = {'captcha': cipherkey}
# By adding a 0 onto the end of the value, we are wrong by 100!
request.validated = {
'captcha_key': cipherkey,
'captcha_value': value + '0'
}
validators.validate_captcha(request)
self.assertEqual(
request.errors,
[{
'location': 'body',
'name': 'captcha_value',
'description': 'Incorrect response to the captcha.'
}])
self.assertEqual(request.errors.status, exceptions.HTTPBadRequest.code)
def test_captcha_not_configured(self):
"""Assert that no errors are noted if captcha is not configured."""
request = mock.Mock()
request.errors = Errors()
request.errors.status = None
request.user = None
request.validated = {}
validators.validate_captcha(request)
self.assertEqual(request.errors, [])
self.assertEqual(request.errors.status, None)
def test_authenticated_user(self):
"""An authenticated user should not have to solve a captcha."""
request = mock.Mock()
request.errors = Errors()
request.errors.status = None
request.user = models.User.query.first()
request.validated = {}
validators.validate_captcha(request)
self.assertEqual(request.errors, [])
self.assertEqual(request.errors.status, None)
def test_no_value(self):
"""Assert that an error is added to the request if the captcha value is missing."""
request = mock.Mock()
request.errors = Errors()
request.user = None
request.validated = {'captcha_key': 'some_key'}
validators.validate_captcha(request)
self.assertEqual(request.errors,
[{
'location': 'body',
'name': 'captcha_value',
'description': 'You must provide a captcha_value.'
}])
self.assertEqual(request.errors.status, exceptions.HTTPBadRequest.code)
def test_captcha_validate_success(self):
"""Assert an error when the captcha fails validation."""
request = mock.Mock()
request.errors = Errors()
request.errors.status = None
request.registry.settings = validators.config
request.user = None
# We'll cheat since we know the captcha.secret and figure out the solution.
plainkey, value = captcha.math_generator(None, validators.config)
cipherkey = captcha.encrypt(plainkey, validators.config)
request.session = {'captcha': cipherkey}
request.validated = {'captcha_key': cipherkey, 'captcha_value': value}
validators.validate_captcha(request)
self.assertEqual(request.errors, [])
self.assertEqual(request.errors.status, None)
self.assertTrue('captcha' not in request.session)
def test_captcha_not_in_session(self):
"""Assert an error when the captcha isn't in the session."""
request = mock.Mock()
request.errors = Errors()
request.session = {}
request.user = None
request.validated = {
'captcha_key': 'some_key',
'captcha_value': 'some_value'
}
validators.validate_captcha(request)
self.assertEqual(
request.errors,
[{
'location': 'cookies',
'name': 'captcha',
'description': 'Captcha cipher not in the session (replay).'
}])
self.assertEqual(request.errors.status, exceptions.HTTPBadRequest.code)
def test_captcha_does_not_match_key(self):
"""Assert an error when the captcha in the session does not match the key."""
request = mock.Mock()
request.errors = Errors()
request.session = {'captcha': 'some_other_key'}
request.user = None
request.validated = {
'captcha_key': 'some_key',
'captcha_value': 'some_value'
}
validators.validate_captcha(request)
self.assertEqual(request.errors, [{
'location':
'cookies',
'name':
'captcha',
'description':
("No captcha session cipher match (replay). 'some_other_key' "
"'some_key'")
}])
self.assertEqual(request.errors.status, exceptions.HTTPBadRequest.code)
