def test_form_creation_with_a_registered_email(self): httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') # register user r = self.client.post('/register', data={'email': '*****@*****.**', 'password': '******'} ) # upgrade user manually user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True DB.session.add(user) DB.session.commit() httpretty.reset() httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') # create form without providing an url should not send verification email r = self.client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**'}) ) self.assertEqual(httpretty.has_request(), False) # create form without a confirmed email should send a verification email r = self.client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'https://www.testsite.com/contact.html'}) ) resp = json.loads(r.data) self.assertEqual(resp['confirmed'], False) self.assertEqual(httpretty.has_request(), True) self.assertIn('Confirm+email', httpretty.last_request().body) self.assertIn('www.testsite.com%2Fcontact.html', httpretty.last_request().body) # manually verify an email email = Email() email.address = '*****@*****.**' email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a form with the verified email address r = self.client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'https://www.testsite.com/about.html'}) ) resp = json.loads(r.data) self.assertEqual(resp['confirmed'], True) self.assertIn('www.testsite.com%2Fcontact.html', httpretty.last_request().body) # same as the last, means no new request was made # should have three created forms in the end self.assertEqual(Form.query.count(), 3)
def test_form_creation_with_a_registered_email(client, msend): # register user r = client.post('/register', data={'email': '*****@*****.**', 'password': '******'}) # upgrade user manually user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True DB.session.add(user) DB.session.commit() # creating a form without providing an url should not send verification email msend.reset_mock() r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**'}) ) assert not msend.called # create form without a confirmed email should send a verification email msend.reset_mock() r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'https://www.testsite.com/contact.html'}) ) resp = json.loads(r.data.decode('utf-8')) assert resp['confirmed'] == False assert msend.called assert 'Confirm email for' in msend.call_args[1]['subject'] assert 'www.testsite.com/contact.html' in msend.call_args[1]['text'] # manually verify an email email = Email() email.address = '*****@*****.**' email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a form with the verified email address r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'https://www.testsite.com/about.html'}) ) resp = json.loads(r.data.decode('utf-8')) assert resp['confirmed'] == True assert 'www.testsite.com/contact.html' in msend.call_args[1]['text'] # same as the last, means no new request was made # should have three created forms in the end assert Form.query.count() == 3
def test_rules(client, msend): user, form = create_user_and_form(client) user.plan = Plan.platinum DB.session.add(user) DB.session.commit() email = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(email) DB.session.commit() # create rule r = client.post( f"/api-int/forms/{form.hashid}/rules", data=json.dumps({ "trigger": { "fn": "contains", "field": "dept", "params": ["customer"] }, "email": "*****@*****.**", }), headers={ "Referer": settings.SERVICE_URL, "Content-Type": "application/json" }, ) assert r.status_code == 201 # send submissions msend.reset_mock() r = client.post(f"/{form.hashid}", data={"hello": "world"}) assert r.status_code == 302 assert not msend.called msend.reset_mock() r = client.post(f"/{form.hashid}", data={ "hello": "world", "dept": "customer-department" }) assert r.status_code == 302 assert msend.called assert msend.call_args[1]["to"] == "*****@*****.**"
def test_email_and_linked_forms_managements(client, msend): user, dashboard_form = create_user_and_form(client) # create a legacy form with this same email address create_and_activate_form(client, email=user.email, host="www.example.com") # try to delete email address r = client.delete( "/api-int/account/emails/" + user.email, headers={ "Accept": "application/json", "Referer": settings.SERVICE_URL }, ) assert r.status_code == 403 # fails because there's a form tied to it # add a new email address email = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(email) DB.session.commit() # move this form to there r = client.patch( "/api-int/forms/" + dashboard_form.hashid, headers={ "Content-Type": "application/json", "Referer": settings.SERVICE_URL }, data=json.dumps({"email": "*****@*****.**"}), ) assert r.status_code == 200 # try to delete again r = client.delete( "/api-int/account/emails/" + user.email, headers={ "Accept": "application/json", "Referer": settings.SERVICE_URL }, ) # should succeed now (even though the legacy form is # still tied to the previous email address) assert r.status_code == 200
def test_sitewide_forms(self): httpretty.register_uri(httpretty.GET, 'http://mysite.com/[email protected]', status=200) httpretty.register_uri(httpretty.GET, 'http://www.naive.com/[email protected]', status=200) # register user r = self.client.post('/register', data={'email': '*****@*****.**', 'password': '******'} ) # upgrade user manually user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True DB.session.add(user) DB.session.commit() # manually verify an email email = Email() email.address = '*****@*****.**' email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a sitewide form with the verified email address r = self.client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'http://mysite.com', 'sitewide': 'true'}) ) resp = json.loads(r.data) self.assertEqual(httpretty.has_request(), True) self.assertEqual(resp['confirmed'], True) self.assertEqual(1, Form.query.count()) forms = Form.query.all() form = forms[0] self.assertEqual(form.sitewide, True) self.assertEqual(form.host, 'mysite.com') # submit form httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/' + form.hashid, headers = {'Referer': 'http://www.mysite.com/hipopotamo', 'content-type': 'application/json'}, data=json.dumps({'name': 'alice'}) ) self.assertIn('alice', httpretty.last_request().body) self.client.post('/' + form.hashid, headers = {'Referer': 'http://mysite.com/baleia/urso?w=2', 'content-type': 'application/json'}, data=json.dumps({'name': 'maria'}) ) self.assertIn('maria', httpretty.last_request().body) self.client.post('/' + form.hashid, headers = {'Referer': 'http://mysite.com/', 'content-type': 'application/json'}, data=json.dumps({'name': 'laura'}) ) self.assertIn('laura', httpretty.last_request().body) # another form, now with a www prefix that will be stripped r = self.client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': '*****@*****.**', 'url': 'http://www.naive.com', 'sitewide': 'true'}) ) resp = json.loads(r.data) self.assertEqual(httpretty.has_request(), True) self.assertEqual(resp['confirmed'], True) self.assertEqual(2, Form.query.count()) forms = Form.query.all() form = forms[1] self.assertEqual(form.sitewide, True) self.assertEqual(form.host, 'naive.com') # submit form httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/' + form.hashid, headers = {'Referer': 'http://naive.com/hipopotamo', 'content-type': 'application/json'}, data=json.dumps({'name': 'alice'}) ) self.assertIn('alice', httpretty.last_request().body) self.client.post('/' + form.hashid, headers = {'Referer': 'http://www.naive.com/baleia/urso?w=2', 'content-type': 'application/json'}, data=json.dumps({'name': 'maria'}) ) self.assertIn('maria', httpretty.last_request().body) self.client.post('/' + form.hashid, headers = {'Referer': 'http://www.naive.com/', 'content-type': 'application/json'}, data=json.dumps({'name': 'laura'}) ) self.assertIn('laura', httpretty.last_request().body)
def test_sitewide_forms(self): httpretty.register_uri( httpretty.GET, 'http://mysite.com/formspree-verify.txt', body=u'[email protected]\nmyüñìćõð€[email protected]', status=200) httpretty.register_uri(httpretty.GET, 'http://www.naive.com/formspree-verify.txt', body=u'myüñìćõð€[email protected]', status=200) # register user r = self.client.post('/register', data={ 'email': '*****@*****.**', 'password': '******' }) # upgrade user manually user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True DB.session.add(user) DB.session.commit() # manually verify an email email = Email() email.address = u'myüñìćõð€[email protected]' email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a sitewide form with the verified email address r = self.client.post('/forms', headers={ 'Accept': 'application/json', 'Content-type': 'application/json' }, data=json.dumps({ 'email': u'myüñìćõð€[email protected]', 'url': 'http://mysite.com', 'sitewide': 'true' })) resp = json.loads(r.data) self.assertEqual(httpretty.has_request(), True) self.assertEqual(resp['confirmed'], True) self.assertEqual(1, Form.query.count()) forms = Form.query.all() form = forms[0] self.assertEqual(form.sitewide, True) self.assertEqual(form.host, 'mysite.com') # submit form httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/' + form.hashid, headers={ 'Referer': 'http://www.mysite.com/hipopotamo', 'content-type': 'application/json' }, data=json.dumps({'name': 'alice'})) self.assertIn('alice', httpretty.last_request().body) self.client.post('/' + form.hashid, headers={ 'Referer': 'http://mysite.com/baleia/urso?w=2', 'content-type': 'application/json' }, data=json.dumps({'name': 'maria'})) self.assertIn('maria', httpretty.last_request().body) self.client.post('/' + form.hashid, headers={ 'Referer': 'http://mysite.com/', 'content-type': 'application/json' }, data=json.dumps({'name': 'laura'})) self.assertIn('laura', httpretty.last_request().body) # another form, now with a www prefix that will be stripped r = self.client.post('/forms', headers={ 'Accept': 'application/json', 'Content-type': 'application/json' }, data=json.dumps({ 'email': u'myüñìćõð€[email protected]', 'url': 'http://www.naive.com', 'sitewide': 'true' })) resp = json.loads(r.data) self.assertEqual(httpretty.has_request(), True) self.assertEqual(resp['confirmed'], True) self.assertEqual(2, Form.query.count()) forms = Form.query.all() form = forms[1] self.assertEqual(form.sitewide, True) self.assertEqual(form.host, 'naive.com') # submit form httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/' + form.hashid, headers={ 'Referer': 'http://naive.com/hipopotamo', 'content-type': 'application/json' }, data=json.dumps({'name': 'alice'})) self.assertIn('alice', httpretty.last_request().body) self.client.post('/' + form.hashid, headers={ 'Referer': 'http://www.naive.com/baleia/urso?w=2', 'content-type': 'application/json' }, data=json.dumps({'name': 'maria'})) self.assertIn('maria', httpretty.last_request().body) self.client.post('/' + form.hashid, headers={ 'Referer': 'http://www.naive.com/', 'content-type': 'application/json' }, data=json.dumps({'name': 'laura'})) self.assertIn('laura', httpretty.last_request().body) # create a different form with the same email address, now using unprefixed url r = self.client.post('/forms', headers={ 'Accept': 'application/json', 'Content-type': 'application/json' }, data=json.dumps({ 'email': u'myüñìćõð€[email protected]', 'url': 'mysite.com', 'sitewide': 'true' })) resp = json.loads(r.data)
def test_monthly_limits(client, msend): # monthly limit is set to 2 during tests assert settings.MONTHLY_SUBMISSIONS_LIMIT == 2 # manually verify [email protected] r = client.post('/[email protected]', headers=http_headers, data={'name': 'luke'}) f = Form.query.first() f.confirm_sent = True f.confirmed = True DB.session.add(f) DB.session.commit() # first submission r = client.post('/[email protected]', headers=http_headers, data={'name': 'peter'}) assert r.status_code == 302 assert 'peter' in msend.call_args[1]['text'] # second submission r = client.post('/[email protected]', headers=http_headers, data={'name': 'ana'}) assert r.status_code == 302 assert 'ana' in msend.call_args[1]['text'] # third submission, now we're over the limit r = client.post('/[email protected]', headers=http_headers, data={'name': 'maria'}) assert r.status_code == 302 # the response to the user is the same # being the form over the limits or not # the mocked sendgrid should never receive this last form assert 'maria' not in msend.call_args[1]['text'] assert 'past the limit' in msend.call_args[1]['text'] # all the other variables are ok: assert 1 == Form.query.count() f = Form.query.first() assert f.counter == 3 assert f.get_monthly_counter() == 3 # the counters mark 4 # the user pays and becomes upgraded r = client.post('/register', data={ 'email': '*****@*****.**', 'password': '******' }) user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True user.emails = [Email(address='*****@*****.**')] DB.session.add(user) DB.session.commit() # the user should receive form posts again r = client.post('/[email protected]', headers=http_headers, data={'name': 'noah'}) assert r.status_code == 302 assert 'noah' in msend.call_args[1]['text']
def test_form_creation_with_a_registered_email(client, msend): # register user r = client.post( "/register", data={"email": "*****@*****.**", "password": "******"} ) # upgrade user manually user = User.query.filter_by(email="*****@*****.**").first() user.plan = Plan.gold DB.session.add(user) DB.session.commit() # creating a form without providing an url should not send verification email msend.reset_mock() r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({"email": "*****@*****.**"}), ) assert not msend.called # create form without a confirmed email should send a verification email msend.reset_mock() r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps( { "email": "*****@*****.**", "url": "https://www.testsite.com/contact.html", } ), ) resp = json.loads(r.data.decode("utf-8")) assert resp["confirmed"] == False assert msend.called assert "Confirm email for" in msend.call_args[1]["subject"] assert "www.testsite.com/contact.html" in msend.call_args[1]["text"] # manually verify an email email = Email() email.address = "*****@*****.**" email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a form with the verified email address r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps( { "email": "*****@*****.**", "url": "https://www.testsite.com/about.html", } ), ) resp = json.loads(r.data.decode("utf-8")) assert resp["confirmed"] == True assert ( "www.testsite.com/contact.html" in msend.call_args[1]["text"] ) # same as the last, means no new request was made # should have three created forms in the end assert Form.query.count() == 3
def test_sitewide_forms(client, msend, mocker): m_sitewidecheck = mocker.patch( "formspree.forms.api.sitewide_file_check", side_effect=[True, True, True] ) # register user r = client.post( "/register", data={"email": "*****@*****.**", "password": "******"} ) # upgrade user manually user = User.query.filter_by(email="*****@*****.**").first() user.plan = Plan.gold DB.session.add(user) DB.session.commit() # manually verify an email email = Email() email.address = "myüñìćõð€[email protected]" email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a sitewide form with the verified email address r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps( { "email": "myüñìćõð€[email protected]", "url": "http://mysite.com", "sitewide": "true", } ), ) resp = json.loads(r.data.decode("utf-8")) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][1] == "myüñìćõð€[email protected]" assert resp["confirmed"] m_sitewidecheck.reset_mock() assert 1 == Form.query.count() forms = Form.query.all() form = forms[0] assert form.sitewide assert form.host == "mysite.com" # submit form r = client.post( "/" + form.hashid, headers={ "Referer": "http://www.mysite.com/hipopotamo", "content-type": "application/json", }, data=json.dumps({"name": "alice"}), ) assert "alice" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://mysite.com/baleia/urso?w=2", "content-type": "application/json", }, data=json.dumps({"name": "maria"}), ) assert "maria" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={"Referer": "http://mysite.com/", "content-type": "application/json"}, data=json.dumps({"name": "laura"}), ) assert "laura" in msend.call_args[1]["text"] # another form, now with a www prefix that will be stripped r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps( { "email": "myüñìćõð€[email protected]", "url": "http://www.naive.com", "sitewide": "true", } ), ) resp = json.loads(r.data.decode("utf-8")) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][0] == "http://www.naive.com" assert resp["confirmed"] assert 2 == Form.query.count() forms = Form.query.all() form = forms[1] assert form.sitewide assert form.host == "naive.com" # submit form r = client.post( "/" + form.hashid, headers={ "Referer": "http://naive.com/hipopotamo", "content-type": "application/json", }, data=json.dumps({"name": "alice"}), ) assert "alice" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://www.naive.com/baleia/urso?w=2", "content-type": "application/json", }, data=json.dumps({"name": "maria"}), ) assert "maria" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://www.naive.com/", "content-type": "application/json", }, data=json.dumps({"name": "laura"}), ) assert "laura" in msend.call_args[1]["text"] # create a different form with the same email address, now using unprefixed url r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps( { "email": "myüñìćõð€[email protected]", "url": "mysite.com", "sitewide": "true", } ), ) resp = json.loads(r.data.decode("utf-8"))
def test_sitewide_forms(client, msend, mocker): m_sitewidecheck = mocker.patch( 'formspree.forms.views.sitewide_file_check', side_effect=[True, True, True] ) # register user r = client.post('/register', data={'email': '*****@*****.**', 'password': '******'} ) # upgrade user manually user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True DB.session.add(user) DB.session.commit() # manually verify an email email = Email() email.address = 'myüñìćõð€[email protected]' email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a sitewide form with the verified email address r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': 'myüñìćõð€[email protected]', 'url': 'http://mysite.com', 'sitewide': 'true'}) ) resp = json.loads(r.data.decode('utf-8')) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][1] == 'myüñìćõð€[email protected]' assert resp['confirmed'] m_sitewidecheck.reset_mock() assert 1 == Form.query.count() forms = Form.query.all() form = forms[0] assert form.sitewide assert form.host == 'mysite.com' # submit form r = client.post('/' + form.hashid, headers = {'Referer': 'http://www.mysite.com/hipopotamo', 'content-type': 'application/json'}, data=json.dumps({'name': 'alice'}) ) assert 'alice' in msend.call_args[1]['text'] client.post('/' + form.hashid, headers = {'Referer': 'http://mysite.com/baleia/urso?w=2', 'content-type': 'application/json'}, data=json.dumps({'name': 'maria'}) ) assert 'maria' in msend.call_args[1]['text'] client.post('/' + form.hashid, headers = {'Referer': 'http://mysite.com/', 'content-type': 'application/json'}, data=json.dumps({'name': 'laura'}) ) assert 'laura' in msend.call_args[1]['text'] # another form, now with a www prefix that will be stripped r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': 'myüñìćõð€[email protected]', 'url': 'http://www.naive.com', 'sitewide': 'true'}) ) resp = json.loads(r.data.decode('utf-8')) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][0] == 'http://www.naive.com' assert resp['confirmed'] assert 2 == Form.query.count() forms = Form.query.all() form = forms[1] assert form.sitewide assert form.host == 'naive.com' # submit form r = client.post('/' + form.hashid, headers={'Referer': 'http://naive.com/hipopotamo', 'content-type': 'application/json'}, data=json.dumps({'name': 'alice'}) ) assert 'alice' in msend.call_args[1]['text'] client.post('/' + form.hashid, headers={'Referer': 'http://www.naive.com/baleia/urso?w=2', 'content-type': 'application/json'}, data=json.dumps({'name': 'maria'}) ) assert 'maria' in msend.call_args[1]['text'] client.post('/' + form.hashid, headers={'Referer': 'http://www.naive.com/', 'content-type': 'application/json'}, data=json.dumps({'name': 'laura'}) ) assert 'laura' in msend.call_args[1]['text'] # create a different form with the same email address, now using unprefixed url r = client.post('/forms', headers={'Accept': 'application/json', 'Content-type': 'application/json'}, data=json.dumps({'email': 'myüñìćõð€[email protected]', 'url': 'mysite.com', 'sitewide': 'true'}) ) resp = json.loads(r.data.decode('utf-8'))
def test_sitewide_forms(client, msend, mocker): m_sitewidecheck = mocker.patch("formspree.forms.api.sitewide_file_check", side_effect=[True, True, True]) # register user r = client.post("/register", data={ "email": "*****@*****.**", "password": "******" }) # upgrade user manually user = User.query.filter_by(email="*****@*****.**").first() user.plan = Plan.gold DB.session.add(user) DB.session.commit() # manually verify an email email = Email() email.address = "myüñìćõð€[email protected]" email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a sitewide form with the verified email address r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({ "email": "myüñìćõð€[email protected]", "url": "http://mysite.com", "sitewide": "true", }), ) resp = json.loads(r.data.decode("utf-8")) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][1] == "myüñìćõð€[email protected]" assert resp["confirmed"] m_sitewidecheck.reset_mock() assert 1 == Form.query.count() forms = Form.query.all() form = forms[0] assert form.sitewide assert form.host == "mysite.com" # submit form r = client.post( "/" + form.hashid, headers={ "Referer": "http://www.mysite.com/hipopotamo", "content-type": "application/json", }, data=json.dumps({"name": "alice"}), ) assert "alice" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://mysite.com/baleia/urso?w=2", "content-type": "application/json", }, data=json.dumps({"name": "maria"}), ) assert "maria" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://mysite.com/", "content-type": "application/json" }, data=json.dumps({"name": "laura"}), ) assert "laura" in msend.call_args[1]["text"] # another form, now with a www prefix that will be stripped r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({ "email": "myüñìćõð€[email protected]", "url": "http://www.naive.com", "sitewide": "true", }), ) resp = json.loads(r.data.decode("utf-8")) assert m_sitewidecheck.called assert m_sitewidecheck.call_args[0][0] == "http://www.naive.com" assert resp["confirmed"] assert 2 == Form.query.count() forms = Form.query.all() form = forms[1] assert form.sitewide assert form.host == "naive.com" # submit form r = client.post( "/" + form.hashid, headers={ "Referer": "http://naive.com/hipopotamo", "content-type": "application/json", }, data=json.dumps({"name": "alice"}), ) assert "alice" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://www.naive.com/baleia/urso?w=2", "content-type": "application/json", }, data=json.dumps({"name": "maria"}), ) assert "maria" in msend.call_args[1]["text"] client.post( "/" + form.hashid, headers={ "Referer": "http://www.naive.com/", "content-type": "application/json", }, data=json.dumps({"name": "laura"}), ) assert "laura" in msend.call_args[1]["text"] # create a different form with the same email address, now using unprefixed url r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({ "email": "myüñìćõð€[email protected]", "url": "mysite.com", "sitewide": "true", }), ) resp = json.loads(r.data.decode("utf-8"))
def test_form_creation_with_a_registered_email(client, msend): # register user r = client.post("/register", data={ "email": "*****@*****.**", "password": "******" }) # upgrade user manually user = User.query.filter_by(email="*****@*****.**").first() user.plan = Plan.gold DB.session.add(user) DB.session.commit() # creating a form without providing an url should not send verification email msend.reset_mock() r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({"email": "*****@*****.**"}), ) assert not msend.called # create form without a confirmed email should send a verification email msend.reset_mock() r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({ "email": "*****@*****.**", "url": "https://www.testsite.com/contact.html", }), ) resp = json.loads(r.data.decode("utf-8")) assert resp["confirmed"] == False assert msend.called assert "Confirm email for" in msend.call_args[1]["subject"] assert "www.testsite.com/contact.html" in msend.call_args[1]["text"] # manually verify an email email = Email() email.address = "*****@*****.**" email.owner_id = user.id DB.session.add(email) DB.session.commit() # create a form with the verified email address r = client.post( "/api-int/forms", headers={ "Accept": "application/json", "Content-type": "application/json", "Referer": settings.SERVICE_URL, }, data=json.dumps({ "email": "*****@*****.**", "url": "https://www.testsite.com/about.html", }), ) resp = json.loads(r.data.decode("utf-8")) assert resp["confirmed"] == True assert ("www.testsite.com/contact.html" in msend.call_args[1]["text"] ) # same as the last, means no new request was made # should have three created forms in the end assert Form.query.count() == 3
def test_multiple_cases(client, msend, case): user, form = create_user_and_form(client) user.plan = Plan.platinum DB.session.add(user) emailx = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emailx) emaily = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emaily) emailw = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emailw) emailfruits = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emailfruits) emailrest = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emailrest) emailalways = Email(address="*****@*****.**", owner_id=user.id, verified=True) DB.session.add(emailalways) r1 = RoutingRule(form_id=form.id) r1.email = emailx.address r1.trigger = {"fn": "exists", "field": "x", "params": []} DB.session.add(r1) r2 = RoutingRule(form_id=form.id) r2.email = emaily.address r2.trigger = {"fn": "exists", "field": "y", "params": []} DB.session.add(r2) r3 = RoutingRule(form_id=form.id) r3.email = emailw.address r3.trigger = {"fn": "exists", "field": "w", "params": []} DB.session.add(r3) r4 = RoutingRule(form_id=form.id) r4.email = emailfruits.address r4.trigger = {"fn": "contains", "field": "_host", "params": ["/fruits"]} DB.session.add(r4) r5 = RoutingRule(form_id=form.id) r5.email = emailfruits.address r5.trigger = {"fn": "contains", "field": "kind", "params": ["fruit"]} DB.session.add(r5) r6 = RoutingRule(form_id=form.id) r6.email = emailrest.address r6.trigger = {"fn": "doesntcontain", "field": "kind", "params": ["fruit"]} DB.session.add(r6) r7 = RoutingRule(form_id=form.id) r7.email = emailalways.address r7.trigger = {"fn": "true", "field": None, "params": []} DB.session.add(r7) DB.session.commit() referrer, data, targets = case r = client.post(f"/{form.hashid}", data=data, headers={"Referer": referrer}) assert r.status_code == 302 received = {call[1]["to"] for call in msend.call_args_list} targets.add(emailalways.address) assert received == targets
def test_rules_api(client, msend): user1, form = create_user_and_form(client) ruledef = { "trigger": { "fn": "exists", "field": "important", "params": [] }, "email": "*****@*****.**", } # fail to create rule as gold user r = client.post( f"/api-int/forms/{form.hashid}/rules", data=json.dumps(ruledef), headers={ "Referer": settings.SERVICE_URL, "Content-Type": "application/json" }, ) assert r.status_code == 402 # upgrade to platinum user1.plan = Plan.platinum DB.session.add(user1) DB.session.commit() # fail to create rule with an email address not registered r = client.post( f"/api-int/forms/{form.hashid}/rules", data=json.dumps(ruledef), headers={ "Referer": settings.SERVICE_URL, "Content-Type": "application/json" }, ) assert r.status_code == 403 # register email address on a different account user2, _ = create_user_and_form(client, login=False) email = Email(address=ruledef["email"], owner_id=user2.id, verified=True) DB.session.add(email) DB.session.commit() # fail again, address must be under the user control r = client.post( f"/api-int/forms/{form.hashid}/rules", data=json.dumps(ruledef), headers={ "Referer": settings.SERVICE_URL, "Content-Type": "application/json" }, ) assert r.status_code == 403 # get email under control of the correct user email = Email(address=ruledef["email"], owner_id=user1.id, verified=True) DB.session.add(email) DB.session.commit() # should succeed now r = client.post( f"/api-int/forms/{form.hashid}/rules", data=json.dumps(ruledef), headers={ "Referer": settings.SERVICE_URL, "Content-Type": "application/json" }, ) assert r.status_code == 201 q = RoutingRule.query.filter_by(form_id=form.id) assert q.count() == 1 rule = q.first() assert rule.email == ruledef["email"] assert rule.trigger == ruledef["trigger"] # edit routing rule ruledef["trigger"]["field"] = "useless" r = client.put( f"/api-int/forms/{form.hashid}/rules/{rule.id}", data=json.dumps(ruledef), headers={ "Content-Type": "application/json", "Referer": settings.SERVICE_URL }, ) assert r.status_code == 200 q = RoutingRule.query.filter_by(form_id=form.id) assert q.count() == 1 rule = q.first() assert rule.email == ruledef["email"] assert rule.trigger == ruledef["trigger"] # editing the email should fail if address isn't linked and verified newemail = Email(address="*****@*****.**", owner_id=user1.id, verified=False) DB.session.add(newemail) DB.session.commit() r = client.put( f"/api-int/forms/{form.hashid}/rules/{rule.id}", data=json.dumps({ "email": newemail.address, "trigger": ruledef["trigger"] }), headers={ "Content-Type": "application/json", "Referer": settings.SERVICE_URL }, ) assert r.status_code == 403 # fail to remove email if rule exists r = client.delete( f"/api-int/account/emails/{ruledef['email']}", headers={"Referer": settings.SERVICE_URL}, ) assert r.status_code == 403 # remove rule r = client.delete( f"/api-int/forms/{form.hashid}/rules/{rule.id}", headers={"Referer": settings.SERVICE_URL}, ) assert r.status_code == 200 # can remove linked email now r = client.delete( f"/api-int/account/emails/{ruledef['email']}", headers={"Referer": settings.SERVICE_URL}, ) assert r.status_code == 200
def test_monthly_limits(self): httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') # monthly limit is set to 2 during tests self.assertEqual(settings.MONTHLY_SUBMISSIONS_LIMIT, 2) # manually verify [email protected] r = self.client.post('/[email protected]', headers=http_headers, data={'name': 'luke'}) f = Form.query.first() f.confirm_sent = True f.confirmed = True DB.session.add(f) DB.session.commit() # first submission httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/[email protected]', headers=http_headers, data={'name': 'peter'}) self.assertEqual(r.status_code, 302) self.assertIn('peter', httpretty.last_request().body) # second submission httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/[email protected]', headers=http_headers, data={'name': 'ana'}) self.assertEqual(r.status_code, 302) self.assertIn('ana', httpretty.last_request().body) # third submission, now we're over the limit httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/[email protected]', headers=http_headers, data={'name': 'maria'}) self.assertEqual(r.status_code, 302) # the response to the user is the same # being the form over the limits or not # but the mocked sendgrid should never receive this last form self.assertNotIn('maria', httpretty.last_request().body) self.assertIn('You+are+past+our+limit', httpretty.last_request().body) # all the other variables are ok: self.assertEqual(1, Form.query.count()) f = Form.query.first() self.assertEqual(f.counter, 3) self.assertEqual(f.get_monthly_counter(), 3) # the counters mark 4 # the user pays and becomes upgraded r = self.client.post('/register', data={ 'email': '*****@*****.**', 'password': '******' }) user = User.query.filter_by(email='*****@*****.**').first() user.upgraded = True user.emails = [Email(address='*****@*****.**')] DB.session.add(user) DB.session.commit() # the user should receive form posts again httpretty.register_uri(httpretty.POST, 'https://api.sendgrid.com/api/mail.send.json') r = self.client.post('/[email protected]', headers=http_headers, data={'name': 'noah'}) self.assertEqual(r.status_code, 302) self.assertIn('noah', httpretty.last_request().body)