Esempio n. 1
0
    def handle(self, *args, **options):
        count = 100000
        for i in xrange(count):
            lradius = random.uniform(0.1, 0.8)
            lat = random.uniform(-85, 85)
            lng = random.uniform(-175, 175)

            north_east = Point(lng + lradius, lat - lradius)
            south_west = Point(lng - lradius, lat + lradius)
            center = Point(lng, lat)
            radius = lradius * 111131 # length of lng degree on 45 lat
            polygon = Polygon((
                (north_east.x, north_east.y),
                (north_east.x, south_west.y),
                (south_west.x, south_west.y),
                (south_west.x, north_east.y),
                (north_east.x, north_east.y)
            ))
            is_circle = random.randint(0,1) == 1

            region = Region(
                name="region_num_%s" % i,
                north_east =north_east,
                south_west=south_west,
                polygon=polygon,
                radius=radius,
                center=center,
                is_circle=is_circle,
            )

            percents = (float(i) / float(count)) * 100
            sys.stdout.write("Completeness: %3d%%\r" % percents)
            sys.stdout.flush()
            region.save()
    def handle(self, *args, **options):
        path = pathjoin(
            dirname(__file__),
            pardir, pardir,
            'azavea-geo-data',
            'Neighborhoods_Philadelphia',
            'Neighborhoods_Philadelphia.shp')

        shapefile = gdal.DataSource(path)
        for layer in shapefile:
            for feature in layer:
                try:
                    region = Region.objects.get(
                        layer='neighborhoods',
                        name=feature.get('listname'))
                    print 'Updating "%s"' % region.name
                except Region.DoesNotExist:
                    region = Region(
                        layer='neighborhoods',
                        name=feature.get('listname'))
                    print 'Loading "%s"' % region.name

        # Transform the projection from 102729 (NAD 1983 StatePlane
        # Pennsylvania South FIPS 3702 Feet) to 4326 (WSG 1984).
        #
        # Source: http://svn.osgeo.org/postgis/tags/0.7.4/spatial_ref_sys.sql
                region.shape = feature.geom.geos
                region.shape.srid = 102729
                region.shape.transform(4326)

                region.save()
Esempio n. 3
0
    def setUp(self):
        self.regions = []

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()
Esempio n. 4
0
class RegionPermissionTests(TestCase):
    def setUp(self):
        self.regions = []

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.philip = User(username="******", email="*****@*****.**")
        self.philip.save()

        self.marina = User(username="******", email="*****@*****.**")
        self.marina.save()

        # Philip admin of SF
        self.sf.regionsettings.admins.add(self.philip)

        # Marina admin of Oakland
        self.oak.regionsettings.admins.add(self.marina)

    def test_banned_cant_edit(self):
        # Add Marina to the SF banned list
        banned_sf, created = BannedFromRegion.objects.get_or_create(region=self.sf)
        banned_sf.users.add(self.marina)

        p = Page(name="In sf", region=self.sf)
        self.assertFalse(self.marina.has_perm('pages.change_page', p))

        mapdata = MapData(page=p, region=self.sf)
        self.assertFalse(self.marina.has_perm('maps.change_map', mapdata))

        redirect = Redirect(source="testsource", destination=p, region=self.sf)
        self.assertFalse(self.marina.has_perm('redirects.change_redirect', redirect))
    def handle(self, *args, **options):
        path = pathjoin(dirname(__file__), pardir, pardir, 'azavea-geo-data',
                        'Neighborhoods_Philadelphia',
                        'Neighborhoods_Philadelphia.shp')

        shapefile = gdal.DataSource(path)
        for layer in shapefile:
            for feature in layer:
                try:
                    region = Region.objects.get(layer='neighborhoods',
                                                name=feature.get('listname'))
                    print 'Updating "%s"' % region.name
                except Region.DoesNotExist:
                    region = Region(layer='neighborhoods',
                                    name=feature.get('listname'))
                    print 'Loading "%s"' % region.name

        # Transform the projection from 102729 (NAD 1983 StatePlane
        # Pennsylvania South FIPS 3702 Feet) to 4326 (WSG 1984).
        #
        # Source: http://svn.osgeo.org/postgis/tags/0.7.4/spatial_ref_sys.sql
                region.shape = feature.geom.geos
                region.shape.srid = 102729
                region.shape.transform(4326)

                region.save()
    def setUp(self):
        super(AuthenticationAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        # Create auth token for the edit user
        self.token = Token.objects.get_or_create(user=self.edit_user)[0]

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p
    def setUp(self):
        from regions.models import Region
        from pages.models import Page
        from tags.models import Tag, PageTagSet

        self.factory = RequestFactory()

        # Create a new region and associate a domain with it
        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.sf.regionsettings.domain = 'fakename.org'
        self.sf.regionsettings.save()

        self.user = User.objects.create_user(
            username='******', email='*****@*****.**', password='******')
        self.user.save()
       
        # Create a page in the SF region
        p = Page(name='Parks', content='<p>Hi</p>', region=self.sf)
        p.save(user=self.user)
        p.content += "!"
        p.save(user=self.user)

        # Add a tag to the page
        t = Tag(name='park', slug='park', region=self.sf)
        t.save(user=self.user)
        pts = PageTagSet(region=self.sf, page=p)
        pts.save(user=self.user)
        pts.tags.add(t)
        pts.save(user=self.user)
class XSSTest(TestCase):
    """ Test for tricky attempts to inject scripts into a page
    Exploits adapted from http://ha.ckers.org/xss.html
    """
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()

    def encode_hex_entities(self, string):
        return ''.join('&#x%02X;' % ord(c) for c in string)

    def encode_decimal_entities(self, string):
        return ''.join('&#%i' % ord(c) for c in string)

    def test_encode_hex_entities(self):
        encoded = self.encode_hex_entities('\'\';!--"<XSS>=&{()}')
        self.assertEqual(
            encoded, '&#x27;&#x27;&#x3B;&#x21;&#x2D;&#x2D;&#x22;'
            '&#x3C;&#x58;&#x53;&#x53;&#x3E;&#x3D;&#x26;'
            '&#x7B;&#x28;&#x29;&#x7D;')

    def test_encode_decimal_entities(self):
        encoded = self.encode_decimal_entities('\'\';!--"<XSS>=&{()}')
        self.assertEqual(
            encoded, '&#39&#39&#59&#33&#45&#45&#34&#60&#88&#83'
            '&#83&#62&#61&#38&#123&#40&#41&#125')

    def test_xss_all(self):
        for exploit in xss_exploits:
            for e in [exploit, exploit.lower(), exploit.upper()]:
                self.failIf(self.is_exploitable(e), 'XSS exploit: ' + e)
                hex = self.encode_hex_entities(e)
                self.failIf(self.is_exploitable(hex), 'XSS exploit hex: ' + e)
                dec = self.encode_decimal_entities(e)
                self.failIf(self.is_exploitable(dec), 'XSS exploit dec: ' + e)

    def is_exploitable(self, exploit):
        p = Page(name='XSS Test', content=exploit, region=self.region)
        p.clean_fields()
        t = Template(html_to_template_text(p.content, {'region': self.region}))
        html = t.render(Context())
        return self.contains_script(html)

    def contains_script(self, html):
        fragments = fragments_fromstring(html)
        for frag in fragments:
            if not hasattr(frag, 'tag'):
                continue
            for e in frag.iter():
                if e.tag.lower() == 'script' or e.tag.lower() == 'xss':
                    return True
                for a, v in e.attrib.items():
                    if a.lower().startswith('on'):
                        # event handler
                        return True
                    if v.lower().startswith('jav'):
                        # script protocol
                        return True
        return False
class XSSTest(TestCase):
    """ Test for tricky attempts to inject scripts into a page
    Exploits adapted from http://ha.ckers.org/xss.html
    """
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()

    def encode_hex_entities(self, string):
        return''.join('&#x%02X;' % ord(c) for c in string)

    def encode_decimal_entities(self, string):
        return''.join('&#%i' % ord(c) for c in string)

    def test_encode_hex_entities(self):
        encoded = self.encode_hex_entities('\'\';!--"<XSS>=&{()}')
        self.assertEqual(encoded, '&#x27;&#x27;&#x3B;&#x21;&#x2D;&#x2D;&#x22;'
                                  '&#x3C;&#x58;&#x53;&#x53;&#x3E;&#x3D;&#x26;'
                                  '&#x7B;&#x28;&#x29;&#x7D;')

    def test_encode_decimal_entities(self):
        encoded = self.encode_decimal_entities('\'\';!--"<XSS>=&{()}')
        self.assertEqual(encoded, '&#39&#39&#59&#33&#45&#45&#34&#60&#88&#83'
                         '&#83&#62&#61&#38&#123&#40&#41&#125')

    def test_xss_all(self):
        for exploit in xss_exploits:
            for e in [exploit, exploit.lower(), exploit.upper()]:
                self.failIf(self.is_exploitable(e), 'XSS exploit: ' + e)
                hex = self.encode_hex_entities(e)
                self.failIf(self.is_exploitable(hex), 'XSS exploit hex: ' + e)
                dec = self.encode_decimal_entities(e)
                self.failIf(self.is_exploitable(dec), 'XSS exploit dec: ' + e)

    def is_exploitable(self, exploit):
        p = Page(name='XSS Test', content=exploit, region=self.region)
        p.clean_fields()
        t = Template(html_to_template_text(p.content, {'region': self.region}))
        html = t.render(Context())
        return self.contains_script(html)

    def contains_script(self, html):
        fragments = fragments_fromstring(html)
        for frag in fragments:
            if not hasattr(frag, 'tag'):
                continue
            for e in frag.iter():
                if e.tag.lower() == 'script' or e.tag.lower() == 'xss':
                    return True
                for a, v in e.attrib.items():
                    if a.lower().startswith('on'):
                        # event handler
                        return True
                    if v.lower().startswith('jav'):
                        # script protocol
                        return True
        return False
    def setUp(self):
        super(FileAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(username="******",
                              email="*****@*****.**",
                              password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(username="******",
                                email="*****@*****.**",
                                password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        pf = PageFile(name="file.txt",
                      slug='duboce park',
                      region=self.sf_region)
        pf.save()
        pf.file.save('file.txt', ContentFile('foo'))

        pf = PageFile(name="file_other.txt",
                      slug='duboce park',
                      region=self.sf_region)
        pf.save()
        pf.file.save('file_other.txt', ContentFile('foo2'))
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

        self.old_allowed_src = getattr(settings, 'EMBED_ALLOWED_SRC', ['.*'])
        settings.EMBED_ALLOWED_SRC = [
            'http://www.youtube.com/embed/.*',
            'http://player.vimeo.com/video/.*'
        ]
class RedirectTest(TestCase):
    def setUp(self):
        self.region = Region(full_name="Test Region", slug="test_region")
        self.region.save()

    def test_redirect_to_self(self):
        p = Page(name="foobar", content="<p>foobar</p>", region=self.region)
        p.save()
        r = Redirect(source='foobar', destination=p, region=self.region)
        self.assertRaises(exceptions.RedirectToSelf, r.save)
    def setUp(self):
        super(PageAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(username="******",
                              email="*****@*****.**",
                              password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(username="******",
                                email="*****@*****.**",
                                password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        t1 = Tag(name='lake')
        t1.save()
        t2 = Tag(name='water')
        t2.save()
        pts = PageTagSet(page=p, region=self.sf_region)
        pts.save()
        pts.tags = [t1, t2]
Esempio n. 14
0
    def test_fix_tags(self):
        """
        Test the `fix_tags` utility function.
        """
        from pages.models import Page
        from tags.tag_utils import fix_tags

        #########################
        # Create some test regions
        #########################
       
        sf = Region(full_name="San Francisco Test", slug='sftest')
        sf.save()

        mission = Region(full_name="Mission", slug="mission")
        mission.save()

        #########################
        # Create some test tags
        #########################

        park = Tag(name='park', region=sf)
        park.save()

        fun = Tag(name='fun', region=sf)
        fun.save()

        #########################
        # Add the tags to a test page
        #########################

        page = Page(name="Duboce Park", content="<p>Park.</p>", region=sf)
        page.save()

        pts = PageTagSet(
            page=page,
            region=sf
        )
        pts.save()
        pts.tags.add(park)
        pts.tags.add(fun)
        pts.save()

        # Now do something odd and make one of the referenced `Tag`s point
        # to a different region than the PageTagSet.
        fun.region = mission
        fun.save()

        self.assertTrue(pts.tags.filter(region=mission).exists())

        # Then attempt a fix:
        fix_tags(sf, PageTagSet.objects.filter(id=pts.id))

        pts = PageTagSet.objects.get(page=page, region=sf)
        self.assertFalse(pts.tags.filter(region=mission).exists())

        # Check that this is fixed in historical versions as well
        for pts_h in pts.versions.all():
            self.assertFalse(pts_h.tags.filter(region=mission).exists())
    def setUp(self):
        super(FileAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        pf = PageFile(name="file.txt", slug='duboce park', region=self.sf_region)
        pf.save()
        pf.file.save('file.txt', ContentFile('foo'))

        pf = PageFile(name="file_other.txt", slug='duboce park', region=self.sf_region)
        pf.save()
        pf.file.save('file_other.txt', ContentFile('foo2'))
    def setUp(self):
        super(PageAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        t1 = Tag(name='lake')
        t1.save()
        t2 = Tag(name='water')
        t2.save()
        pts = PageTagSet(page=p, region=self.sf_region)
        pts.save()
        pts.tags = [t1, t2]
Esempio n. 17
0
class CompleteListFilter(django_filters.FilterSet):
    complete = django_filters.ChoiceFilter(
        label="Complete",
        method="filter_complete",
        choices=(
            ("1", "Complete"),
            ("0", "Incomplete"),
            ("", "All"),
        ),
    )
    region = django_filters.ChoiceFilter(label="Region",
                                         choices=Region.region_choices(),
                                         method="filter_region")

    class Meta:
        model = PledgeProgram  # This is needed to automatically make year/term
        fields = ["region", "year", "term", "complete"]
        order_by = ["chapter"]

    def filter_complete(self, queryset, field_name, value):
        return queryset

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(chapter__candidate_chapter=True)
        else:
            queryset = queryset.filter(chapter__region__slug=value)
        return queryset
Esempio n. 18
0
class GearArticleListFilter(django_filters.FilterSet):
    region = django_filters.ChoiceFilter(
        label="Region", choices=Region.region_choices(), method="filter_region"
    )
    chapter = django_filters.ChoiceFilter(
        label="Chapter", choices=Chapter.chapter_choices(), method="filter_chapter"
    )
    date = DateRangeFilter(label="Submit Date")

    class Meta:
        fields = ["region", "chapter", "reviewed", "date"]
        model = GearArticle
        order_by = ["chapter"]

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(chapter__candidate_chapter=True)
        else:
            queryset = queryset.filter(chapter__region__slug=value)
        return queryset

    def filter_chapter(self, queryset, field_name, value):
        if value:
            queryset = queryset.filter(submission__chapter__slug=value)
        return queryset
Esempio n. 19
0
class AdvisorListFilter(django_filters.FilterSet):
    region = django_filters.ChoiceFilter(choices=Region.region_choices(),
                                         method="filter_region")
    chapter = django_filters.ChoiceFilter(
        label="Chapter",
        choices=Chapter.chapter_choices(),
        method="filter_chapter",
    )

    class Meta:
        model = User
        fields = {
            "name": ["icontains"],
            "chapter": ["exact"],
        }
        order_by = ["name"]

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(chapter__candidate_chapter=True)
        else:
            queryset = queryset.filter(chapter__region__slug=value)
        return queryset
Esempio n. 20
0
 def get_context_data(self, **kwargs):
     ctx = super(UserRegionMixin, self).get_context_data(**kwargs)
     regions = Region.get_user_count_by_region()
     ctx['regions'] = regions
     ctx['total_users'] = sum(
         [region['users__count'] for region in regions])
     return ctx
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

        self.old_allowed_src = getattr(settings, 'EMBED_ALLOWED_SRC', ['.*'])
        settings.EMBED_ALLOWED_SRC = ['http://www.youtube.com/embed/.*',
                                     'http://player.vimeo.com/video/.*']
Esempio n. 22
0
class AuthenticationAPITests(APITestCase):
    def setUp(self):
        super(AuthenticationAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        # Create auth token for the edit user
        self.token = Token.objects.get_or_create(user=self.edit_user)[0]

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

    def test_basic_page_post(self):
        # Without authentication, a POST should fail
        data = {'name': 'Test Page', 'content': '<p>hi</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_401_UNAUTHORIZED)

        # Now try with an API token, which should work
        self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key)
        data = {'name': 'Test Page', 'content': '<p>hi</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        # Now check to make sure the page version was edited by the user associated with the API token
        p = Page.objects.get(region=self.sf_region, name="Test Page")
        self.assertEqual(p.versions.most_recent().version_info.user, self.edit_user)
Esempio n. 23
0
    def setUp(self):
        self.regions = []

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.philip = User(username="******", email="*****@*****.**")
        self.philip.save()

        self.marina = User(username="******", email="*****@*****.**")
        self.marina.save()

        # Philip admin of SF
        self.sf.regionsettings.admins.add(self.philip)

        # Marina admin of Oakland
        self.oak.regionsettings.admins.add(self.marina)
    def setUp(self):
        super(RedirectAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.dolores_park = Page(name="Dolores Park", content="<p>Hi</p>", region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park", content="<p>Hi</p>", region=self.sf)
        self.duboce_park.save()

        self.mission_dolores_park = Redirect(
            source="mission dolores park",
            destination=self.dolores_park,
            region=self.sf
        )
        self.mission_dolores_park.save()

        self.dog_park = Redirect(
            source="dog park",
            destination=self.duboce_park,
            region=self.sf
        )
        self.dog_park.save()
Esempio n. 25
0
def atomicEmployeeAndOrder(request):
	if request.POST.get("atomic", ""):
		region = Region(pk = 5, regiondescription = "Polska");
		region.save();

		category = Category(categoryname="computers", description="super");
		category.save();

	if request.POST.get("savepoints", ""):
		region = Region(pk = 5, regiondescription = "Polska");
		region.save()
		try:
			spoint = transaction.savepoint()
		
			category = Category(categoryname="computers", description="super")
			category.save();
			raise Exception("I know python!")
			transaction.savepoint_commit(spoint)
		except Exception:
			transaction.savepoint_rollback(spoint) 


	return render_to_response("atomic.html",
						locals(),
						context_instance=RequestContext(request))
Esempio n. 26
0
    def create_superuser(self, email, password, **extra_fields):
        chapter = Chapter.objects.first()
        if chapter is None:
            # this would happen on first install; make a default test region/chapter
            from regions.models import Region

            region = Region.objects.first()
            if region is None:
                Region(name="Test Region").save()
                region = Region.objects.first()
            Chapter(name="Test Chapter", region=region).save()
            chapter = Chapter.objects.first()
        extra_fields.setdefault("chapter", chapter)
        super().create_superuser(email=email,
                                 password=password,
                                 **extra_fields)
Esempio n. 27
0
 def __init__(self, *args, **kwargs):
     natoff = kwargs.get("natoff", False)
     if natoff:
         kwargs.pop("natoff")
         self.base_filters["region"] = django_filters.ChoiceFilter(
             choices=Region.region_choices(), method="filter_region"
         )
         self.base_filters["chapter"] = django_filters.ChoiceFilter(
             label="Chapter",
             choices=Chapter.chapter_choices(),
             method="filter_chapter",
         )
         self.base_filters["pictures"] = django_filters.ChoiceFilter(
             label="Pictures",
             choices=((True, "1+"), (False, "None")),
             method="filter_pictures",
         )
     super().__init__(*args, **kwargs)
Esempio n. 28
0
class ChapterBalanceListFilter(django_filters.FilterSet):
    region = django_filters.ChoiceFilter(label="Region",
                                         choices=Region.region_choices(),
                                         method="filter_region")

    class Meta:
        model = Invoice
        fields = [
            "region",
        ]

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(candidate_chapter=True)
        else:
            queryset = queryset.filter(region_slug=value)
        return queryset
Esempio n. 29
0
class BallotCompleteFilter(django_filters.FilterSet):
    region = django_filters.ChoiceFilter(
        label="Region", choices=Region.region_choices(), method="filter_region"
    )

    class Meta:
        model = BallotComplete
        fields = [
            "region",
            "motion",
        ]
        order_by = ["ballot__due_date"]

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(user__chapter__candidate_chapter=True)
        else:
            queryset = queryset.filter(user__chapter__region__slug=value)
        return queryset
Esempio n. 30
0
class CanonicalURLTests(TestCase):
    def has_canonical_url(self, url, request, response):
        from phased.middleware import PhasedRenderMiddleware
        phased_middleware = PhasedRenderMiddleware()

        response = phased_middleware.process_response(request, response)
        doc = document_fromstring(response.content)
        canonical_urls = doc.findall('.//link[@rel="canonical"]')

        if len(canonical_urls) != 1:
            return False

        return (canonical_urls[0].attrib['href'] == url)

    def setUp(self):
        from regions.models import Region
        from pages.models import Page
        from tags.models import Tag, PageTagSet

        self.factory = RequestFactory()

        # Create a new region and associate a domain with it
        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.sf.regionsettings.domain = 'fakename.org'
        self.sf.regionsettings.save()

        self.user = User.objects.create_user(
            username='******', email='*****@*****.**', password='******')
        self.user.save()
       
        # Create a page in the SF region
        p = Page(name='Parks', content='<p>Hi</p>', region=self.sf)
        p.save(user=self.user)
        p.content += "!"
        p.save(user=self.user)

        # Add a tag to the page
        t = Tag(name='park', slug='park', region=self.sf)
        t.save(user=self.user)
        pts = PageTagSet(region=self.sf, page=p)
        pts.save(user=self.user)
        pts.tags.add(t)
        pts.save(user=self.user)

    @contextmanager
    def mock_hosts_middleware(self, request):
        # This is certainly rather annoying, but needed because
        # we have to reload everything as we're changing settings
        # dynamically.
        import django_hosts
        reload(django_hosts)
        import main.hosts
        reload(main.hosts)
        import django_hosts.reverse
        reload(django_hosts.reverse)
        import django_hosts.middleware
        reload(django_hosts.middleware)
        from django_hosts.middleware import BaseHostsMiddleware

        current_urlconf = get_urlconf() or settings.ROOT_URLCONF
        middleware = BaseHostsMiddleware()
        host, kwargs = middleware.get_host(request.get_host())
        request.urlconf = host.urlconf
        request.host = host
        set_urlconf(host.urlconf)

        # Annddd we also need to render the phased template response, too! Whew.
        

        yield

        set_urlconf(current_urlconf)

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_front_page(self):
        from frontpage.views import FrontPageView
        from django_hosts.middleware import HostsMiddlewareRequest

        #####################################################
        # Just the default / page in a custom domain region
        #####################################################

        request = self.factory.get('/')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = FrontPageView.as_view()
            response = view(request)

            canonical_url = 'https://%s/sf/' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # The /Front_Page page in a custom domain region.
        #####################################################

        request = self.factory.get('/Front_Page')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = FrontPageView.as_view()
            response = view(request)

            canonical_url = 'https://%s/sf/' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # The /Front_Page page on the main host inside region
        ##################################################### 
        
        request = self.factory.get('/sf/Front_Page')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = FrontPageView.as_view()
            response = view(request, region='sf')

            canonical_url = '/sf/'
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # The /FRONT_pAgE (changed capitalization)
        ##################################################### 
        
        request = self.factory.get('/sf/FRONT_pAgE')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = FrontPageView.as_view()
            response = view(request, region='sf')

            canonical_url = '/sf/'
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))


    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_page_names(self):
        from pages.views import PageDetailView
        from pages.urls import slugify
        from django_hosts.middleware import HostsMiddlewareRequest

        #####################################################
        # A regular page on a custom domain
        #####################################################

        request = self.factory.get('/Parks')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageDetailView.as_view())
            response = view(request, slug='Parks')

            canonical_url = 'https://%s/sf/Parks' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Now let's try it with an alternative capitalization
        #####################################################

        request = self.factory.get('/PArkS')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageDetailView.as_view())
            response = view(request, slug='PArkS')

            canonical_url = 'https://%s/sf/Parks' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Regular page viewing directly on the main host
        #####################################################

        request = self.factory.get('/sf/Parks')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageDetailView.as_view())
            response = view(request, slug='Parks', region='sf')

            response.render()
            # Directly on the canonical url, so it shouldn't be rendered
            self.assertFalse(self.has_canonical_url('', request, response))

        #####################################################
        # Capitalization variant viewed on the main host
        #####################################################

        request = self.factory.get('/sf/PArks')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageDetailView.as_view())
            response = view(request, slug='PArks', region='sf')

            canonical_url = '/sf/Parks'
            response.render()
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_search(self):
        from search.urls import haystack_search, global_search
        from django_hosts.middleware import HostsMiddlewareRequest

        #####################################################
        # Search page on custom domain
        #####################################################

        request = self.factory.get('/_rsearch/?q=parks')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = haystack_search
            response = view(request)

            canonical_url = 'https://%s/_rsearch/sf?q=parks' % settings.MAIN_HOSTNAME
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Search page on main domain
        #####################################################

        request = self.factory.get('/_rsearch/sf?q=parks')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = haystack_search
            response = view(request, region='sf')

            canonical_url = ''
            # On host, so no canonical url
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_activity(self):
        from activity.views import RegionActivity

        #####################################################
        # Activity page on custom domain
        #####################################################

        request = self.factory.get('/_activity')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = RegionActivity.as_view()
            response = view(request)

            canonical_url = 'https://%s/sf/_activity' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Activity page on normal region
        #####################################################

        request = self.factory.get('/sf/_activity')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = RegionActivity.as_view()
            response = view(request, region='sf')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_map(self):
        from maps.views import MapFullRegionView 

        #####################################################
        # Main map on custom domain
        #####################################################

        request = self.factory.get('/map/')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = MapFullRegionView.as_view()
            response = view(request)

            canonical_url = 'https://%s/sf/map/' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Main map on normal region
        #####################################################

        request = self.factory.get('/sf/map/')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = MapFullRegionView.as_view()
            response = view(request, region='sf')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))


    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_tags(self):
        from tags.views import TaggedList

        #####################################################
        # List of tagged pages on custom domain
        #####################################################

        request = self.factory.get('/tags/park')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = TaggedList.as_view()
            response = view(request, slug='park')

            canonical_url = 'https://%s/sf/tags/park' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Main map on normal region
        #####################################################

        request = self.factory.get('/sf/tags/park')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = TaggedList.as_view()
            response = view(request, slug='park', region='sf')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))


    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_map_for_tags(self):
        from maps.views import MapForTag

        #####################################################
        # Map of tagged pages on custom domain
        #####################################################

        request = self.factory.get('/map/tags/park')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = MapForTag.as_view()
            response = view(request, tag='park')

            canonical_url = 'https://%s/sf/map/tags/park' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Main map on normal region
        #####################################################

        request = self.factory.get('/sf/map/tags/park')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = MapForTag.as_view()
            response = view(request, tag='park', region='sf')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_page_info(self):
        from pages.urls import slugify
        from pages.views import PageVersionsList

        #####################################################
        # Page info on custom domain
        #####################################################

        request = self.factory.get('/Parks/_history/')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageVersionsList.as_view())
            response = view(request, slug='Parks')

            canonical_url = 'https://%s/sf/Parks/_history/' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Main map on normal region
        #####################################################

        request = self.factory.get('/sf/Parks/_history/')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = slugify(PageVersionsList.as_view())
            response = view(request, slug='Parks', region='sf')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))

    @override_settings(CUSTOM_HOSTNAMES=['fakename.org'])
    def test_canonical_page_diff(self):
        from pages.urls import slugify
        from pages.views import PageCompareView

        #####################################################
        # Page diff on custom domain
        #####################################################

        request = self.factory.get('/Parks/_history/2...1')
        request.user = self.user
        request.META['HTTP_HOST'] = self.sf.regionsettings.domain

        with self.mock_hosts_middleware(request):
            view = slugify(PageCompareView.as_view())
            response = view(request, slug='Parks', version1='2', version2='1')

            canonical_url = 'https://%s/sf/Parks/_history/2...1' % settings.MAIN_HOSTNAME
            response.render()
            self.assertTrue(self.has_canonical_url(canonical_url, request, response))

        #####################################################
        # Page diff on a normal region
        #####################################################

        request = self.factory.get('/sf/Parks/_history/2...1')
        request.user = self.user
        request.META['HTTP_HOST'] = settings.MAIN_HOSTNAME

        with self.mock_hosts_middleware(request):
            view = slugify(PageCompareView.as_view())
            response = view(request, slug='Parks', region='sf', version1='2', version2='1')

            canonical_url = ''
            response.render()
            # No canonical URL emitted
            self.assertFalse(self.has_canonical_url(canonical_url, request, response))
 def setUp(self):
     self.region = Region(full_name="Test Region", slug="test_region")
     self.region.save()
    def setUp(self):
        super(MapAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.golden_gate_park = Page(name="Golden Gate Park", content="<p>Hi</p>", region=self.sf)
        self.golden_gate_park.save()

        self.dolores_park = Page(name="Dolores Park", content="<p>Hi</p>", region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park", content="<p>Hi</p>", region=self.sf)
        self.duboce_park.save()

        self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
        self.dolores_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [
          {
          "type": "Polygon",
          "coordinates": [
            [
              [
                -122.42835760116576,
                37.76128348360843
              ],
              [
                -122.42799282073973,
                37.75812815505155
              ],
              [
                -122.42591142654419,
                37.758297799795336
              ],
              [
                -122.42627620697021,
                37.761402229904654
              ],
              [
                -122.42835760116576,
                37.76128348360843
              ]
            ]
          ]
        }]
      }""")
        self.dolores_park_map.save()

        self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
        self.duboce_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [

           {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.43505239486696,
                  37.770443352285376
                ],
                [
                  -122.43490219116211,
                  37.76917121614543
                ],
                [
                  -122.431640625,
                  37.769408683219545
                ],
                [
                  -122.43179082870485,
                  37.76991753866766
                ],
                [
                  -122.43460178375243,
                  37.769713996908635
                ],
                [
                  -122.43505239486696,
                  37.770443352285376
                ]
              ]
            ]
          } 

        ]
      }
      """)
        self.duboce_park_map.save()
class PageAPITests(APITestCase):
    def setUp(self):
        super(PageAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        t1 = Tag(name='lake')
        t1.save()
        t2 = Tag(name='water')
        t2.save()
        pts = PageTagSet(page=p, region=self.sf_region)
        pts.save()
        pts.tags = [t1, t2]
        
    def test_basic_page_list(self):
        response = self.client.get('%s/pages/' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 3)

    def test_basic_page_detail(self):
        response = self.client.get('%s/pages/?slug=dolores%%20park' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)
        self.assertEqual(jresp['results'][0]['name'], 'Dolores Park')

    def test_basic_page_post(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Test Page', 'content': '<p>hi</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

    def test_basic_page_delete(self):
        self.client.force_authenticate(user=self.edit_user)

        # First, let's create
        data = {'name': 'Test Page for delete', 'content': '<p>hi</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        jresp = json.loads(resp.content)
        url = jresp['url']

        # Page exists
        self.assertTrue(Page.objects.filter(name='Test Page for delete'))

        resp = self.client.delete(url, format='json')
        self.assertEqual(resp.status_code, status.HTTP_204_NO_CONTENT)

        # Page doesn't exist anymore
        self.assertFalse(Page.objects.filter(name='Test Page for delete'))

    def test_page_post_with_tags(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Test Page with tags', 'content': '<p>hi with tags</p>',
                'tags': ['park', 'fun'],
                'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
        jresp = json.loads(resp.content)
        self.assertEqual(set(jresp['tags']), set(['park', 'fun']))

    def test_post_no_region(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Test Page no region', 'content': '<p>hi with tags</p>'}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)

    def test_filter_tags(self):
        response = self.client.get('%s/pages/?tags=lake' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)
        self.assertEqual(jresp['results'][0]['slug'], 'duboce park')

        response = self.client.get('%s/pages/?tags=lake,wifi' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 0)

        response = self.client.get('%s/pages/?tags=water,lake' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_post_page_already_exists(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'slug': 'dolores park', 'name': 'Dolores Park', 'content': '<p>hi exists</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        try:
            resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        #except (IntegrityError, DatabaseError):
        except:
            # XXX TODO: make this more specific. Had to make it catch-all to fix a problem with
            # context missing from the request here!?!
            pass
        else:
            self.assertTrue(False)

    def test_filter_slug(self):
        response = self.client.get('%s/pages/?slug__icontains=PaRk' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 2)

        response = self.client.get('%s/pages/?slug__istartswith=DOLO' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)
        self.assertEqual(jresp['results'][0]['slug'], 'dolores park')

    def test_chained_region_filter(self):
        response = self.client.get('%s/pages/?region__slug__icontains=ak' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

        response = self.client.get('%s/pages/?region__slug__istartswith=o' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)
        self.assertEqual(jresp['results'][0]['slug'], 'lake merritt')

    def test_basic_page_put(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Duboce Park', 'content': '<p>hi new content</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
        jresp = json.loads(resp.content)

        # Make sure the tags are still there even though we didn't update them.
        self.assertEqual(jresp['content'], '<p>hi new content</p>')
        self.assertEqual(set(jresp['tags']), set(['lake', 'water']))

    def test_basic_page_patch(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Duboce PARK'}
        resp = self.client.patch('%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
        jresp = json.loads(resp.content)

        self.assertEqual(jresp['content'], '<p>Duboce Park here</p>')
        self.assertEqual(jresp['name'], 'Duboce PARK')

    def test_change_page_name(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'name': 'Duboce Cat'}
        resp = self.client.patch('%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
        jresp = json.loads(resp.content)

        self.assertEqual(jresp['content'], '<p>Duboce Park here</p>')
        self.assertEqual(jresp['name'], 'Duboce Cat')

        # Redirect should exist, as the page should have been renamed
        self.assertTrue(Redirect.objects.filter(source='duboce park').exists())
        redirect = Redirect.objects.get(source='duboce park')
        self.assertEqual(redirect.destination, Page.objects.get(slug='duboce cat'))

    def test_page_validation(self):
        self.client.force_authenticate(user=self.edit_user)

        # PATCH existing
        data = {'slug': 'Du~~!!! lolololol vv------_c0c$$/-_/-._<hi>',
                'content': '<p>lol</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.patch('%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
        jresp = json.loads(resp.content)
        self.assertEqual(jresp['slug'], 'duboce park')

        # POST new
        data = {'name': 'Du~~!!! lolololol vv------_c0c$$/-_/-._<hi>',
                'slug': 'Du~~!!! lolololol vv------_c0c$$/-_/-._<hi>',
                'content': '<p>lol</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
        jresp = json.loads(resp.content)
        self.assertEqual(jresp['slug'], slugify('Du~~!!! lolololol vv------ c0c$$/-/-. <hi>'))

        # Empty slug
        data = {'name': '',
                'slug': '',
                'content': '<p>lol empty</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)

        # Evil HTML
        data = {'name': 'Evil',
                'content': '<p>lol empty <script>alert("hi");</script></p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.post('%s/pages/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
        jresp = json.loads(resp.content)
        self.assertEqual(jresp['content'], '<p>lol empty &lt;script&gt;alert("hi");&lt;/script&gt;</p>')

    def test_page_permissions(self):
        self.client.force_authenticate(user=self.edit_user)

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, self.dolores_park)

        # Now try and update it as edit_user
        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, self.dolores_park)

        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        ##################################################################################
        # Let's also test to see that a general 'ban' of a user restricts page editing
        ##################################################################################

        # First, ban from the region
        banned, created = BannedFromRegion.objects.get_or_create(region=self.sf_region)
        banned.users.add(self.edit_user)

        # Now try and update a page as edit_user
        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        banned.users.remove(self.edit_user)

        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        # Now, let's try a global ban using the banned group
        banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
        self.edit_user.groups.add(banned)

        # Now try and update a page as edit_user
        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        self.edit_user.groups.remove(banned)

        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        resp = self.client.put('%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
class HTMLToTemplateTextTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

    def test_plaintext(self):
        html = "No XHTML"
        imports = ''.join(tag_imports)
        self.assertEqual(html_to_template_text(html), imports + "No XHTML")

    def test_django_tags_escaped(self):
        html = "<div>{% if 1 %}evil{% endif %}</div>"
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(
            template_text,
            imports +
            "<div>&#123;% if 1 %&#125;evil&#123;% endif %&#125;</div>"
        )

        html = "<div>{{% if 1 %}}evil{{% endif %}}</div>"
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text,
            imports + (
            "<div>&#123;&#123;% if 1 %&#125;&#125;evil"
             "&#123;&#123;% endif %&#125;&#125;</div>")
        )

        # malicious use of intermediate sanitization
        html = "<div>{amp}</div>"
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text,
            imports + (
            "<div>&#123;amp&#125;</div>")
        )

        # preserves entities
        html = '<div>&amp;&lt; then &#123;</div>'
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text,
            imports + (
            "<div>&amp;&lt; then &#123;</div>")
        )

    def test_link_tag(self):
        html = '<div><a href="http://example.org"></a></div>'
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(template_text,
            imports +
            '<div>{% link "http://example.org" %}{% endlink %}</div>')

        html = '<div><a href="http://example.org">hi!</a></div>'
        template_text = html_to_template_text(html)
        self.assertEqual(template_text,
            imports +
            '<div>{% link "http://example.org" %}hi!{% endlink %}</div>')

        html = '<div><a href="http://example.org">hi!</a></div>'
        template_text = html_to_template_text(html)
        self.assertEqual(template_text,
            imports +
            '<div>{% link "http://example.org" %}hi!{% endlink %}</div>')

    def test_link_to_tag(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a href="tags/cats">dummy</a>')
        a.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html, u'<a href="tags/cats" class="tag_link">dummy</a>')

    def test_link_to_anchor_relative(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a href="A%20Page#anchor">dummy</a>')
        a.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html, u'<a href="/test-region/A_Page#anchor" class="missing_link">dummy</a>')

        a.content = (u'<a href="#justanchor">dummy</a>')
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html, u'<a href="#justanchor">dummy</a>')

    def test_nbsp_outside_of_element(self):
        html = u'a\xa0<strong>\xa0</strong>\n'
        imports = ''.join(tag_imports)
        template_text = html_to_template_text(html)
        self.assertEqual(template_text, imports +
                                        u'a\xa0<strong>\xa0</strong>\n')

    def test_empty_a_element(self):
        html = '<p><a name="blah"></a></p>'
        imports = ''.join(tag_imports)
        template_text = html_to_template_text(html, context=self.context)
        self.assertEqual(template_text, imports + '<p><a name="blah"></a></p>')
 def setUp(self):
     self.region = Region(full_name='Test region', slug='test-region')
     self.region.save()
Esempio n. 36
0
    def setUp(self):
        super(MapAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(username="******",
                              email="*****@*****.**",
                              password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(username="******",
                                email="*****@*****.**",
                                password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.golden_gate_park = Page(name="Golden Gate Park",
                                     content="<p>Hi</p>",
                                     region=self.sf)
        self.golden_gate_park.save()

        self.dolores_park = Page(name="Dolores Park",
                                 content="<p>Hi</p>",
                                 region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park",
                                content="<p>Hi</p>",
                                region=self.sf)
        self.duboce_park.save()

        self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
        self.dolores_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [
          {
          "type": "Polygon",
          "coordinates": [
            [
              [
                -122.42835760116576,
                37.76128348360843
              ],
              [
                -122.42799282073973,
                37.75812815505155
              ],
              [
                -122.42591142654419,
                37.758297799795336
              ],
              [
                -122.42627620697021,
                37.761402229904654
              ],
              [
                -122.42835760116576,
                37.76128348360843
              ]
            ]
          ]
        }]
      }""")
        self.dolores_park_map.save()

        self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
        self.duboce_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [

           {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.43505239486696,
                  37.770443352285376
                ],
                [
                  -122.43490219116211,
                  37.76917121614543
                ],
                [
                  -122.431640625,
                  37.769408683219545
                ],
                [
                  -122.43179082870485,
                  37.76991753866766
                ],
                [
                  -122.43460178375243,
                  37.769713996908635
                ],
                [
                  -122.43505239486696,
                  37.770443352285376
                ]
              ]
            ]
          } 

        ]
      }
      """)
        self.duboce_park_map.save()
Esempio n. 37
0
class UserRoleListFilter(django_filters.FilterSet):
    current_status = django_filters.ChoiceFilter(
        choices=[
            ("active", "active"),
            ("pnm", "prospective"),
        ],
        method="filter_current_status",
    )
    role = django_filters.MultipleChoiceFilter(choices=UserRoleChange.ROLES,
                                               method="filter_role")
    region = django_filters.ChoiceFilter(choices=Region.region_choices(),
                                         method="filter_region")
    major = django_filters.ModelChoiceFilter(
        queryset=ChapterCurricula.objects.none(),
        method="filter_major",
    )
    chapter = django_filters.ChoiceFilter(
        label="Chapter",
        choices=Chapter.chapter_choices(),
        method="filter_chapter",
    )

    class Meta:
        model = User
        fields = {
            "name": ["icontains"],
            "major": ["exact"],
            "graduation_year": ["icontains"],
            "chapter": ["exact"],
        }
        order_by = ["name"]

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.filters["major"].queryset = ChapterCurricula.objects.values_list(
            "major",
            flat=True,
        ).distinct()

    def filter_current_status(self, queryset, field_name, value):
        if value:
            queryset = queryset.filter(current_status=value)
        return queryset

    def filter_role(self, queryset, field_name, value):
        if value:
            queryset = queryset.filter(roles__role__in=value,
                                       roles__end__gte=TODAY_END)
        return queryset

    def filter_region(self, queryset, field_name, value):
        if value == "national":
            return queryset
        elif value == "candidate_chapter":
            queryset = queryset.filter(chapter__candidate_chapter=True)
        else:
            queryset = queryset.filter(chapter__region__slug=value)
        return queryset

    def filter_major(self, queryset, field_name, value):
        if value:
            queryset = queryset.filter(major__major=value.major)
        return queryset

    def filter_chapter(self, queryset, field_name, value):
        if value:
            queryset = queryset.filter(chapter__slug=value)
        return queryset
Esempio n. 38
0
 def setUp(self):
     self.region = Region(full_name='Test Region', slug='test_region')
     self.region.save()
Esempio n. 39
0
class MapAPITests(APITestCase):
    def setUp(self):
        super(MapAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(username="******",
                              email="*****@*****.**",
                              password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(username="******",
                                email="*****@*****.**",
                                password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(
            name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.golden_gate_park = Page(name="Golden Gate Park",
                                     content="<p>Hi</p>",
                                     region=self.sf)
        self.golden_gate_park.save()

        self.dolores_park = Page(name="Dolores Park",
                                 content="<p>Hi</p>",
                                 region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park",
                                content="<p>Hi</p>",
                                region=self.sf)
        self.duboce_park.save()

        self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
        self.dolores_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [
          {
          "type": "Polygon",
          "coordinates": [
            [
              [
                -122.42835760116576,
                37.76128348360843
              ],
              [
                -122.42799282073973,
                37.75812815505155
              ],
              [
                -122.42591142654419,
                37.758297799795336
              ],
              [
                -122.42627620697021,
                37.761402229904654
              ],
              [
                -122.42835760116576,
                37.76128348360843
              ]
            ]
          ]
        }]
      }""")
        self.dolores_park_map.save()

        self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
        self.duboce_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [

           {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.43505239486696,
                  37.770443352285376
                ],
                [
                  -122.43490219116211,
                  37.76917121614543
                ],
                [
                  -122.431640625,
                  37.769408683219545
                ],
                [
                  -122.43179082870485,
                  37.76991753866766
                ],
                [
                  -122.43460178375243,
                  37.769713996908635
                ],
                [
                  -122.43505239486696,
                  37.770443352285376
                ]
              ]
            ]
          } 

        ]
      }
      """)
        self.duboce_park_map.save()

    def test_map_list(self):
        response = self.client.get('%s/maps/' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 2)

    def test_map_simple_post(self):
        self.client.force_authenticate(user=self.edit_user)

        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.golden_gate_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.post('%s/maps/' % self.API_ROOT,
                                data,
                                format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

    def test_page_chained_filter(self):
        response = self.client.get('%s/maps/?page__slug__icontains=dolores' %
                                   self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_geo_filter(self):
        response = self.client.get(
            '%s/maps/?polys__contains={ "type": "Point", "coordinates": [ -122.42724180221558, 37.75988395932576 ] }'
            % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_map_permissions(self):
        self.client.force_authenticate(user=self.edit_user)

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, self.dolores_park)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertIn(
            resp.status_code,
            [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, self.dolores_park)

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        ##################################################################################
        # Let's also test a normal POST to a protected page which doesn't yet have a map
        ##################################################################################
        new_park = Page(name="New Park", content="<p>Hi</p>", region=self.sf)
        new_park.save()

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, new_park)

        # Now try and create the "New Park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {
            'page':
            'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.post('%s/maps/' % self.API_ROOT,
                                data,
                                format='json')
        self.assertIn(
            resp.status_code,
            [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, new_park)

        data = {
            'page':
            'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.post('%s/maps/' % self.API_ROOT,
                                data,
                                format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        ##################################################################################
        # Let's also test to see that a general 'ban' of a user restricts map editing
        ##################################################################################

        # First, ban from the region
        banned, created = BannedFromRegion.objects.get_or_create(
            region=self.sf)
        banned.users.add(self.edit_user)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertIn(
            resp.status_code,
            [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        banned.users.remove(self.edit_user)

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        # Now, let's try a global ban using the banned group
        banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
        self.edit_user.groups.add(banned)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertIn(
            resp.status_code,
            [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        self.edit_user.groups.remove(banned)

        data = {
            'page':
            'http://testserver%s/pages/%s/' %
            (self.API_ROOT, self.dolores_park.id),
            'geom':
            geojson,
            'region':
            'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)
        }
        resp = self.client.put('%s/maps/%s/' %
                               (self.API_ROOT, self.dolores_park_map.id),
                               data,
                               format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
class PageTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()

    def test_clean_name(self):
        self.assertEqual(clean_name(' Front Page '), 'Front Page')
        self.assertEqual(clean_name('_edit'), 'edit')
        self.assertEqual(clean_name('Front Page /_edit'), 'Front Page/edit')
        self.assertEqual(clean_name('/Front Page/'), 'Front Page')
        self.assertEqual(clean_name('Front Page// /'), 'Front Page')

    def test_url_to_name(self):
        self.assertEqual(url_to_name('Front_Page'), 'Front Page')
        self.assertEqual(url_to_name('Ben_%26_Jerry%27s'), "Ben & Jerry's")

    def test_name_to_url(self):
        self.assertEqual(name_to_url('Front Page'), 'Front_Page')
        self.assertEqual(name_to_url("Ben & Jerry's"), 'Ben_%26_Jerry%27s')

    def test_slugify(self):
        # spaces and casing
        self.assertEqual(slugify('Front Page'), 'front page')
        self.assertEqual(slugify('fRoNt PaGe'), 'front page')
        self.assertEqual(slugify('Front_Page'), 'front page')
        self.assertEqual(slugify('Front+Page'), 'front page')
        self.assertEqual(slugify('Front%20Page'), 'front page')

        # slashes
        self.assertEqual(slugify('Front Page/Talk'), 'front page/talk')
        self.assertEqual(slugify('Front Page%2FTalk'), 'front page/talk')

        # extra spaces
        self.assertEqual(slugify(' I  N  C  E  P  T  I  O  N '),
                                'i n c e p t i o n')

        # quotes and other stuff
        self.assertEqual(slugify("Ben & Jerry's"), "ben & jerry's")
        self.assertEqual(slugify("Ben & Jerry's"), "ben & jerry's")
        self.assertEqual(slugify("Ben_%26_Jerry's"), "ben & jerry's")
        self.assertEqual(slugify('Manny "Pac-Man" Pacquaio'),
                                'manny "pac-man" pacquaio')
        self.assertEqual(slugify("Where am I?"), "where am i")
        self.assertEqual(slugify("What the @#$!!"), "what the @$!!")

        # unicode
        self.assertEqual(slugify("Заглавная Страница".decode('utf-8')),
                         'заглавная страница'.decode('utf-8').lower())
        encoded = ("%D0%B7%D0%B0%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F"
                     "_%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0")
        self.assertEqual(slugify(encoded),
                         'заглавная страница'.decode('utf-8'))
        self.assertEqual(slugify("Заглавная%20Страница".decode('utf-8')),
                         'заглавная страница'.decode('utf-8'))

        # idempotent?
        a = 'АЯ `~!@#$%^&*()-_+=/\|}{[]:;"\'<>.,'
        self.assertEqual(slugify(a), 'ая !@$%&*()- /"\'.,'.decode('utf-8'))
        self.assertEqual(slugify(a), slugify(slugify(a)))

    def test_pretty_slug(self):
        a = Page(name='Front Page', region=self.region)
        self.assertEqual(a.pretty_slug, 'Front_Page')
        a = Page(name='Front Page/Talk', region=self.region)
        self.assertEqual(a.pretty_slug, 'Front_Page/Talk')
        a = Page(name="Ben & Jerry's", region=self.region)
        self.assertEqual(a.pretty_slug, "Ben_%26_Jerry%27s")
        a = Page(name='Заглавная Страница', region=self.region)
        slug = ("%D0%97%D0%B0%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F"
                "_%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0")
        assert slug == quote('Заглавная_Страница')
        self.assertEqual(a.pretty_slug, slug)

    def test_merge_conflict(self):
        p = Page(region=self.region)
        p.content = '<p>old content</p>'
        p.name = 'Front Page'
        p.save()

        a = PageForm(instance=p)
        b = PageForm(instance=p)
        b_post = b.initial
        b_post['content'] = '<p>b content</p>'
        b = PageForm(b_post, instance=p)
        self.failUnless(b.is_valid())
        b.save()

        p = Page.objects.get(pk=p.pk)
        a_post = a.initial
        a_post['content'] = '<p>a content</p>'
        a = PageForm(a_post, instance=p)
        self.failIf(a.is_valid())
        # + '' to force evaluation of lazy string
        self.failUnless(str(PageForm.conflict_error + '') in str(a.errors))

        a_post = a.data
        a = PageForm(a_post, instance=p)
        self.failUnless(a.is_valid())
        a.save()
        p = Page.objects.get(pk=p.pk)
        self.failUnless('Edit conflict!' in p.content)

    def test_page_rename(self):
        p = Page(region=self.region)
        p.content = "<p>The page content.</p>"
        p.name = "Original page"
        p.save()

        p.rename_to("New page")

        # Renamed-to page should exist.
        new_p = Page.objects.get(name="New page", region=self.region)
        # new_p should have the same content.
        self.assertEqual(new_p.content, p.content)

        # "Original page" should no longer exist.
        pgs = Page.objects.filter(name="Original page", region=self.region)
        self.assertEqual(len(pgs), 0)
        # and a redirect from "original page" to "New page" should exist.
        Redirect.objects.filter(source="original page", destination=new_p, region=self.region)

        ###########################################################
        # Renaming to a page that already exists should raise an
        # exception and not affect the original page.
        ###########################################################
        p = Page(region=self.region)
        p.content = "<p>Hello, world.</p>"
        p.name = "Page A"
        p.save()

        self.assertRaises(exceptions.PageExistsError, p.rename_to, "New page")
        # p should be unaffected.  No redirect should be created.
        p = Page.objects.get(name="Page A", region=self.region)
        self.assertEqual(p.content, "<p>Hello, world.</p>")
        self.assertEqual(len(Redirect.objects.filter(source="page a", region=self.region)), 0)

        ###########################################################
        # Renaming should carry along files and FK'ed items that
        # point to it.
        ###########################################################
        p = Page(region=self.region)
        p.content = "<p>A page with files and a map.</p>"
        p.name = "Page With FKs"
        p.save()
        # Create a file that points at the page.
        pf = PageFile(file=ContentFile("foo"), name="file.txt", slug=p.slug, region=self.region)
        pf.save()
        # Create a redirect that points at the page.
        redirect = Redirect(source="foobar", destination=p, region=self.region)
        redirect.save()
        # Create a map that points at the page.
        points = GEOSGeometry("""MULTIPOINT (-122.4378964233400069 37.7971758820830033, -122.3929211425700032 37.7688207875790027, -122.3908612060599950 37.7883584775320003, -122.4056240844700056 37.8013807351830025, -122.4148937988299934 37.8002956347170027, -122.4183270263600036 37.8051784612779969)""")
        map = MapData(points=points, page=p, region=self.region)
        map.save()
        # Add tags to page
        tagset = PageTagSet(page=p, region=self.region)
        tagset.save()
        tag = Tag(name="tag1", region=self.region)
        tag.save()
        tagset.tags.add(tag)

        p.rename_to("New Page With FKs")

        new_p = Page.objects.get(name="New Page With FKs", region=self.region)
        self.assertEqual(len(MapData.objects.filter(page=new_p, region=self.region)), 1)
        self.assertEqual(len(new_p.pagetagset.tags.all()), 1)
        # Two redirects: one we created explicitly and one that was
        # created during rename_to()
        self.assertEqual(len(Redirect.objects.filter(destination=new_p, region=self.region)), 2)
        self.assertEqual(len(PageFile.objects.filter(slug=new_p.slug, region=self.region)), 1)

        # Renaming should keep slugs pointed at old page /and/ copy
        # them to the new page.
        self.assertEqual(len(PageFile.objects.filter(slug=p.slug, region=self.region)), 1)

        ###########################################################
        # Renaming with multiple files.
        ###########################################################
        p = Page(region=self.region)
        p.content = "<p>A new page with multiple files.</p>"
        p.name = "Page with multiple files"
        p.save()
        # Create a file that points at the page.
        pf = PageFile(file=ContentFile("foo"), name="file.txt", slug=p.slug, region=self.region)
        pf.save()
        pf = PageFile(file=ContentFile("foo2"), name="file2.txt", slug=p.slug, region=self.region)
        pf.save()
        pf = PageFile(file=ContentFile("foo3"), name="file3.txt", slug=p.slug, region=self.region)
        pf.save()
        p.rename_to("A page with multiple files 2")

        p = Page.objects.get(name="A page with multiple files 2", region=self.region)
        self.assertEqual(len(PageFile.objects.filter(slug=p.slug, region=self.region)), 3)

        ###########################################################
        # Reverting a renamed page should be possible and should
        # restore files and FK'ed items that were pointed at the
        # original page.  The renamed-to page should still exist
        # after the revert and should still have its own files and
        # FK'ed items pointed at it.
        ###########################################################
        p = Page(name="Page With FKs", slug="page with fks", region=self.region)
        # get the version right before it was deleted
        v_before_deleted = len(p.versions.all()) - 1
        p_h = p.versions.as_of(version=v_before_deleted)
        p_h.revert_to()
        p = Page.objects.get(name="Page With FKs", region=self.region)
        self.assertEqual(len(MapData.objects.filter(page=p, region=self.region)), 1)
        self.assertEqual(len(PageFile.objects.filter(slug=p.slug, region=self.region)), 1)

        p2 = Page.objects.get(name="New Page With FKs")
        self.assertEqual(len(MapData.objects.filter(page=p2, region=self.region)), 1)
        self.assertEqual(len(PageFile.objects.filter(slug=p2.slug, region=self.region)), 1)

        self.assertEqual(len(Redirect.objects.filter(destination=p2, region=self.region)), 1)

        ###########################################################
        # Renaming a page and then renaming it back.
        ###########################################################
        # 1. Simple case
        p = Page(name="Page X", content="<p>Foobar</p>", region=self.region)
        p.save()
        p.rename_to("Page Y")
        self.assertEqual(len(Page.objects.filter(name="Page X", region=self.region)), 0)
        self.assertEqual(len(Page.objects.filter(name="Page Y", region=self.region)), 1)

        p_new = Page.objects.get(name="Page Y", region=self.region)
        p_new.rename_to("Page X")
        self.assertEqual(len(Page.objects.filter(name="Page X", region=self.region)), 1)
        self.assertEqual(len(Page.objects.filter(name="Page Y", region=self.region)), 0)

        # 2. If we have FKs pointed at the page this shouldn't be
        # totally f****d.
        p = Page(name="Page X2", content="<p>Foo X</p>", region=self.region)
        p.save()
        points = GEOSGeometry("""MULTIPOINT (-122.4378964233400069 37.7971758820830033, -122.3929211425700032 37.7688207875790027, -122.3908612060599950 37.7883584775320003, -122.4056240844700056 37.8013807351830025, -122.4148937988299934 37.8002956347170027, -122.4183270263600036 37.8051784612779969)""")
        map = MapData(points=points, page=p, region=self.region)
        map.save()
        # Create a file that points at the page.
        pf = PageFile(file=ContentFile("foooo"), name="file_foo.txt", slug=p.slug, region=self.region)
        pf.save()

        p.rename_to("Page Y2")
        p_new = Page.objects.get(name="Page Y2", region=self.region)
        # FK points at the page we renamed to.
        self.assertEqual(len(MapData.objects.filter(page=p_new, region=self.region)), 1)
        self.assertEqual(len(PageFile.objects.filter(slug=p_new.slug, region=self.region)), 1)

        # Now rename it back.
        p_new.rename_to("Page X2")
        p = Page.objects.get(name="Page X2", region=self.region)
        # After rename-back-to, FK points to the renamed-back-to page.
        self.assertEqual(len(MapData.objects.filter(page=p, region=self.region)), 1)
        self.assertEqual(len(PageFile.objects.filter(slug=p.slug, region=self.region)), 1)

        ###########################################################
        # Renaming a page but keeping the same slug
        ###########################################################
        p = Page(name="Foo A", content="<p>Foo A</p>", region=self.region)
        p.save()
        p.rename_to("FOO A")

        # Name has changed.
        self.assertEqual(len(Page.objects.filter(name="FOO A", region=self.region)), 1)
        # Has the same history, with a new entry for the name change.
        p = Page.objects.get(name="FOO A", region=self.region)
        p1, p0 = p.versions.all()
        self.assertEqual(p1.name, 'FOO A')
        self.assertEqual(p0.name, 'Foo A')
        self.assertEqual(p0.content, p1.content)

        ###########################################################
        # Renaming a page twice (A -> B -> C) and then revert A to
        # an existing state.
        ###########################################################
        p = Page(name="Bar A", content="<p>Bar A</p>", region=self.region)
        p.save()
        p.rename_to("Bar B")
        p = Page.objects.get(name="Bar B", region=self.region)
        p.rename_to("Bar C")

        p = Page(name="Bar A", slug="bar a", region=self.region)
        p_h = p.versions.as_of(version=1)
        p_h.revert_to()

        ###########################################################
        # Renaming a page back and forth and reverting.
        ###########################################################
        p = Page(name="Zoo A", content="<p>Zoo A</p>", region=self.region)
        p.save()
        p.rename_to("Zoo B")
        p = Page.objects.get(name="Zoo B", region=self.region)
        p.rename_to("Zoo A")
        p = Page.objects.get(name="Zoo A", region=self.region)
        p.rename_to("Zoo B")

        p = Page(name="Zoo A", slug="zoo a", region=self.region)
        p_h = p.versions.as_of(version=1)
        p_h.revert_to()

        ###########################################################
        # page A, rename to B, then create new A, rename B to C,
        # rename C to B, then revert C to first version
        ###########################################################
        p = Page(name="Mike A", content="<p>A</p>", region=self.region)
        p.save()
        p.rename_to("Mike B")
        new_a = Page(name="Mike A", content="<p>A new</p>", region=self.region)
        new_a.save()
        p = Page.objects.get(name="Mike B", region=self.region)
        p.rename_to("Mike C")
        p = Page.objects.get(name="Mike C", region=self.region)
        p.rename_to("Mike B")

        p_c = Page(name="Mike C", slug="mike c", region=self.region)
        p_h = p_c.versions.as_of(version=1)
        p_h.revert_to()

        ###########################################################
        # Page rename with links!
        ###########################################################
        from links.models import Link

        dogs_p = Page(name="Dogs", slug="dogs", region=self.region, content="<p>what</p>")
        dogs_p.save()

        p = Page(name="Places to have fun", content='<p><a href="Dogs">a link</a></p>', region=self.region)
        p.save()
        p.rename_to("Places to have the MOST fun")
       
        new_p = Page.objects.get(name="Places to have the MOST fun", region=self.region)
        self.assertEqual(new_p.links.all().count(), 1)
        self.assertEqual(new_p.links.all()[0].destination_name, 'Dogs')
        self.assertEqual(new_p.links.all()[0].destination, dogs_p)
Esempio n. 41
0
def index(request, disqus=False, comment_id=None):
    """ view that renders a default home"""
    user = request.user
    activities = user.useractivity_set.prefetch_related('activity__event')
    my_pending_activities = activities.filter(
        attendance_date__isnull=True,
        activity__event__start_date__gte=today(),
    )[:3]
    incomming_events = Event.objects.incomming().filter(
        stage__stage_type=Stage.STAGE_TYPE_ACTIVITY,
        stage__is_active=True,
    )

    comments = Comment.objects.filter(parent=None, public=True)

    if not request.user.is_experimenta():
        incomming_events = incomming_events.exclude(
            activity_type=Event.ACTIVITY_TYPES.EXPERIMENTA
        )
        comments = comments.exclude(
            event__activity_type=Event.ACTIVITY_TYPES.EXPERIMENTA
        )

    incomming_events = incomming_events[:5]

    if comment_id:
        comment = comments.filter(id=comment_id).first()
        # marks the children of the comment as read
        for c in comment.comment_set.all():
            c.notification_set.all().update(read=True)

        comments = list(comments.exclude(id=comment_id)[:9])

        if comment:
            comments.insert(0, comment)
    else:
        comments = list(comments[:10])

    # get users by region
    regions = Region.get_user_count_by_region()
    # get info about total_users except top 3
    others = {
        'users__count': sum([o['users__count'] for o in regions[3:]]),
        'percent': 100-sum([region['percent'] for region in regions[:3]])
    }
    # total users with region
    total_users = sum([region['users__count'] for region in regions])

    # institutions with users
    institutions_count = Institution.objects.has_users().active().count()

    msg = (
        u"Su cuenta en La Red se encuentra pendiente"
        u" de aprobación. Por lo que no puedes realizar acciones en el"
        u" sitio hasta que sea aprobada."
    )
    if request.user.is_pending():
        messages.add_message(
            request, messages.ERROR,
            msg
        )

    context = {
        'form': CommentForm(),
        'interest_list': request.user.interests.all(),
        'my_pending_activities': my_pending_activities,
        'incomming_events': incomming_events,
        'my_pending_activities': my_pending_activities,
        'comments': comments,
        'navbar_active': 'home',
        'institutions_count': institutions_count,
        'regions': regions,
        'total_users': total_users,
        'others': others,
    }

    return render_to_response(
        'index.jade',
        context,
        context_instance=RequestContext(request),
    )
class HTMLToTemplateTextTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

    def test_plaintext(self):
        html = "No XHTML"
        imports = ''.join(tag_imports)
        self.assertEqual(html_to_template_text(html), imports + "No XHTML")

    def test_django_tags_escaped(self):
        html = "<div>{% if 1 %}evil{% endif %}</div>"
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(
            template_text, imports +
            "<div>&#123;% if 1 %&#125;evil&#123;% endif %&#125;</div>")

        html = "<div>{{% if 1 %}}evil{{% endif %}}</div>"
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text,
            imports + ("<div>&#123;&#123;% if 1 %&#125;&#125;evil"
                       "&#123;&#123;% endif %&#125;&#125;</div>"))

        # malicious use of intermediate sanitization
        html = "<div>{amp}</div>"
        template_text = html_to_template_text(html)
        self.assertEqual(template_text,
                         imports + ("<div>&#123;amp&#125;</div>"))

        # preserves entities
        html = '<div>&amp;&lt; then &#123;</div>'
        template_text = html_to_template_text(html)
        self.assertEqual(template_text,
                         imports + ("<div>&amp;&lt; then &#123;</div>"))

    def test_link_tag(self):
        html = '<div><a href="http://example.org"></a></div>'
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(
            template_text, imports +
            '<div>{% link "http://example.org" %}{% endlink %}</div>')

        html = '<div><a href="http://example.org">hi!</a></div>'
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text, imports +
            '<div>{% link "http://example.org" %}hi!{% endlink %}</div>')

        html = '<div><a href="http://example.org">hi!</a></div>'
        template_text = html_to_template_text(html)
        self.assertEqual(
            template_text, imports +
            '<div>{% link "http://example.org" %}hi!{% endlink %}</div>')

    def test_link_to_tag(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a href="tags/cats">dummy</a>')
        a.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
                         u'<a href="tags/cats" class="tag_link">dummy</a>')

    def test_link_to_anchor_relative(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a href="A%20Page#anchor">dummy</a>')
        a.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html,
            u'<a href="/test-region/A_Page#anchor" class="missing_link">dummy</a>'
        )

        a.content = (u'<a href="#justanchor">dummy</a>')
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html, u'<a href="#justanchor">dummy</a>')

    def test_nbsp_outside_of_element(self):
        html = u'a\xa0<strong>\xa0</strong>\n'
        imports = ''.join(tag_imports)
        template_text = html_to_template_text(html)
        self.assertEqual(template_text,
                         imports + u'a\xa0<strong>\xa0</strong>\n')

    def test_empty_a_element(self):
        html = '<p><a name="blah"></a></p>'
        imports = ''.join(tag_imports)
        template_text = html_to_template_text(html, context=self.context)
        self.assertEqual(template_text, imports + '<p><a name="blah"></a></p>')
class PluginTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

        self.old_allowed_src = getattr(settings, 'EMBED_ALLOWED_SRC', ['.*'])
        settings.EMBED_ALLOWED_SRC = ['http://www.youtube.com/embed/.*',
                                     'http://player.vimeo.com/video/.*']

    def tearDown(self):
        settings.EMBED_ALLOWED_SRC = self.old_allowed_src

    def test_include_tag(self):
        html = '<a class="plugin includepage" href="Front_Page">Front Page</a>'
        template_text = html_to_template_text(html, context=self.context)
        imports = ''.join(tag_imports)
        self.assertEqual(template_text,
                         imports + ('<div class="included_page_wrapper">'
                                    '{% include_page "Front_Page" %}'
                                    '</div>'))

    def test_include_plugin(self):
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="Explore">dummy</a>'
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
                    '<div class="included_page_wrapper"><p>Some text</p></div>')

    def test_include_plugin_utf8(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a class="plugin includepage" '
                     u'href="青平台基金會">dummy</a>')
        a.save()

        b = Page(name=u'青平台基金會', region=self.region)
        b.content = u'<p>青平台基金會</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html, u'<div class="included_page_wrapper">'
                         u'<p>青平台基金會</p></div>')

    def test_include_showtitle(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage includepage_showtitle"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
                    ('<div class="included_page_wrapper">'
                     '<h2><a href="/test-region/Explore">Explore</a></h2>'
                     '<p>Some text</p>'
                     '</div>'))

    def test_include_left(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage includepage_left"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
            '<div class="included_page_wrapper includepage_left">'
            '<p>Some text</p></div>')

    def test_include_width(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage" style="width: 100px"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
            ('<div class="included_page_wrapper" style="width: 100px;">'
             '<p>Some text</p></div>'))

    def test_include_nonexistant(self):
        """ Should give an error message when including nonexistant page
        """
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="New page">dummy</a>'
        a.save()
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.failUnless(('Unable to include <a href="/test-region/New_page"'
                         ' class="missing_link">New page</a>') in html)

    def test_endless_include(self):
        """ Should detect endless loops and give an error message
        """
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="Front_Page">dummy</a>'
        a.save()
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.failUnless(('Unable to include <a href="/test-region/Front_Page">Front Page'
                         '</a>: endless include loop') in html)

    def test_double_include(self):
        """ Multiple includes are ok
        """
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage" href="Explore">dummy</a>'
                     '<a class="plugin includepage" href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
            ('<div class="included_page_wrapper"><p>Some text</p></div>'
             '<div class="included_page_wrapper"><p>Some text</p></div>'))

    def test_embed_tag(self):
        html = ('<span class="plugin embed">&lt;strong&gt;Hello&lt;/strong&gt;'
                '</span>')
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(template_text,
                         imports + ('{% embed_code %} &lt;strong&gt;Hello&lt;'
                                    '/strong&gt; {% endembed_code %}'))

    def test_embed_whitelist_reject(self):
        html = ('<span class="plugin embed">&lt;iframe src="http://evil.com"'
                '&gt;&lt;/iframe&gt;</span>')
        template = Template(html_to_template_text(html))
        rendered = template.render(Context())
        self.failUnless(('The embedded URL is not on the list of approved '
                         'providers') in rendered)

    def test_embed_whitelist_accept(self):
        html = ('<span class="plugin embed">&lt;iframe '
                'src="http://www.youtube.com/embed/JVRsWAjvQSg"'
                '&gt;&lt;/iframe&gt;</span>')
        template = Template(html_to_template_text(html))
        rendered = template.render(Context())
        self.failUnless(
            '<iframe src="http://www.youtube.com/embed/JVRsWAjvQSg"></iframe>'
            in rendered)

    def test_amp_in_link_with_class(self):
        page = Page(name='Explore', region=self.region)
        html = ('<p><a class="external something" '
                   'href="http://example.org/?t=1&amp;i=2">hi</a></p>')
        template = Template(html_to_template_text(html))
        rendered = template.render(Context({'page': page, 'region': self.region}))
        self.failUnless('http://example.org/?t=1&amp;i=2' in rendered)

    def test_link_nofollow(self):
        # Regular
        page = Page(name='Explore', region=self.region)
        rf = RequestFactory()
        request = rf.get('/')
        content = ('<p><a href="http://example.org/">hi</a></p>')
        template = Template("""
{% load pages_tags %}
{% render_plugins content %}
        """)
        rendered = template.render(Context({'region': self.region, 'request': request, 'content': content, 'page': page}))
        self.failUnless('http://example.org/' in rendered)
        self.assertTrue('nofollow' not in rendered)

        # Nofollow
        page = Page(name='Explore', region=self.region)
        rf = RequestFactory()
        request = rf.get('/')
        content = ('<p><a href="http://example.org/">hi</a></p>')
        template = Template("""
{% load pages_tags %}
{% render_plugins_nofollow content %}
        """)
        rendered = template.render(Context({'region': self.region, 'request': request, 'content': content, 'page': page}))
        self.failUnless('http://example.org/' in rendered)
        self.assertTrue('nofollow' in rendered)
class MoveRegionTests(TestCase):
    def setUp(self):
        self.regions = []

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

    def test_move_exists(self):
        ###########################################################
        # Moving a page that already exists should just silently
        # continue.
        ###########################################################

        p_sf = Page(region=self.sf)
        p_sf.content = "<p>Hello, world in SF.</p>"
        p_sf.name = "Page A"
        p_sf.save()

        p_oak = Page(region=self.oak)
        p_oak.content = "<p>Hello, world started on Oak.</p>"
        p_oak.name = "Page A"
        p_oak.save()

        move_to_region(self.sf, pages=[p_sf])
        # Shouldn't have been moved.
        p = Page.objects.filter(region=self.sf, name="Page A")[0]
        self.assertEqual(p.content, "<p>Hello, world in SF.</p>")

    def test_move_with_fks(self):
        ###########################################################
        # Moving should carry along files and FK'ed items that
        # point to it.
        ###########################################################

        p = Page(region=self.sf)
        p.content = "<p>A page with files and a map in SF.</p>"
        p.name = "Page With FKs"
        p.save()
        # Create a file that points at the page.
        pf = PageFile(file=ContentFile("foo"), name="file.txt", slug=p.slug, region=self.sf)
        pf.save()
        # Create a redirect that points at the page.
        redirect = Redirect(source="foobar", destination=p, region=self.sf)
        redirect.save()
        # Create a map that points at the page.
        points = GEOSGeometry("""MULTIPOINT (-122.4378964233400069 37.7971758820830033, -122.3929211425700032 37.7688207875790027, -122.3908612060599950 37.7883584775320003, -122.4056240844700056 37.8013807351830025, -122.4148937988299934 37.8002956347170027, -122.4183270263600036 37.8051784612779969)""")
        map = MapData(points=points, page=p, region=self.sf)
        map.save()
        # Add tags to page
        tagset = PageTagSet(page=p, region=self.sf)
        tagset.save()
        tag = Tag(name="tag1", region=self.sf)
        tag.save()
        tagset.tags.add(tag)

        move_to_region(self.oak, pages=[p])

        # Check to see that the related objects were moved.
        p = Page.objects.get(name="Page With FKs", region=self.oak)
        self.assertEqual(len(MapData.objects.filter(page=p, region=self.oak)), 1)
        self.assertEqual(len(p.pagetagset.tags.all()), 1)
        self.assertEqual(len(Redirect.objects.filter(destination=p, region=self.oak)), 1)
        self.assertEqual(len(PageFile.objects.filter(slug=p.slug, region=self.oak)), 1)

        # Check to see that version history was moved as well
        self.assertEquals(p.versions.all().count(), 1)
        self.assertEqual(len(MapData.versions.filter(page=p, region=self.oak)), 1)
        for pts in p.pagetagset.tags.all():
            self.assertEqual(pts.versions.all().count(), 1)
        self.assertEqual(len(Redirect.versions.filter(destination=p, region=self.oak)), 1)
        self.assertEqual(len(PageFile.versions.filter(slug=p.slug, region=self.oak)), 1)

        # ..and that the page is no longer in the SF region
        self.assertFalse(Page.objects.filter(region=self.sf, name="Page With FKs").exists())

    def test_move_with_existing_file(self):
        p = Page(region=self.sf)
        p.content = "<p>A page w a file.</p>"
        p.name = "Page With File"
        p.save()
        # Create a file that points at the page.
        pf_sf = PageFile(name="file.txt", slug=p.slug, region=self.sf)
        pf_sf.file.save("file.txt", ContentFile("foo sf"))
        pf_sf.save()

        # Make the file already exist on oak
        pf_oak = PageFile(name="file.txt", slug=p.slug, region=self.oak)
        pf_oak.file.save("file.txt", ContentFile("foo oak"))
        pf_oak.save()

        move_to_region(self.oak, pages=[p])

        # The file shouldn't have been moved because it already exists at the
        # destination.

        pf = PageFile.objects.get(slug=p.slug, region=self.oak)
        self.assertEqual(pf_oak.file.name, pf.file.name)

    def test_move_redirects(self):
        p = Page(region=self.sf)
        p.content = "<p>A page.</p>"
        p.name = "Page content"
        p.save()

        redir = Redirect(
            source="short name",
            destination=p,
            region=self.sf)
        redir.save()

        move_to_region(self.oak, pages=[p], redirects=[redir])

        # Redirect should be in Oak
        self.assertEqual(Redirect.objects.filter(region=self.oak).count(), 1)
        
    def test_move_redirect_destination(self):
        # Destination page should be transparently moved if not specified
        p = Page(region=self.sf)
        p.content = "<p>A page.</p>"
        p.name = "Page content not moved directly"
        p.save()

        redir = Redirect(
            source="short name",
            destination=p,
            region=self.sf)
        redir.save()

        move_to_region(self.oak, redirects=[redir])

        # Redirect should be in Oak
        self.assertEqual(Redirect.objects.filter(region=self.oak).count(), 1)
        # ..and page
        self.assertTrue(Page.objects.filter(slug='page content not moved directly', region=self.oak).exists())

    def test_move_with_links(self):
        from links.models import Link

        other = Page(
            name="otherexists",
            content="<p>blah</p>",
            region=self.sf
        )
        other.save()

        p = Page(region=self.sf)
        p.content = '<p>A page <a href="otherexists">other</a> and <a href="otherdoesnotexist">other</a>.</p>'
        p.name = "Base page"
        p.save()

        move_to_region(self.oak, pages=[p])
        links = Link.objects.filter(source__slug='base page')
        self.assertEqual(len(links), 2)
        for link in links:
            self.assertEqual(link.source.region, self.oak)
            self.assertEqual(link.destination, None)
            self.assertEqual(link.region, self.oak)
 def setUp(self):
     self.region = Region(full_name='Test region', slug='test-region')
     self.region.save()
     self.context = {'region': self.region}
class FileAPITests(APITestCase):
    def setUp(self):
        super(FileAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf_region = Region(full_name='San Francisco', slug='sf')
        self.sf_region.save()
        self.oak_region = Region(full_name='Oakland', slug='oak')
        self.oak_region.save()

        p = Page(region=self.oak_region)
        p.content = '<p>Lake Merritt here</p>'
        p.name = 'Lake Merritt'
        p.save()
        self.lake_merritt = p

        p = Page(region=self.sf_region)
        p.content = '<p>Dolores Park here</p>'
        p.name = 'Dolores Park'
        p.save()
        self.dolores_park = p

        p = Page(region=self.sf_region)
        p.content = '<p>Duboce Park here</p>'
        p.name = 'Duboce Park'
        p.save()
        self.duboce_park = p

        pf = PageFile(name="file.txt", slug='duboce park', region=self.sf_region)
        pf.save()
        pf.file.save('file.txt', ContentFile('foo'))

        pf = PageFile(name="file_other.txt", slug='duboce park', region=self.sf_region)
        pf.save()
        pf.file.save('file_other.txt', ContentFile('foo2'))


    def test_basic_file_list(self):
        response = self.client.get('%s/files/' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 2)

    def test_basic_file_detail(self):
        response = self.client.get('%s/files/?slug=duboce%%20park&name=file.txt' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)
        self.assertEqual(jresp['results'][0]['name'], 'file.txt')

    def test_basic_file_post(self):
        self.client.force_authenticate(user=self.edit_user)

        # Test a multipart file post
        file = StringIO("foo hi")
        file.name = "test_new_hi.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi.txt',
            'slug': 'duboce park',
            'file': file,
        }
        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
        jresp = json.loads(resp.content)
        self.assertEqual(jresp['name'], 'test_new_hi.txt')

    def test_file_permissions(self):
        self.client.force_authenticate(user=self.edit_user)

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, self.dolores_park)

        # Now try and upload a file to it as edit_user
        file = StringIO("foo hi2")
        file.name = "test_new_hi3.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi3.txt',
            'slug': 'dolores park',
            'file': file,
        }
        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, self.dolores_park)

        file = StringIO("foo hi2")
        file.name = "test_new_hi3.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi3.txt',
            'slug': 'dolores park',
            'file': file,
        }

        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        ##################################################################################
        # Let's also test to see that a general 'ban' of a user restricts file upload
        ##################################################################################

        # First, ban from the region
        banned, created = BannedFromRegion.objects.get_or_create(region=self.sf_region)
        banned.users.add(self.edit_user)

        # Now try and upload a file as edit_user
        file = StringIO("foo hi4")
        file.name = "test_new_hi4.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi4.txt',
            'slug': 'dolores park',
            'file': file,
        }

        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        banned.users.remove(self.edit_user)

        file = StringIO("foo hi2")
        file.name = "test_new_hi4.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi4.txt',
            'slug': 'dolores park',
            'file': file,
        }

        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        data = {'name': 'Dolores Park', 'content': '<p>hi new content by edituser</p>', 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id)}
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        # Now, let's try a global ban using the banned group
        banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
        self.edit_user.groups.add(banned)

        # Now try and upload an image to the page as edit_user
        file = StringIO("foo hi2")
        file.name = "test_new_hi5.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi5.txt',
            'slug': 'dolores park',
            'file': file,
        }

        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        self.edit_user.groups.remove(banned)

        file = StringIO("foo hi5")
        file.name = "test_new_hi5.txt"

        data = {
            'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf_region.id),
            'name': 'test_new_hi5.txt',
            'slug': 'dolores park',
            'file': file,
        }

        resp = self.client.post('%s/files/' % self.API_ROOT, data)
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
class RedirectAPITests(APITestCase):
    def setUp(self):
        super(RedirectAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.dolores_park = Page(name="Dolores Park", content="<p>Hi</p>", region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park", content="<p>Hi</p>", region=self.sf)
        self.duboce_park.save()

        self.mission_dolores_park = Redirect(
            source="mission dolores park",
            destination=self.dolores_park,
            region=self.sf
        )
        self.mission_dolores_park.save()

        self.dog_park = Redirect(
            source="dog park",
            destination=self.duboce_park,
            region=self.sf
        )
        self.dog_park.save()

    def test_redirect_list(self):
        response = self.client.get('%s/redirects/' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 2)

    def test_redirect_simple_post(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'source': 'redirect from pg', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
        jresp = json.loads(resp.content)

        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)
        self.assertEqual(jresp['source'], 'redirect from pg')

    def test_redirect_destination_noexist(self):
        self.client.force_authenticate(user=self.edit_user)

        data = {'source': 'redirect from pg', 'destination': 'http://testserver%s/pages/3585484585/' % self.API_ROOT, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')

        self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)

    def test_destination_chained_filter(self):
        response = self.client.get('%s/redirects/?destination__slug__icontains=dolores' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_redirect_permissions(self):
        self.client.force_authenticate(user=self.edit_user)

        # We want to tie the redirect permissions should be tied to the
        # Redirect object -and- the Page object that's associated with the
        # redirect.   This is so that if, for instance, Page(name="Front Page")
        # is only editable by a certain group, creating a Redirect from
        # "Front Page" to somewhere is similarly protected.

        #####################################################################################
        # 1. Redirect already exists, redirects.change_redirect / redirects.delete_redirect
        #    should be checked.
        #####################################################################################

        # Make it so only edit_user_2 can edit the Mission Dolores Park redirect 
        assign_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)

        # Now try and update the "Mission Dolores Park" redirect as edit_user

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_redirect', self.edit_user_2, self.mission_dolores_park)

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        #####################################################################################
        # 2. Redirect doesn't exist yet but a `source` page does.
        #    pages.change_page should be checked.
        #####################################################################################

        # Let's create a page
        p = Page(
            name="Oasis",
            content="<p>Blah</p>",
            region=self.sf
        )
        p.save()

        # and then set permissions to restrict it from being edited by `edit_user`
        assign_perm('change_page', self.edit_user_2, p)

        # now let's try and create a redirect from "oasis" to "duboce park" as `edit_user`:

        data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, p)

        data = {'source': 'oasis', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/redirects/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        #####################################################################################
        ## Let's also test to see that a general 'ban' of a user restricts redirect creation
        #####################################################################################

        # First, ban from the region
        banned, created = BannedFromRegion.objects.get_or_create(region=self.sf)
        banned.users.add(self.edit_user)

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        banned.users.remove(self.edit_user)

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        # Now, let's try a global ban using the banned group
        banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
        self.edit_user.groups.add(banned)

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        ## Now remove the ban and it should work
        self.edit_user.groups.remove(banned)

        data = {'source': 'mission dolores park', 'destination': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.duboce_park.id), 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/redirects/%s/' % (self.API_ROOT, self.mission_dolores_park.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
class MapAPITests(APITestCase):
    def setUp(self):
        super(MapAPITests, self).setUp()

        # Create the edit user and add it to the authenticated group
        self.edit_user = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user.groups.add(all_group)
        self.edit_user.save()

        self.edit_user_2 = User(
            username="******", email="*****@*****.**", password="******")
        self.edit_user_2.save()
        all_group, created = Group.objects.get_or_create(name=settings.USERS_DEFAULT_GROUP)
        self.edit_user_2.groups.add(all_group)
        self.edit_user_2.save()

        self.sf = Region(full_name="San Francisco", slug="sf")
        self.sf.save()
        self.oak = Region(full_name="Oakland", slug="oak")
        self.oak.save()

        self.golden_gate_park = Page(name="Golden Gate Park", content="<p>Hi</p>", region=self.sf)
        self.golden_gate_park.save()

        self.dolores_park = Page(name="Dolores Park", content="<p>Hi</p>", region=self.sf)
        self.dolores_park.save()

        self.duboce_park = Page(name="Duboce Park", content="<p>Hi</p>", region=self.sf)
        self.duboce_park.save()

        self.dolores_park_map = MapData(page=self.dolores_park, region=self.sf)
        self.dolores_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [
          {
          "type": "Polygon",
          "coordinates": [
            [
              [
                -122.42835760116576,
                37.76128348360843
              ],
              [
                -122.42799282073973,
                37.75812815505155
              ],
              [
                -122.42591142654419,
                37.758297799795336
              ],
              [
                -122.42627620697021,
                37.761402229904654
              ],
              [
                -122.42835760116576,
                37.76128348360843
              ]
            ]
          ]
        }]
      }""")
        self.dolores_park_map.save()

        self.duboce_park_map = MapData(page=self.duboce_park, region=self.sf)
        self.duboce_park_map.geom = GEOSGeometry("""
        { "type": "GeometryCollection", "geometries": [

           {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.43505239486696,
                  37.770443352285376
                ],
                [
                  -122.43490219116211,
                  37.76917121614543
                ],
                [
                  -122.431640625,
                  37.769408683219545
                ],
                [
                  -122.43179082870485,
                  37.76991753866766
                ],
                [
                  -122.43460178375243,
                  37.769713996908635
                ],
                [
                  -122.43505239486696,
                  37.770443352285376
                ]
              ]
            ]
          } 

        ]
      }
      """)
        self.duboce_park_map.save()

    def test_map_list(self):
        response = self.client.get('%s/maps/' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 2)

    def test_map_simple_post(self):
        self.client.force_authenticate(user=self.edit_user)

        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.golden_gate_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/maps/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

    def test_page_chained_filter(self):
        response = self.client.get('%s/maps/?page__slug__icontains=dolores' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_geo_filter(self):
        response = self.client.get('%s/maps/?polys__contains={ "type": "Point", "coordinates": [ -122.42724180221558, 37.75988395932576 ] }' % self.API_ROOT)
        jresp = json.loads(response.content)
        self.assertEqual(len(jresp['results']), 1)

    def test_map_permissions(self):
        self.client.force_authenticate(user=self.edit_user)

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, self.dolores_park)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, self.dolores_park)

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        ##################################################################################
        # Let's also test a normal POST to a protected page which doesn't yet have a map
        ##################################################################################
        new_park = Page(name="New Park", content="<p>Hi</p>", region=self.sf)
        new_park.save()

        # Make it so only edit_user_2 can edit the Dolores Park page
        assign_perm('change_page', self.edit_user_2, new_park)

        # Now try and create the "New Park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/maps/' % self.API_ROOT, data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the permission and it should work
        remove_perm('change_page', self.edit_user_2, new_park)

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, new_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.post('%s/maps/' % self.API_ROOT, data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_201_CREATED)

        ##################################################################################
        # Let's also test to see that a general 'ban' of a user restricts map editing
        ##################################################################################

        # First, ban from the region
        banned, created = BannedFromRegion.objects.get_or_create(region=self.sf)
        banned.users.add(self.edit_user)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        banned.users.remove(self.edit_user)

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)

        # Now, let's try a global ban using the banned group
        banned = Group.objects.get(name=settings.USERS_BANNED_GROUP)
        self.edit_user.groups.add(banned)

        # Now try and update the "dolores park" map as edit_user
        geojson = """
        { "type": "GeometryCollection", "geometries": [
            {
            "type": "Polygon",
            "coordinates": [
              [
                [
                  -122.42835760116576,
                  37.76128348360843
                ],
                [
                  -122.42799282073973,
                  37.75812815505155
                ],
                [
                  -122.42591142654419,
                  37.758297799795336
                ],
                [
                  -122.42627620697021,
                  37.761402229904654
                ],
                [
                  -122.42835760116576,
                  37.76128348360843
                ]
              ]
            ]
          }]
        }"""

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertIn(resp.status_code, [status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN])

        # Now remove the ban and it should work
        self.edit_user.groups.remove(banned)

        data = {'page': 'http://testserver%s/pages/%s/' % (self.API_ROOT, self.dolores_park.id), 'geom': geojson, 'region': 'http://testserver%s/regions/%s/' % (self.API_ROOT, self.sf.id)}
        resp = self.client.put('%s/maps/%s/' % (self.API_ROOT, self.dolores_park_map.id), data, format='json')
        self.assertEqual(resp.status_code, status.HTTP_200_OK)
Esempio n. 49
0
class TagTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test Region', slug='test_region')
        self.region.save()
        
    def test_bad_tags(self):
        t = Tag(name='', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

        t = Tag(name='!', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

        t = Tag(name='/', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

        t = Tag(name=' ', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

        t = Tag(name='-', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

        t = Tag(name='!@#$%^&*()', region=self.region)
        self.failUnlessRaises(IntegrityError, t.save, t)

    def test_slug(self):
        t = Tag(name='Library of Congress', region=self.region)
        t.save()
        self.assertEqual(t.slug, 'libraryofcongress')

        t = Tag(name='Сочи 2014', region=self.region)
        t.save()
        self.assertEqual(t.slug, 'сочи2014'.decode('utf-8'))

    def test_fix_tags(self):
        """
        Test the `fix_tags` utility function.
        """
        from pages.models import Page
        from tags.tag_utils import fix_tags

        #########################
        # Create some test regions
        #########################
       
        sf = Region(full_name="San Francisco Test", slug='sftest')
        sf.save()

        mission = Region(full_name="Mission", slug="mission")
        mission.save()

        #########################
        # Create some test tags
        #########################

        park = Tag(name='park', region=sf)
        park.save()

        fun = Tag(name='fun', region=sf)
        fun.save()

        #########################
        # Add the tags to a test page
        #########################

        page = Page(name="Duboce Park", content="<p>Park.</p>", region=sf)
        page.save()

        pts = PageTagSet(
            page=page,
            region=sf
        )
        pts.save()
        pts.tags.add(park)
        pts.tags.add(fun)
        pts.save()

        # Now do something odd and make one of the referenced `Tag`s point
        # to a different region than the PageTagSet.
        fun.region = mission
        fun.save()

        self.assertTrue(pts.tags.filter(region=mission).exists())

        # Then attempt a fix:
        fix_tags(sf, PageTagSet.objects.filter(id=pts.id))

        pts = PageTagSet.objects.get(page=page, region=sf)
        self.assertFalse(pts.tags.filter(region=mission).exists())

        # Check that this is fixed in historical versions as well
        for pts_h in pts.versions.all():
            self.assertFalse(pts_h.tags.filter(region=mission).exists())
class PluginTest(TestCase):
    def setUp(self):
        self.region = Region(full_name='Test region', slug='test-region')
        self.region.save()
        self.context = {'region': self.region}

        self.old_allowed_src = getattr(settings, 'EMBED_ALLOWED_SRC', ['.*'])
        settings.EMBED_ALLOWED_SRC = [
            'http://www.youtube.com/embed/.*',
            'http://player.vimeo.com/video/.*'
        ]

    def tearDown(self):
        settings.EMBED_ALLOWED_SRC = self.old_allowed_src

    def test_include_tag(self):
        html = '<a class="plugin includepage" href="Front_Page">Front Page</a>'
        template_text = html_to_template_text(html, context=self.context)
        imports = ''.join(tag_imports)
        self.assertEqual(
            template_text, imports + ('<div class="included_page_wrapper">'
                                      '{% include_page "Front_Page" %}'
                                      '</div>'))

    def test_include_plugin(self):
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="Explore">dummy</a>'
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html, '<div class="included_page_wrapper"><p>Some text</p></div>')

    def test_include_plugin_utf8(self):
        a = Page(name='Front Page', region=self.region)
        a.content = (u'<a class="plugin includepage" '
                     u'href="青平台基金會">dummy</a>')
        a.save()

        b = Page(name=u'青平台基金會', region=self.region)
        b.content = u'<p>青平台基金會</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html, u'<div class="included_page_wrapper">'
            u'<p>青平台基金會</p></div>')

    def test_include_showtitle(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage includepage_showtitle"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(html,
                         ('<div class="included_page_wrapper">'
                          '<h2><a href="/test-region/Explore">Explore</a></h2>'
                          '<p>Some text</p>'
                          '</div>'))

    def test_include_left(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage includepage_left"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html, '<div class="included_page_wrapper includepage_left">'
            '<p>Some text</p></div>')

    def test_include_width(self):
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage" style="width: 100px"'
                     ' href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html, ('<div class="included_page_wrapper" style="width: 100px;">'
                   '<p>Some text</p></div>'))

    def test_include_nonexistant(self):
        """ Should give an error message when including nonexistant page
        """
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="New page">dummy</a>'
        a.save()
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.failUnless(('Unable to include <a href="/test-region/New_page"'
                         ' class="missing_link">New page</a>') in html)

    def test_endless_include(self):
        """ Should detect endless loops and give an error message
        """
        a = Page(name='Front Page', region=self.region)
        a.content = '<a class="plugin includepage" href="Front_Page">dummy</a>'
        a.save()
        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.failUnless(
            ('Unable to include <a href="/test-region/Front_Page">Front Page'
             '</a>: endless include loop') in html)

    def test_double_include(self):
        """ Multiple includes are ok
        """
        a = Page(name='Front Page', region=self.region)
        a.content = ('<a class="plugin includepage" href="Explore">dummy</a>'
                     '<a class="plugin includepage" href="Explore">dummy</a>')
        a.save()

        b = Page(name='Explore', region=self.region)
        b.content = '<p>Some text</p>'
        b.save()

        context = Context({'page': a, 'region': self.region})
        template = Template(html_to_template_text(a.content, context))
        html = template.render(context)
        self.assertEqual(
            html,
            ('<div class="included_page_wrapper"><p>Some text</p></div>'
             '<div class="included_page_wrapper"><p>Some text</p></div>'))

    def test_embed_tag(self):
        html = ('<span class="plugin embed">&lt;strong&gt;Hello&lt;/strong&gt;'
                '</span>')
        template_text = html_to_template_text(html)
        imports = ''.join(tag_imports)
        self.assertEqual(
            template_text,
            imports + ('{% embed_code %} &lt;strong&gt;Hello&lt;'
                       '/strong&gt; {% endembed_code %}'))

    def test_embed_whitelist_reject(self):
        html = ('<span class="plugin embed">&lt;iframe src="http://evil.com"'
                '&gt;&lt;/iframe&gt;</span>')
        template = Template(html_to_template_text(html))
        rendered = template.render(Context())
        self.failUnless(('The embedded URL is not on the list of approved '
                         'providers') in rendered)

    def test_embed_whitelist_accept(self):
        html = ('<span class="plugin embed">&lt;iframe '
                'src="http://www.youtube.com/embed/JVRsWAjvQSg"'
                '&gt;&lt;/iframe&gt;</span>')
        template = Template(html_to_template_text(html))
        rendered = template.render(Context())
        self.failUnless(
            '<iframe src="http://www.youtube.com/embed/JVRsWAjvQSg"></iframe>'
            in rendered)

    def test_amp_in_link_with_class(self):
        page = Page(name='Explore', region=self.region)
        html = ('<p><a class="external something" '
                'href="http://example.org/?t=1&amp;i=2">hi</a></p>')
        template = Template(html_to_template_text(html))
        rendered = template.render(
            Context({
                'page': page,
                'region': self.region
            }))
        self.failUnless('http://example.org/?t=1&amp;i=2' in rendered)

    def test_link_nofollow(self):
        # Regular
        page = Page(name='Explore', region=self.region)
        rf = RequestFactory()
        request = rf.get('/')
        content = ('<p><a href="http://example.org/">hi</a></p>')
        template = Template("""
{% load pages_tags %}
{% render_plugins content %}
        """)
        rendered = template.render(
            Context({
                'region': self.region,
                'request': request,
                'content': content,
                'page': page
            }))
        self.failUnless('http://example.org/' in rendered)
        self.assertTrue('nofollow' not in rendered)

        # Nofollow
        page = Page(name='Explore', region=self.region)
        rf = RequestFactory()
        request = rf.get('/')
        content = ('<p><a href="http://example.org/">hi</a></p>')
        template = Template("""
{% load pages_tags %}
{% render_plugins_nofollow content %}
        """)
        rendered = template.render(
            Context({
                'region': self.region,
                'request': request,
                'content': content,
                'page': page
            }))
        self.failUnless('http://example.org/' in rendered)
        self.assertTrue('nofollow' in rendered)