def test_hosting_preferences(db):
user1, token1 = generate_user(db)
user2, token2 = generate_user(db)
with api_session(db, token1) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user2.username))
assert not res.HasField("max_guests")
assert not res.HasField("multiple_groups")
assert not res.HasField("last_minute")
assert not res.HasField("accepts_pets")
assert not res.HasField("accepts_kids")
assert not res.HasField("wheelchair_accessible")
assert res.smoking_allowed == api_pb2.SMOKING_LOCATION_UNKNOWN
assert not res.HasField("sleeping_arrangement")
assert not res.HasField("area")
assert not res.HasField("house_rules")
api.UpdateProfile(
api_pb2.UpdateProfileReq(
max_guests=api_pb2.NullableUInt32Value(value=3),
wheelchair_accessible=api_pb2.NullableBoolValue(value=False),
smoking_allowed=api_pb2.SMOKING_LOCATION_WINDOW,
house_rules=api_pb2.NullableStringValue(value="RULES!"),
))
with api_session(db, token2) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user1.username))
assert res.max_guests.value == 3
assert not res.HasField("multiple_groups")
assert not res.HasField("last_minute")
assert not res.HasField("accepts_pets")
assert not res.HasField("accepts_kids")
assert not res.wheelchair_accessible.value
assert res.smoking_allowed == api_pb2.SMOKING_LOCATION_WINDOW
assert not res.HasField("sleeping_arrangement")
assert not res.HasField("area")
assert res.house_rules.value == "RULES!"
with api_session(db, token1) as api:
# test unsetting
api.UpdateProfile(
api_pb2.UpdateProfileReq(
max_guests=api_pb2.NullableUInt32Value(is_null=True),
wheelchair_accessible=api_pb2.NullableBoolValue(value=True),
smoking_allowed=api_pb2.SMOKING_LOCATION_UNKNOWN,
area=api_pb2.NullableStringValue(value="area!"),
house_rules=api_pb2.NullableStringValue(is_null=True),
))
res = api.GetUser(api_pb2.GetUserReq(user=user1.username))
assert not res.HasField("max_guests")
assert not res.HasField("multiple_groups")
assert not res.HasField("last_minute")
assert not res.HasField("accepts_pets")
assert not res.HasField("accepts_kids")
assert res.wheelchair_accessible.value
assert res.smoking_allowed == api_pb2.SMOKING_LOCATION_UNKNOWN
assert not res.HasField("sleeping_arrangement")
assert res.area.value == "area!"
assert not res.HasField("house_rules")
def test_GetHostRequest(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
user3, token3 = generate_user()
today_plus_2 = (today() + timedelta(days=2)).isoformat()
today_plus_3 = (today() + timedelta(days=3)).isoformat()
with requests_session(token1) as api:
host_request_id = api.CreateHostRequest(
requests_pb2.CreateHostRequestReq(
to_user_id=user2.id,
from_date=today_plus_2,
to_date=today_plus_3,
text="Test request 1")).host_request_id
with pytest.raises(grpc.RpcError) as e:
api.GetHostRequest(
requests_pb2.GetHostRequestReq(host_request_id=999))
assert e.value.code() == grpc.StatusCode.NOT_FOUND
assert e.value.details() == errors.HOST_REQUEST_NOT_FOUND
api.SendHostRequestMessage(
requests_pb2.SendHostRequestMessageReq(
host_request_id=host_request_id, text="Test message 1"))
res = api.GetHostRequest(
requests_pb2.GetHostRequestReq(host_request_id=host_request_id))
assert res.latest_message.text.text == "Test message 1"
def test_tracing_interceptor_auth_api_key(db):
super_user, super_token = generate_user(is_superuser=True)
user, token = generate_user()
with real_admin_session(super_token) as api:
api.CreateApiKey(admin_pb2.CreateApiKeyReq(user=user.username))
with session_scope() as session:
api_session = session.execute(select(UserSession).where(UserSession.is_api_key == True)).scalar_one()
api_key = api_session.token
account = Account()
rpc_def = {
"rpc": account.GetAccountInfo,
"service_name": "org.couchers.api.account.Account",
"method_name": "GetAccountInfo",
"interceptors": [TracingInterceptor(), AuthValidatorInterceptor()],
"request_type": empty_pb2.Empty,
"response_type": account_pb2.GetAccountInfoRes,
}
# with api key
with interceptor_dummy_api(**rpc_def, creds=grpc.local_channel_credentials()) as call_rpc:
res1 = call_rpc(empty_pb2.Empty(), metadata=(("authorization", f"Bearer {api_key}"),))
assert res1.username == user.username
with session_scope() as session:
trace = session.execute(select(APICall)).scalar_one()
assert trace.method == "/org.couchers.api.account.Account/GetAccountInfo"
assert not trace.status_code
assert trace.user_id == user.id
assert trace.is_api_key
assert len(trace.request) == 0
assert not trace.traceback
def test_report_email(db):
with session_scope():
user_author, api_token_author = generate_user()
user_reported, api_token_reported = generate_user()
complaint = Complaint(author_user=user_author,
reported_user=user_reported,
reason=random_hex(64),
description=random_hex(256))
with patch("couchers.email.queue_email") as mock:
send_report_email(complaint)
assert mock.call_count == 1
(sender_name, sender_email, recipient, subject, plain,
html), _ = mock.call_args
assert recipient == "*****@*****.**"
assert complaint.author_user.username in plain
assert complaint.author_user.username in html
assert complaint.reported_user.username in plain
assert complaint.reported_user.username in html
assert complaint.reason in plain
assert complaint.reason in html
assert complaint.description in plain
assert complaint.description in html
assert "report" in subject.lower()
def test_friend_request_email(db):
with session_scope() as session:
to_user, api_token_to = generate_user()
# little trick here to get the upload correctly without invalidating users
key = random_hex(32)
filename = random_hex(32) + ".jpg"
session.add(
Upload(
key=key,
filename=filename,
creator_user_id=to_user.id,
)
)
session.commit()
from_user, api_token_from = generate_user(avatar_key=key)
friend_relationship = FriendRelationship(from_user=from_user, to_user=to_user, status=FriendStatus.pending)
session.add(friend_relationship)
with patch("couchers.email.queue_email") as mock:
send_friend_request_email(friend_relationship)
assert mock.call_count == 1
(sender_name, sender_email, recipient, subject, plain, html), _ = mock.call_args
assert recipient == to_user.email
assert "friend" in subject.lower()
assert to_user.name in plain
assert to_user.name in html
assert from_user.name in subject
assert from_user.name in plain
assert from_user.name in html
assert from_user.avatar.thumbnail_url not in plain
assert from_user.avatar.thumbnail_url in html
assert f"{config['BASE_URL']}/connections/friends/" in plain
assert f"{config['BASE_URL']}/connections/friends/" in html
def test_BlockUser(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
with session_scope() as session:
blocked_user_list = (
session.execute(select(UserBlock).where(UserBlock.blocking_user_id == user1.id)).scalars().all()
)
assert len(blocked_user_list) == 0
with blocking_session(token1) as user_blocks:
with pytest.raises(grpc.RpcError) as e:
user_blocks.BlockUser(blocking_pb2.BlockUserReq(username=user1.username))
assert e.value.code() == grpc.StatusCode.INVALID_ARGUMENT
assert e.value.details() == errors.CANT_BLOCK_SELF
user_blocks.BlockUser(blocking_pb2.BlockUserReq(username=user2.username))
with pytest.raises(grpc.RpcError) as e:
user_blocks.BlockUser(blocking_pb2.BlockUserReq(username=user2.username))
assert e.value.code() == grpc.StatusCode.INVALID_ARGUMENT
assert e.value.details() == errors.USER_ALREADY_BLOCKED
with session_scope() as session:
blocked_user_list = (
session.execute(select(UserBlock).where(UserBlock.blocking_user_id == user1.id)).scalars().all()
)
assert len(blocked_user_list) == 1
def test_report_email(db):
with session_scope(db):
user_author, api_token_author = generate_user(db)
user_reported, api_token_reported = generate_user(db)
complaint = Complaint(author_user=user_author,
reported_user=user_reported,
reason=random_hex(64),
description=random_hex(256))
message_id = random_hex(64)
@create_autospec
def mock_send_email(sender_name, sender_email, recipient, subject,
plain, html):
assert recipient == "*****@*****.**"
assert complaint.author_user.username in plain
assert complaint.author_user.username in html
assert complaint.reported_user.username in plain
assert complaint.reported_user.username in html
assert complaint.reason in plain
assert complaint.reason in html
assert complaint.description in plain
assert complaint.description in html
assert "report" in subject.lower()
return message_id
with patch("couchers.email.send_email", mock_send_email) as mock:
send_report_email(complaint)
assert mock.call_count == 1
def test_list_other_user_guides(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
with session_scope() as session:
c_id = create_community(session, 0, 2, "Root node", [user1], [],
None).id
with pages_session(token1) as api:
guide1_id = api.CreateGuide(
pages_pb2.CreateGuideReq(
title="dummy title",
content="dummy content",
address="dummy address",
location=pages_pb2.Coordinate(
lat=1,
lng=1,
),
parent_community_id=c_id,
)).page_id
guide2_id = api.CreateGuide(
pages_pb2.CreateGuideReq(
title="dummy title 2",
content="dummy content 2",
address="dummy address 2",
location=pages_pb2.Coordinate(
lat=1,
lng=1,
),
parent_community_id=c_id,
)).page_id
with pages_session(token2) as api:
res = api.ListUserGuides(pages_pb2.ListUserGuidesReq(user_id=user1.id))
assert [p.page_id for p in res.guides] == [guide1_id, guide2_id]
def test_mutual_friends_self(db):
user1, token1 = generate_user("user1")
user2, token2 = generate_user("user2")
user3, token3 = generate_user("user3")
user4, token4 = generate_user("user4")
make_friends(user1, user2)
make_friends(user2, user3)
make_friends(user1, user4)
with api_session(token1) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user3.username))
assert len(res.mutual_friends) == 1
assert res.mutual_friends[0].user_id == user2.id
with api_session(token3) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user1.username))
assert len(res.mutual_friends) == 1
assert res.mutual_friends[0].user_id == user2.id
with api_session(token1) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user1.username))
assert len(res.mutual_friends) == 0
with api_session(token2) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user2.username))
assert len(res.mutual_friends) == 0
with api_session(token3) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user3.username))
assert len(res.mutual_friends) == 0
with api_session(token4) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user4.username))
assert len(res.mutual_friends) == 0
def test_friend_request_email(db):
with session_scope(db) as session:
from_user, api_token_from = generate_user(db)
to_user, api_token_to = generate_user(db)
friend_relationship = FriendRelationship(from_user=from_user,
to_user=to_user,
status=FriendStatus.pending)
message_id = random_hex(64)
@create_autospec
def mock_send_email(sender_name, sender_email, recipient, subject,
plain, html):
assert recipient == to_user.email
assert "friend" in subject.lower()
assert to_user.name in plain
assert to_user.name in html
assert from_user.name in subject
assert from_user.name in plain
assert from_user.name in html
assert from_user.avatar_url not in plain
assert from_user.avatar_url in html
assert f"{config['BASE_URL']}/friends/" in plain
assert f"{config['BASE_URL']}/friends/" in html
return message_id
with patch("couchers.email.send_email", mock_send_email) as mock:
send_friend_request_email(friend_relationship)
assert mock.call_count == 1
def test_jail_basic(db):
user1, token1 = generate_user(db)
with real_api_session(db, token1) as api:
res = api.Ping(api_pb2.PingReq())
with real_jail_session(db, token1) as jail:
res = jail.JailInfo(empty_pb2.Empty())
# check every field is false
for field in res.DESCRIPTOR.fields:
assert getattr(res, field.name) == False
assert not res.jailed
# make the user jailed
user2, token2 = generate_user(db, accepted_tos=0)
with real_api_session(db,
token2) as api, pytest.raises(grpc.RpcError) as e:
res = api.Ping(api_pb2.PingReq())
assert e.value.code() == grpc.StatusCode.UNAUTHENTICATED
with real_jail_session(db, token2) as jail:
res = jail.JailInfo(empty_pb2.Empty())
assert res.jailed
reason_count = 0
# check at least one field is true
for field in res.DESCRIPTOR.fields:
reason_count += getattr(res, field.name) == True
assert reason_count > 0
def test_regression_search_in_area(db):
"""
Makes sure search_in_area works.
At the equator/prime meridian intersection (0,0), one degree is roughly 111 km.
"""
# outside
user1, token1 = generate_user(geom=create_coordinate(1, 0),
geom_radius=100)
# outside
user2, token2 = generate_user(geom=create_coordinate(0, 1),
geom_radius=100)
# inside
user3, token3 = generate_user(geom=create_coordinate(0.1, 0),
geom_radius=100)
# inside
user4, token4 = generate_user(geom=create_coordinate(0, 0.1),
geom_radius=100)
# outside
user5, token5 = generate_user(geom=create_coordinate(10, 10),
geom_radius=100)
with search_session(token5) as api:
res = api.UserSearch(
search_pb2.UserSearchReq(search_in_area=search_pb2.Area(
lat=0,
lng=0,
radius=100000,
)))
assert [result.user.user_id
for result in res.results] == [user3.id, user4.id]
def test_CreateApiKey(db):
with session_scope() as session:
super_user, super_token = generate_user(is_superuser=True)
normal_user, normal_token = generate_user()
assert (session.execute(
select(func.count()).select_from(UserSession).where(
UserSession.is_api_key == True).where(
UserSession.user_id == normal_user.id)).scalar_one() == 0)
with patch("couchers.email.enqueue_email_from_template") as mock:
with real_admin_session(super_token) as api:
res = api.CreateApiKey(
admin_pb2.CreateApiKeyReq(user=normal_user.username))
with session_scope() as session:
api_key = session.execute(
select(UserSession).where(UserSession.is_valid).where(
UserSession.is_api_key == True).where(
UserSession.user_id == normal_user.id)).scalar_one()
assert mock.called_once_with(
normal_user.email,
"api_key",
template_args={
"user": normal_user,
"token": api_key.token,
"expiry": api_key.expiry
},
)
def test_get_host_request(db):
user1, token1 = generate_user(db)
user2, token2 = generate_user(db)
user3, token3 = generate_user(db)
today_plus_2 = (now() + timedelta(days=2)).strftime("%Y-%m-%d")
today_plus_3 = (now() + timedelta(days=3)).strftime("%Y-%m-%d")
with requests_session(db, token1) as api:
host_request_id = api.CreateHostRequest(
requests_pb2.CreateHostRequestReq(
to_user_id=user2.id,
from_date=today_plus_2,
to_date=today_plus_3,
text="Test request 1")).host_request_id
with pytest.raises(grpc.RpcError) as e:
api.GetHostRequest(
requests_pb2.GetHostRequestReq(host_request_id=999))
assert e.value.code() == grpc.StatusCode.NOT_FOUND
api.SendHostRequestMessage(
requests_pb2.SendHostRequestMessageReq(
host_request_id=host_request_id, text="Test message 1"))
res = api.GetHostRequest(
requests_pb2.GetHostRequestReq(host_request_id=host_request_id))
assert res.latest_message.text.text == "Test message 1"
def test_friend_request_accepted_email(db):
with session_scope() as session:
from_user, api_token_from = generate_user()
to_user, api_token_to = generate_user()
key = random_hex(32)
filename = random_hex(32) + ".jpg"
session.add(
Upload(
key=key,
filename=filename,
creator_user_id=from_user.id,
)
)
session.commit()
to_user, api_token_to = generate_user(avatar_key=key)
friend_relationship = FriendRelationship(from_user=from_user, to_user=to_user, status=FriendStatus.accepted)
session.add(friend_relationship)
with patch("couchers.email.queue_email") as mock:
send_friend_request_accepted_email(friend_relationship)
assert mock.call_count == 1
(sender_name, sender_email, recipient, subject, plain, html), _ = mock.call_args
assert recipient == from_user.email
assert "friend" in subject.lower()
assert from_user.name in plain
assert from_user.name in html
assert to_user.name in subject
assert to_user.name in plain
assert to_user.name in html
assert to_user.avatar.thumbnail_url not in plain
assert to_user.avatar.thumbnail_url in html
assert f"{config['BASE_URL']}/user/{to_user.username}" in plain
assert f"{config['BASE_URL']}/user/{to_user.username}" in html
def test_mutual_friends_self(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
user3, token3 = generate_user()
user4, token4 = generate_user()
make_friends(user1, user2)
make_friends(user2, user3)
make_friends(user1, user4)
with api_session(token1) as api:
res = api.ListMutualFriends(
api_pb2.ListMutualFriendsReq(user_id=user1.id))
assert len(res.mutual_friends) == 0
with api_session(token2) as api:
res = api.ListMutualFriends(
api_pb2.ListMutualFriendsReq(user_id=user2.id))
assert len(res.mutual_friends) == 0
with api_session(token3) as api:
res = api.ListMutualFriends(
api_pb2.ListMutualFriendsReq(user_id=user3.id))
assert len(res.mutual_friends) == 0
with api_session(token4) as api:
res = api.ListMutualFriends(
api_pb2.ListMutualFriendsReq(user_id=user4.id))
assert len(res.mutual_friends) == 0
def test_list_host_requests_active_filter(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
today_plus_2 = (today() + timedelta(days=2)).isoformat()
today_plus_3 = (today() + timedelta(days=3)).isoformat()
with requests_session(token1) as api:
request_id = api.CreateHostRequest(
requests_pb2.CreateHostRequestReq(
to_user_id=user2.id,
from_date=today_plus_2,
to_date=today_plus_3,
text="Test request 1")).host_request_id
api.RespondHostRequest(
requests_pb2.RespondHostRequestReq(
host_request_id=request_id,
status=conversations_pb2.HOST_REQUEST_STATUS_CANCELLED))
with requests_session(token2) as api:
res = api.ListHostRequests(
requests_pb2.ListHostRequestsReq(only_received=True))
assert len(res.host_requests) == 1
res = api.ListHostRequests(
requests_pb2.ListHostRequestsReq(only_active=True))
assert len(res.host_requests) == 0
def test_process_send_message_notifications_seen(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
make_friends(user1, user2)
process_send_message_notifications(empty_pb2.Empty())
# should find no jobs, since there's no messages
with session_scope() as session:
assert session.query(BackgroundJob).filter(
BackgroundJob.job_type ==
BackgroundJobType.send_email).count() == 0
with conversations_session(token1) as c:
group_chat_id = c.CreateGroupChat(
conversations_pb2.CreateGroupChatReq(
recipient_user_ids=[user2.id])).group_chat_id
c.SendMessage(
conversations_pb2.SendMessageReq(group_chat_id=group_chat_id,
text="Test message 1"))
c.SendMessage(
conversations_pb2.SendMessageReq(group_chat_id=group_chat_id,
text="Test message 2"))
c.SendMessage(
conversations_pb2.SendMessageReq(group_chat_id=group_chat_id,
text="Test message 3"))
c.SendMessage(
conversations_pb2.SendMessageReq(group_chat_id=group_chat_id,
text="Test message 4"))
# user 2 now marks those messages as seen
with conversations_session(token2) as c:
m_id = c.GetGroupChat(
conversations_pb2.GetGroupChatReq(
group_chat_id=group_chat_id)).latest_message.message_id
c.MarkLastSeenGroupChat(
conversations_pb2.MarkLastSeenGroupChatReq(
group_chat_id=group_chat_id, last_seen_message_id=m_id))
process_send_message_notifications(empty_pb2.Empty())
# no emails sent out
with session_scope() as session:
assert session.query(BackgroundJob).filter(
BackgroundJob.job_type ==
BackgroundJobType.send_email).count() == 0
def now_30_min_in_future():
return now() + timedelta(minutes=30)
# still shouldn't generate emails as user2 has seen all messages
with patch("couchers.jobs.handlers.now", now_30_min_in_future):
process_send_message_notifications(empty_pb2.Empty())
with session_scope() as session:
assert session.query(BackgroundJob).filter(
BackgroundJob.job_type ==
BackgroundJobType.send_email).count() == 0
def test_AcceptCommunityGuidelines(db):
# make them have not accepted GC
user1, token1 = generate_user(accepted_community_guidelines=0)
with real_jail_session(token1) as jail:
res = jail.JailInfo(empty_pb2.Empty())
assert res.jailed
assert res.has_not_accepted_community_guidelines
# make sure we can't unaccept
with pytest.raises(grpc.RpcError) as e:
res = jail.AcceptCommunityGuidelines(
jail_pb2.AcceptCommunityGuidelinesReq(accept=False))
assert e.value.code() == grpc.StatusCode.FAILED_PRECONDITION
assert e.value.details() == errors.CANT_UNACCEPT_COMMUNITY_GUIDELINES
res = jail.JailInfo(empty_pb2.Empty())
assert res.jailed
assert res.has_not_accepted_community_guidelines
# now accept
res = jail.AcceptCommunityGuidelines(
jail_pb2.AcceptCommunityGuidelinesReq(accept=True))
res = jail.JailInfo(empty_pb2.Empty())
assert not res.jailed
assert not res.has_not_accepted_community_guidelines
# make sure we can't unaccept
with pytest.raises(grpc.RpcError) as e:
res = jail.AcceptCommunityGuidelines(
jail_pb2.AcceptCommunityGuidelinesReq(accept=False))
assert e.value.code() == grpc.StatusCode.FAILED_PRECONDITION
assert e.value.details() == errors.CANT_UNACCEPT_COMMUNITY_GUIDELINES
# make them have accepted GC
user2, token2 = generate_user()
with real_jail_session(token2) as jail:
res = jail.JailInfo(empty_pb2.Empty())
assert not res.jailed
assert not res.has_not_accepted_community_guidelines
# make sure we can't unaccept
with pytest.raises(grpc.RpcError) as e:
res = jail.AcceptCommunityGuidelines(
jail_pb2.AcceptCommunityGuidelinesReq(accept=False))
assert e.value.code() == grpc.StatusCode.FAILED_PRECONDITION
assert e.value.details() == errors.CANT_UNACCEPT_COMMUNITY_GUIDELINES
# accepting again doesn't do anything
res = jail.AcceptCommunityGuidelines(
jail_pb2.AcceptCommunityGuidelinesReq(accept=True))
res = jail.JailInfo(empty_pb2.Empty())
assert not res.jailed
assert not res.has_not_accepted_community_guidelines
def test_get_user(db):
user1, token1 = generate_user(db)
user2, token2 = generate_user(db)
with api_session(db, token1) as api:
res = api.GetUser(api_pb2.GetUserReq(user=user2.username))
assert res.user_id == user2.id
assert res.username == user2.username
assert res.name == user2.name
def test_GetChats(db):
with session_scope() as session:
super_user, super_token = generate_user(is_superuser=True)
normal_user, normal_token = generate_user()
with real_admin_session(super_token) as api:
res = api.GetChats(
admin_pb2.GetChatsReq(user=normal_user.username))
assert res.response
def test_host_request_email(db):
with session_scope() as session:
to_user, api_token_to = generate_user()
# little trick here to get the upload correctly without invalidating users
key = random_hex(32)
filename = random_hex(32) + ".jpg"
session.add(
Upload(
key=key,
filename=filename,
creator_user_id=to_user.id,
))
session.commit()
from_user, api_token_from = generate_user(avatar_key=key)
from_date = "2020-01-01"
to_date = "2020-01-05"
conversation = Conversation()
message = Message(
conversation=conversation,
author_id=from_user.id,
text=random_hex(64),
message_type=MessageType.text,
)
host_request = HostRequest(
conversation=conversation,
from_user=from_user,
to_user=to_user,
from_date=from_date,
to_date=to_date,
status=HostRequestStatus.pending,
from_last_seen_message_id=message.id,
)
session.add(host_request)
with patch("couchers.email.queue_email") as mock:
send_host_request_email(host_request)
assert mock.call_count == 1
(sender_name, sender_email, recipient, subject, plain,
html), _ = mock.call_args
assert recipient == to_user.email
assert "host request" in subject.lower()
assert to_user.name in plain
assert to_user.name in html
assert from_user.name in plain
assert from_user.name in html
assert from_date in plain
assert from_date in html
assert to_date in plain
assert to_date in html
assert from_user.avatar.thumbnail_url not in plain
assert from_user.avatar.thumbnail_url in html
assert f"{config['BASE_URL']}/messages/hosting/" in plain
assert f"{config['BASE_URL']}/messages/hosting/" in html
def test_owner_not_moderator(db):
"""
You can be the owner of content yet not have moderation rights
"""
user1, token1 = generate_user()
user2, token2 = generate_user()
with session_scope() as session:
c_id = create_community(session, 0, 2, "Root node", [user1], [],
None).id
# user2 makes page, is owner but not moderator, so can edit, not moderate
with pages_session(token2) as api:
res = api.CreatePlace(
pages_pb2.CreatePlaceReq(
title="dummy title",
content="dummy content",
address="dummy address",
location=pages_pb2.Coordinate(
lat=1,
lng=1,
),
))
assert res.title == "dummy title"
assert res.content == "dummy content"
assert res.address == "dummy address"
assert res.location.lat == 1
assert res.location.lng == 1
assert res.slug == "dummy-title"
assert res.last_editor_user_id == user2.id
assert res.creator_user_id == user2.id
assert res.owner_user_id == user2.id
assert not res.owner_community_id
assert not res.owner_group_id
assert res.editor_user_ids == [user2.id]
assert res.can_edit
assert not res.can_moderate
page_id = res.page_id
# user1 is not owner so can't edit but can moderate
with pages_session(token1) as api:
res = api.GetPage(pages_pb2.GetPageReq(page_id=page_id))
assert res.title == "dummy title"
assert res.content == "dummy content"
assert res.address == "dummy address"
assert res.location.lat == 1
assert res.location.lng == 1
assert res.slug == "dummy-title"
assert res.last_editor_user_id == user2.id
assert res.creator_user_id == user2.id
assert res.owner_user_id == user2.id
assert not res.owner_community_id
assert not res.owner_group_id
assert res.editor_user_ids == [user2.id]
assert not res.can_edit
assert res.can_moderate
def test_friend_request_flow(db):
user1, token1 = generate_user("user1")
user2, token2 = generate_user("user2")
user3, token3 = generate_user("user3")
# send friend request from user1 to user2
with api_session(token1) as api:
api.SendFriendRequest(api_pb2.SendFriendRequestReq(user_id=user2.id))
# check it went through
res = api.ListFriendRequests(empty_pb2.Empty())
assert len(res.sent) == 1
assert len(res.received) == 0
assert res.sent[
0].state == api_pb2.FriendRequest.FriendRequestStatus.PENDING
assert res.sent[0].user_id == user2.id
with api_session(token2) as api:
# check it's there
res = api.ListFriendRequests(empty_pb2.Empty())
assert len(res.sent) == 0
assert len(res.received) == 1
assert res.received[
0].state == api_pb2.FriendRequest.FriendRequestStatus.PENDING
assert res.received[0].user_id == user1.id
fr_id = res.received[0].friend_request_id
# accept it
api.RespondFriendRequest(
api_pb2.RespondFriendRequestReq(friend_request_id=fr_id,
accept=True))
# check it's gone
res = api.ListFriendRequests(empty_pb2.Empty())
assert len(res.sent) == 0
assert len(res.received) == 0
# check we're friends now
res = api.ListFriends(empty_pb2.Empty())
assert len(res.user_ids) == 1
assert res.user_ids[0] == user1.id
with api_session(token1) as api:
# check it's gone
res = api.ListFriendRequests(empty_pb2.Empty())
assert len(res.sent) == 0
assert len(res.received) == 0
# check we're friends now
res = api.ListFriends(empty_pb2.Empty())
assert len(res.user_ids) == 1
assert res.user_ids[0] == user2.id
def test_cant_friend_request_pending(db):
user1, token1 = generate_user("user1")
user2, token2 = generate_user("user2")
user3, token3 = generate_user("user3")
# send friend request from user1 to user2
with api_session(token1) as api:
api.SendFriendRequest(api_pb2.SendFriendRequestReq(user_id=user2.id))
with api_session(token2) as api, pytest.raises(grpc.RpcError):
api.SendFriendRequest(api_pb2.SendFriendRequestReq(user_id=user1.id))
def test_ListReference_banned_deleted_users(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
user3, token3 = generate_user()
with session_scope() as session:
create_friend_reference(session, user2.id, user1.id,
timedelta(days=15))
create_friend_reference(session, user3.id, user1.id,
timedelta(days=16))
create_friend_reference(session, user1.id, user2.id,
timedelta(days=15))
create_friend_reference(session, user1.id, user3.id,
timedelta(days=16))
with references_session(token1) as api:
refs_rec = api.ListReferences(
references_pb2.ListReferencesReq(to_user_id=user1.id)).references
refs_sent = api.ListReferences(
references_pb2.ListReferencesReq(from_user_id=user1.id)).references
assert len(refs_rec) == 2
assert len(refs_sent) == 2
# ban user2
with session_scope() as session:
user2 = session.execute(
select(User).where(User.username == user2.username)).scalar_one()
user2.is_banned = True
session.commit()
# reference to and from banned user is hidden
with references_session(token1) as api:
refs_rec = api.ListReferences(
references_pb2.ListReferencesReq(to_user_id=user1.id)).references
refs_sent = api.ListReferences(
references_pb2.ListReferencesReq(from_user_id=user1.id)).references
assert len(refs_rec) == 1
assert len(refs_sent) == 1
# delete user3
with session_scope() as session:
user3 = session.execute(
select(User).where(User.username == user3.username)).scalar_one()
user3.is_deleted = True
session.commit()
# doesn't change; references to and from deleted users remain
with references_session(token1) as api:
refs_rec = api.ListReferences(
references_pb2.ListReferencesReq(to_user_id=user1.id)).references
refs_sent = api.ListReferences(
references_pb2.ListReferencesReq(from_user_id=user1.id)).references
assert len(refs_rec) == 1
assert len(refs_sent) == 1
def test_make_user_block(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
make_user_block(user1, user2)
with session_scope() as session:
blocked_user_list = (
session.execute(select(UserBlock).where(UserBlock.blocking_user_id == user1.id)).scalars().all()
)
assert len(blocked_user_list) == 1
def test_invalid_token(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
wrong_token = random_hex(32)
with real_api_session(wrong_token) as api, pytest.raises(
grpc.RpcError) as e:
res = api.GetUser(api_pb2.GetUserReq(user=user2.username))
assert e.value.code() == grpc.StatusCode.UNAUTHENTICATED
assert e.value.details() == "Unauthorized"
def test_search(db):
user1, token1 = generate_user(db, "user1")
user2, token2 = generate_user(db, "user2")
user3, token3 = generate_user(db, "user3")
user4, token4 = generate_user(db, "user4")
with api_session(db, token1) as api:
res = api.Search(api_pb2.SearchReq(query="user"))
assert len(res.users) == 4
res = api.Search(api_pb2.SearchReq(query="user5"))
assert len(res.users) == 0
def test_relationships_userblock_dot_user(db):
user1, token1 = generate_user()
user2, token2 = generate_user()
make_user_block(user1, user2)
with session_scope() as session:
block = session.execute(
select(UserBlock).where((UserBlock.blocking_user_id == user1.id) & (UserBlock.blocked_user_id == user2.id))
).scalar_one_or_none()
assert block.blocking_user.username == user1.username
assert block.blocked_user.username == user2.username
