def test_flash(user_id):
# Execute the first request flash some message
with application_and_request_context(), login.UserSessionContext(user_id):
session_id = on_succeeded_login(user_id) # Create and activate session
assert session is not None
flash("abc")
assert session.session_info.flashes == ["abc"]
# Now create the second request to get the previously flashed message
with application_and_request_context(), login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert session is not None
assert session.session_info.flashes == ["abc"]
# Get the flashed messages removes the messages from the session
# and subsequent calls to get_flashed_messages return the messages
# over and over.
assert get_flashed_messages() == [HTML("abc")]
assert get_flashed_messages() == [HTML("abc")]
assert session.session_info.flashes == []
# Now create the third request that should not have access to the flashed messages since the
# second one consumed them.
with application_and_request_context(), login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert session is not None
assert session.session_info.flashes == []
assert get_flashed_messages() == []
def test_flash_dont_escape_html(user_id, request_context):
now = datetime.now()
with login.UserSessionContext(user_id):
on_succeeded_login(user_id, now) # Create and activate session
flash(HTML("<script>aaa</script>"))
assert get_flashed_messages() == [HTML("<script>aaa</script>")]
def test_flash_escape_html_in_str(user_id, module_wide_request_context):
with login.UserSessionContext(user_id):
on_succeeded_login(user_id) # Create and activate session
flash("<script>aaa</script>")
assert get_flashed_messages() == [
HTML("<script>aaa</script>")
]
def test_flash(user_id):
environ = create_environ()
# Execute the first request flash some message
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))) as request, \
login.UserSessionContext(user_id):
session_id = on_succeeded_login(user_id) # Create and activate session
assert request.session is not None
flash("abc")
assert session.session_info.flashes == ["abc"]
# Now create the second request to get the previously flashed message
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))), \
login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert request.session is not None
assert session.session_info.flashes == ["abc"]
# Get the flashed messages removes the messages from the session
# and subsequent calls to get_flashed_messages return the messages
# over and over.
assert get_flashed_messages() == [HTML("abc")]
assert get_flashed_messages() == [HTML("abc")]
assert session.session_info.flashes == []
# Now create the third request that should not have access to the flashed messages since the
# second one consumed them.
with AppContext(DummyApplication(environ, None)), \
RequestContext(htmllib.html(http.Request(environ))), \
login.UserSessionContext(user_id):
on_access(user_id, session_id)
assert request.session is not None
assert session.session_info.flashes == []
assert get_flashed_messages() == []
def with_admin_login(with_admin):
user_id = with_admin[0]
with login.UserSessionContext(user_id):
yield user_id
def with_user_login(with_user):
user_id = with_user[0]
with login.UserSessionContext(user_id):
yield user_id
def with_admin_login(with_admin: tuple[UserId, str]) -> Iterator[UserId]:
user_id = with_admin[0]
with login.UserSessionContext(user_id):
yield user_id
