def test_thread_can_access_implicit_forum(app, authed_client): db.engine.execute( "DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'") add_permissions(app, 'forumaccess_forum_1') thread = ForumThread.from_pk(1) assert thread.id == 1 assert thread.topic == 'New Site'
def test_delete_category_with_forums(app, authed_client): add_permissions(app, 'forums_view', 'forums_forums_modify') response = authed_client.delete('/forums/categories/1') check_json_response( response, 'You cannot delete a forum category while it still has forums assigned to it.', )
def test_edit_forum(app, authed_client): add_permissions(app, 'forums_view', 'forums_forums_modify') response = authed_client.put( '/forums/1', data=json.dumps({ 'name': 'Bite', 'description': 'Very New Description', 'category_id': 4, }), ) check_json_response( response, { 'id': 1, 'name': 'Bite', 'description': 'Very New Description' }, ) print(response.get_json()) assert response.get_json()['response']['category']['id'] == 4 forum = Forum.from_pk(1) assert forum.id == 1 assert forum.name == 'Bite' assert forum.description == 'Very New Description' assert forum.category_id == 4
def test_users_edit_settings_others(app, authed_client): add_permissions(app, 'users_edit_settings', 'users_change_password', 'users_moderate') response = authed_client.put('/users/settings', query_string={'user_id': 2}, data=json.dumps({})) check_json_response(response, 'Settings updated.', strict=True)
def test_add_members_to_conversation_already_in(app, authed_client): add_permissions(app, MessagePermissions.MULTI_USER) response = authed_client.post('/messages/1/members', data=json.dumps({'user_ids': [2, 4] })).get_json()['response'] assert (response == 'The following members are already in the conversation: user_two.')
def test_change_forum_permissions_failure(app, authed_client): db.engine.execute('DELETE FROM users_permissions') add_permissions(app, 'users_moderate', 'forumaccess_thread_1') db.engine.execute("""UPDATE user_classes SET permissions = '{"forumaccess_forum_2"}'""") response = authed_client.put( '/users/1', data=json.dumps({ 'permissions': { 'forumaccess_forum_2': True, 'forumaccess_thread_1': False, 'forumaccess_thread_4': False, 'forumaccess_thread_2': True, } }), ) check_json_response( response, 'The following permissions could not be added: forumaccess_forum_2. ' 'The following permissions could not be deleted: forumaccess_thread_4.', ) f_perms = UserPermission.from_user(1, prefix='forumaccess') assert f_perms == {'forumaccess_thread_1': True}
def test_serialize_very_detailed(app, authed_client): add_permissions(app, 'forums_threads_modify', 'forums_threads_modify_advanced') thread = ForumThread.from_pk(3) data = NewJSONEncoder().default(thread) check_dictionary( data, { 'id': 3, 'topic': 'Using PHP', 'locked': True, 'sticky': True, 'deleted': False, 'post_count': 1, 'subscribed': True, }, ) assert 'forum' in data and data['forum']['id'] == 2 assert 'creator' in data and data['creator']['id'] == 2 assert 'last_post' in data and data['last_post']['id'] == 2 assert 'last_viewed_post' in data and data['last_viewed_post']['id'] == 2 assert ('posts' in data and len(data['posts']) == 1 and data['posts'][0]['id'] == 2) assert 'created_time' in data and isinstance(data['created_time'], int) assert 'poll' in data and data['poll']['id'] == 3 assert 'thread_notes' in data assert ('thread_notes' in data and len(data['thread_notes']) == 1 and data['thread_notes'][0]['id'] == 3)
def test_add_thread_note_no_permissions(app, authed_client): db.engine.execute( "DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'") add_permissions(app, 'forums_threads_modify') response = authed_client.post('/forums/threads/1/notes', data=json.dumps({'note': 'ANotherNote'})) check_json_response(response, 'Invalid ForumThread id.')
def test_serialize_very_detailed(app, authed_client): add_permissions(app, 'users_moderate', 'users_moderate_advanced') user = User.from_pk(1) data = NewJSONEncoder().default(user) check_dictionary( data, { 'id': 1, 'username': '******', 'email': '*****@*****.**', 'enabled': True, 'locked': False, 'user_class': 'User', 'secondary_classes': ['FLS'], 'uploaded': 5368709120, 'downloaded': 0, 'invites': 1, 'inviter': None, 'basic_permissions': [], }, ) assert 'api_keys' in data and len(data['api_keys']) == 2 assert 'permissions' in data and set(data['permissions']) == { 'users_moderate', 'users_moderate_advanced', }
def test_change_forum_permissions(app, authed_client): db.engine.execute('DELETE FROM users_permissions') add_permissions(app, 'users_moderate', 'forumaccess_forum_1', 'forumaccess_thread_1') db.engine.execute("""UPDATE user_classes SET permissions = '{"forumaccess_forum_2"}'""") response = authed_client.put( '/users/1', data=json.dumps({ 'permissions': { 'forumaccess_forum_2': False, 'forumaccess_thread_1': False, 'forumaccess_thread_2': True, } }), ).get_json() print(response['response']) assert set(response['response']['forum_permissions']) == { 'forumaccess_forum_1', 'forumaccess_thread_2', } f_perms = UserPermission.from_user(1, prefix='forumaccess') assert f_perms == { 'forumaccess_forum_2': False, 'forumaccess_forum_1': True, 'forumaccess_thread_2': True, }
def test_delete_members_from_conversation(app, authed_client): add_permissions(app, MessagePermissions.MULTI_USER) response = authed_client.delete('/messages/1/members', data=json.dumps({'user_ids': [3] })).get_json()['response'] assert len(response) == 2 assert all(u['id'] in {1, 2} for u in response)
def test_moderate_user_not_found(app, authed_client): add_permissions(app, 'users_moderate') response = authed_client.put( '/users/10', data=json.dumps({'email': '*****@*****.**'}) ) check_json_response(response, 'User 10 does not exist.') assert response.status_code == 404
def test_delete_category(app, authed_client): add_permissions(app, 'forums_view', 'forums_forums_modify') response = authed_client.delete('/forums/categories/5') check_json_response(response, 'ForumCategory 5 (uWhatMate) has been deleted.') category = ForumCategory.from_pk(5, include_dead=True) assert category.deleted
def test_view_thread_posts_include_dead_no_perm(app, authed_client): add_permissions(app, 'forums_view') response = authed_client.get( '/forums/threads/5', query_string={'include_dead': True} ) assert response.status_code == 200 assert len(response.get_json()['response']['posts']) == 1
def test_view_forum_subscriptions_no_forum_perms(app, authed_client): db.engine.execute("DELETE FROM users_permissions") add_permissions(app, 'forums_view_subscriptions') response = authed_client.get('/subscriptions/forums').get_json()[ 'response' ] assert response == []
def test_PermissionsListOfUser_failure(app, authed_client): permissions = ['sample_one', 'sample_two'] add_permissions(app, 'sample_one', 'sample_three') with pytest.raises(Invalid) as e: PermissionsListOfUser(permissions) assert (str( e.value) == 'permissions must be in the user\'s permissions list')
def test_add_members_to_conversation(app, authed_client): add_permissions(app, MessagePermissions.MULTI_USER) response = authed_client.post('/messages/1/members', data=json.dumps({'user_ids': [4, 5] })).get_json()['response'] assert len(response) == 5 assert all(u['id'] in {1, 2, 3, 4, 5} for u in response)
def test_view_notification_of_type_include_read(app, authed_client): add_permissions(app, 'notifications_view') response = authed_client.get( '/notifications/quote', query_string={'include_read': True} ).get_json()['response'] assert len(response) == 2 assert all(response[i]['type'] == 'quote' for i in range(2))
def test_view_api_key_cached(app, authed_client): add_permissions(app, ApikeyPermissions.VIEW, ApikeyPermissions.VIEW_OTHERS) api_key = APIKey.from_pk('1234567890', include_dead=True) cache_key = cache.cache_model(api_key, timeout=60) response = authed_client.get(f'/api_keys/1234567890') check_json_response(response, {'hash': '1234567890', 'revoked': True}) assert cache.ttl(cache_key) < 61
def test_view_empty_api_keys(app, authed_client): add_permissions(app, ApikeyPermissions.VIEW, ApikeyPermissions.VIEW_OTHERS) response = authed_client.get('/api_keys', query_string={ 'user_id': 3, 'include_dead': False }) check_json_response(response, [], list_=True, strict=True)
def test_invites_view_include_dead(app, authed_client): """Including dead torrents in the list view should return dead invites.""" add_permissions(app, 'invites_view') response = authed_client.get( '/invites', query_string={'include_dead': True} ) assert len(response.get_json()['response']) == 3 assert response.status_code == 200
def test_add_forum_nonexistent_category(app, authed_client): add_permissions(app, 'forums_view', 'forums_forums_modify') response = authed_client.post('/forums', data=json.dumps({ 'name': 'New Forum', 'category_id': 100 })) check_json_response(response, 'Invalid ForumCategory id.')
def test_add_members_to_others_conversation(app, authed_client): add_permissions(app, MessagePermissions.MULTI_USER, MessagePermissions.VIEW_OTHERS) response = authed_client.post('/messages/4/members', data=json.dumps({'user_ids': [1] })).get_json()['response'] assert len(response) == 3 assert any(u['id'] == 1 for u in response)
def populate_db(app, client): add_permissions(app, 'userclasses_list', 'userclasses_modify') db.engine.execute("""UPDATE user_classes SET permissions = '{"permissions_modify", "users_edit_settings"}' WHERE name = 'User'""") db.engine.execute("""UPDATE secondary_classes SET permissions = '{"invites_send"}' WHERE name = 'FLS'""")
def test_view_forum(app, authed_client): add_permissions(app, 'forums_view') response = authed_client.get('/forums/2') check_json_response(response, { 'id': 2, 'name': 'Bugs', 'description': 'Squishy Squash' }) assert response.status_code == 200
def test_view_thread_subscriptions_no_forum_perms(app, authed_client): db.engine.execute( "DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'" ) add_permissions(app, 'forums_view_subscriptions') response = authed_client.get('/subscriptions/threads').get_json()[ 'response' ] assert response == []
def test_view_notifications(app, authed_client): add_permissions(app, 'notifications_view') response = authed_client.get('/notifications').get_json()['response'] print(response) assert all(t in response for t in ['subscripple', 'quote', 'unreal']) assert not response['unreal'] assert len(response['quote']) == 1 and response['quote'][0][ 'contents' ] == {'contents': 'A Quote!'}
def test_modify_notification(app, authed_client): add_permissions(app, 'notifications_modify') response = authed_client.put( '/notifications/1', data=json.dumps({'read': True}) ) print(response.get_json()) assert response.status_code == 200 assert not len(Notification.get_all_unread(1)['subscripple']) assert len(Notification.get_all_unread(1)['quote']) == 1
def test_add_thread_nonexistent_category(app, authed_client): add_permissions(app, 'forums_view', 'forums_threads_create') response = authed_client.post( '/forums/threads', data=json.dumps( {'topic': 'New Forum', 'forum_id': 100, 'contents': 'aa'} ), ) check_json_response(response, 'Invalid Forum id.')
def test_int_overflow(app, authed_client): add_permissions(app, 'users_moderate') response = authed_client.put( '/users/1', data=json.dumps({'invites': 99999999999999999999999999}) ) check_json_response( response, 'Invalid data: value must be at most 2147483648 (key "invites")', )