def users_cant_see_other_users_expenses(tester): """Check that the expenses are displayed only for the correct owner""" username, password = Helpers.create_user(tester) # Frank can create a category to log his expenses cat_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name=cat_name, is_income=False) amount = random.randint(1, 90000) expense_date = str(date.today()) note = Helpers.generate_string() # Frank enters some data Helpers.create_entry(tester, amount, category_name=cat_name, note=note, expense_date=expense_date, is_income=False, verify_creation=True) Helpers.logout_user(tester) # Guido can not see Frank's expense Helpers.create_user(tester) Helpers.visit_and_verify_expense(tester, amount=amount, category_name=cat_name, note=note, should_exist=False) Helpers.logout_user(tester)
def test_can_create_multiple_expense_categories(tester): """Check that creation pf multiple categories is successful""" # Frank can create a category to log expenses related to his rent cat_name1 = Helpers.generate_string() Helpers.create_a_category(tester, cat_name1) # Frank can create a category to log his food expenses cat_name2 = Helpers.generate_string() Helpers.create_a_category(tester, cat_name2)
def test_can_create_multiple_monthly_budgets(tester): # Frank creates a category to log expenses related his rent category_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name) budget_date = datetime.date.today().replace(day=1) amount = 7000 Helpers.create_a_monthly_budget(tester, category_name=category_name, amount=amount, date=budget_date) # Frank logs a fraction of his rent (he got confused with this previous # apartment) wrong_amt = 4000 note = 'First month of rent' rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d") is_income = False Helpers.create_entry(tester, amount=wrong_amt, category_name=category_name, note=note, expense_date=rent_date, is_income=is_income) # FIX ME: we're not displaying the monthly bugets anymore!!! # Frank notices the home page shows that amount he has set # url = reverse('budgets:home') # tester.browser.get(f"{tester.live_server_url}{url}") # table = tester.browser.find_element_by_id('id_expenses_total') # Helpers.find_text_inside_table(tester, str(amount), table) # Helpers.find_text_inside_table(tester, category_name, table) # # Frank notices that the home page is showing he still has room for # # spending, in the Rent category # url = reverse('budgets:home') # tester.browser.get(f"{tester.live_server_url}{url}") # remainder = amount - wrong_amt # table = tester.browser.find_element_by_id('id_expenses_total') # formatted_amount = f'{remainder:n}' # Helpers.find_text_inside_table(tester, str(formatted_amount), table) # Frank also notices the amount is green, meaning he still has room for # spending! # TODO, check for "text-danger" class # Frank notices his error and logs the full amount of the rent # creating a new expenses (Frank can't find how to edit an entry) remainder = 5000 note = Helpers.generate_string() rent_date = datetime.date.today().replace(day=1).strftime("%Y-%m-%d") is_income = False Helpers.create_entry(tester, amount=remainder, category_name=category_name, note=note, expense_date=rent_date, is_income=is_income)
def test_cant_create_duplicate_expense_categories(tester): # Frank can create a category to log expenses related to his rent text = Helpers.generate_string() Helpers.create_a_category(tester, category_name=text, is_income=True) # Frank is not paying attention to what he is doing, and he tries # to create the same category Helpers.create_a_category(tester, category_name=text, is_income=True, create_check=False, midway_check=True)
def test_users_cant_see_other_users_monthly_balance_entry(tester): # Frank can create a category to log his balance cat_name = Helpers.generate_string() Helpers.create_user(tester) Helpers.create_a_category(tester, category_name=cat_name, is_balance=True) Helpers.logout_user(tester) # Guido can not see Frank's balance income category Helpers.create_user(tester) Helpers.visit_and_verify_categories(tester, cat_name, is_balance=True, should_exist=False) Helpers.logout_user(tester)
def test_different_users_can_create_categories_with_the_same_name(tester): # Frank can create a category to log his expenses cat_name = Helpers.generate_string() Helpers.create_user(tester) Helpers.create_a_category(tester, category_name=cat_name) Helpers.logout_user(tester) # Guido can create a category with the same name Helpers.create_user(tester) Helpers.create_a_category(tester, category_name=cat_name, midway_check=True, create_check=False, lack_of_error=True) Helpers.logout_user(tester)
def test_cant_create_multiple_monthly_budgets_for_same_month(tester): # Frank creates a category to log expenses related his rent category_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name) # Frank knows he also has to create a budget for the current month # so he proceeds to create one budget_date = datetime.date.today().replace(day=1) amount = 7000 Helpers.create_a_monthly_budget(tester, category_name=category_name, amount=amount, date=budget_date) # Frank however has been up till very late the day before, and is quite # distracted. Accidentally he repeats the same procedure again Helpers.create_a_monthly_budget(tester, category_name=category_name, amount=amount, date=budget_date, create_check=False) # However an error promtply notifies him that this is not allowed Helpers.wait_for_page_to_reload(tester) error = 'Monthly budget with this Category and Date already exists.' Helpers.find_error(tester, error)
def test_users_can_not_see_other_users_categories(tester): """Check that only current user categories are returned (in json format)""" # Frank can create a category to log his expenses cat_name = Helpers.generate_string() Helpers.create_user(tester) Helpers.create_a_category(tester, category_name=cat_name) Helpers.logout_user(tester) # Guido registers to the site Helpers.create_user(tester) url = reverse('api:categories') # Guido has knowledge of how to force the site to display json secret_url = f"{tester.live_server_url}{url}?format=json&json=true'" tester.browser.get(secret_url) html = tester.browser.find_element_by_tag_name('html') json_res = json.loads(html.text) # Guido, however, can not see Frank's category tester.assertEqual(len(json_res), 0) Helpers.logout_user(tester)
def test_users_cant_see_other_users_monthly_budgets(tester): Helpers.create_user(tester) # Frank creates a category to log expenses related his rent category_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name) # Frank knows he also has to create a budget for the current month # ...so he proceeds to create one budget_date = datetime.date.today().replace(day=1) amount = random.randint(1, 90000) Helpers.create_a_monthly_budget(tester, category_name=category_name, amount=amount, date=budget_date) Helpers.logout_user(tester) # Guido can not see Frank's monthly budget Helpers.create_user(tester) Helpers.visit_and_verify_month_budget_creation(tester=tester, category_name=category_name, amount=amount, date=budget_date, should_exist=False) Helpers.logout_user(tester)
def users_cant_create_expenses_with_other_users_categories(tester): """Check that the expenses can not be created with other users's categories """ # Frank logs in Helpers.create_user(tester) # Frank creates multiple categories for _ in range(3): cat_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name=cat_name, is_income=False) category_id = Helpers.get_category_id_from_category_name( tester, cat_name) # Frank confirm the id of the last category he created... he "has a plan" category_id = Helpers.get_category_id_from_category_name(tester, cat_name) # Frank knows some javascript, and he tries to fiddle with the form values # ## ES6 syntax, will work in recent (2015/2016+ versions) FF and Chromium js_function = 'Array.from(document.getElementsByTagName("option")).forEach(function(item) {item.value = "X"});' js_function = js_function.replace('X', str(category_id)) tester.browser.execute_script(js_function) amount = random.randint(1, 90000) expense_date = str(date.today()) note = Helpers.generate_string() # Frank enters some data, he wants to make sure his js does not break the # app # Frank also confirm that even after executing this js, the expense was # created correctly Helpers.create_entry(tester, amount, category_name=cat_name, note=note, expense_date=expense_date, is_income=False, verify_creation=True, js_to_execute=js_function) # Franks challenges Guido to create an expense with a category he made # Franks share his js script with Guido (Guido does not know any js!) # Guido accepts to test out Frank's js and verify the app works correctly Helpers.create_user(tester) # Guido creates a category cat_name = Helpers.generate_string() Helpers.create_a_category(tester, category_name=cat_name, is_income=False) # Guido enters some data, and execute the js code he got from Frank # If the app is not checking for tampering the form values, this will fail Helpers.create_entry(tester, amount, category_name=cat_name, note=note, expense_date=expense_date, is_income=False, verify_creation=False, js_to_execute=js_function) # Guido confirms the app is not deceived by this trivial attack Helpers.visit_and_verify_expense(tester, amount=amount, category_name=cat_name, note=note, should_exist=False)
def test_only_expenses_in_range_are_shown(tester): """Check that expenses are correctly filtered when using a given url""" # Frank creates 2 expenses for January 2020 text = Helpers.generate_string() Helpers.create_a_category(tester, category_name=text) # Frank is not going to check if the expenses are created as he always does # Frank now believes into this sowftware! is_income = False # We skip verication because...the function is old and broke down due to # the new redirect to /expense/create on success ? # TODO: check if this is the case, and fix it if needed verify_creation = False amount = 4000 note = Helpers.generate_string() date = "2020-01-01" Helpers.create_entry(tester, amount, category_name=text, note=note, expense_date=date, is_income=is_income, verify_creation=verify_creation) second_amount = 4200 second_date = "2020-01-07" second_note = Helpers.generate_string() Helpers.create_entry(tester, second_amount, category_name=text, note=second_note, expense_date=date, is_income=is_income, verify_creation=verify_creation) # Frank has changed his mind: "Testing is important" he says. # Frank then enters a special URL to check the expenses creation...but he # enters the wrong end date expense_url = reverse('budgets:expenses') url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-02" tester.browser.get(url) # Frank notices the first expenses is shown. Frank is so happy formatted_amount = f'{amount:,}' Helpers.verify_expense_was_created(tester, amount=formatted_amount, category_name=text, note=note) # TODO: verify the second expenses is NOT shown # Frank can not see the second expenses! Frank wonders whether the # software has really saved the second expenses or not # Frank then gets very anxious... but then Frank breathes, and re-types the # URL. He notices he had typed the wrong one: "Silly me!" he mumbles. expense_url = reverse('budgets:expenses') url = f"{tester.live_server_url}{expense_url}/2020-01-01/2020-01-07" tester.browser.get(url) formatted_second_amount = f'{second_amount:,}' # Frank now sees both expenses, he smiles. Frank is so relieved now Helpers.verify_expense_was_created(tester, formatted_amount, category_name=text, note=note) Helpers.verify_expense_was_created(tester, amount=formatted_second_amount, category_name=text, note=second_note) # Then, Frank remembers he also bought something during December 2019 # He really wants to keep track of all his expenses! third_amount = 4200 third_note = Helpers.generate_string() older_date = "2019-12-31" Helpers.create_entry(tester, amount=third_amount, category_name=text, note=third_note, expense_date=older_date, is_income=is_income, verify_creation=verify_creation) # Frank then enters a special URL that allows him to only show expenses # broken down by months expense_url = reverse('budgets:expenses') url = f"{tester.live_server_url}{expense_url}/2019-12-01/2019-12-31" tester.browser.get(url) formatted_third_amount = f'{third_amount:,}' Helpers.verify_expense_was_created(tester, amount=formatted_third_amount, category_name=text, note=third_note) # TODO: Frank then want to see all expenses expense_url = reverse('budgets:expenses') url = f"{tester.live_server_url}{expense_url}/2019-12-01/2020-01-31"