def test_comment_post(self): """ Make an ajax post. """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") response = self.client.post(url, post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertContains(response, "Testing comment", status_code=200) self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertTrue(json_response['success']) self.assertEqual(json_response['errors'], {}) self.assertIn('Testing name', json_response['html'])
def test_comment_post(self): mommy.make('CaptchaStore', hashkey='foocaptcha', response='XAGS', expiration='2018-01-01') content_type = "webmap.poi" object_pk = "205" timestamp = "1451927336" security_hash = CommentForm.generate_security_hash( None, content_type, object_pk, timestamp) post_data = { "content_type": content_type, "object_pk": object_pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "captcha_0": 'foocaptcha', "captcha_1": 'XAGS', "timestamp": timestamp, "security_hash": security_hash, } response = self.client.post(reverse("comments-post-comment-ajax"), post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest', secure=True) self.assertEqual(response.status_code, 200, response.content.decode("utf-8")) self.assertContains( response, '<div class=\\"comment-text\\"><p>Testing comment</p></div>') self.assertContains( response, 'Testing name\\n <span class=\\"comment-date\\">on Jan. 4, 2016, 5:10 p.m.</span>' )
def test_comment_post(self): """ Make an ajax post. """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") response = self.client.post(url, post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertContains(response, "Testing comment", status_code=200) self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertTrue(json_response['success']) self.assertEqual(json_response['errors'], {}) self.assertIn('Testing name', json_response['html'])
def test_comment_post_missing(self): """ Make an ajax post. """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") response = self.client.post(url, post_data, HTTP_X_REQUESTED_WITH="XMLHttpRequest") self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertFalse(json_response["success"]) self.assertEqual(set(json_response["errors"].keys()), set(["name", "email", "comment"]))
def test_comment_post_blocked(self): comments_moderation.admin.EmailFilter.objects.create( email="*****@*****.**", active=True) content_type = "webmap.poi" object_pk = "205" timestamp = "1451927336" security_hash = CommentForm.generate_security_hash( None, content_type, object_pk, timestamp) post_data = { "content_type": content_type, "object_pk": object_pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "timestamp": timestamp, "security_hash": security_hash, } response = self.client.post(reverse("comments-post-comment-ajax"), post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest', secure=True) self.assertEqual(response.status_code, 200, response.content.decode("utf-8")) self.assertContains( response, '<div class=\\"comment-text\\"><p>Testing comment</p></div>') self.assertContains( response, 'Testing name\\n <span class=\\"comment-date\\">on Jan. 4, 2016, 5:10 p.m.</span>' ) self.assertContains( response, '<span class=\\"comment-moderated-flag\\">(moderated)</span>')
def test_comment_post_moderated(self): """ See that soft delete works properly. """ # Double check preconditions for moderation self.assertIsNotNone(get_model_moderator(Article)) self.assertTrue(len(signals.comment_will_be_posted.receivers)) self.assertEqual(id(get_comment_model()), signals.comment_will_be_posted.receivers[0][0][1]) content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "timestamp": timestamp, "security_hash": security_hash, } for url, is_ajax in [ (reverse("comments-post-comment-ajax"), True), (reverse("comments-post-comment"), False), ]: with patch.object(Akismet, "_request", return_value=MockedResponse(True)) as m: response = self.client.post( url, post_data, HTTP_X_REQUESTED_WITH="XMLHttpRequest") self.assertEqual(m.call_count, 1, "Moderator not called by " + url) if is_ajax: self.assertContains(response, "Testing comment", status_code=200) self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertTrue(json_response["success"]) self.assertEqual(json_response["errors"], {}) else: self.assertRedirects(response, reverse("comments-comment-done") + "?c=1") comment = get_comment_model().objects.filter( user_email="*****@*****.**")[0] self.assertFalse(comment.is_public, "Not moderated by " + url) self.assertTrue(comment.is_removed)
def test_comment_post_moderated(self): """ See that soft delete works properly. """ # Double check preconditions for moderation self.assertIsNotNone(get_model_moderator(Article)) self.assertTrue(len(signals.comment_will_be_posted.receivers)) self.assertEqual(id(get_comment_model()), signals.comment_will_be_posted.receivers[0][0][1]) content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "timestamp": timestamp, "security_hash": security_hash, } for url, is_ajax in [ (reverse("comments-post-comment-ajax"), True), (reverse("comments-post-comment"), False), ]: with patch.object(Akismet, '_request', return_value=MockedResponse(True)) as m: response = self.client.post(url, post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertEqual(m.call_count, 1, "Moderator not called by " + url) if is_ajax: self.assertContains(response, "Testing comment", status_code=200) self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertTrue(json_response['success']) self.assertEqual(json_response['errors'], {}) else: self.assertRedirects(response, reverse('comments-comment-done') + "?c=1") comment = get_comment_model().objects.filter(user_email="*****@*****.**")[0] self.assertFalse(comment.is_public, "Not moderated by " + url) self.assertTrue(comment.is_removed)
def test_comment_post(self): mommy.make('CaptchaStore', hashkey='foocaptcha', response='XAGS', expiration='2018-01-01') content_type = "webmap.poi" object_pk = "205" timestamp = "1451927336" security_hash = CommentForm.generate_security_hash(None, content_type, object_pk, timestamp) post_data = { "content_type": content_type, "object_pk": object_pk, "name": "Testing name", "email": "*****@*****.**", "comment": "Testing comment", "captcha_0": 'foocaptcha', "captcha_1": 'XAGS', "timestamp": timestamp, "security_hash": security_hash, } response = self.client.post(reverse("comments-post-comment-ajax"), post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest', secure=True) self.assertEqual(response.status_code, 200, response.content.decode("utf-8")) self.assertContains(response, '<div class=\\"comment-text\\"><p>Testing comment</p></div>') self.assertContains(response, 'Testing name\\n <span class=\\"comment-date\\">on Jan. 4, 2016, 5:10 p.m.</span>')
def test_comment_post_bad_requests(self): """ See how error handling works on bad requests """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) correct_data = { "content_type": content_type, "object_pk": article.pk, "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") headers = dict(HTTP_X_REQUESTED_WITH="XMLHttpRequest") # No data self.assertEqual(self.client.post(url, {}, **headers).status_code, 400) # invalid pk post_data = correct_data.copy() post_data["object_pk"] = 999 self.assertEqual( self.client.post(url, post_data, **headers).status_code, 400) # invalid content type post_data = correct_data.copy() post_data["content_type"] = "article.foo" self.assertEqual( self.client.post(url, post_data, **headers).status_code, 400) # invalid security hash post_data = correct_data.copy() post_data["timestamp"] = 0 self.assertEqual( self.client.post(url, post_data, **headers).status_code, 400)
def test_comment_post_missing(self): """ Make an ajax post. """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) post_data = { "content_type": content_type, "object_pk": article.pk, "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") response = self.client.post(url, post_data, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertEqual(response.status_code, 200) json_response = json.loads(response.content.decode("utf-8")) self.assertFalse(json_response['success']) self.assertEqual(set(json_response['errors'].keys()), set(['name', 'email', 'comment']))
def test_comment_post_bad_requests(self): """ See how error handling works on bad requests """ content_type = "article.article" timestamp = str(int(time.time())) article = factories.create_article() form = CommentForm(article) security_hash = form.generate_security_hash(content_type, str(article.pk), timestamp) correct_data = { "content_type": content_type, "object_pk": article.pk, "timestamp": timestamp, "security_hash": security_hash, } url = reverse("comments-post-comment-ajax") headers = dict(HTTP_X_REQUESTED_WITH='XMLHttpRequest') # No data self.assertEqual(self.client.post(url, {}, **headers).status_code, 400) # invalid pk post_data = correct_data.copy() post_data['object_pk'] = 999 self.assertEqual(self.client.post(url, post_data, **headers).status_code, 400) # invalid content type post_data = correct_data.copy() post_data['content_type'] = 'article.foo' self.assertEqual(self.client.post(url, post_data, **headers).status_code, 400) # invalid security hash post_data = correct_data.copy() post_data['timestamp'] = 0 self.assertEqual(self.client.post(url, post_data, **headers).status_code, 400)