def setUp(self):
Note.drop_table(True)
Message.drop_table(True)
User.drop_table(True)
User.create_table()
Message.create_table()
Note.create_table()
self.flask_app = test_app.app
self.flask_app._template_context = {}
self.app = test_app.app.test_client()
def test_get_object_or_404(self):
user = self.create_user('test', 'test')
# test with model as first arg
self.assertRaises(NotFound, get_object_or_404, User, username='******')
self.assertEqual(user, get_object_or_404(User, username='******'))
# test with query as first arg
active = User.select().where(active=True)
inactive = User.select().where(active=False)
self.assertRaises(NotFound, get_object_or_404, active, username='******')
self.assertRaises(NotFound, get_object_or_404, inactive, username='******')
self.assertEqual(user, get_object_or_404(active, username='******'))
def test_model_admin_delete(self):
self.create_users()
with self.flask_app.test_client() as c:
self.login(c)
# do a basic get, nothing much going on
resp = c.get('/admin/user/delete/')
self.assertEqual(resp.status_code, 200)
self.assertContext('user', self.admin)
self.assertContext('model_admin', admin._registry['user'])
query = self.get_context('query')
self.assertEqual(list(query), [])
# send it a single id
resp = c.get('/admin/user/delete/?id=%d' % (self.normal.id))
self.assertEqual(resp.status_code, 200)
query = self.get_context('query')
self.assertEqual(list(query), [self.normal])
# ensure nothing was deleted
self.assertEqual(User.select().count(), 3)
# post to it, get a redirect on success
resp = c.post('/admin/user/delete/', data={'id': self.normal.id})
self.assertEqual(resp.status_code, 302)
# ensure the user was deleted
self.assertEqual(User.select().count(), 2)
self.assertRaises(User.DoesNotExist, User.get, id=self.normal.id)
self.assertTrue(resp.headers['location'].endswith('/admin/user/'))
# do a multi-delete
resp = c.get('/admin/user/delete/?id=%d&id=%d' % (self.admin.id, self.inactive.id))
self.assertEqual(resp.status_code, 200)
query = self.get_context('query')
self.assertEqual(list(query), [self.admin, self.inactive])
# post to it and check both deleted
resp = c.post('/admin/user/delete/', data={'id': [self.admin.id, self.inactive.id]})
self.assertEqual(resp.status_code, 302)
self.assertEqual(User.select().count(), 0)
def test_model_deserializer(self):
users = self.create_users()
deserialized = self.md.deserialize_object({
'__model__': 'User',
'__module__': 'flaskext.tests.test_app',
'id': self.admin.id,
'username': '******',
'password': self.admin.password,
'join_date': self.admin.join_date.strftime('%Y-%m-%d %H:%M:%S'),
'active': True,
'admin': True,
})
for attr in ['id', 'username', 'password', 'active', 'admin']:
self.assertEqual(
getattr(deserialized, attr),
getattr(self.admin, attr),
)
self.assertEqual(
deserialized.join_date.strftime('%Y-%m-%d %H:%M:%S'),
self.admin.join_date.strftime('%Y-%m-%d %H:%M:%S'),
)
admin_pk = self.admin.id
deserialized = self.md.deserialize_object({
'__model__': 'User',
'__module__': 'flaskext.tests.test_app',
'username': '******',
'active': False,
'admin': False,
}, self.admin)
self.assertEqual(deserialized.username, 'edited')
self.assertEqual(deserialized.admin, False)
self.assertEqual(deserialized.active, False)
self.assertEqual(deserialized.id, admin_pk)
deserialized.save()
self.assertEqual(User.select().count(), 3)
edited = User.get(username='******')
self.assertEqual(edited.id, admin_pk)
def test_delete(self):
self.create_users()
url = '/api/user/%s/' % self.normal.id
# authorized as an admin
resp = self.app.delete(url, headers=self.auth_headers('admin', 'admin'))
self.assertEqual(resp.status_code, 200)
self.assertEqual(User.select().count(), 2)
resp_json = self.response_json(resp)
self.assertEqual(resp_json, {'deleted': 1})
def test_create(self):
self.create_users()
user_data = {'username': '******', 'password': sha1('test').hexdigest()}
serialized = json.dumps(user_data)
# authorized as an admin
resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('admin', 'admin'))
self.assertEqual(resp.status_code, 200)
new_user = User.get(username='******')
resp_json = self.response_json(resp)
self.assertAPIUser(resp_json, new_user)
def test_edit(self):
self.create_users()
user_data = {'username': '******'}
serialized = json.dumps(user_data)
url = '/api/user/%s/' % self.normal.id
# authorized as an admin
resp = self.app.put(url, data=serialized, headers=self.auth_headers('admin', 'admin'))
self.assertEqual(resp.status_code, 200)
user = User.get(id=self.normal.id)
self.assertEqual(user.username, 'edited')
resp_json = self.response_json(resp)
self.assertAPIUser(resp_json, user)
def test_model_admin_add(self):
self.create_users()
self.assertEqual(User.select().count(), 3)
with self.flask_app.test_client() as c:
self.login(c)
# the add url returns a 200
resp = c.get('/admin/user/add/')
self.assertEqual(resp.status_code, 200)
# ensure the user, model_admin and form are correct in the context
self.assertContext('user', self.admin)
self.assertContext('model_admin', admin._registry['user'])
self.assertTrue('form' in self.flask_app._template_context)
frm = self.flask_app._template_context['form']
self.assertEqual(sorted(frm._fields.keys()), [
'active',
'admin',
'email',
'join_date',
'password',
'username',
])
# make an incomplete post and get a 200 with errors
resp = c.post('/admin/user/add/', data={
'username': '',
'password': '******',
'active': '1',
'email': '',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 200)
# no new user created
self.assertEqual(User.select().count(), 3)
# check the form for errors
frm = self.get_context('form')
self.assertEqual(frm.errors, {
'username': ['This field is required.'],
'email': ['This field is required.'],
})
# make a complete post and get a 302 to the edit page
resp = c.post('/admin/user/add/', data={
'username': '******',
'password': '******',
'active': '1',
'email': '*****@*****.**',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# new user was created
self.assertEqual(User.select().count(), 4)
# check they have the correct data on the new instance
user = User.get(username='******')
self.assertEqual(user.password, sha1('new').hexdigest())
self.assertEqual(user.active, True)
self.assertEqual(user.admin, False)
self.assertEqual(user.email, '*****@*****.**')
self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
# check the redirect was correct
self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
def test_model_admin_edit(self):
users = self.create_users()
self.assertEqual(User.select().count(), 3)
# grab an id so we can test a 404 on non-existent user
unused_id = [x for x in range(1, 5) if not User.filter(id=x).exists()][0]
with self.flask_app.test_client() as c:
self.login(c)
# nonexistant user 404s
resp = c.get('/admin/user/%d/' % unused_id)
self.assertEqual(resp.status_code, 404)
# edit page returns a 200
resp = c.get('/admin/user/%d/' % self.normal.id)
self.assertEqual(resp.status_code, 200)
# check the user, model_admin and form are correct in the context
self.assertContext('user', self.admin)
self.assertContext('model_admin', admin._registry['user'])
self.assertTrue('form' in self.flask_app._template_context)
frm = self.flask_app._template_context['form']
self.assertEqual(sorted(frm._fields.keys()), [
'active',
'admin',
'email',
'join_date',
'password',
'username',
])
# check the form pulled the right data off the model
self.assertEqual(frm.data, {
'username': '******',
'password': sha1('normal').hexdigest(),
'email': '',
'admin': False,
'active': True,
'join_date': frm.join_date.data, # microseconds...bleh
})
# make an incomplete post to update the user and get a 200 w/errors
resp = c.post('/admin/user/%d/' % self.normal.id, data={
'username': '',
'password': '',
'active': '1',
'email': '*****@*****.**',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 200)
# no new user created
self.assertEqual(User.select().count(), 3)
# refresh database content
normal = User.get(id=self.normal.id)
self.assertEqual(normal.username, 'normal') # was not saved
# check the form for errors
frm = self.get_context('form')
self.assertEqual(frm.errors, {
'username': ['This field is required.'],
'password': ['This field is required.'],
})
# make a complete post
resp = c.post('/admin/user/%d/' % self.normal.id, data={
'username': '******',
'password': '******',
'active': '1',
'email': '[email protected]',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# no new user was created
self.assertEqual(User.select().count(), 3)
# grab from the database
user = User.get(username='******')
self.assertEqual(user.id, self.normal.id) # it is the same user
self.assertEqual(user.password, sha1('edited').hexdigest())
self.assertEqual(user.active, True)
self.assertEqual(user.admin, False)
self.assertEqual(user.email, '[email protected]')
self.assertEqual(user.join_date, datetime.datetime(2011, 1, 1))
self.assertTrue(resp.headers['location'].endswith('/admin/user/%d/' % user.id))
# make another post without modifying the password, should stay same
resp = c.post('/admin/user/%d/' % user.id, data={
'username': '******',
'password': user.password,
'active': '1',
'email': '[email protected]',
'join_date': '2011-01-01 00:00:00',
})
self.assertEqual(resp.status_code, 302)
# no new user was created
self.assertEqual(User.select().count(), 3)
# grab from the database
user = User.get(username='******')
self.assertEqual(user.id, self.normal.id) # it is the same user
# the password has not changed
self.assertEqual(user.password, sha1('edited').hexdigest())
def create_user(self, username, password, **kwargs):
user = User(username=username, email=kwargs.pop('email', ''), **kwargs)
user.set_password(password)
user.save()
return user
