def test_get_amount_and_total_back_from_api():
"Test that we get correct amounts and totals back on POSTs to tip.json"
client = TestClient()
# First, create some test data
# We need accounts
db.execute(CREATE_ACCOUNT, ("test_tippee1",))
db.execute(CREATE_ACCOUNT, ("test_tippee2",))
db.execute(CREATE_ACCOUNT, ("test_tipper",))
# We need to get ourselves a token!
response = client.get('/')
csrf_token = response.request.context['csrf_token']
# Then, add a $1.50 and $3.00 tip
response1 = client.post("/test_tippee1/tip.json",
{'amount': "1.00", 'csrf_token': csrf_token},
user='******')
response2 = client.post("/test_tippee2/tip.json",
{'amount': "3.00", 'csrf_token': csrf_token},
user='******')
# Confirm we get back the right amounts.
first_data = json.loads(response1.body)
second_data = json.loads(response2.body)
assert_equal(first_data['amount'], "1.00")
assert_equal(first_data['total_giving'], "1.00")
assert_equal(second_data['amount'], "3.00")
assert_equal(second_data['total_giving'], "4.00")
def test_get_amount_and_total_back_from_api(self):
"Test that we get correct amounts and totals back on POSTs to tip.json"
client = TestClient()
# First, create some test data
# We need accounts
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tippee2", claimed_time=now)
self.make_participant("test_tipper")
# We need to get ourselves a token!
response = client.get('/')
csrf_token = response.request.context['csrf_token']
# Then, add a $1.50 and $3.00 tip
response1 = client.post("/test_tippee1/tip.json",
{'amount': "1.00", 'csrf_token': csrf_token},
user='******')
response2 = client.post("/test_tippee2/tip.json",
{'amount': "3.00", 'csrf_token': csrf_token},
user='******')
# Confirm we get back the right amounts.
first_data = json.loads(response1.body)
second_data = json.loads(response2.body)
assert first_data['amount'] == "1.00"
assert first_data['total_giving'] == "1.00"
assert second_data['amount'] == "3.00"
assert second_data['total_giving'] == "4.00"
def test_post_bad_platform(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
api_key = json.loads(
client.get('/test_tipper/api-key.json',
'test_tipper').body)['api_key']
response = client.post('/test_tipper/tips.json',
json.dumps([{
'username': '******',
'platform': 'badname',
'amount': '1.00'
}]),
user='******',
content_type='application/json',
HTTP_AUTHORIZATION='Basic ' +
base64.b64encode(api_key + ':'))
assert response.code == 200
resp = json.loads(response.body)
for tip in resp:
assert 'error' in tip
def test_get_amount_and_total_back_from_api(self):
"Test that we get correct amounts and totals back on POSTs to tip.json"
client = TestClient()
# First, create some test data
# We need accounts
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tippee2", claimed_time=now)
self.make_participant("test_tipper")
# We need to get ourselves a token!
response = client.get('/')
csrf_token = response.request.context['csrf_token']
# Then, add a $1.50 and $3.00 tip
response1 = client.post("/test_tippee1/tip.json", {
'amount': "1.00",
'csrf_token': csrf_token
},
user='******')
response2 = client.post("/test_tippee2/tip.json", {
'amount': "3.00",
'csrf_token': csrf_token
},
user='******')
# Confirm we get back the right amounts.
first_data = json.loads(response1.body)
second_data = json.loads(response2.body)
assert_equal(first_data['amount'], "1.00")
assert_equal(first_data['total_giving'], "1.00")
assert_equal(second_data['amount'], "3.00")
assert_equal(second_data['total_giving'], "4.00")
def test_post_bad_platform(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
api_key = json.loads(client.get('/test_tipper/api-key.json', 'test_tipper').body)['api_key']
response = client.post( '/test_tipper/tips.json'
, json.dumps([{ 'username': '******'
, 'platform': 'badname'
, 'amount': '1.00'
}])
, user='******'
, content_type='application/json'
, HTTP_AUTHORIZATION='Basic ' + base64.b64encode(api_key + ':')
)
assert response.code == 200
resp = json.loads(response.body)
for tip in resp:
assert 'error' in tip
def test_get_response_with_tips(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response1 = client.post('/test_tippee1/tip.json', {
'amount': '1.00',
'csrf_token': csrf_token
},
user='******')
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response1.code == 200
assert json.loads(response1.body)['amount'] == '1.00'
data = json.loads(response.body)[0]
assert response.code == 200
assert data['username'] == 'test_tippee1'
assert data['amount'] == '1.00'
def setUp(self):
self.client = TestClient()
Harness.setUp(self)
self._blech = (os.environ['CANONICAL_SCHEME'],
os.environ['CANONICAL_HOST'])
os.environ['CANONICAL_SCHEME'] = 'https'
os.environ['CANONICAL_HOST'] = 'www.gittip.com'
wireup.canonical()
def test_get_response(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tipper", claimed_time=now)
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response.code == 200
assert len(json.loads(response.body)) == 0 # empty array
def test_get_response(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tipper", claimed_time=now)
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response.code == 200
assert len(json.loads(response.body)) == 0 # empty array
def test_github_user_info_status_handling(self, requests):
client = TestClient()
# Check that different possible github statuses are handled correctly
for (github_status, github_content), expected_gittip_response in [
((200, DUMMY_GITHUB_JSON), 200), ((404, ""), 404),
((500, ""), 502), ((777, ""), 502)
]:
requests.get().status_code = github_status
requests.get().text = github_content
response = client.get('/on/github/not-in-the-db/')
assert response.code == expected_gittip_response
def change_bitcoin_address(self, address, user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/bitcoin.json", {
'bitcoin_address': address,
'csrf_token': csrf_token
},
user=user)
return response
def change_username(self, new_username, user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/username.json", {
'username': new_username,
'csrf_token': csrf_token
},
user=user)
return response
def test_github_user_info_status_handling(self, requests):
client = TestClient()
# Check that different possible github statuses are handled correctly
for (github_status, github_content), expected_gittip_response in [
((200, DUMMY_GITHUB_JSON), 200),
((404, ""), 404),
((500, ""), 502),
((777, ""), 502)]:
requests.get().status_code = github_status
requests.get().text = github_content
response = client.get('/on/github/not-in-the-db/')
assert_equal(response.code, expected_gittip_response)
def change_statement(self, statement, number='singular', user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/statement.json", {
'statement': statement,
'number': number,
'csrf_token': csrf_token
},
user=user)
return response
def change_username(self, new_username, user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post( "/alice/username.json"
, { 'username': new_username
, 'csrf_token': csrf_token
}
, user=user
)
return response
class Tests(Harness):
def setUp(self):
Harness.setUp(self)
self.website = test_website
self.client = TestClient()
def tearDown(self):
self.website.oauth_cache = {}
@mock.patch('requests.post')
@mock.patch('requests.get')
@mock.patch('gittip.utils.mixpanel.track')
def test_associate_opts_in(self, track, get, post):
self.website.oauth_cache = {"deadbeef": ("deadbeef", "opt-in", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump")
assert response.code == 302, response.body
assert response.headers['Location'] == "/alice/", response.headers
@mock.patch('requests.post')
@mock.patch('requests.get')
@mock.patch('gittip.utils.mixpanel.track')
def test_associate_connects(self, track, get, post):
self.make_participant('alice')
self.website.oauth_cache = {"deadbeef": ("deadbeef", "connect", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump", user="******")
assert response.code == 302, response.body
assert response.headers['Location'] == "/alice/", response.headers
rec = self.db.one("SELECT * FROM elsewhere")
assert rec.participant == 'alice', rec
assert rec.platform == 'twitter', rec
def change_bitcoin_address(self, address, user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post( "/alice/bitcoin.json"
, { 'bitcoin_address': address
, 'csrf_token': csrf_token
}
, user=user
)
return response
def change_statement(self, statement, number='singular', user='******'):
self.make_participant('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post( "/alice/statement.json"
, { 'statement': statement
, 'number': number
, 'csrf_token': csrf_token
}
, user=user
)
return response
def test_sandwiched_tipless_payday_comes_through(self):
alice, bob = self.make_participants_and_tips()
self.run_payday() # zeroth, ignored
self.run_payday() # first
# Oops! Sorry, Carl. :-(
alice.set_tip_to('carl', '0.00')
bob.set_tip_to('carl', '0.00')
self.run_payday() # second
# Bouncing back ...
alice.set_tip_to('carl', '5.00')
self.run_payday() # third
expected = [
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 1 # most recent first
,
"receipts": 5.00
},
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 0,
"receipts": 0.00
},
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 2,
"receipts": 3.00
}
]
actual = json.loads(TestClient().get('/carl/charts.json').body)
assert actual == expected
def hit_anonymous(self, method='GET', expected_code=200):
user, ignored = TwitterAccount('alice', {}).opt_in('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
if method == 'GET':
response = client.get("/alice/anonymous.json", user='******')
else:
assert method == 'POST'
response = client.post("/alice/anonymous.json",
{'csrf_token': csrf_token},
user='******')
if response.code != expected_code:
print(response.body)
return response
def test_anonymous_does_not_get_goal_if_user_regifts(self):
alice = self.make_participant('alice', last_bill_result='')
alice.goal = 0
data = json.loads(TestClient().get('/alice/public.json').body)
assert_equal(data.has_key('goal'), False)
def test_anonymous_gets_user_goal_if_set(self):
alice = self.make_participant('alice', last_bill_result='')
alice.goal = Decimal('1.00')
data = json.loads(TestClient().get('/alice/public.json').body)
assert_equal(data['goal'], '1.00')
def change_goal(self, goal, goal_custom="", username="******"):
if isinstance(username, Participant):
username = username.username
elif username == 'alice':
self.make_alice()
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/goal.json", {
'goal': goal,
'goal_custom': goal_custom,
'csrf_token': csrf_token
},
user=username)
return response
def test_anonymous_does_not_get_my_tip(self):
alice = self.make_participant('alice', last_bill_result='')
self.make_participant('bob')
alice.set_tip_to('bob', '1.00')
data = json.loads(TestClient().get('/bob/public.json').body)
assert_equal(data.has_key('my_tip'), False)
def test_anonymous_gets_giving(self):
alice = self.make_participant('alice', last_bill_result='')
self.make_participant('bob')
alice.set_tip_to('bob', '1.00')
data = json.loads(TestClient().get('/alice/public.json').body)
assert_equal(data['giving'], '1.00')
def change_goal(self, goal, goal_custom="", user="******"):
if isinstance(user, Participant):
user = user.username
else:
self.make_alice()
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post( "/alice/goal.json"
, { 'goal': goal
, 'goal_custom': goal_custom
, 'csrf_token': csrf_token
}
, user=user
)
return response
def setUp(self):
self.client = TestClient()
Harness.setUp(self)
self._blech = ( os.environ['CANONICAL_SCHEME']
, os.environ['CANONICAL_HOST']
)
os.environ['CANONICAL_SCHEME'] = 'https'
os.environ['CANONICAL_HOST'] = 'www.gittip.com'
wireup.canonical()
def test_set_tip_out_of_range(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("alice", claimed_time=now)
self.make_participant("bob", claimed_time=now)
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/tip.json",
{'amount': "110.00", 'csrf_token': csrf_token},
user='******')
assert "bad amount" in response.body
assert response.code == 400
response = client.post("/alice/tip.json",
{'amount': "-1.00", 'csrf_token': csrf_token},
user='******')
assert "bad amount" in response.body
assert response.code == 400
def test_anonymous_gets_null_giving_if_user_anonymous(self):
alice = self.make_participant( 'alice'
, last_bill_result=''
, anonymous=True
)
self.make_participant('bob')
alice.set_tip_to('bob', '1.00')
data = json.loads(TestClient().get('/alice/public.json').body)
assert data['giving'] == None
def test_never_received_gives_empty_array(self):
alice, bob = self.make_participants_and_tips()
self.run_payday() # zeroeth, ignored
self.run_payday() # first
self.run_payday() # second
self.run_payday() # third
expected = []
actual = json.loads(TestClient().get('/alice/charts.json').body)
assert actual == expected
def hit_anonymous(self, method='GET', expected_code=200):
user, ignored = TwitterAccount('alice', {}).opt_in('alice')
client = TestClient()
response = client.get('/')
csrf_token = response.request.context['csrf_token']
if method == 'GET':
response = client.get( "/alice/anonymous.json"
, user='******'
)
else:
assert method == 'POST'
response = client.post( "/alice/anonymous.json"
, {'csrf_token': csrf_token}
, user='******'
)
if response.code != expected_code:
print(response.body)
return response
def test_authenticated_user_gets_their_tip(self):
alice = self.make_participant('alice', last_bill_result='')
self.make_participant('bob')
alice.set_tip_to('bob', '1.00')
raw = TestClient().get('/bob/public.json', user='******').body
data = json.loads(raw)
assert_equal(data['receiving'], '1.00')
assert_equal(data['my_tip'], '1.00')
def test_authenticated_user_gets_self_for_self(self):
alice = self.make_participant('alice', last_bill_result='')
self.make_participant('bob')
alice.set_tip_to('bob', '3.00')
raw = TestClient().get('/bob/public.json', user='******').body
data = json.loads(raw)
assert data['receiving'] == '3.00'
assert data['my_tip'] == 'self'
def also_prune_variant(self, also_prune, tippees=1):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tippee2", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
api_key = json.loads(client.get('/test_tipper/api-key.json', 'test_tipper').body)['api_key']
data = [
{'username': '******', 'platform': 'gittip', 'amount': '1.00'},
{'username': '******', 'platform': 'gittip', 'amount': '2.00'}
]
response = client.post( '/test_tipper/tips.json'
, json.dumps(data)
, user='******'
, content_type='application/json'
, HTTP_AUTHORIZATION='Basic ' + base64.b64encode(api_key + ':')
)
assert response.code == 200
assert len(json.loads(response.body)) == 2
response = client.post( '/test_tipper/tips.json?also_prune=' + also_prune
, json.dumps([{ 'username': '******'
, 'platform': 'gittip'
, 'amount': '1.00'
}])
, user='******'
, content_type='application/json'
, HTTP_AUTHORIZATION='Basic ' + base64.b64encode(api_key + ':')
)
assert response.code == 200
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response.code == 200
assert len(json.loads(response.body)) == tippees
def test_first_payday_comes_through(self):
alice, bob = self.make_participants_and_tips()
self.run_payday() # zeroeth, ignored
self.run_payday() # first
expected = [{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 2,
"receipts": 3.00
}]
actual = json.loads(TestClient().get('/carl/charts.json').body)
assert actual == expected
def test_authenticated_user_gets_zero_if_they_dont_tip(self):
self.make_participant('alice', last_bill_result='')
bob = self.make_participant('bob', last_bill_result='')
self.make_participant('carl')
bob.set_tip_to('carl', '3.00')
raw = TestClient().get('/carl/public.json', user='******').body
data = json.loads(raw)
assert_equal(data['receiving'], '3.00')
assert_equal(data['my_tip'], '0.00')
def test_set_tip_out_of_range(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("alice", claimed_time=now)
self.make_participant("bob", claimed_time=now)
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response = client.post("/alice/tip.json", {
'amount': "110.00",
'csrf_token': csrf_token
},
user='******')
assert "bad amount" in response.body
assert response.code == 400
response = client.post("/alice/tip.json", {
'amount': "-1.00",
'csrf_token': csrf_token
},
user='******')
assert "bad amount" in response.body
assert response.code == 400
def test_get_response_with_tips(self):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
response = client.get('/')
csrf_token = response.request.context['csrf_token']
response1 = client.post('/test_tippee1/tip.json',
{'amount': '1.00', 'csrf_token': csrf_token},
user='******')
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response1.code == 200
assert json.loads(response1.body)['amount'] == '1.00'
data = json.loads(response.body)[0]
assert response.code == 200
assert data['username'] == 'test_tippee1'
assert data['amount'] == '1.00'
def test_authenticated_user_doesnt_get_other_peoples_tips(self):
alice = self.make_participant('alice', last_bill_result='')
bob = self.make_participant('bob', last_bill_result='')
carl = self.make_participant('carl', last_bill_result='')
self.make_participant('dana')
alice.set_tip_to('dana', '1.00')
bob.set_tip_to('dana', '3.00')
carl.set_tip_to('dana', '12.00')
raw = TestClient().get('/dana/public.json', user='******').body
data = json.loads(raw)
assert_equal(data['receiving'], '16.00')
assert_equal(data['my_tip'], '1.00')
def test_out_of_band_transfer_gets_included_with_prior_payday(self):
alice, bob = self.make_participants_and_tips()
self.run_payday() # zeroth, ignored
self.run_payday() # first
self.run_payday() # second
# Do an out-of-band transfer.
self.db.run(
"UPDATE participants SET balance=balance - 4 WHERE username='******'"
)
self.db.run(
"UPDATE participants SET balance=balance + 4 WHERE username='******'"
)
self.db.run(
"INSERT INTO transfers (tipper, tippee, amount) VALUES ('alice', 'carl', 4)"
)
self.run_payday() # third
expected = [
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 2 # most recent first
,
"receipts": 3.00
},
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons":
3 # Since this is rare, don't worry that we double-count alice.
,
"receipts": 7.00
},
{
"date": datetime.date.today().strftime('%Y-%m-%d'),
"npatrons": 2,
"receipts": 3.00
}
]
actual = json.loads(TestClient().get('/carl/charts.json').body)
assert actual == expected
def also_prune_variant(self, also_prune, tippees=1):
client = TestClient()
now = datetime.datetime.now(pytz.utc)
self.make_participant("test_tippee1", claimed_time=now)
self.make_participant("test_tippee2", claimed_time=now)
self.make_participant("test_tipper", claimed_time=now)
api_key = json.loads(
client.get('/test_tipper/api-key.json',
'test_tipper').body)['api_key']
data = [{
'username': '******',
'platform': 'gittip',
'amount': '1.00'
}, {
'username': '******',
'platform': 'gittip',
'amount': '2.00'
}]
response = client.post('/test_tipper/tips.json',
json.dumps(data),
user='******',
content_type='application/json',
HTTP_AUTHORIZATION='Basic ' +
base64.b64encode(api_key + ':'))
assert response.code == 200
assert len(json.loads(response.body)) == 2
response = client.post(
'/test_tipper/tips.json?also_prune=' + also_prune,
json.dumps([{
'username': '******',
'platform': 'gittip',
'amount': '1.00'
}]),
user='******',
content_type='application/json',
HTTP_AUTHORIZATION='Basic ' + base64.b64encode(api_key + ':'))
assert response.code == 200
response = client.get('/test_tipper/tips.json', 'test_tipper')
assert response.code == 200
assert len(json.loads(response.body)) == tippees
def make_client_and_csrf(self):
client = TestClient()
csrf_token = client.get('/').request.context['csrf_token']
return client, csrf_token
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
class TestPages(Harness):
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
def get(self, url, returning='body'):
request = self.client.get(url)
return getattr(request, returning)
def test_homepage(self):
actual = self.client.get('/').body
expected = "Sustainable Crowdfunding"
assert expected in actual, actual
def test_homepage_with_anonymous_giver(self):
TwitterAccount("bob", {}).opt_in("bob")
alice = self.make_participant('alice', anonymous=True, last_bill_result='')
alice.set_tip_to('bob', 1)
update_homepage_queries_once(self.db)
actual = self.client.get('/').body
expected = "Anonymous"
assert expected in actual, actual
def test_profile(self):
self.make_participant('cheese',
claimed_time=datetime.datetime.now(pytz.utc))
expected = "I'm grateful for gifts"
actual = self.get('/cheese/').decode('utf8') # deal with cent sign
assert expected in actual, actual
def test_widget(self):
self.make_participant('cheese',
claimed_time=datetime.datetime.now(pytz.utc))
expected = "javascript: window.open"
actual = self.get('/cheese/widget.html')
assert expected in actual, actual
def test_bank_account(self):
expected = "add<br> or change your bank account"
actual = self.get('/bank-account.html')
assert expected in actual, actual
def test_credit_card(self):
expected = "add<br> or change your credit card"
actual = self.get('/credit-card.html')
assert expected in actual, actual
def test_github_associate(self):
expected = "Bad request, program!"
actual = self.get('/on/github/associate')
assert expected in actual, actual
def test_twitter_associate(self):
expected = "Bad request, program!"
actual = self.get('/on/twitter/associate')
assert expected in actual, actual
def test_about(self):
expected = "small weekly cash gifts"
actual = self.get('/about/')
assert expected in actual, actual
def test_about_stats(self):
expected = "have joined Gittip"
actual = self.get('/about/stats.html')
assert expected in actual, actual
def test_about_charts(self):
expected = "Money transferred"
actual = self.get('/about/charts.html')
assert expected in actual, actual
@patch('gittip.elsewhere.github.requests')
def test_github_proxy(self, requests):
requests.get().status_code = 200
requests.get().text = GITHUB_USER_UNREGISTERED_LGTEST
expected = "lgtest has not joined"
actual = self.get('/on/github/lgtest/').decode('utf8')
assert expected in actual, actual
# This hits the network. XXX add a knob to skip this
def test_twitter_proxy(self):
expected = "Twitter has not joined"
actual = self.get('/on/twitter/twitter/').decode('utf8')
assert expected in actual, actual
def test_404(self):
actual = self.get('/about/four-oh-four.html')
assert "Page Not Found" in actual, actual
assert "{%" not in actual, actual
def test_bank_account_complete(self):
expected = "Page Not Found"
actual = self.get('/bank-account-complete.html')
assert expected in actual, actual
def test_bank_account_json(self):
expected = "Page Not Found"
actual = self.get('/bank-account.json')
assert expected in actual, actual
def test_credit_card_json(self):
expected = "Page Not Found"
actual = self.get('/credit-card.json')
assert expected in actual, actual
class TestPages(Harness):
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
def get(self, url, returning="body"):
request = self.client.get(url)
return getattr(request, returning)
def test_homepage(self):
actual = self.client.get("/").body
expected = "Sustainable Crowdfunding"
assert expected in actual
def test_homepage_with_anonymous_giver(self):
TwitterAccount(self.db, "bob", {}).opt_in("bob")
alice = self.make_participant("alice", anonymous=True, last_bill_result="")
alice.set_tip_to("bob", 1)
update_homepage_queries_once(self.db)
actual = self.client.get("/").body
expected = "Anonymous"
assert expected in actual
def test_profile(self):
self.make_participant("cheese", claimed_time=datetime.datetime.now(pytz.utc))
expected = "I'm grateful for gifts"
actual = self.get("/cheese/").decode("utf8") # deal with cent sign
assert expected in actual
def test_widget(self):
self.make_participant("cheese", claimed_time=datetime.datetime.now(pytz.utc))
expected = "javascript: window.open"
actual = self.get("/cheese/widget.html")
assert expected in actual
def test_bank_account(self):
expected = "add<br> or change your bank account"
actual = self.get("/bank-account.html")
assert expected in actual
def test_credit_card(self):
expected = "add<br> or change your credit card"
actual = self.get("/credit-card.html")
assert expected in actual
def test_github_associate(self):
expected = "Bad request, program!"
actual = self.get("/on/github/associate")
assert expected in actual
def test_twitter_associate(self):
expected = "Bad request, program!"
actual = self.get("/on/twitter/associate")
assert expected in actual
def test_about(self):
expected = "small weekly cash gifts"
actual = self.get("/about/")
assert expected in actual
def test_about_stats(self):
expected = "have joined Gittip"
actual = self.get("/about/stats.html")
assert expected in actual
def test_about_charts(self):
expected = "Money transferred"
actual = self.get("/about/charts.html")
assert expected in actual
@patch("gittip.elsewhere.github.requests")
def test_github_proxy(self, requests):
requests.get().status_code = 200
requests.get().text = GITHUB_USER_UNREGISTERED_LGTEST
expected = "lgtest has not joined"
actual = self.get("/on/github/lgtest/").decode("utf8")
assert expected in actual
# This hits the network. XXX add a knob to skip this
def test_twitter_proxy(self):
expected = "Twitter has not joined"
actual = self.get("/on/twitter/twitter/").decode("utf8")
assert expected in actual
def test_404(self):
actual = self.get("/about/four-oh-four.html")
assert "Page Not Found" in actual
assert "{%" not in actual
def test_bank_account_complete(self):
expected = "Page Not Found"
actual = self.get("/bank-account-complete.html")
assert expected in actual
def test_bank_account_json(self):
expected = "Page Not Found"
actual = self.get("/bank-account.json")
assert expected in actual
def test_credit_card_json(self):
expected = "Page Not Found"
actual = self.get("/credit-card.json")
assert expected in actual
def test_anonymous_sign_out_redirects(self):
response = self.client.get("/")
csrf_token = response.request.context["csrf_token"]
response = self.client.post("/sign-out.html", {"csrf_token": csrf_token})
assert response.code == 302
assert response.headers["Location"] == "/"
def test_receipts_signed_in(self):
alice = self.make_participant("alice", claimed_time=datetime.datetime.now(pytz.utc))
self.db.run("INSERT INTO exchanges (id, participant, amount, fee) VALUES(100,'alice',1,0.1)")
request = self.client.get("/alice/receipts/100.html", "alice")
assert request.code == 200
class TestRecordAnExchange(Harness):
# fixture
# =======
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
def get_csrf_token(self):
response = self.client.get("/")
return response.request.context["csrf_token"]
def record_an_exchange(self, amount, fee, note, make_participants=True):
if make_participants:
now = utcnow()
self.make_participant("alice", claimed_time=now, is_admin=True)
self.make_participant("bob", claimed_time=now)
return self.client.post(
"/bob/history/record-an-exchange",
{"amount": amount, "fee": fee, "note": note, "csrf_token": self.get_csrf_token()},
"alice",
)
# tests
# =====
def test_success_is_302(self):
actual = self.record_an_exchange("10", "0", "foo").code
assert actual == 302
def test_non_admin_is_404(self):
self.make_participant("alice", claimed_time=utcnow())
self.make_participant("bob", claimed_time=utcnow())
actual = self.record_an_exchange("10", "0", "foo", False).code
assert actual == 404
def test_non_post_is_405(self):
self.make_participant("alice", claimed_time=utcnow(), is_admin=True)
self.make_participant("bob", claimed_time=utcnow())
actual = self.client.get("/bob/history/record-an-exchange", "alice").code
assert actual == 405
def test_bad_amount_is_400(self):
actual = self.record_an_exchange("cheese", "0", "foo").code
assert actual == 400
def test_bad_fee_is_400(self):
actual = self.record_an_exchange("10", "cheese", "foo").code
assert actual == 400
def test_no_note_is_400(self):
actual = self.record_an_exchange("10", "0", "").code
assert actual == 400
def test_whitespace_note_is_400(self):
actual = self.record_an_exchange("10", "0", " ").code
assert actual == 400
def test_dropping_balance_below_zero_is_500(self):
actual = self.record_an_exchange("-10", "0", "noted").code
assert actual == 500
def test_success_records_exchange(self):
self.record_an_exchange("10", "0.50", "noted")
expected = {
"amount": Decimal("10.00"),
"fee": Decimal("0.50"),
"participant": "bob",
"recorder": "alice",
"note": "noted",
}
SQL = "SELECT amount, fee, participant, recorder, note " "FROM exchanges"
actual = self.db.one(SQL, back_as=dict)
assert actual == expected
def test_success_updates_balance(self):
self.record_an_exchange("10", "0", "noted")
expected = Decimal("10.00")
SQL = "SELECT balance FROM participants WHERE username='******'"
actual = self.db.one(SQL)
assert actual == expected
def test_withdrawals_work(self):
self.make_participant("alice", claimed_time=utcnow(), is_admin=True)
self.make_participant("bob", claimed_time=utcnow(), balance=20)
self.record_an_exchange("-7", "0", "noted", False)
expected = Decimal("13.00")
SQL = "SELECT balance FROM participants WHERE username='******'"
actual = self.db.one(SQL)
assert actual == expected
def test_withdrawals_take_fee_out_of_balance(self):
self.make_participant("alice", claimed_time=utcnow(), is_admin=True)
self.make_participant("bob", claimed_time=utcnow(), balance=20)
self.record_an_exchange("-7", "1.13", "noted", False)
SQL = "SELECT balance FROM participants WHERE username='******'"
assert self.db.one(SQL) == Decimal("11.87")
def toggle_is_suspicious(self):
client = TestClient()
client.get("/foo/toggle-is-suspicious.json", user="******")
def test_redirect_redirects(self):
self.make_participant('alice')
actual = TestClient().get('/on/bountysource/redirect', user='******').code
assert actual == 302
def toggle_is_suspicious(self):
client = TestClient()
client.get('/foo/toggle-is-suspicious.json', user='******')
class Tests(Harness):
def setUp(self):
Harness.setUp(self)
self.website = _test_website
self.client = TestClient()
def tearDown(self):
Harness.tearDown(self)
self.website.oauth_cache = {}
@mock.patch('requests.post')
@mock.patch('requests.get')
def test_associate_opts_in(self, get, post):
self.website.oauth_cache = {"deadbeef": ("deadbeef", "opt-in", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump")
assert response.code == 302, response.body
assert response.headers['Location'] == "/alice/", response.headers
@mock.patch('requests.post')
@mock.patch('requests.get')
def test_associate_connects(self, get, post):
self.make_participant('alice')
self.website.oauth_cache = {"deadbeef": ("deadbeef", "connect", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump", user="******")
assert response.code == 302, response.body
assert response.headers['Location'] == "/alice/", response.headers
rec = self.db.one("SELECT * FROM elsewhere")
assert rec.participant == 'alice', rec
assert rec.platform == 'twitter', rec
@mock.patch('requests.post')
@mock.patch('requests.get')
def test_associate_confirms_on_connect(self, get, post):
TwitterAccount(self.db, '1234', {'screen_name': 'alice'}).opt_in('alice')
self.make_participant('bob')
self.website.oauth_cache = {"deadbeef": ("deadbeef", "connect", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
self.client.get('/') # populates cookies['csrf_token']
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump", user="******")
assert "Please Confirm" in response.body, response.body
@mock.patch('requests.post')
@mock.patch('requests.get')
def test_confirmation_properly_displays_remaining_bitbucket(self, get, post):
alice, foo = TwitterAccount(self.db, '1234', {'screen_name': 'alice'}).opt_in('alice')
alice.participant.take_over(BitbucketAccount(self.db, '1234', {'username': '******'}))
self.make_participant('bob')
self.website.oauth_cache = {"deadbeef": ("deadbeef", "connect", "")}
post.return_value.status_code = 200
post.return_value.text = "oauth_token=foo&oauth_token_secret=foo&user_id=foo"
get.return_value.status_code = 200
get.return_value.text = '{"id": 1234, "screen_name": "alice"}'
self.client.get('/') # populates cookies['csrf_token']
response = self.client.get("/on/twitter/associate?oauth_token=deadbeef&"
"oauth_verifier=donald_trump", user="******")
assert response.body.count("alice_bb<br />") == 2, response.body
def test_can_post_to_take_over(self):
TwitterAccount(self.db, '1234', {'screen_name': 'alice'}).opt_in('alice')
self.make_participant('bob')
self.website.connect_tokens = {("bob", "twitter", "1234"): "deadbeef"}
csrf_token = self.client.get('/').request.context['csrf_token']
response = self.client.post( "/on/take-over.html"
, data={ "platform": "twitter"
, "user_id": "1234"
, "csrf_token": csrf_token
, "connect_token": "deadbeef"
, "should_reconnect": "yes"
}
, user="******"
)
assert response.code == 302, response.body
expected = '/about/me.html'
actual = response.headers['Location']
assert actual == expected
def setUp(self):
Harness.setUp(self)
self.website = _test_website
self.client = TestClient()
class TestPages(Harness):
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
def get(self, url, returning='body'):
request = self.client.get(url)
return getattr(request, returning)
def test_homepage(self):
actual = self.client.get('/').body
expected = "Weekly Gift Exchange"
assert expected in actual, actual
def test_profile(self):
self.make_participant('cheese',
claimed_time=datetime.datetime.now(pytz.utc))
expected = "I'm grateful for gifts"
actual = self.get('/cheese/')
assert expected in actual, actual
def test_widget(self):
self.make_participant('cheese',
claimed_time=datetime.datetime.now(pytz.utc))
expected = "javascript: window.open"
actual = self.get('/cheese/widget.html')
assert expected in actual, actual
def test_bank_account(self):
expected = "add or change your bank account"
actual = self.get('/bank-account.html')
assert expected in actual, actual
def test_credit_card(self):
expected = "add or change your credit card"
actual = self.get('/credit-card.html')
assert expected in actual, actual
def test_github_associate(self):
expected = "Bad request, program!"
actual = self.get('/on/github/associate')
assert expected in actual, actual
def test_twitter_associate(self):
expected = "Bad request, program!"
actual = self.get('/on/twitter/associate')
assert expected in actual, actual
def test_about(self):
expected = "small weekly cash gifts"
actual = self.get('/about/')
assert expected in actual, actual
def test_about_stats(self):
expected = "have joined Gittip"
actual = self.get('/about/stats.html')
assert expected in actual, actual
def test_about_charts(self):
expected = "Money transferred"
actual = self.get('/about/charts.html')
assert expected in actual, actual
@patch('gittip.elsewhere.github.requests')
def test_github_proxy(self, requests):
requests.get().status_code = 200
requests.get().text = GITHUB_USER_UNREGISTERED_LGTEST
expected = "lgtest has not joined"
actual = self.get('/on/github/lgtest/')
assert expected in actual, actual
# This hits the network. XXX add a knob to skip this
def test_twitter_proxy(self):
expected = "Twitter has not joined"
actual = self.get('/on/twitter/twitter/')
assert expected in actual, actual
class TestRecordAnExchange(Harness):
# fixture
# =======
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
def get_csrf_token(self):
response = self.client.get('/')
return response.request.context['csrf_token']
def record_an_exchange(self, amount, fee, note, make_participants=True):
if make_participants:
now = utcnow()
self.make_participant('alice', claimed_time=now, is_admin=True)
self.make_participant('bob', claimed_time=now)
return self.client.post( '/bob/history/record-an-exchange'
, { 'amount': amount, 'fee': fee, 'note': note
, 'csrf_token': self.get_csrf_token()
}
, 'alice'
)
# tests
# =====
def test_success_is_302(self):
actual = self.record_an_exchange('10', '0', 'foo').code
assert actual == 302, actual
def test_non_admin_is_404(self):
self.make_participant('alice', claimed_time=utcnow())
self.make_participant('bob', claimed_time=utcnow())
actual = self.record_an_exchange('10', '0', 'foo', False).code
assert actual == 404, actual
def test_non_post_is_405(self):
self.make_participant('alice', claimed_time=utcnow(), is_admin=True)
self.make_participant('bob', claimed_time=utcnow())
actual = \
self.client.get('/bob/history/record-an-exchange', 'alice').code
assert actual == 405, actual
def test_bad_amount_is_400(self):
actual = self.record_an_exchange('cheese', '0', 'foo').code
assert actual == 400, actual
def test_bad_fee_is_400(self):
actual = self.record_an_exchange('10', 'cheese', 'foo').code
assert actual == 400, actual
def test_no_note_is_400(self):
actual = self.record_an_exchange('10', '0', '').code
assert actual == 400, actual
def test_whitespace_note_is_400(self):
actual = self.record_an_exchange('10', '0', ' ').code
assert actual == 400, actual
def test_dropping_balance_below_zero_is_500(self):
actual = self.record_an_exchange('-10', '0', 'noted').code
assert actual == 500, actual
def test_success_records_exchange(self):
self.record_an_exchange('10', '0.50', 'noted')
expected = { "amount": Decimal('10.00')
, "fee": Decimal('0.50')
, "participant": "bob"
, "recorder": "alice"
, "note": "noted"
}
SQL = "SELECT amount, fee, participant, recorder, note " \
"FROM exchanges"
actual = self.db.one(SQL, back_as=dict)
assert actual == expected, actual
def test_success_updates_balance(self):
self.record_an_exchange('10', '0', 'noted')
expected = Decimal('10.00')
SQL = "SELECT balance FROM participants WHERE username='******'"
actual = self.db.one(SQL)
assert actual == expected, actual
def test_withdrawals_work(self):
self.make_participant('alice', claimed_time=utcnow(), is_admin=True)
self.make_participant('bob', claimed_time=utcnow(), balance=20)
self.record_an_exchange('-7', '0', 'noted', False)
expected = Decimal('13.00')
SQL = "SELECT balance FROM participants WHERE username='******'"
actual = self.db.one(SQL)
assert actual == expected, actual
def setUp(self):
super(Harness, self).setUp()
self.client = TestClient()
class Tests(Harness):
def setUp(self):
self.client = TestClient()
Harness.setUp(self)
self._blech = ( os.environ['CANONICAL_SCHEME']
, os.environ['CANONICAL_HOST']
)
os.environ['CANONICAL_SCHEME'] = 'https'
os.environ['CANONICAL_HOST'] = 'www.gittip.com'
wireup.canonical()
def tearDown(self):
Harness.tearDown(self)
os.environ['CANONICAL_SCHEME'] = self._blech[0]
os.environ['CANONICAL_HOST'] = self._blech[1]
wireup.canonical()
def test_canonize_canonizes(self):
response = self.client.get("/", HTTP_HOST='www.gittip.com', HTTP_X_FORWARDED_PROTO='http')
assert response.code == 302
assert response.headers['Location'] == 'https://www.gittip.com/'
def test_session_cookie_set_in_auth_response(self):
self.make_participant('alice')
# Make a normal authenticated request.
normal = self.client.get( "/"
, user='******'
, HTTP_X_FORWARDED_PROTO='https'
, HTTP_HOST='www.gittip.com'
)
alice = Participant.from_username('alice')
assert normal.headers.cookie['session'].value == alice.session_token
def test_session_cookie_is_sent_for_http_as_well(self):
# https://github.com/gittip/www.gittip.com/issues/940
self.make_participant('alice')
# Now make a request that canonizer will redirect.
redirect = self.client.get( "/"
, user='******'
, HTTP_X_FORWARDED_PROTO='http'
, HTTP_HOST='www.gittip.com'
)
assert redirect.code == 302
assert redirect.headers.cookie['session'].value == ""
# This is bad, because it means that the user will be signed out of
# https://www.gittip.com/ if they make a request for
# http://www.gittip.com/. They might do this themselves accidentally,
# but more likely a browser plugin (such as DoNotTrack) will do it for
# them. The way we fix this is to set "secure" on the session cookie,
# so that the browser won't send the session cookie to the server in
# the case of http://www.gittipcom/. Without a session cookie in the
# request, gittip.security.authentication.outbound won't set one on the
# way out.
def test_session_cookie_is_secure_if_it_should_be(self):
# https://github.com/gittip/www.gittip.com/issues/940
response = self.client.get( "/"
, user=self.make_participant('alice').username
, HTTP_X_FORWARDED_PROTO='https'
, HTTP_HOST='www.gittip.com'
)
assert response.code == 200
assert '; secure' in response.headers.cookie['session'].output()
def test_anonymous_gets_null_goal_if_user_has_no_goal(self):
alice = self.make_participant('alice', last_bill_result='')
data = json.loads(TestClient().get('/alice/public.json').body)
assert_equal(data['goal'], None)