def test_delete_account_basic(self): """Does the basic data go when a user delete their account? ..note: Just checks the auth part. """ user1 = create_account('user1', '*****@*****.**', 'Password') self.assertIsNotNone(user1) delete_account(user1) self.assertIsNone(get_user(user1)) self.assertIsNone(get_uid_username('user1')) self.assertIsNone(get_uid_email('*****@*****.**')) self.assertFalse(authenticate('user1', 'Password')) self.assertIsNone(get_uid_username('user1')) self.assertIsNone(get_uid_email('*****@*****.**'))
def avatar(username): """Return the users avatar image or the dafault.""" # Get the user user = get_user(get_uid_username(username)) # If the user has an avatar set then get it from GridFS if user.get('avatar') is not None: return get_upload(user.get('avatar'), cache_for=0, collection='avatars') # The user doesn't have one send them the default return send_file('static/img/otter_avatar.png', cache_timeout=0)
def profile(username): """It will show the users posts. Referred to as "posts" on the site.""" uid = get_uid_username(username) if uid is None: abort(404) # Data _profile = get_profile(uid) # Pagination page = handle_page(request) # Get the posts pagination pagination = get_posts(uid, page) # Post form post_form = PostForm() return render_template('posts.html', profile=_profile, pagination=pagination, post_form=post_form)
def parse_mentions(body, check_user=True): """Parses @mentions out of a post. .. note: This will need to be refined as edge cases are discovered. """ mentions = MENTION_RE.finditer(body) result = [] for mention in mentions: username = mention.group(1) if check_user: user_id = get_uid_username(username) else: user_id = "NA" if user_id: result.append({"user_id": user_id, "username": username, "span": mention.span()}) return result
def parse_mentions(body): """Parses @mentions out of a post. .. note: This will need to be refined as edge cases are discovered. """ mentions = MENTION_RE.finditer(body) result = [] for mention in mentions: username = mention.group(1) user_id = get_uid_username(username) if user_id: result.append({ 'user_id': user_id, 'username': username, 'span': mention.span() }) return result
def profile(username): """It will show the users posts. Referred to as "posts" on the site. .. note: Viewable to public! (Only public posts) """ uid = get_uid_username(username) if uid is None: abort(404) # Data _profile = get_profile(uid) # Pagination page = handle_page(request) # Get the page sizes taking in to account non-logged in users if current_user: page_size = current_user.get('feed_pagination_size', app.config.get('FEED_ITEMS_PER_PAGE', 25)) else: page_size = app.config.get('FEED_ITEMS_PER_PAGE', 25) # Get the posts pagination if current_user: current_user_id = current_user.get('_id') else: current_user_id = None permission = get_user_permission(_profile.get('_id'), current_user_id) _posts = get_posts(uid, page, page_size, perm=permission) # Post form post_form = PostForm() return render_template('posts.html', profile=_profile, pagination=_posts, post_form=post_form)
def parse_mentions(body, check_user=True): """Parses @mentions out of a post. .. note: This will need to be refined as edge cases are discovered. """ mentions = MENTION_RE.finditer(body) result = [] for mention in mentions: username = mention.group(1) if check_user: user_id = get_uid_username(username) else: user_id = 'NA' if user_id: result.append({ 'user_id': user_id, 'username': username, 'span': mention.span() }) return result
def test_signup_activate(self): """ Tests the signup and activate endpoint inside Pjuu. There are some limitations to this! We can not test e-mail sending as this will not be available on Travis. """ # Test that we can GET the signup page resp = self.client.get(url_for('auth.signup')) # We should get a 200 with an error message if we were not successful self.assertEqual(resp.status_code, 200) # Lets attempt to create a new account. This should return a 302 to # /signin with a little message displayed to activate your account resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'Password' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Yay! You\'ve signed up', resp.data) # We are in testing mode so we can get the auth token from the response # this is in the headers as X-Pjuu-Token token = resp.headers.get('X-Pjuu-Token') self.assertIsNotNone(token) # Try and actiavte our account resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Your account has now been activated', resp.data) # Try and activate the account again. We should get a 302 to /signin # and a flash message informing up that the account is already active resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Invalid token', resp.data) # Try and signup with the same user and ensure we get the correct resp # and error codes. We will also put mismatch passwords in just to test # that all forms throw the correct error resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'PasswordPassword' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # Ensure there is an overall form error self.assertIn('Oh no! There are errors in your form', resp.data) # Ensure the form elements actually throw there own errors self.assertIn('User name already in use', resp.data) self.assertIn('E-mail address already in use', resp.data) self.assertIn('Passwords must match', resp.data) # Try a few scenarios with email addresses we are not happy about. resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': 'user1#[email protected]', 'password': '******', 'password2': 'Password' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # Ensure there is an overall form error self.assertIn('Oh no! There are errors in your form', resp.data) self.assertIn('Invalid email address', resp.data) # Ensure that we CAN signup with a + in the name. This is a hate of # mine. Not being able to namespace my e-mail addresses resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'Password' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Yay! You\'ve signed up', resp.data) # Log in to Pjuu so that we can make sure we can not get back to signup resp = self.client.post(url_for('auth.signin'), data={ 'username': '******', 'password': '******' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # We are now logged in lets try and go to signup and ensure we get # redirected back to feed resp = self.client.get(url_for('auth.signup')) self.assertEqual(resp.status_code, 302) # Why we are logged in lets ensure we can't get to activate resp = self.client.get(url_for('auth.activate', token=token)) self.assertEqual(resp.status_code, 302) # Lets delete the account and then try and reactivate delete_account(get_uid_username('user1')) resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Invalid token', resp.data)
def test_create_user(self): """Check basic user creation stuffs. This also in turn tests check_username(), check_username_pattern(), check_email(), check_email_pattern(), get_username() and get_email(). """ user1 = create_account('user1', '*****@*****.**', 'Password') self.assertIsNotNone(user1) # Duplicate username self.assertIsNone(create_account('user1', '*****@*****.**', 'Password')) # Duplicate email self.assertIsNone(create_account('userX', '*****@*****.**', 'Password')) # Invalid username self.assertIsNone(create_account('u', '*****@*****.**', 'Password')) # Invalid email self.assertIsNone(create_account('userX', 'userX', 'Password')) # Reserved username self.assertIsNone(create_account('help', '*****@*****.**', 'Password')) # You can't get a UID for a non-activated user self.assertEqual(get_uid('user1'), None) activate(user1) self.assertEqual(get_uid('user1'), user1) self.assertEqual(get_uid('*****@*****.**'), user1) # Shouldn't work wiht invali users self.assertIsNone(get_user(K.NIL_VALUE)) # Ensure if works with a valid user self.assertIsNotNone(get_user(user1)) self.assertIsNotNone(type(get_user(user1))) self.assertEqual(type(get_user(user1)), dict) self.assertEqual(get_user(user1).get('username'), 'user1') self.assertEqual(get_user(user1).get('email'), '*****@*****.**') # Check get_uid_* with invalid entries self.assertIsNone(get_uid_username('testymctest')) self.assertIsNone(get_uid_email('*****@*****.**')) # With valid self.assertEqual(get_uid_username('user1'), user1) self.assertEqual(get_uid_email('*****@*****.**'), user1) # Create a new user to check the defaults user2 = create_account('user2', '*****@*****.**', 'Password') # Are values set as expected? user = get_user(user2) self.assertIsNotNone(user) self.assertEqual(user.get('_id'), user2) self.assertEqual(user.get('username'), 'user2') self.assertEqual(user.get('email'), '*****@*****.**') self.assertEqual(user.get('last_login'), -1) self.assertFalse(user.get('active')) self.assertFalse(user.get('banned')) self.assertFalse(user.get('op')) self.assertFalse(user.get('muted')) self.assertEqual(user.get('about'), '') self.assertEqual(user.get('score'), 0) self.assertEqual(user.get('alerts_last_checked'), -1) self.assertIsNotNone(user.get('ttl')) # Generated values, we don't know what they SHOULD be self.assertIsNotNone(user.get('password')) self.assertIsNotNone(user.get('created')) # Check user_exists works self.assertTrue(user_exists(user1)) # Check it fails when invalid value self.assertFalse(user_exists(K.NIL_VALUE))
def test_create_user(self): """Check basic user creation stuffs. This also in turn tests check_username(), check_username_pattern(), check_email(), check_email_pattern(), get_username() and get_email(). """ user1 = create_account('user1', '*****@*****.**', 'Password') self.assertIsNotNone(user1) # Duplicate username self.assertIsNone( create_account('user1', '*****@*****.**', 'Password')) # Duplicate email self.assertIsNone( create_account('userX', '*****@*****.**', 'Password')) # Invalid username self.assertIsNone( create_account('u', '*****@*****.**', 'Password')) # Invalid email self.assertIsNone( create_account('userX', 'userX', 'Password')) # Reserved username self.assertIsNone( create_account('help', '*****@*****.**', 'Password')) # You can't get a UID for a non-activated user self.assertEqual(get_uid('user1'), None) activate(user1) self.assertEqual(get_uid('user1'), user1) self.assertEqual(get_uid('*****@*****.**'), user1) # Shouldn't work wiht invali users self.assertIsNone(get_user(K.NIL_VALUE)) # Ensure if works with a valid user self.assertIsNotNone(get_user(user1)) self.assertIsNotNone(type(get_user(user1))) self.assertEqual(type(get_user(user1)), dict) self.assertEqual(get_user(user1).get('username'), 'user1') self.assertEqual(get_user(user1).get('email'), '*****@*****.**') # Check get_uid_* with invalid entries self.assertIsNone(get_uid_username('testymctest')) self.assertIsNone(get_uid_email('*****@*****.**')) # With valid self.assertEqual(get_uid_username('user1'), user1) self.assertEqual(get_uid_email('*****@*****.**'), user1) # Create a new user to check the defaults user2 = create_account('user2', '*****@*****.**', 'Password') # Are values set as expected? user = get_user(user2) self.assertIsNotNone(user) self.assertEqual(user.get('_id'), user2) self.assertEqual(user.get('username'), 'user2') self.assertEqual(user.get('email'), '*****@*****.**') self.assertEqual(user.get('last_login'), -1) self.assertFalse(user.get('active')) self.assertFalse(user.get('banned')) self.assertFalse(user.get('op')) self.assertFalse(user.get('muted')) self.assertEqual(user.get('about'), '') self.assertEqual(user.get('score'), 0) self.assertEqual(user.get('alerts_last_checked'), -1) self.assertIsNotNone(user.get('ttl')) # Generated values, we don't know what they SHOULD be self.assertIsNotNone(user.get('password')) self.assertIsNotNone(user.get('created')) # Check user_exists works self.assertTrue(user_exists(user1)) # Check it fails when invalid value self.assertFalse(user_exists(K.NIL_VALUE))
def test_signup_activate(self): """Tests the signup and activate endpoint inside Pjuu. There are some limitations to this! We can not test e-mail sending as this will not be available on Travis. """ # Test that we can GET the signup page resp = self.client.get(url_for('auth.signup')) # We should get a 200 with an error message if we were not successful self.assertEqual(resp.status_code, 200) # Lets attempt to create a new account. This should return a 302 to # /signin with a little message displayed to activate your account resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', }, follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Yay! You\'ve signed up', resp.data) # We are in testing mode so we can get the auth token from the response # this is in the headers as X-Pjuu-Token token = resp.headers.get('X-Pjuu-Token') self.assertIsNotNone(token) # Try and actiavte our account resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Your account has now been activated', resp.data) # Try and activate the account again. We should get a 302 to /signin # and a flash message informing up that the account is already active resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Invalid token', resp.data) # Try and signup with the same user and ensure we get the correct resp # and error codes resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # Ensure there is an overall form error self.assertIn('Oh no! There are errors in your form', resp.data) # Ensure the form elements actually throw there own errors self.assertIn('User name already in use', resp.data) self.assertIn('E-mail address already in use', resp.data) # Try a few scenarios with email addresses we are not happy about. resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': 'user1#[email protected]', 'password': '******', }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # Ensure there is an overall form error self.assertIn('Oh no! There are errors in your form', resp.data) self.assertIn('Invalid email address', resp.data) # Ensure that we CAN signup with a + in the name. This is a hate of # mine. Not being able to namespace my e-mail addresses resp = self.client.post(url_for('auth.signup'), data={ 'username': '******', 'email': '*****@*****.**', 'password': '******', }, follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Yay! You\'ve signed up', resp.data) # Log in to Pjuu so that we can make sure we can not get back to signup resp = self.client.post(url_for('auth.signin'), data={ 'username': '******', 'password': '******' }, follow_redirects=True) self.assertEqual(resp.status_code, 200) # We are now logged in lets try and go to signup and ensure we get # redirected back to feed resp = self.client.get(url_for('auth.signup')) self.assertEqual(resp.status_code, 302) # Why we are logged in lets ensure we can't get to activate resp = self.client.get(url_for('auth.activate', token=token)) self.assertEqual(resp.status_code, 302) # Lets delete the account and then try and reactivate delete_account(get_uid_username('user1')) resp = self.client.get(url_for('auth.activate', token=token), follow_redirects=True) self.assertEqual(resp.status_code, 200) self.assertIn('Invalid token', resp.data)