def test_delete_token(self):
"""Assert a user can delete an API token."""
session = Session()
token = models.ApiToken(user=self.user, description='Test token')
session.add(token)
session.commit()
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/settings/', follow_redirects=False)
self.assertEqual(output.status_code, 200)
self.assertTrue(b'Test token' in output.data)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {'csrf_token': csrf_token}
output = c.post('/settings/tokens/delete/{}/'.format(
token.token),
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertFalse(b'Test token' in output.data)
self.assertEqual(
0,
models.ApiToken.query.filter_by(user=self.user).count())
def test_edit_project_no_change(self):
""" Test the edit_project function. """
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/edit', follow_redirects=False)
self.assertEqual(output.status_code, 200)
self.assertTrue(b'<h1>Edit project</h1>' in output.data)
self.assertTrue(b'<td><label for="regex">Regex</label></td>' in
output.data)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'csrf_token': csrf_token,
}
output = c.post('/project/1/edit',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-default">'
b'Project edited - No changes were made</li>' in
output.data)
def test_new_project(self):
"""Assert an authenticated user can create a new project"""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/new', follow_redirects=False)
self.assertEqual(output.status_code, 200)
self.assertTrue(b'<h1>Add project</h1>' in output.data)
self.assertTrue(b'<td><label for="regex">Regex</label></td>' in
output.data)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'csrf_token': csrf_token,
'name': 'repo_manager',
'homepage': 'https://pypi.python.org/pypi/repo_manager',
'backend': 'PyPI',
}
output = c.post('/project/new',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-default">'
b'Project created</li>' in output.data)
self.assertTrue(
b'<h1>Project: repo_manager</h1>' in output.data)
projects = models.Project.all(self.session, count=True)
self.assertEqual(projects, 1)
def test_edit_to_duplicate_project(self):
"""Assert trying to edit a project to make a duplicate fails."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/edit', follow_redirects=False)
self.assertEqual(output.status_code, 200)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'name': 'R2spec',
'homepage': 'https://fedorahosted.org/r2spec/',
'backend': 'folder',
'csrf_token': csrf_token,
}
output = c.post('/project/1/edit',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-warning">'
b'Could not edit this project. Is there '
b'already a project with these name and homepage?</li>' in
output.data)
self.assertTrue(b'<h1>Project: geany</h1>' in output.data)
self.assertEqual('geany', models.Project.query.get(1).name)
def test_edit_project(self):
""" Test the edit_project function. """
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/edit', follow_redirects=False)
self.assertEqual(output.status_code, 200)
self.assertTrue(b'<h1>Edit project</h1>' in output.data)
self.assertTrue(b'<td><label for="regex">Regex</label></td>' in
output.data)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'name': 'repo_manager',
'homepage': 'https://pypi.python.org/pypi/repo_manager',
'backend': 'PyPI',
'csrf_token': csrf_token,
}
output = c.post('/project/1/edit',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-default">'
b'Project edited</li>' in output.data)
self.assertTrue(
b'<h1>Project: repo_manager</h1>' in output.data)
def test_map_project(self):
"""Assert projects can be mapped to distributions."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/map')
self.assertEqual(output.status_code, 200)
self.assertTrue(b'<h1>Project: geany</h1>' in output.data)
self.assertTrue(
b'<td><label for="distro">Distribution</label></td>' in
output.data)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'package_name': 'geany',
'distro': 'CentOS',
'csrf_token': csrf_token,
}
output = c.post('/project/1/map',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-default">'
b'Mapping added</li>' in output.data)
self.assertTrue(b'<h1>Project: geany</h1>' in output.data)
self.assertEqual(1, models.Packages.query.count())
def test_invalid_csrf_token(self):
"""Assert submitting with an invalid CSRF token results in no change."""
with login_user(self.flask_app, self.admin):
output = self.client.post(
'/distro/Fedora/edit', data={'csrf_token': 'a', 'name': 'Top'})
self.assertEqual(200, output.status_code)
self.assertEqual(0, models.Distro.query.filter_by(name='Top').count())
def test_map_same_distro(self):
"""
Assert that projects can't have two mappings with the same name to the
same distribution.
"""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/map')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'package_name': 'geany',
'distro': 'CentOS',
'csrf_token': csrf_token,
}
output = c.post('/project/1/map',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
output = c.post('/project/1/map',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-danger">'
b'Could not edit the mapping of geany on '
b'CentOS, there is already a package geany on CentOS '
b'as part of the project <a href="/project/1/">geany'
b'</a>.</li>' in output.data)
self.assertTrue(b'<h1>Project: geany</h1>' in output.data)
def test_with_check_release(self, patched):
"""Assert when ``check_release='on'`` it checks the project's release."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/project/1/edit', follow_redirects=False)
self.assertEqual(output.status_code, 200)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {
'name': 'repo_manager',
'homepage': 'https://pypi.python.org/pypi/repo_manager',
'backend': 'PyPI',
'version_scheme': 'Date',
'csrf_token': csrf_token,
'check_release': 'on',
}
output = c.post('/project/1/edit',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
b'<li class="list-group-item list-group-item-default">'
b'Project edited</li>' in output.data)
patched.assert_called_once_with(mock.ANY, mock.ANY)
def test_from_date_future(self):
"""Assert when the from_date doesn't include logs, none are returned."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/logs?from_date=2500-07-01')
self.assertEqual(200, output.status_code)
self.assertFalse(b'This is a log' in output.data)
self.assertFalse(b'This is also a log' in output.data)
def test_from_date(self):
"""Assert logs can be filtered via a from_date."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/logs?from_date=2017-07-19')
self.assertEqual(200, output.status_code)
self.assertTrue(b'This is a log' in output.data)
self.assertTrue(b'This is also a log' in output.data)
def test_admin_get(self):
"""Assert admin users can get everyone's logs."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/logs')
self.assertEqual(200, output.status_code)
self.assertTrue(b'This is a log' in output.data)
self.assertTrue(b'This is also a log' in output.data)
def test_non_admin_get(self):
"""Assert non-admin users get only their own logs."""
with login_user(self.flask_app, self.user):
output = self.client.get('/logs')
self.assertEqual(200, output.status_code)
self.assertTrue(b'This is a log' in output.data)
self.assertFalse(b'This is also a log' in output.data)
def test_from_date_future(self):
"""Assert admin users can see the flags."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/flags?from_date=2200-07-01')
self.assertEqual(200, output.status_code)
self.assertFalse(b'I wanted to flag it' in output.data)
self.assertFalse(b'This project is wrong' in output.data)
def test_admin_get(self):
"""Assert admin users can see the flags."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/flags')
self.assertEqual(200, output.status_code)
self.assertTrue(b'I wanted to flag it' in output.data)
self.assertTrue(b'This project is wrong' in output.data)
def test_invalid_csrf_token(self):
"""Assert submitting with an invalid CSRF token, no change is made."""
with login_user(self.flask_app, self.user):
output = self.client.post('/distro/add',
data={
'csrf_token': 'abc',
'name': 'Fedora'
})
self.assertEqual(200, output.status_code)
self.assertEqual(0, models.Distro.query.count())
def test_admin_post(self):
"""Assert admin users can delete project mappings."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/project/1/delete/1.0.0')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'confirm': True, 'csrf_token': csrf_token}
output = self.client.post('/project/1/delete/1.0.0', data=data, follow_redirects=True)
self.assertEqual(200, output.status_code)
self.assertEqual(0, len(models.ProjectVersion.query.all()))
def test_admin_post(self):
"""Assert admin users can delete a distribution."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/distro/Fedora/delete')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'csrf_token': csrf_token}
output = self.client.post('/distro/Fedora/delete', data=data, follow_redirects=True)
self.assertEqual(200, output.status_code)
self.assertEqual(404, self.client.get('/distro/Fedora/delete').status_code)
def test_admin_post_unconfirmed(self):
"""Assert failing to confirm the action results in no change."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/project/1/delete/1.0.0')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'csrf_token': csrf_token}
output = self.client.post('/project/1/delete/1.0.0', data=data)
self.assertEqual(302, output.status_code)
self.assertEqual(1, len(models.ProjectVersion.query.all()))
def test_new_token_bad_csrf(self):
"""Assert a valid CSRF token is required to make a token."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
data = {'csrf_token': 'no good?', 'description': 'Test token'}
output = c.post('/settings/tokens/new',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 400)
self.assertFalse(b'Test token' in output.data)
def test_no_csrf_token(self):
"""Assert trying to edit a project without a CSRF token results in no change."""
with login_user(self.flask_app, self.user):
data = {
'package_name': 'geany',
'distro': 'CentOS',
}
output = self.client.post('/project/1/map',
data=data,
follow_redirects=False)
self.assertEqual(output.status_code, 200)
self.assertEqual(0, models.Packages.query.count())
def test_admin_post_unconfirmed(self):
"""Assert admin users must confirm deleting projects."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/project/{0}/delete'.format(self.project.id))
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'csrf_token': csrf_token}
output = self.client.post('/project/{0}/delete'.format(self.project.id), data=data)
self.assertEqual(302, output.status_code)
self.assertEqual(1, len(models.Project.query.all()))
def test_no_csrf_token(self):
"""Assert trying to edit a project without a CSRF token results in no change."""
with login_user(self.flask_app, self.user):
data = {
'name': 'repo_manager',
'homepage': 'https://pypi.python.org/pypi/repo_manager',
'backend': 'PyPI',
}
output = self.app.post('/project/1/edit', data=data)
self.assertEqual(200, output.status_code)
self.assertEqual('geany', models.Project.query.get(1).name)
def test_set_flag(self):
"""Assert trying to set the state of a non-existent flag results in HTTP 404."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/flags')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
output = self.client.post(
'/flags/1/set/closed', data={'csrf_token': csrf_token}, follow_redirects=True)
self.assertEqual(200, output.status_code)
self.assertTrue(b'Flag 1 set to closed' in output.data)
def test_add_distro(self):
"""Assert admins can add distributions."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/distro/add')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'name': 'Fedora', 'csrf_token': csrf_token}
output = self.client.post('/distro/add', data=data, follow_redirects=True)
# self.assertEqual(201, output.status_code)
self.assertTrue(b'Distribution added' in output.data)
def test_duplicate_distro(self):
"""Assert trying to create a duplicate distribution results in HTTP 409."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/distro/add')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'name': 'Fedora', 'csrf_token': csrf_token}
create_output = self.client.post('/distro/add', data=data, follow_redirects=True)
dup_output = self.client.post('/distro/add', data=data, follow_redirects=True)
self.assertTrue(b'Distribution added' in create_output.data)
self.assertTrue(b'Could not add this distro' in dup_output.data)
def test_admin_post_unconfirmed(self):
"""Assert failing to confirm the action results in no change."""
with login_user(self.flask_app, self.admin):
output = self.client.get('/project/1/delete/Fedora/test-project')
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0]
data = {'csrf_token': csrf_token}
output = self.client.post(
'/project/1/delete/Fedora/test-project', data=data, follow_redirects=True)
self.assertEqual(200, output.status_code)
self.assertEqual(1, len(models.Packages.query.all()))
def test_pages(self):
"""Assert admin users can see the flags."""
with login_user(self.flask_app, self.admin):
page_one = self.client.get('/flags?limit=1&page=1')
self.assertEqual(200, page_one.status_code)
self.assertTrue(
b'I wanted to flag it' in page_one.data or
b'This project is wrong' in page_one.data
)
self.assertFalse(
b'I wanted to flag it' in page_one.data and
b'This project is wrong' in page_one.data
)
def test_delete_invalid_token(self):
"""Assert trying to delete an invalid token fails."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/settings/', follow_redirects=False)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {'csrf_token': csrf_token}
output = c.post(
'/settings/tokens/delete/thisprobablywillnotwork/',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 404)
def test_new_token(self):
"""Assert a user can create a new API token."""
with login_user(self.flask_app, self.user):
with self.flask_app.test_client() as c:
output = c.get('/settings/', follow_redirects=False)
self.assertEqual(output.status_code, 200)
csrf_token = output.data.split(
b'name="csrf_token" type="hidden" value="')[1].split(
b'">')[0]
data = {'csrf_token': csrf_token, 'description': 'Test token'}
output = c.post('/settings/tokens/new',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(b'Test token' in output.data)
