def test_delete_token(self): """Assert a user can delete an API token.""" session = Session() token = models.ApiToken(user=self.user, description='Test token') session.add(token) session.commit() with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/settings/', follow_redirects=False) self.assertEqual(output.status_code, 200) self.assertTrue(b'Test token' in output.data) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = {'csrf_token': csrf_token} output = c.post('/settings/tokens/delete/{}/'.format( token.token), data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertFalse(b'Test token' in output.data) self.assertEqual( 0, models.ApiToken.query.filter_by(user=self.user).count())
def test_edit_project_no_change(self): """ Test the edit_project function. """ with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/edit', follow_redirects=False) self.assertEqual(output.status_code, 200) self.assertTrue(b'<h1>Edit project</h1>' in output.data) self.assertTrue(b'<td><label for="regex">Regex</label></td>' in output.data) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'csrf_token': csrf_token, } output = c.post('/project/1/edit', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-default">' b'Project edited - No changes were made</li>' in output.data)
def test_new_project(self): """Assert an authenticated user can create a new project""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/new', follow_redirects=False) self.assertEqual(output.status_code, 200) self.assertTrue(b'<h1>Add project</h1>' in output.data) self.assertTrue(b'<td><label for="regex">Regex</label></td>' in output.data) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'csrf_token': csrf_token, 'name': 'repo_manager', 'homepage': 'https://pypi.python.org/pypi/repo_manager', 'backend': 'PyPI', } output = c.post('/project/new', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-default">' b'Project created</li>' in output.data) self.assertTrue( b'<h1>Project: repo_manager</h1>' in output.data) projects = models.Project.all(self.session, count=True) self.assertEqual(projects, 1)
def test_edit_to_duplicate_project(self): """Assert trying to edit a project to make a duplicate fails.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/edit', follow_redirects=False) self.assertEqual(output.status_code, 200) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'name': 'R2spec', 'homepage': 'https://fedorahosted.org/r2spec/', 'backend': 'folder', 'csrf_token': csrf_token, } output = c.post('/project/1/edit', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-warning">' b'Could not edit this project. Is there ' b'already a project with these name and homepage?</li>' in output.data) self.assertTrue(b'<h1>Project: geany</h1>' in output.data) self.assertEqual('geany', models.Project.query.get(1).name)
def test_edit_project(self): """ Test the edit_project function. """ with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/edit', follow_redirects=False) self.assertEqual(output.status_code, 200) self.assertTrue(b'<h1>Edit project</h1>' in output.data) self.assertTrue(b'<td><label for="regex">Regex</label></td>' in output.data) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'name': 'repo_manager', 'homepage': 'https://pypi.python.org/pypi/repo_manager', 'backend': 'PyPI', 'csrf_token': csrf_token, } output = c.post('/project/1/edit', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-default">' b'Project edited</li>' in output.data) self.assertTrue( b'<h1>Project: repo_manager</h1>' in output.data)
def test_map_project(self): """Assert projects can be mapped to distributions.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/map') self.assertEqual(output.status_code, 200) self.assertTrue(b'<h1>Project: geany</h1>' in output.data) self.assertTrue( b'<td><label for="distro">Distribution</label></td>' in output.data) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'package_name': 'geany', 'distro': 'CentOS', 'csrf_token': csrf_token, } output = c.post('/project/1/map', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-default">' b'Mapping added</li>' in output.data) self.assertTrue(b'<h1>Project: geany</h1>' in output.data) self.assertEqual(1, models.Packages.query.count())
def test_invalid_csrf_token(self): """Assert submitting with an invalid CSRF token results in no change.""" with login_user(self.flask_app, self.admin): output = self.client.post( '/distro/Fedora/edit', data={'csrf_token': 'a', 'name': 'Top'}) self.assertEqual(200, output.status_code) self.assertEqual(0, models.Distro.query.filter_by(name='Top').count())
def test_map_same_distro(self): """ Assert that projects can't have two mappings with the same name to the same distribution. """ with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/map') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'package_name': 'geany', 'distro': 'CentOS', 'csrf_token': csrf_token, } output = c.post('/project/1/map', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) output = c.post('/project/1/map', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-danger">' b'Could not edit the mapping of geany on ' b'CentOS, there is already a package geany on CentOS ' b'as part of the project <a href="/project/1/">geany' b'</a>.</li>' in output.data) self.assertTrue(b'<h1>Project: geany</h1>' in output.data)
def test_with_check_release(self, patched): """Assert when ``check_release='on'`` it checks the project's release.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/project/1/edit', follow_redirects=False) self.assertEqual(output.status_code, 200) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = { 'name': 'repo_manager', 'homepage': 'https://pypi.python.org/pypi/repo_manager', 'backend': 'PyPI', 'version_scheme': 'Date', 'csrf_token': csrf_token, 'check_release': 'on', } output = c.post('/project/1/edit', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue( b'<li class="list-group-item list-group-item-default">' b'Project edited</li>' in output.data) patched.assert_called_once_with(mock.ANY, mock.ANY)
def test_from_date_future(self): """Assert when the from_date doesn't include logs, none are returned.""" with login_user(self.flask_app, self.admin): output = self.client.get('/logs?from_date=2500-07-01') self.assertEqual(200, output.status_code) self.assertFalse(b'This is a log' in output.data) self.assertFalse(b'This is also a log' in output.data)
def test_from_date(self): """Assert logs can be filtered via a from_date.""" with login_user(self.flask_app, self.admin): output = self.client.get('/logs?from_date=2017-07-19') self.assertEqual(200, output.status_code) self.assertTrue(b'This is a log' in output.data) self.assertTrue(b'This is also a log' in output.data)
def test_admin_get(self): """Assert admin users can get everyone's logs.""" with login_user(self.flask_app, self.admin): output = self.client.get('/logs') self.assertEqual(200, output.status_code) self.assertTrue(b'This is a log' in output.data) self.assertTrue(b'This is also a log' in output.data)
def test_non_admin_get(self): """Assert non-admin users get only their own logs.""" with login_user(self.flask_app, self.user): output = self.client.get('/logs') self.assertEqual(200, output.status_code) self.assertTrue(b'This is a log' in output.data) self.assertFalse(b'This is also a log' in output.data)
def test_from_date_future(self): """Assert admin users can see the flags.""" with login_user(self.flask_app, self.admin): output = self.client.get('/flags?from_date=2200-07-01') self.assertEqual(200, output.status_code) self.assertFalse(b'I wanted to flag it' in output.data) self.assertFalse(b'This project is wrong' in output.data)
def test_admin_get(self): """Assert admin users can see the flags.""" with login_user(self.flask_app, self.admin): output = self.client.get('/flags') self.assertEqual(200, output.status_code) self.assertTrue(b'I wanted to flag it' in output.data) self.assertTrue(b'This project is wrong' in output.data)
def test_invalid_csrf_token(self): """Assert submitting with an invalid CSRF token, no change is made.""" with login_user(self.flask_app, self.user): output = self.client.post('/distro/add', data={ 'csrf_token': 'abc', 'name': 'Fedora' }) self.assertEqual(200, output.status_code) self.assertEqual(0, models.Distro.query.count())
def test_admin_post(self): """Assert admin users can delete project mappings.""" with login_user(self.flask_app, self.admin): output = self.client.get('/project/1/delete/1.0.0') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'confirm': True, 'csrf_token': csrf_token} output = self.client.post('/project/1/delete/1.0.0', data=data, follow_redirects=True) self.assertEqual(200, output.status_code) self.assertEqual(0, len(models.ProjectVersion.query.all()))
def test_admin_post(self): """Assert admin users can delete a distribution.""" with login_user(self.flask_app, self.admin): output = self.client.get('/distro/Fedora/delete') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'csrf_token': csrf_token} output = self.client.post('/distro/Fedora/delete', data=data, follow_redirects=True) self.assertEqual(200, output.status_code) self.assertEqual(404, self.client.get('/distro/Fedora/delete').status_code)
def test_admin_post_unconfirmed(self): """Assert failing to confirm the action results in no change.""" with login_user(self.flask_app, self.admin): output = self.client.get('/project/1/delete/1.0.0') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'csrf_token': csrf_token} output = self.client.post('/project/1/delete/1.0.0', data=data) self.assertEqual(302, output.status_code) self.assertEqual(1, len(models.ProjectVersion.query.all()))
def test_new_token_bad_csrf(self): """Assert a valid CSRF token is required to make a token.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: data = {'csrf_token': 'no good?', 'description': 'Test token'} output = c.post('/settings/tokens/new', data=data, follow_redirects=True) self.assertEqual(output.status_code, 400) self.assertFalse(b'Test token' in output.data)
def test_no_csrf_token(self): """Assert trying to edit a project without a CSRF token results in no change.""" with login_user(self.flask_app, self.user): data = { 'package_name': 'geany', 'distro': 'CentOS', } output = self.client.post('/project/1/map', data=data, follow_redirects=False) self.assertEqual(output.status_code, 200) self.assertEqual(0, models.Packages.query.count())
def test_admin_post_unconfirmed(self): """Assert admin users must confirm deleting projects.""" with login_user(self.flask_app, self.admin): output = self.client.get('/project/{0}/delete'.format(self.project.id)) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'csrf_token': csrf_token} output = self.client.post('/project/{0}/delete'.format(self.project.id), data=data) self.assertEqual(302, output.status_code) self.assertEqual(1, len(models.Project.query.all()))
def test_no_csrf_token(self): """Assert trying to edit a project without a CSRF token results in no change.""" with login_user(self.flask_app, self.user): data = { 'name': 'repo_manager', 'homepage': 'https://pypi.python.org/pypi/repo_manager', 'backend': 'PyPI', } output = self.app.post('/project/1/edit', data=data) self.assertEqual(200, output.status_code) self.assertEqual('geany', models.Project.query.get(1).name)
def test_set_flag(self): """Assert trying to set the state of a non-existent flag results in HTTP 404.""" with login_user(self.flask_app, self.admin): output = self.client.get('/flags') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] output = self.client.post( '/flags/1/set/closed', data={'csrf_token': csrf_token}, follow_redirects=True) self.assertEqual(200, output.status_code) self.assertTrue(b'Flag 1 set to closed' in output.data)
def test_add_distro(self): """Assert admins can add distributions.""" with login_user(self.flask_app, self.admin): output = self.client.get('/distro/add') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'name': 'Fedora', 'csrf_token': csrf_token} output = self.client.post('/distro/add', data=data, follow_redirects=True) # self.assertEqual(201, output.status_code) self.assertTrue(b'Distribution added' in output.data)
def test_duplicate_distro(self): """Assert trying to create a duplicate distribution results in HTTP 409.""" with login_user(self.flask_app, self.admin): output = self.client.get('/distro/add') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'name': 'Fedora', 'csrf_token': csrf_token} create_output = self.client.post('/distro/add', data=data, follow_redirects=True) dup_output = self.client.post('/distro/add', data=data, follow_redirects=True) self.assertTrue(b'Distribution added' in create_output.data) self.assertTrue(b'Could not add this distro' in dup_output.data)
def test_admin_post_unconfirmed(self): """Assert failing to confirm the action results in no change.""" with login_user(self.flask_app, self.admin): output = self.client.get('/project/1/delete/Fedora/test-project') csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split(b'">')[0] data = {'csrf_token': csrf_token} output = self.client.post( '/project/1/delete/Fedora/test-project', data=data, follow_redirects=True) self.assertEqual(200, output.status_code) self.assertEqual(1, len(models.Packages.query.all()))
def test_pages(self): """Assert admin users can see the flags.""" with login_user(self.flask_app, self.admin): page_one = self.client.get('/flags?limit=1&page=1') self.assertEqual(200, page_one.status_code) self.assertTrue( b'I wanted to flag it' in page_one.data or b'This project is wrong' in page_one.data ) self.assertFalse( b'I wanted to flag it' in page_one.data and b'This project is wrong' in page_one.data )
def test_delete_invalid_token(self): """Assert trying to delete an invalid token fails.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/settings/', follow_redirects=False) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = {'csrf_token': csrf_token} output = c.post( '/settings/tokens/delete/thisprobablywillnotwork/', data=data, follow_redirects=True) self.assertEqual(output.status_code, 404)
def test_new_token(self): """Assert a user can create a new API token.""" with login_user(self.flask_app, self.user): with self.flask_app.test_client() as c: output = c.get('/settings/', follow_redirects=False) self.assertEqual(output.status_code, 200) csrf_token = output.data.split( b'name="csrf_token" type="hidden" value="')[1].split( b'">')[0] data = {'csrf_token': csrf_token, 'description': 'Test token'} output = c.post('/settings/tokens/new', data=data, follow_redirects=True) self.assertEqual(output.status_code, 200) self.assertTrue(b'Test token' in output.data)