def test_create_a_comment(self):
loadedJson = json.loads(
create_comment(session, self.test_auth_id, self.test_post_id,
"This is a test", self.properties))
httpResponse = loadedJson['http_response']
# Clean database from test comment entry
delete_comment(session, self.test_auth_id, loadedJson['comment_id'],
self.admin_role, self.properties)
self.assertEqual(httpResponse, 200, "[-] Error creating comment")
def test_delete_a_comment(self):
createJson = json.loads(
create_comment(session, self.test_auth_id, self.test_post_id,
"This is a test", self.properties))
temp = delete_comment(session, self.test_auth_id,
createJson['comment_id'], self.test_role,
self.properties)
loadedJson = json.loads(temp)
httpResponse = loadedJson['http_response']
self.assertEqual(httpResponse, 200, "[-] Error deleting comment")
def test_request_comment_by_id_wrongId(self):
createJson = json.loads(
create_comment(session, self.test_auth_id, self.test_post_id,
"This is a test", self.properties))
temp = request_comment(session, self.test_auth_id, self.properties)
loadedJson = json.loads(temp)
httpResponse = loadedJson['http_response']
# Clean database from test comment entry
delete_comment(session, self.test_auth_id, createJson['comment_id'],
self.admin_role, self.properties)
self.assertEqual(
httpResponse, 403,
"[-] Requests with wrong ID, positive HTTP response anyways.")
def test_update_comment_content(self):
#createJson = json.loads(create_comment(session, 999999, 999999, "This is a test"))
createJson = json.loads(
create_comment(session, self.test_auth_id, self.test_post_id,
"This is a test", self.properties))
temp = update_comment(session, createJson['comment_id'],
self.test_auth_id, "Rewrote test content",
self.test_role, self.properties)
loadedJson = json.loads(temp)
httpResponse = loadedJson['http_response']
# Clean database from test comment entry
delete_comment(session, self.test_auth_id, createJson['comment_id'],
self.admin_role, self.properties)
self.assertEqual(httpResponse, 200, "[-] Error changing comment")
def test_delete_a_comment_wrong_author(self):
createJson = json.loads(
create_comment(session, self.test_auth_id, self.test_post_id,
"This is a test", self.properties))
temp = delete_comment(session, 42, createJson['comment_id'],
self.test_role, self.properties)
loadedJson = json.loads(temp)
httpResponse = loadedJson['http_response']
# Clean database from test comment entry
delete_comment(session, self.test_auth_id, createJson['comment_id'],
self.admin_role, self.properties)
self.assertEqual(
httpResponse, 403,
"[-] Deleting a comment with wrong author, still gives positive HTTP response."
)
def receive(event, data, properties):
data = json.loads(data)
print(properties.headers)
jwt = verify(properties.headers['jwt'])
if event == "CreateComment":
if (jwt):
jsonObject = create_comment(session, int(jwt['sub']),
data['post_id'], data['content'],
properties)
# Get the actual http response from the action and put it into properties
httpResponse = json.loads(jsonObject)['http_response']
properties.headers['http_response'] = httpResponse
send("ConfirmCommentCreation", jsonObject, properties)
print(f'Created comment with json: {jsonObject}')
else:
errorJson = json.dumps(
{
'comment_id': 2147483645,
'http_response': 403,
'created_at': 1000001
},
indent=2,
default=str)
send("ConfirmCommentCreation", errorJson, properties)
print(f'Created comment with json: {jsonObject}')
elif event == "UpdateComment":
if (jwt):
jsonObject = update_comment(session, int(data['comment_id']),
int(jwt['sub']), data['content'],
int(jwt['role']), properties)
httpResponse = json.loads(jsonObject)['http_response']
properties.headers['http_response'] = httpResponse
send("ConfirmCommentUpdate", jsonObject, properties)
print(f'Updated comment with {jsonObject}')
else:
errorJson = json.dumps(
{
'http_response': 403,
'comment_id': data['comment_id'],
'update_timestamp': 1000001
},
indent=2,
default=str)
send("ConfirmCommentUpdate", errorJson, properties)
print(f'Updated comment with {jsonObject}')
elif event == "DeleteComment":
if (jwt):
jsonObject = delete_comment(session, int(jwt['sub']),
int(data['comment_id']),
int(jwt['role']), properties)
httpResponse = json.loads(jsonObject)['http_response']
properties.headers['http_response'] = httpResponse
send("ConfirmCommentDelete", jsonObject, properties)
print(f'Deleted comment with {jsonObject}')
else:
errorJson = json.dumps({'http_response': 403},
indent=2,
default=str)
send("ConfirmCommentDelete", errorJson, properties)
print(f'Deleted comment with {jsonObject}')
elif event == "ConfirmOnePostDeletion":
# No checking needed, as this has been done by the one triggering the event
delete_comments_for_post(session, data['post_id'])
elif event == "RequestComment":
jsonObject = request_comment(session, data['comment_id'], properties)
httpResponse = json.loads(jsonObject)['http_response']
properties.headers['http_response'] = httpResponse
send("ReturnComment", jsonObject, properties)
print(f'Requested comment with {jsonObject}')
elif event == "RequestCommentsForPost":
jsonObject = request_comments_for_post(session, data['post_id'],
properties)
properties.headers['http_response'] = 200
send("ReturnCommentsForPost", jsonObject, properties)
print(f'Requested comment for post {jsonObject}')
else:
pass # A wrong event has been given