def test_userflags(self):
"""Ensure user flags are set as expected.
"""
user1 = create_account('user1', '*****@*****.**', 'Password')
self.assertIsNotNone(user1)
# Not active by default
self.assertFalse(get_user(user1).get('active'))
# TTL should be set
self.assertIsNotNone(get_user(user1).get('ttl'))
# Activate
self.assertTrue(activate(user1))
self.assertTrue(get_user(user1).get('active'))
self.assertIsNone(get_user(user1).get('ttl'))
# Deactivate
self.assertTrue(activate(user1, False))
self.assertFalse(get_user(user1).get('active'))
# Invalid
self.assertFalse(activate(None))
self.assertFalse(activate(K.NIL_VALUE))
# Banning, not by default
self.assertFalse(get_user(user1).get('banned'))
# Ban
self.assertTrue(ban(user1))
self.assertTrue(get_user(user1).get('banned'))
# Un-ban
self.assertTrue(ban(user1, False))
self.assertFalse(get_user(user1).get('banned'))
# Invalid
self.assertFalse(ban(None))
self.assertFalse(ban(K.NIL_VALUE))
# OP (Over powered or Operator?) Account should not be op
self.assertFalse(get_user(user1).get('op'))
# Bite
self.assertTrue(bite(user1))
self.assertTrue(get_user(user1).get('op'))
# Un-bite
self.assertTrue(bite(user1, False))
self.assertFalse(get_user(user1).get('op'))
# Invalid
self.assertFalse(bite(None))
self.assertFalse(bite(K.NIL_VALUE))
# Muted, can't post, not by default
self.assertFalse(get_user(user1).get('muted'))
# Mute
self.assertTrue(mute(user1))
self.assertTrue(get_user(user1).get('muted'))
# Un-mute
self.assertTrue(mute(user1, False))
self.assertFalse(get_user(user1).get('muted'))
# Invalid
self.assertFalse(mute(None))
self.assertFalse(mute(K.NIL_VALUE))
def test_userflags(self):
"""Ensure user flags are set as expected.
"""
user1 = create_account('user1', '*****@*****.**', 'Password')
self.assertIsNotNone(user1)
# Not active by default
self.assertFalse(get_user(user1).get('active'))
# TTL should be set
self.assertIsNotNone(get_user(user1).get('ttl'))
# Activate
self.assertTrue(activate(user1))
self.assertTrue(get_user(user1).get('active'))
self.assertIsNone(get_user(user1).get('ttl'))
# Deactivate
self.assertTrue(activate(user1, False))
self.assertFalse(get_user(user1).get('active'))
# Invalid
self.assertFalse(activate(None))
self.assertFalse(activate(K.NIL_VALUE))
# Banning, not by default
self.assertFalse(get_user(user1).get('banned'))
# Ban
self.assertTrue(ban(user1))
self.assertTrue(get_user(user1).get('banned'))
# Un-ban
self.assertTrue(ban(user1, False))
self.assertFalse(get_user(user1).get('banned'))
# Invalid
self.assertFalse(ban(None))
self.assertFalse(ban(K.NIL_VALUE))
# OP (Over powered or Operator?) Account should not be op
self.assertFalse(get_user(user1).get('op'))
# Bite
self.assertTrue(bite(user1))
self.assertTrue(get_user(user1).get('op'))
# Un-bite
self.assertTrue(bite(user1, False))
self.assertFalse(get_user(user1).get('op'))
# Invalid
self.assertFalse(bite(None))
self.assertFalse(bite(K.NIL_VALUE))
# Muted, can't post, not by default
self.assertFalse(get_user(user1).get('muted'))
# Mute
self.assertTrue(mute(user1))
self.assertTrue(get_user(user1).get('muted'))
# Un-mute
self.assertTrue(mute(user1, False))
self.assertFalse(get_user(user1).get('muted'))
# Invalid
self.assertFalse(mute(None))
self.assertFalse(mute(K.NIL_VALUE))
def test_stats(self):
"""Ensure the ``pjuu.auth.stats``s exposed stats are correct.
"""
stats = dict(get_stats())
self.assertEqual(stats.get('Total users'), 0)
self.assertEqual(stats.get('Total active users'), 0)
self.assertEqual(stats.get('Total banned users'), 0)
self.assertEqual(stats.get('Total muted users'), 0)
self.assertEqual(stats.get('Total OP users'), 0)
self.assertEqual(stats.get('Newest users'), [])
create_account('user1', '*****@*****.**', 'Password')
user2 = create_account('user2', '*****@*****.**', 'Password')
activate(user2)
user3 = create_account('user3', '*****@*****.**', 'Password')
activate(user3)
ban(user3)
user4 = create_account('user4', '*****@*****.**', 'Password')
activate(user4)
mute(user4)
user5 = create_account('user5', '*****@*****.**', 'Password')
bite(user5)
# Turn in to dict for easier checking.
stats = dict(get_stats())
# URL string to ensure links are being added in to newest users
self.assertEqual(stats.get('Total users'), 5)
self.assertEqual(stats.get('Total active users'), 3)
self.assertEqual(stats.get('Total banned users'), 1)
self.assertEqual(stats.get('Total muted users'), 1)
self.assertEqual(stats.get('Total OP users'), 1)
user_list = ['user5', 'user4', 'user3', 'user2', 'user1']
newest_users = stats.get('Newest users')
for i in xrange(len(newest_users)):
self.assertIn(user_list[i], newest_users[i])
def test_stats(self):
"""Ensure the ``pjuu.auth.stats``s exposed stats are correct.
"""
stats = dict(get_stats())
self.assertEqual(stats.get('Total users'), 0)
self.assertEqual(stats.get('Total active users'), 0)
self.assertEqual(stats.get('Total banned users'), 0)
self.assertEqual(stats.get('Total muted users'), 0)
self.assertEqual(stats.get('Total OP users'), 0)
self.assertEqual(stats.get('Newest users'), [])
create_account('user1', '*****@*****.**', 'Password')
user2 = create_account('user2', '*****@*****.**', 'Password')
activate(user2)
user3 = create_account('user3', '*****@*****.**', 'Password')
activate(user3)
ban(user3)
user4 = create_account('user4', '*****@*****.**', 'Password')
activate(user4)
mute(user4)
user5 = create_account('user5', '*****@*****.**', 'Password')
bite(user5)
# Turn in to dict for easier checking.
stats = dict(get_stats())
# URL string to ensure links are being added in to newest users
self.assertEqual(stats.get('Total users'), 5)
self.assertEqual(stats.get('Total active users'), 3)
self.assertEqual(stats.get('Total banned users'), 1)
self.assertEqual(stats.get('Total muted users'), 1)
self.assertEqual(stats.get('Total OP users'), 1)
user_list = ['user5', 'user4', 'user3', 'user2', 'user1']
newest_users = stats.get('Newest users')
for i in xrange(len(newest_users)):
self.assertIn(user_list[i], newest_users[i])
def test_signin_signout(self):
"""
These functions will test the signin and signout endpoints. We will use
url_for so that we can change the URIs in the future.
"""
# Test that we can GET the signin page
resp = self.client.get(url_for('auth.signin'))
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
# There is no user in the system check that we can't authenticate
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Why we are here we will just check that logging in doesn't raise an
# issue if not logged in
resp = self.client.get(url_for('auth.signout'))
# We should be 302 redirected to /signin
self.assertEqual(resp.status_code, 302)
# There is nothing we can really check as we do not flash() as message
# Create a test user and try loggin in, should fail as the user isn't
# activated
user1 = create_account('user1', '*****@*****.**', 'Password')
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn('Please activate your account', resp.data)
# Activate account
self.assertTrue(activate(user1))
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******',
'keep_signed_in': True
})
# Check we are redirected
self.assertEqual(resp.status_code, 302)
# Log back out
self.client.get(url_for('auth.signout'))
# Test that the correct warning is shown if the user is banned
self.assertTrue(ban(user1))
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn('You\'re a very naughty boy!', resp.data)
# Lets unban the user now so we can carry on
self.assertTrue(ban(user1, False))
# Now the user is active and not banned actualy log in
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
}, follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('<h1>Feed</h1>', resp.data)
# Attempt to try and get back to login when we are already logged in
resp = self.client.get(url_for('auth.signin'))
self.assertEqual(resp.status_code, 302)
# Now we are logged in lets just ensure logout doesn't do anything daft
# We should be redirected back to /
resp = self.client.get(url_for('auth.signout'), follow_redirects=True)
# We should have been 302 redirected to /signin
self.assertEqual(resp.status_code, 200)
self.assertIn('Successfully signed out', resp.data)
# Lets try and cheat the system
# Attempt invalid Password
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
}, follow_redirects=True)
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Attempt user does not exist
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Log the user in and ensure they are logged out if there account
# is banned during using the site and not just at login
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
}, follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('<h1>Feed</h1>', resp.data)
# Lets go to another view, we will check out profile and look for our
# username
resp = self.client.get(url_for('users.settings_profile'))
self.assertEqual(resp.status_code, 200)
self.assertIn('*****@*****.**', resp.data)
# Let's ban the user now
self.assertTrue(ban(user1))
# Attempt to get to the feed
resp = self.client.get(url_for('users.feed'), follow_redirects=True)
# We should be redirected to signin with the standard message
self.assertEqual(resp.status_code, 200)
self.assertIn('You\'re a very naughty boy!', resp.data)
# Adding test from form.validate() == False in signup
# Coverage
resp = self.client.post(url_for('auth.signin'), data={
'username': '',
'password': ''
}, follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Log in with user1 and remove the session part way through
resp = self.client.post(url_for('auth.signin'), data={
'username': '******',
'password': '******'
}, follow_redirects=True)
self.assertEqual(resp.status_code, 200)
# Find the Set-Cookie header so we can parse then delete it
session_id = None
for header in resp.headers:
if header[0] == 'Set-Cookie':
session_id = parse_cookie(header[1])['session']
rs.delete(session_id)
resp = self.client.get(url_for('users.profile', username='******'),
follow_redirects=True)
self.assertIn('You need to be logged in to view that', resp.data)
# Find the Set-Cookie header so we can parse it and check the session
# identifier has been updated
for header in resp.headers:
if header[0] == 'Set-Cookie':
self.assertNotEqual(session_id,
parse_cookie(header[1])['session'])
def test_signin_signout(self):
"""
These functions will test the signin and signout endpoints. We will use
url_for so that we can change the URIs in the future.
"""
# Test that we can GET the signin page
resp = self.client.get(url_for("auth.signin"))
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
# There is no user in the system check that we can't authenticate
resp = self.client.post(url_for("auth.signin"), data={"username": "******", "password": "******"})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn("Invalid user name or password", resp.data)
# Why we are here we will just check that logging in doesn't raise an
# issue if not logged in
resp = self.client.get(url_for("auth.signout"))
# We should be 302 redirected to /signin
self.assertEqual(resp.status_code, 302)
# There is nothing we can really check as we do not flash() as message
# Create a test user and try loggin in, should fail as the user isn't
# activated
user1 = create_account("user1", "*****@*****.**", "Password")
resp = self.client.post(url_for("auth.signin"), data={"username": "******", "password": "******"})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn("Please activate your account", resp.data)
# Activate account
self.assertTrue(activate(user1))
resp = self.client.post(
url_for("auth.signin"),
data={"username": "******", "password": "******", "keep_signed_in": True},
follow_redirects=True,
)
# Check we are redirected
self.assertEqual(resp.status_code, 200)
self.assertIn("<title>Feed - Pjuu</title>", resp.data)
# Log back out
self.client.get(url_for("auth.signout"))
# Test that the user has additional spaces striped from their names
resp = self.client.post(
url_for("auth.signin"),
data={"username": "******", "password": "******", "keep_signed_in": True},
follow_redirects=True,
)
# Check we are redirected
self.assertEqual(resp.status_code, 200)
self.assertIn("<title>Feed - Pjuu</title>", resp.data)
# Log back out
self.client.get(url_for("auth.signout"))
# Test that the correct warning is shown if the user is banned
self.assertTrue(ban(user1))
resp = self.client.post(url_for("auth.signin"), data={"username": "******", "password": "******"})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn("You're a very naughty boy!", resp.data)
# Lets unban the user now so we can carry on
self.assertTrue(ban(user1, False))
# Now the user is active and not banned actualy log in
resp = self.client.post(
url_for("auth.signin"), data={"username": "******", "password": "******"}, follow_redirects=True
)
self.assertEqual(resp.status_code, 200)
self.assertIn("<h1>Feed</h1>", resp.data)
# Attempt to try and get back to login when we are already logged in
resp = self.client.get(url_for("auth.signin"))
self.assertEqual(resp.status_code, 302)
# Now we are logged in lets just ensure logout doesn't do anything daft
# We should be redirected back to /
resp = self.client.get(url_for("auth.signout"), follow_redirects=True)
# We should have been 302 redirected to /signin
self.assertEqual(resp.status_code, 200)
self.assertIn("Successfully signed out", resp.data)
# Lets try and cheat the system
# Attempt invalid Password
resp = self.client.post(
url_for("auth.signin"), data={"username": "******", "password": "******"}, follow_redirects=True
)
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn("Invalid user name or password", resp.data)
# Attempt user does not exist
resp = self.client.post(url_for("auth.signin"), data={"username": "******", "password": "******"})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn("Invalid user name or password", resp.data)
# Log the user in and ensure they are logged out if there account
# is banned during using the site and not just at login
resp = self.client.post(
url_for("auth.signin"), data={"username": "******", "password": "******"}, follow_redirects=True
)
self.assertEqual(resp.status_code, 200)
self.assertIn("<h1>Feed</h1>", resp.data)
# Lets go to another view, we will check out profile and look for our
# username
resp = self.client.get(url_for("users.settings_profile"))
self.assertEqual(resp.status_code, 200)
self.assertIn("*****@*****.**", resp.data)
# Let's ban the user now
self.assertTrue(ban(user1))
# Attempt to get to the feed
resp = self.client.get(url_for("users.feed"), follow_redirects=True)
# We should be redirected to signin with the standard message
self.assertEqual(resp.status_code, 200)
self.assertIn("You're a very naughty boy!", resp.data)
# Adding test from form.validate() == False in signup
# Coverage
resp = self.client.post(url_for("auth.signin"), data={"username": "", "password": ""}, follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Invalid user name or password", resp.data)
# Log in with user1 and remove the session part way through
resp = self.client.post(
url_for("auth.signin"), data={"username": "******", "password": "******"}, follow_redirects=True
)
self.assertEqual(resp.status_code, 200)
def test_signin_signout(self):
"""
These functions will test the signin and signout endpoints. We will use
url_for so that we can change the URIs in the future.
"""
# Test that we can GET the signin page
resp = self.client.get(url_for('auth.signin'))
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
# There is no user in the system check that we can't authenticate
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Why we are here we will just check that logging in doesn't raise an
# issue if not logged in
resp = self.client.get(url_for('auth.signout'))
# We should be 302 redirected to /signin
self.assertEqual(resp.status_code, 302)
# There is nothing we can really check as we do not flash() as message
# Create a test user and try loggin in, should fail as the user isn't
# activated
user1 = create_account('user1', '*****@*****.**', 'Password')
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn('Please activate your account', resp.data)
# Activate account
self.assertTrue(activate(user1))
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******',
'keep_signed_in': True
},
follow_redirects=True)
# Check we are redirected
self.assertEqual(resp.status_code, 200)
self.assertIn("<title>Feed - Pjuu</title>", resp.data)
# Log back out
self.client.get(url_for('auth.signout'))
# Test that the user has additional spaces striped from their names
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******',
'keep_signed_in': True
},
follow_redirects=True)
# Check we are redirected
self.assertEqual(resp.status_code, 200)
self.assertIn("<title>Feed - Pjuu</title>", resp.data)
# Log back out
self.client.get(url_for('auth.signout'))
# Test that the correct warning is shown if the user is banned
self.assertTrue(ban(user1))
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
})
# We should get a 200 with an information message
self.assertEqual(resp.status_code, 200)
self.assertIn('You\'re a very naughty boy!', resp.data)
# Lets unban the user now so we can carry on
self.assertTrue(ban(user1, False))
# Now the user is active and not banned actualy log in
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
},
follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('<h1>Feed</h1>', resp.data)
# Attempt to try and get back to login when we are already logged in
resp = self.client.get(url_for('auth.signin'))
self.assertEqual(resp.status_code, 302)
# Now we are logged in lets just ensure logout doesn't do anything daft
# We should be redirected back to /
resp = self.client.get(url_for('auth.signout'), follow_redirects=True)
# We should have been 302 redirected to /signin
self.assertEqual(resp.status_code, 200)
self.assertIn('Successfully signed out', resp.data)
# Lets try and cheat the system
# Attempt invalid Password
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
},
follow_redirects=True)
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Attempt user does not exist
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
})
# We should get a 200 with an error message if we were not successful
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Log the user in and ensure they are logged out if there account
# is banned during using the site and not just at login
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
},
follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('<h1>Feed</h1>', resp.data)
# Lets go to another view, we will check out profile and look for our
# username
resp = self.client.get(url_for('users.settings_profile'))
self.assertEqual(resp.status_code, 200)
self.assertIn('*****@*****.**', resp.data)
# Let's ban the user now
self.assertTrue(ban(user1))
# Attempt to get to the feed
resp = self.client.get(url_for('users.feed'), follow_redirects=True)
# We should be redirected to signin with the standard message
self.assertEqual(resp.status_code, 200)
self.assertIn('You\'re a very naughty boy!', resp.data)
# Adding test from form.validate() == False in signup
# Coverage
resp = self.client.post(url_for('auth.signin'),
data={
'username': '',
'password': ''
},
follow_redirects=True)
self.assertEqual(resp.status_code, 200)
self.assertIn('Invalid user name or password', resp.data)
# Log in with user1 and remove the session part way through
resp = self.client.post(url_for('auth.signin'),
data={
'username': '******',
'password': '******'
},
follow_redirects=True)
self.assertEqual(resp.status_code, 200)