Пример #1
0
    def test_approved_unapproved_is_approved(self):
        """Ensure a user can approve and unapprove a follower. Also test the
        checking of this state"""
        user1 = create_account('user1', '*****@*****.**', 'Password')
        user2 = create_account('user2', '*****@*****.**', 'Password')
        user3 = create_account('user3', '*****@*****.**', 'Password')

        # User should not be following a user
        self.assertFalse(is_approved(user1, user2))

        # User can't approve a user he is not following
        self.assertFalse(approve_user(user1, user2))

        # Follow wrong way round. The user to be approved must follow you
        follow_user(user1, user2)
        self.assertFalse(approve_user(user1, user2))
        self.assertFalse(is_approved(user1, user2))

        # Correct way round
        follow_user(user2, user1)
        self.assertTrue(approve_user(user1, user2))
        self.assertTrue(is_approved(user1, user2))

        # Try an un-approved a non follower
        self.assertFalse(is_approved(user1, user3))
        self.assertFalse(unapprove_user(user1, user3))

        # Try and un-approve a non approved follower
        follow_user(user3, user1)
        self.assertFalse(is_approved(user1, user3))
        self.assertFalse(unapprove_user(user1, user3))

        # Un-approve an approved folloer
        self.assertTrue(is_approved(user1, user2))
        self.assertTrue(unapprove_user(user1, user2))
        self.assertFalse(is_approved(user1, user2))

        # Ensure a user is un-approved if they stop following you
        # and you had approved them
        self.assertTrue(approve_user(user1, user2))
        self.assertTrue(is_approved(user1, user2))
        unfollow_user(user2, user1)
        self.assertFalse(is_approved(user1, user2))
Пример #2
0
    def test_permissions(self):
        """Ensure only users with the correct permissions can see posts"""
        user1 = create_account('user1', '*****@*****.**', 'Password')
        activate(user1)
        post1 = create_post(user1, 'user1', 'Test public', permission=0)
        post2 = create_post(user1, 'user1', 'Test pjuu', permission=1)
        post3 = create_post(user1, 'user1', 'Test approved', permission=2)

        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertNotIn('Test pjuu', resp.data)
        self.assertNotIn('Test approved', resp.data)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post2))
        self.assertEqual(resp.status_code, 403)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post3))
        self.assertEqual(resp.status_code, 403)

        # Create a user and check we can see the Pjuu-wide post
        user2 = create_account('user2', '*****@*****.**', 'Password')
        activate(user2)

        self.client.post(url_for('auth.signin'),
                         data={
                             'username': '******',
                             'password': '******'
                         })
        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertIn('Test pjuu', resp.data)
        self.assertNotIn('Test approved', resp.data)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post2))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post3))
        self.assertEqual(resp.status_code, 403)

        # Have user1 approve user2 and ensure he can see all posts
        # User2 needs to be following user1
        follow_user(user2, user1)
        approve_user(user1, user2)
        self.assertTrue(is_approved(user1, user2))

        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertIn('Test pjuu', resp.data)
        self.assertIn('Test approved', resp.data)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post2))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(
            url_for('posts.view_post', username='******', post_id=post3))
        self.assertEqual(resp.status_code, 200)
Пример #3
0
Файл: views.py Проект: pjuu/pjuu
def approved_filter(_profile):
    """Checks if current user has approved the user piped to filter."""
    return is_approved(current_user.get('_id'), _profile.get('_id'))
Пример #4
0
    def test_permissions(self):
        """Ensure only users with the correct permissions can see posts"""
        user1 = create_account('user1', '*****@*****.**', 'Password')
        activate(user1)
        post1 = create_post(user1, 'user1', 'Test public', permission=0)
        post2 = create_post(user1, 'user1', 'Test pjuu', permission=1)
        post3 = create_post(user1, 'user1', 'Test approved', permission=2)

        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertNotIn('Test pjuu', resp.data)
        self.assertNotIn('Test approved', resp.data)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post2))
        self.assertEqual(resp.status_code, 403)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post3))
        self.assertEqual(resp.status_code, 403)

        # Create a user and check we can see the Pjuu-wide post
        user2 = create_account('user2', '*****@*****.**', 'Password')
        activate(user2)

        self.client.post(url_for('auth.signin'), data={
            'username': '******',
            'password': '******'
        })
        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertIn('Test pjuu', resp.data)
        self.assertNotIn('Test approved', resp.data)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post2))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post3))
        self.assertEqual(resp.status_code, 403)

        # Have user1 approve user2 and ensure he can see all posts
        # User2 needs to be following user1
        follow_user(user2, user1)
        approve_user(user1, user2)
        self.assertTrue(is_approved(user1, user2))

        resp = self.client.get(url_for('users.profile', username='******'))
        self.assertIn('Test public', resp.data)
        self.assertIn('Test pjuu', resp.data)
        self.assertIn('Test approved', resp.data)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post1))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post2))
        self.assertEqual(resp.status_code, 200)

        resp = self.client.get(url_for('posts.view_post', username='******',
                                       post_id=post3))
        self.assertEqual(resp.status_code, 200)
Пример #5
0
def approved_filter(_profile):
    """Checks if current user has approved the user piped to filter."""
    return is_approved(current_user.get('_id'), _profile.get('_id'))