def test_cannot_see_non_friends_journal(self):
"""
Should not be able to see a non-friend's journal in a listing.
"""
db_utils.create_journal(self.user2, 'Friends only journal', settings=CharSettings({"friends-only"}, {}, {}))
self.assertEqual(
self.count,
select_user_count(self.user1, ratings.GENERAL.code))
def test_can_see_own_rating_journal(self):
"""
Can see your own journal in a listing even when it's above your max rating.
"""
my_journalid = db_utils.create_journal(self.user1, rating=ratings.EXPLICIT.code)
db_utils.create_journal(self.user2, rating=ratings.EXPLICIT.code)
self.assertEqual(
my_journalid,
journal.select_user_list(self.user1, ratings.GENERAL.code, 100)[0]['journalid'])
def test_remove(self):
j1 = db_utils.create_journal(self.user1, rating=ratings.GENERAL.code)
j2 = db_utils.create_journal(self.user1, rating=ratings.GENERAL.code)
journal.remove(self.user1, j1)
user_list = journal.select_user_list(self.user1, ratings.GENERAL.code, 100)
self.assertEqual(self.count + 1, len(user_list))
self.assertEqual(j2, user_list[0]['journalid'])
def test_cannot_see_non_friends_journal(self):
"""
Should not be able to see a non-friend's journal in a listing.
"""
db_utils.create_journal(self.user2,
'Friends only journal',
settings=CharSettings({"friends-only"}, {},
{}))
self.assertEqual(self.count,
select_user_count(self.user1, ratings.GENERAL.code))
def test_remove(self):
j1 = db_utils.create_journal(self.user1, rating=ratings.GENERAL.code)
j2 = db_utils.create_journal(self.user1, rating=ratings.GENERAL.code)
journal.remove(self.user1, j1)
user_list = journal.select_user_list(self.user1, ratings.GENERAL.code,
100)
self.assertEqual(self.count + 1, len(user_list))
self.assertEqual(j2, user_list[0]['journalid'])
def test_can_see_own_rating_journal(self):
"""
Can see your own journal in a listing even when it's above your max rating.
"""
my_journalid = db_utils.create_journal(self.user1,
rating=ratings.EXPLICIT.code)
db_utils.create_journal(self.user2, rating=ratings.EXPLICIT.code)
self.assertEqual(
my_journalid,
journal.select_user_list(self.user1, ratings.GENERAL.code,
100)[0]['journalid'])
def test_can_see_own_blocktag_journal(self):
"""
Can see your own journal in a listing even with a blocked tag.
"""
block_tagid = db_utils.create_tag("blocked")
db_utils.create_blocktag(self.user1, block_tagid, ratings.GENERAL.code)
journalid = db_utils.create_journal(self.user1, "My blocktag journal")
db_utils.create_journal_tag(block_tagid, journalid)
# A journal that we should NOT see.
other_journalid = db_utils.create_journal(self.user2, "Other user's blocktag journal")
db_utils.create_journal_tag(block_tagid, other_journalid)
self.assertEqual(
journalid,
journal.select_user_list(self.user1, ratings.GENERAL.code, 100)[0]['journalid'])
def test_moderators_and_above_can_add_restricted_tags_successfully(monkeypatch):
"""
Moderators (and admins, technical, and directors) can add restricted tags to content.
Developers are not included in this test, as they are for all intents and purposes just
normal user accounts.
"""
userid_owner = db_utils.create_user()
mod_tag_adder = db_utils.create_user()
monkeypatch.setattr(staff, 'MODS', frozenset([mod_tag_adder]))
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
restricted_tag = searchtag.parse_restricted_tags("pearl")
searchtag.edit_user_tag_restrictions(userid_owner, restricted_tag)
searchtag.associate(mod_tag_adder, tags, submitid=submitid)
searchtag.associate(mod_tag_adder, tags, charid=charid)
searchtag.associate(mod_tag_adder, tags, journalid=journalid)
# Verify that all tags were added successfully. 'pearl' is restricted.
submission_tags = searchtag.select(submitid=submitid)
assert tags == set(submission_tags)
character_tags = searchtag.select(charid=charid)
assert tags == set(character_tags)
journal_tags = searchtag.select(journalid=journalid)
assert tags == set(journal_tags)
def test_can_see_own_blocktag_journal(self):
"""
Can see your own journal in a listing even with a blocked tag.
"""
block_tagid = db_utils.create_tag("blocked")
db_utils.create_blocktag(self.user1, block_tagid, ratings.GENERAL.code)
journalid = db_utils.create_journal(self.user1, "My blocktag journal")
db_utils.create_journal_tag(block_tagid, journalid)
# A journal that we should NOT see.
other_journalid = db_utils.create_journal(
self.user2, "Other user's blocktag journal")
db_utils.create_journal_tag(block_tagid, other_journalid)
self.assertEqual(
journalid,
journal.select_user_list(self.user1, ratings.GENERAL.code,
100)[0]['journalid'])
def test_attempt_setting_tags_when_some_tags_have_been_restricted():
"""
Verify that tags are excluded from being added to a submission's tags if the tag is restricted
"""
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
restricted_tag = searchtag.parse_restricted_tags("pearl")
searchtag.edit_user_tag_restrictions(userid_owner, restricted_tag)
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
searchtag.associate(userid_tag_adder, tags, charid=charid)
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
# Verify that the "pearl" tag was not added
submission_tags = searchtag.select(submitid=submitid)
assert tags_two == set(submission_tags)
character_tags = searchtag.select(charid=charid)
assert tags_two == set(character_tags)
journal_tags = searchtag.select(journalid=journalid)
assert tags_two == set(journal_tags)
def test_login_required_to_edit_journal(app, journal_user):
# Test purpose: Verify that an active session is required to even attempt to edit a journal.
journalid = db_utils.create_journal(journal_user, "Test", content="Test")
resp = app.post(
'/edit/journal',
{'title': u'Created journal', 'rating': '10', 'content': u'A journal', 'journalid': journalid},
)
assert "You must be signed in to perform this operation." in resp.html.find(id='error_content').text
def test_list_unicode_username(app):
"""
Test journal lists on profiles with usernames containing non-ASCII
characters, which aren’t supposed to exist but do because of
a historical bug.
"""
journal_user = db_utils.create_user(username=u'journál_test')
db_utils.create_journal(
journal_user,
title=u'UnÃcode journal 😊',
content=u'A journal and poster username with non-ASCII characters 😊'
)
resp = app.get('/journals/journaltest')
titles = [
link.string
for link in resp.html.find(id='journals-content').find_all('a')
]
assert titles == [u'UnÃcode journal 😊']
def test_see_friends_journal(self):
"""
Should be able to see a friend's journal in a listing.
"""
j = db_utils.create_journal(self.friend1, 'Friends only journal', settings=CharSettings({"friends-only"}, {}, {}))
self.assertEqual(
self.count + 1,
select_user_count(self.user1, ratings.GENERAL.code))
self.assertEqual(
j,
journal.select_user_list(self.user1, ratings.GENERAL.code, 100)[0]['journalid'])
def test_csrf_on_journal_edit(app, journal_user):
# Test purpose: Verify that a CSRF token is required to submit a journal entry.
cookie = db_utils.create_session(journal_user)
journalid = db_utils.create_journal(journal_user, "Test", content="Test")
resp = app.post(
'/edit/journal',
{'title': u'Created journal', 'rating': '10', 'content': u'A journal', 'journalid': journalid},
headers={'Cookie': cookie},
status=403,
)
assert resp.html.find(id='error_content').p.text.startswith(u"This action appears to have been performed illegitimately")
def test_see_friends_journal(self):
"""
Should be able to see a friend's journal in a listing.
"""
j = db_utils.create_journal(self.friend1,
'Friends only journal',
settings=CharSettings({"friends-only"}, {},
{}))
self.assertEqual(self.count + 1,
select_user_count(self.user1, ratings.GENERAL.code))
self.assertEqual(
j,
journal.select_user_list(self.user1, ratings.GENERAL.code,
100)[0]['journalid'])
def test_login_required_to_edit_journal(app, journal_user):
# Test purpose: Verify that an active session is required to even attempt to edit a journal.
journalid = db_utils.create_journal(journal_user, "Test", content="Test")
resp = app.post(
'/edit/journal',
{
'title': u'Created journal',
'rating': '10',
'content': u'A journal',
'journalid': journalid
},
)
assert "You must be signed in to perform this operation." in resp.html.find(
id='error_content').text
def _journals(journal_user):
db_utils.create_journal(journal_user,
title=u'Test journal',
unixtime=arrow.get(1),
content=u'A test journal')
db_utils.create_journal(journal_user,
title=u'Public journal',
unixtime=arrow.get(2),
content=u'A public journal')
db_utils.create_journal(journal_user,
title=u'Hidden journal',
unixtime=arrow.get(3),
content=u'A hidden journal',
settings=CharSettings({'hidden'}, {}, {}))
db_utils.create_journal(journal_user,
title=u'Restricted journal',
rating=ratings.MATURE.code,
unixtime=arrow.get(4),
content=u'A journal with a non-General rating')
db_utils.create_journal(journal_user,
title=u'Recent journal',
unixtime=arrow.get(5),
content=u'The most recent journal',
settings=CharSettings({'friends-only'}, {}, {}))
def test_csrf_on_journal_edit(app, journal_user):
# Test purpose: Verify that a CSRF token is required to submit a journal entry.
cookie = db_utils.create_session(journal_user)
journalid = db_utils.create_journal(journal_user, "Test", content="Test")
resp = app.post(
'/edit/journal',
{
'title': u'Created journal',
'rating': '10',
'content': u'A journal',
'journalid': journalid
},
headers={'Cookie': cookie},
status=403,
)
assert resp.html.find(id='error_content').p.text.startswith(
u"This action appears to have been performed illegitimately")
def test_adding_tags_when_no_tags_previously_existed():
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
searchtag.associate(userid_tag_adder, tags, charid=charid)
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
submission_tags = searchtag.select(submitid=submitid)
assert tags == set(submission_tags)
character_tags = searchtag.select(charid=charid)
assert tags == set(character_tags)
journal_tags = searchtag.select(journalid=journalid)
assert tags == set(journal_tags)
def test_contentOwnerIgnoredYou_WeasylError_if_user_ignored_by_item_owner():
# Set up for this test
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
db_utils.create_ignoreuser(userid_owner, userid_tag_adder)
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
assert err.value.value == "contentOwnerIgnoredYou"
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, charid=charid)
assert err.value.value == "contentOwnerIgnoredYou"
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
assert err.value.value == "contentOwnerIgnoredYou"
def test_InsufficientPermissions_WeasylError_if_user_does_not_have_tagging_permissions():
# Set up for this test
admin = db_utils.create_user()
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
profile.do_manage(admin, userid_tag_adder, permission_tag=False)
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
assert err.value.value == "InsufficientPermissions"
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, charid=charid)
assert err.value.value == "InsufficientPermissions"
with pytest.raises(WeasylError) as err:
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
assert err.value.value == "InsufficientPermissions"
def test_removing_tags():
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
searchtag.associate(userid_tag_adder, tags, charid=charid)
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
# Remove the 'pearl' tag
searchtag.associate(userid_tag_adder, tags_two, submitid=submitid)
searchtag.associate(userid_tag_adder, tags_two, charid=charid)
searchtag.associate(userid_tag_adder, tags_two, journalid=journalid)
submission_tags = searchtag.select(submitid=submitid)
assert tags_two == set(submission_tags)
character_tags = searchtag.select(charid=charid)
assert tags_two == set(character_tags)
journal_tags = searchtag.select(journalid=journalid)
assert tags_two == set(journal_tags)
def test_clearing_all_tags():
userid_owner = db_utils.create_user()
userid_tag_adder = db_utils.create_user()
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
submitid = db_utils.create_submission(userid_owner)
searchtag.associate(userid_tag_adder, tags, submitid=submitid)
searchtag.associate(userid_tag_adder, tags, charid=charid)
searchtag.associate(userid_tag_adder, tags, journalid=journalid)
# Clear all tags now that they were initially set
empty_tags = set()
searchtag.associate(userid_tag_adder, empty_tags, submitid=submitid)
searchtag.associate(userid_tag_adder, empty_tags, charid=charid)
searchtag.associate(userid_tag_adder, empty_tags, journalid=journalid)
submitid_tags = searchtag.select(submitid=submitid)
assert submitid_tags == []
charid_tags = searchtag.select(charid=charid)
assert charid_tags == []
journalid_tags = searchtag.select(journalid=journalid)
assert journalid_tags == []
def test_add_and_remove_journal(self):
j = db_utils.create_journal(self.owner)
self.add_and_remove_comments('journal', journalid=j)
def _journals(journal_user):
db_utils.create_journal(journal_user, title=u'Test journal', unixtime=arrow.get(1), content=u'A test journal')
db_utils.create_journal(journal_user, title=u'Public journal', unixtime=arrow.get(2), content=u'A public journal')
db_utils.create_journal(journal_user, title=u'Hidden journal', unixtime=arrow.get(3), content=u'A hidden journal', settings=CharSettings({'hidden'}, {}, {}))
db_utils.create_journal(journal_user, title=u'Restricted journal', rating=ratings.MATURE.code, unixtime=arrow.get(4), content=u'A journal with a non-General rating')
db_utils.create_journal(journal_user, title=u'Recent journal', unixtime=arrow.get(5), content=u'The most recent journal', settings=CharSettings({'friends-only'}, {}, {}))
def test_associate_return_values():
"""
``associate()`` returns a dict, of the following format:
return {"add_failure_restricted_tags": add_failure_restricted_tags,
"remove_failure_owner_set_tags": remove_failure_owner_set_tags}
/OR/ None
add_failure_restricted_tags is None if no tags failed to be added during the associate call,
when due to a tag being on the user or globally restricted tags list. Otherwise, it contains
a space-separated list of tags which failed to be added to the content item.
remove_failure_owner_set_tags is None if no tags failed to be removed during the associate call.
Otherwise, it contains the same space-separated list as above, however containing tags which the
content owner added and has opted to not permit others to remove.
If neither element of the dict is set, ``associate()`` returns None.
"""
config = CharSettings({'disallow-others-tag-removal'}, {}, {})
userid_owner = db_utils.create_user(config=config)
userid_tag_adder = db_utils.create_user()
submitid = db_utils.create_submission(userid_owner)
journalid = db_utils.create_journal(userid_owner)
charid = db_utils.create_character(userid_owner)
""" Test the None result (no failures), then manually clear the tags afterwards. """
result = searchtag.associate(userid_tag_adder, tags, submitid=submitid)
assert result is None
result = searchtag.associate(userid_tag_adder, tags, journalid=journalid)
assert result is None
result = searchtag.associate(userid_tag_adder, tags, journalid=journalid)
assert result is None
searchtag.associate(userid_tag_adder, set(), submitid=submitid)
searchtag.associate(userid_tag_adder, set(), journalid=journalid)
searchtag.associate(userid_tag_adder, set(), journalid=journalid)
""" Test the result:None variant (restricted tags added, no tags removed) """
restricted_tag = searchtag.parse_restricted_tags("pearl")
searchtag.edit_user_tag_restrictions(userid_owner, restricted_tag)
result = searchtag.associate(userid_tag_adder, tags, submitid=submitid)
assert "pearl" in result["add_failure_restricted_tags"]
assert result["remove_failure_owner_set_tags"] is None
result = searchtag.associate(userid_tag_adder, tags, charid=charid)
assert "pearl" in result["add_failure_restricted_tags"]
assert result["remove_failure_owner_set_tags"] is None
result = searchtag.associate(userid_tag_adder, tags, journalid=journalid)
assert "pearl" in result["add_failure_restricted_tags"]
assert result["remove_failure_owner_set_tags"] is None
searchtag.associate(userid_owner, set(), submitid=submitid)
searchtag.associate(userid_owner, set(), charid=charid)
searchtag.associate(userid_owner, set(), journalid=journalid)
searchtag.edit_user_tag_restrictions(userid_owner, set())
"""Test the None:result variant (no restricted tags added, tag removal blocked)
- Submission items will return None in this case (different method of preventing tag removal)
- Character and journal items should return the None:result variant, as expected"""
searchtag.associate(userid_owner, tags, submitid=submitid)
searchtag.associate(userid_owner, tags, charid=charid)
searchtag.associate(userid_owner, tags, journalid=journalid)
result = searchtag.associate(userid_tag_adder, tags_two, submitid=submitid)
assert result is None
result = searchtag.associate(userid_tag_adder, tags_two, charid=charid)
assert result["add_failure_restricted_tags"] is None
assert "pearl" in result["remove_failure_owner_set_tags"]
result = searchtag.associate(userid_tag_adder, tags_two, journalid=journalid)
assert result["add_failure_restricted_tags"] is None
assert "pearl" in result["remove_failure_owner_set_tags"]
searchtag.associate(userid_owner, set(), submitid=submitid)
searchtag.associate(userid_owner, set(), charid=charid)
searchtag.associate(userid_owner, set(), journalid=journalid)
"""Test the result:result variant (restricted tags added, tag removal blocked)
- Submission items will behave in the result:None variant
- Character/Journal items will behave in the result:result manner"""
restricted_tag = searchtag.parse_restricted_tags("profanity")
searchtag.edit_user_tag_restrictions(userid_owner, restricted_tag)
searchtag.associate(userid_owner, tags, submitid=submitid)
searchtag.associate(userid_owner, tags, charid=charid)
searchtag.associate(userid_owner, tags, journalid=journalid)
# Effect upon adding this set: Remove user-set tag "pearl"; add restricted tag "profanity"
tags_three = tags_two | {"profanity"}
result = searchtag.associate(userid_tag_adder, tags_three, submitid=submitid)
assert "profanity" in result["add_failure_restricted_tags"]
assert result["remove_failure_owner_set_tags"] is None
result = searchtag.associate(userid_tag_adder, tags_three, charid=charid)
assert "profanity" in result["add_failure_restricted_tags"]
assert "pearl" in result["remove_failure_owner_set_tags"]
result = searchtag.associate(userid_tag_adder, tags_three, journalid=journalid)
assert "profanity" in result["add_failure_restricted_tags"]
assert "pearl" in result["remove_failure_owner_set_tags"]