def test_thread_can_access_implicit_forum(app, authed_client):
db.engine.execute(
"DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'")
add_permissions(app, 'forumaccess_forum_1')
thread = ForumThread.from_pk(1)
assert thread.id == 1
assert thread.topic == 'New Site'
def test_delete_category_with_forums(app, authed_client):
add_permissions(app, 'forums_view', 'forums_forums_modify')
response = authed_client.delete('/forums/categories/1')
check_json_response(
response,
'You cannot delete a forum category while it still has forums assigned to it.',
)
def test_edit_forum(app, authed_client):
add_permissions(app, 'forums_view', 'forums_forums_modify')
response = authed_client.put(
'/forums/1',
data=json.dumps({
'name': 'Bite',
'description': 'Very New Description',
'category_id': 4,
}),
)
check_json_response(
response,
{
'id': 1,
'name': 'Bite',
'description': 'Very New Description'
},
)
print(response.get_json())
assert response.get_json()['response']['category']['id'] == 4
forum = Forum.from_pk(1)
assert forum.id == 1
assert forum.name == 'Bite'
assert forum.description == 'Very New Description'
assert forum.category_id == 4
def test_users_edit_settings_others(app, authed_client):
add_permissions(app, 'users_edit_settings', 'users_change_password',
'users_moderate')
response = authed_client.put('/users/settings',
query_string={'user_id': 2},
data=json.dumps({}))
check_json_response(response, 'Settings updated.', strict=True)
def test_add_members_to_conversation_already_in(app, authed_client):
add_permissions(app, MessagePermissions.MULTI_USER)
response = authed_client.post('/messages/1/members',
data=json.dumps({'user_ids': [2, 4]
})).get_json()['response']
assert (response ==
'The following members are already in the conversation: user_two.')
def test_change_forum_permissions_failure(app, authed_client):
db.engine.execute('DELETE FROM users_permissions')
add_permissions(app, 'users_moderate', 'forumaccess_thread_1')
db.engine.execute("""UPDATE user_classes
SET permissions = '{"forumaccess_forum_2"}'""")
response = authed_client.put(
'/users/1',
data=json.dumps({
'permissions': {
'forumaccess_forum_2': True,
'forumaccess_thread_1': False,
'forumaccess_thread_4': False,
'forumaccess_thread_2': True,
}
}),
)
check_json_response(
response,
'The following permissions could not be added: forumaccess_forum_2. '
'The following permissions could not be deleted: forumaccess_thread_4.',
)
f_perms = UserPermission.from_user(1, prefix='forumaccess')
assert f_perms == {'forumaccess_thread_1': True}
def test_serialize_very_detailed(app, authed_client):
add_permissions(app, 'forums_threads_modify',
'forums_threads_modify_advanced')
thread = ForumThread.from_pk(3)
data = NewJSONEncoder().default(thread)
check_dictionary(
data,
{
'id': 3,
'topic': 'Using PHP',
'locked': True,
'sticky': True,
'deleted': False,
'post_count': 1,
'subscribed': True,
},
)
assert 'forum' in data and data['forum']['id'] == 2
assert 'creator' in data and data['creator']['id'] == 2
assert 'last_post' in data and data['last_post']['id'] == 2
assert 'last_viewed_post' in data and data['last_viewed_post']['id'] == 2
assert ('posts' in data and len(data['posts']) == 1
and data['posts'][0]['id'] == 2)
assert 'created_time' in data and isinstance(data['created_time'], int)
assert 'poll' in data and data['poll']['id'] == 3
assert 'thread_notes' in data
assert ('thread_notes' in data and len(data['thread_notes']) == 1
and data['thread_notes'][0]['id'] == 3)
def test_add_thread_note_no_permissions(app, authed_client):
db.engine.execute(
"DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'")
add_permissions(app, 'forums_threads_modify')
response = authed_client.post('/forums/threads/1/notes',
data=json.dumps({'note': 'ANotherNote'}))
check_json_response(response, 'Invalid ForumThread id.')
def test_serialize_very_detailed(app, authed_client):
add_permissions(app, 'users_moderate', 'users_moderate_advanced')
user = User.from_pk(1)
data = NewJSONEncoder().default(user)
check_dictionary(
data,
{
'id': 1,
'username': '******',
'email': '*****@*****.**',
'enabled': True,
'locked': False,
'user_class': 'User',
'secondary_classes': ['FLS'],
'uploaded': 5368709120,
'downloaded': 0,
'invites': 1,
'inviter': None,
'basic_permissions': [],
},
)
assert 'api_keys' in data and len(data['api_keys']) == 2
assert 'permissions' in data and set(data['permissions']) == {
'users_moderate',
'users_moderate_advanced',
}
def test_change_forum_permissions(app, authed_client):
db.engine.execute('DELETE FROM users_permissions')
add_permissions(app, 'users_moderate', 'forumaccess_forum_1',
'forumaccess_thread_1')
db.engine.execute("""UPDATE user_classes
SET permissions = '{"forumaccess_forum_2"}'""")
response = authed_client.put(
'/users/1',
data=json.dumps({
'permissions': {
'forumaccess_forum_2': False,
'forumaccess_thread_1': False,
'forumaccess_thread_2': True,
}
}),
).get_json()
print(response['response'])
assert set(response['response']['forum_permissions']) == {
'forumaccess_forum_1',
'forumaccess_thread_2',
}
f_perms = UserPermission.from_user(1, prefix='forumaccess')
assert f_perms == {
'forumaccess_forum_2': False,
'forumaccess_forum_1': True,
'forumaccess_thread_2': True,
}
def test_delete_members_from_conversation(app, authed_client):
add_permissions(app, MessagePermissions.MULTI_USER)
response = authed_client.delete('/messages/1/members',
data=json.dumps({'user_ids': [3]
})).get_json()['response']
assert len(response) == 2
assert all(u['id'] in {1, 2} for u in response)
def test_moderate_user_not_found(app, authed_client):
add_permissions(app, 'users_moderate')
response = authed_client.put(
'/users/10', data=json.dumps({'email': '*****@*****.**'})
)
check_json_response(response, 'User 10 does not exist.')
assert response.status_code == 404
def test_delete_category(app, authed_client):
add_permissions(app, 'forums_view', 'forums_forums_modify')
response = authed_client.delete('/forums/categories/5')
check_json_response(response,
'ForumCategory 5 (uWhatMate) has been deleted.')
category = ForumCategory.from_pk(5, include_dead=True)
assert category.deleted
def test_view_thread_posts_include_dead_no_perm(app, authed_client):
add_permissions(app, 'forums_view')
response = authed_client.get(
'/forums/threads/5', query_string={'include_dead': True}
)
assert response.status_code == 200
assert len(response.get_json()['response']['posts']) == 1
def test_view_forum_subscriptions_no_forum_perms(app, authed_client):
db.engine.execute("DELETE FROM users_permissions")
add_permissions(app, 'forums_view_subscriptions')
response = authed_client.get('/subscriptions/forums').get_json()[
'response'
]
assert response == []
def test_PermissionsListOfUser_failure(app, authed_client):
permissions = ['sample_one', 'sample_two']
add_permissions(app, 'sample_one', 'sample_three')
with pytest.raises(Invalid) as e:
PermissionsListOfUser(permissions)
assert (str(
e.value) == 'permissions must be in the user\'s permissions list')
def test_add_members_to_conversation(app, authed_client):
add_permissions(app, MessagePermissions.MULTI_USER)
response = authed_client.post('/messages/1/members',
data=json.dumps({'user_ids': [4, 5]
})).get_json()['response']
assert len(response) == 5
assert all(u['id'] in {1, 2, 3, 4, 5} for u in response)
def test_view_notification_of_type_include_read(app, authed_client):
add_permissions(app, 'notifications_view')
response = authed_client.get(
'/notifications/quote', query_string={'include_read': True}
).get_json()['response']
assert len(response) == 2
assert all(response[i]['type'] == 'quote' for i in range(2))
def test_view_api_key_cached(app, authed_client):
add_permissions(app, ApikeyPermissions.VIEW, ApikeyPermissions.VIEW_OTHERS)
api_key = APIKey.from_pk('1234567890', include_dead=True)
cache_key = cache.cache_model(api_key, timeout=60)
response = authed_client.get(f'/api_keys/1234567890')
check_json_response(response, {'hash': '1234567890', 'revoked': True})
assert cache.ttl(cache_key) < 61
def test_view_empty_api_keys(app, authed_client):
add_permissions(app, ApikeyPermissions.VIEW, ApikeyPermissions.VIEW_OTHERS)
response = authed_client.get('/api_keys',
query_string={
'user_id': 3,
'include_dead': False
})
check_json_response(response, [], list_=True, strict=True)
def test_invites_view_include_dead(app, authed_client):
"""Including dead torrents in the list view should return dead invites."""
add_permissions(app, 'invites_view')
response = authed_client.get(
'/invites', query_string={'include_dead': True}
)
assert len(response.get_json()['response']) == 3
assert response.status_code == 200
def test_add_forum_nonexistent_category(app, authed_client):
add_permissions(app, 'forums_view', 'forums_forums_modify')
response = authed_client.post('/forums',
data=json.dumps({
'name': 'New Forum',
'category_id': 100
}))
check_json_response(response, 'Invalid ForumCategory id.')
def test_add_members_to_others_conversation(app, authed_client):
add_permissions(app, MessagePermissions.MULTI_USER,
MessagePermissions.VIEW_OTHERS)
response = authed_client.post('/messages/4/members',
data=json.dumps({'user_ids': [1]
})).get_json()['response']
assert len(response) == 3
assert any(u['id'] == 1 for u in response)
def populate_db(app, client):
add_permissions(app, 'userclasses_list', 'userclasses_modify')
db.engine.execute("""UPDATE user_classes
SET permissions = '{"permissions_modify", "users_edit_settings"}'
WHERE name = 'User'""")
db.engine.execute("""UPDATE secondary_classes
SET permissions = '{"invites_send"}'
WHERE name = 'FLS'""")
def test_view_forum(app, authed_client):
add_permissions(app, 'forums_view')
response = authed_client.get('/forums/2')
check_json_response(response, {
'id': 2,
'name': 'Bugs',
'description': 'Squishy Squash'
})
assert response.status_code == 200
def test_view_thread_subscriptions_no_forum_perms(app, authed_client):
db.engine.execute(
"DELETE FROM users_permissions WHERE permission LIKE 'forumaccess%%'"
)
add_permissions(app, 'forums_view_subscriptions')
response = authed_client.get('/subscriptions/threads').get_json()[
'response'
]
assert response == []
def test_view_notifications(app, authed_client):
add_permissions(app, 'notifications_view')
response = authed_client.get('/notifications').get_json()['response']
print(response)
assert all(t in response for t in ['subscripple', 'quote', 'unreal'])
assert not response['unreal']
assert len(response['quote']) == 1 and response['quote'][0][
'contents'
] == {'contents': 'A Quote!'}
def test_modify_notification(app, authed_client):
add_permissions(app, 'notifications_modify')
response = authed_client.put(
'/notifications/1', data=json.dumps({'read': True})
)
print(response.get_json())
assert response.status_code == 200
assert not len(Notification.get_all_unread(1)['subscripple'])
assert len(Notification.get_all_unread(1)['quote']) == 1
def test_add_thread_nonexistent_category(app, authed_client):
add_permissions(app, 'forums_view', 'forums_threads_create')
response = authed_client.post(
'/forums/threads',
data=json.dumps(
{'topic': 'New Forum', 'forum_id': 100, 'contents': 'aa'}
),
)
check_json_response(response, 'Invalid Forum id.')
def test_int_overflow(app, authed_client):
add_permissions(app, 'users_moderate')
response = authed_client.put(
'/users/1', data=json.dumps({'invites': 99999999999999999999999999})
)
check_json_response(
response,
'Invalid data: value must be at most 2147483648 (key "invites")',
)
