def test_validate_file_extension(self):
# Load test file paths
random_ext = ".random"
for ext, _content_type in VALID_EXTS.items():
print("Testing file type {}".format(ext))
test_file_name = "".join([TEST_FILENAME, ext])
test_path = os.path.join(
os.path.dirname(os.path.dirname(os.path.abspath(__file__))),
FIXTURE_DIR,
test_file_name
)
test_file_contents = b''
# Read in test file
with open(test_path, "rb") as test_file:
test_file_contents = test_file.read()
# Test valid file extension, content type
file_model = SimpleUploadedFile(
test_file_name,
test_file_contents
)
is_valid = validate_file_extension(file_model)
self.assertIsNone(is_valid)
# Test valid file extension, unsupported type
file_model = SimpleUploadedFile(
test_file_name,
b'\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00'
)
is_valid = validate_file_extension(file_model)
self.assertIsNotNone(is_valid)
# Test invalid file extension, but valid content type
file_model = SimpleUploadedFile(
"".join([test_file_name, random_ext]),
test_file_contents
)
is_valid = validate_file_extension(file_model)
self.assertIsNotNone(is_valid)
# Test file extension not in defined valid extensions
file_model = SimpleUploadedFile(
test_file_name,
test_file_contents
)
_file, file_ext = os.path.splitext(test_file_name)
content_types = VALID_EXTS[file_ext] # Save original content type
VALID_EXTS[file_ext] = [] # Mock out list of valid content types
is_valid = validate_file_extension(file_model)
self.assertIsNotNone(is_valid)
# Restore list of valid content types
VALID_EXTS[file_ext] = content_types
def test_discussion(self):
# Log in and create a new project.
self._login()
self._new_project()
var_sleep(.5) # wait for page to reload
self._start_task()
# Move past the introduction screen.
self.assertRegex(self.browser.title, "Next Question: Introduction")
self.click_element("#save-button")
var_sleep(.8) # wait for page to reload
# Click interstital "Got it" button
self.click_element("#save-button")
var_sleep(.5)
# We're now on the first actual question.
# Start a team conversation.
self.click_element("#start-a-discussion")
var_sleep(1)
self.fill_field("#discussion-your-comment", "Hello is anyone *here*?")
var_sleep(.5)
self.click_element("#discussion .comment-input button.btn-primary")
var_sleep(.5)
# Test Script injection
script = "<script id='injectiontest2'>document.getElementsByTagName('body')[0]" \
".appendChild('<div id=\\'injectiontest1\\'></div>');</script>"
self.fill_field("#discussion-your-comment", script)
var_sleep(.5)
self.click_element("#discussion .comment-input button.btn-primary")
var_sleep(.5)
# Check that the element was *not* added to the page.
with self.assertRaises(NoSuchElementException):
self.browser.find_element_by_css_selector('#injectiontest1')
# Check that the script tag was removed entirely.
with self.assertRaises(NoSuchElementException):
self.browser.find_element_by_css_selector('#injectiontest2')
# Test some special characters
self.fill_field("#discussion-your-comment", "¥")
var_sleep(.5)
self.click_element("#discussion .comment-input button.btn-primary")
var_sleep(.5)
self.assertInNodeText("¥", '.comment[data-id="3"] .comment-text p')
# Test file attachments upload successfully
# We need to upload a file that we know exists.
test_file_name = "".join([TEST_FILENAME, ".png"])
test_file_path = os.path.join(
os.path.dirname(os.path.dirname(os.path.abspath(__file__))),
FIXTURE_DIR, test_file_name)
self.filepath_conversion("#discussion-attach-file", test_file_path,
"fill")
var_sleep(.5)
self.click_element("#discussion .comment-input button.btn-primary")
var_sleep(.5) # Give time for the image to upload.
# Test that we have an image.
img = self.browser.find_element_by_css_selector(
'.comment[data-id="4"] .comment-text p img')
# self.assertIsNotNone(img)
# Test that valid PNG image actually exists with valid content type.
image_url = img.get_attribute('src')
cookies = self._get_browser_cookies()
response = requests.get(image_url, cookies=cookies)
image_contents = response.content
file_model = SimpleUploadedFile(test_file_name,
image_contents,
content_type="image/png")
image_file_valid = validate_file_extension(file_model)
self.assertIsNone(image_file_valid)
result = self.browser.execute_script(
"""var http = new XMLHttpRequest();
http.open('HEAD', '{}', false);
http.send();
return http.status!=404;""".format(image_url))
self.assertTrue(result)