def test_key_history(self): # Assemble some sample log lines log_lines = [] for i in range(0, ITEMS_PER_PAGE * 2): log_lines.append(('ping', self.user2, 'Number #%s' % i)) # Record the log lines for this key for l in log_lines: self.key1.log(*l) # Reverse the lines for comparison. log_lines.reverse() # Iterate through 2 expected pages... for qs, offset in (('', 0), ('?page=2', ITEMS_PER_PAGE)): url = '%s%s' % (reverse('authkeys.history', args=(self.key1.pk,), locale='en-US'), qs) resp = self.client.get(url) eq_(200, resp.status_code) page = pq(resp.content) rows = page.find('.item') for idx in range(0, ITEMS_PER_PAGE): row = rows.eq(idx) expected = log_lines[idx + offset] line = (row.find('.action').text(), row.find('.object').text(), row.find('.notes').text()) eq_(expected[0], line[0]) ok_('%s' % expected[1] in line[1]) eq_(expected[2], line[2])
def test_xss_file_attachment_title(self): title = '"><img src=x onerror=prompt(navigator.userAgent);>' # use view to create new attachment file_for_upload = make_test_file() post_data = { 'title': title, 'description': 'xss', 'comment': 'xss', 'file': file_for_upload, } self.client.login(username='******', password='******') resp = self.client.post(reverse('attachments.new_attachment'), data=post_data) eq_(302, resp.status_code) # now stick it in/on a document attachment = Attachment.objects.get(title=title) rev = revision(content='<img src="{0!s}" />'.format(attachment.get_file_url()), save=True) # view it and verify markup is escaped response = self.client.get(rev.document.get_edit_url()) eq_(200, response.status_code) doc = pq(response.content) eq_('{0!s} xss'.format(title), doc('#page-attachments-table .attachment-name-cell').text()) ok_('><img src=x onerror=prompt(navigator.userAgent);>' in doc('#page-attachments-table .attachment-name-cell').html())
def test_lang_switcher(self): translation.activate("bn-BD") html = render_to_string(self.template, request=self.request) doc = pq(html) # Check default locale is in the first choice field first_field = doc("#language.autosubmit option")[0].text_content() ok_(settings.LANGUAGE_CODE in first_field)
def test_persona_signup_create_socialaccount(self): """ Signing up with Persona creates a new SocialAccount instance. """ persona_signup_email = '*****@*****.**' persona_signup_username = '******' with mock.patch('requests.post') as requests_mock: requests_mock.return_value.json.return_value = { 'status': 'okay', 'email': persona_signup_email, } self.client.post(reverse('persona_login'), follow=True) data = {'website': '', 'username': persona_signup_username, 'email': persona_signup_email, 'terms': True, 'g-recaptcha-response': 'PASSED'} signup_url = reverse('socialaccount_signup', locale=settings.WIKI_DEFAULT_LANGUAGE) self.client.post(signup_url, data=data, follow=True) try: socialaccount = (SocialAccount.objects .filter(user__username=persona_signup_username))[0] except IndexError: socialaccount = None ok_(socialaccount is not None) eq_('persona', socialaccount.provider) eq_(persona_signup_email, socialaccount.uid) eq_({'status': 'okay', 'email': persona_signup_email}, socialaccount.extra_data) testuser = self.user_model.objects.get(username=persona_signup_username) eq_(testuser.id, socialaccount.user.id)
def test_add_newindex(self): index = Index.objects.create() ok_(not index.populated) index.populate() index = self._reload(index) ok_(index.populated) index.delete()
def test_permissions(self, mock_analytics_upageviews): """A user with correct permissions is able to see the dashboard.""" self.client.login(username='******', password='******') # Attempt to see spam dashboard as a logged-in user without permissions response = self.client.get(reverse('dashboards.spam', locale='en-US')) eq_(403, response.status_code) # Give testuser wiki.add_revisionakismetsubmission permission perm_akismet = Permission.objects.get(codename='add_revisionakismetsubmission') self.testuser.user_permissions.add(perm_akismet) response = self.client.get(reverse('dashboards.spam', locale='en-US')) eq_(403, response.status_code) # Give testuser wiki.add_documentspamattempt permission perm_spam = Permission.objects.get(codename='add_documentspamattempt') self.testuser.user_permissions.add(perm_spam) response = self.client.get(reverse('dashboards.spam', locale='en-US')) eq_(403, response.status_code) # Give testuser wiki.add_userban permission perm_ban = Permission.objects.get(codename='add_userban') self.testuser.user_permissions.add(perm_ban) response = self.client.get(reverse('dashboards.spam', locale='en-US')) # With all correct permissions testuser is able to see the dashboard eq_(200, response.status_code) ok_('text/html' in response['Content-Type']) ok_('dashboards/spam.html' in [template.name for template in response.templates])
def test_user_revisions_in_summary_page_template(self): """The user's revisions show up in ban and cleanup summary template.""" # Create 3 revisions for self.testuser, titled 'Revision 1', 'Revision 2'... revisions_expected = self.create_revisions( num=3, document=self.document, creator=self.testuser) self.client.login(username='******', password='******') ban_url = reverse('users.ban_user_and_cleanup_summary', kwargs={'user_id': self.testuser.id}) full_ban_url = self.client.get(ban_url)['Location'] resp = self.client.post(full_ban_url) eq_(200, resp.status_code) page = pq(resp.content) revisions_reverted = page.find('#revisions-reverted li') revisions_reverted_text = '' for rev in revisions_reverted: revisions_reverted_text += rev.text_content() eq_(len(revisions_reverted), len(revisions_expected)) # The title for each of the created revisions shows up in the template for revision in revisions_expected: ok_(revision.title in revisions_reverted_text) # The title for the original revision is not in the template ok_(self.original_revision.title not in revisions_reverted_text)
def test_message_with_url_is_link(self): m = Message(message='Go to http://bit.ly/sample-demo', is_global=True, is_active=True, url='/') m.save() ok_('Go to <a href="http://bit.ly/sample-demo">' 'http://bit.ly/sample-demo</a>' in soapbox_messages(get_soapbox_messages('/')))
def test_legacy_redirect(self): test_user = self.user_model.objects.get(username="******") test_file_content = "Meh meh I am a test file." test_files = ( {"file_id": 97, "filename": "Canvas_rect.png", "title": "Canvas rect", "slug": "canvas-rect"}, {"file_id": 107, "filename": "Canvas_smiley.png", "title": "Canvas smiley", "slug": "canvas-smiley"}, {"file_id": 86, "filename": "Canvas_lineTo.png", "title": "Canvas lineTo", "slug": "canvas-lineto"}, {"file_id": 55, "filename": "Canvas_arc.png", "title": "Canvas arc", "slug": "canvas-arc"}, ) for f in test_files: a = Attachment(title=f["title"], slug=f["slug"], mindtouch_attachment_id=f["file_id"]) a.save() now = datetime.datetime.now() r = AttachmentRevision( attachment=a, mime_type="text/plain", title=f["title"], slug=f["slug"], description="", created=now, is_approved=True, ) r.creator = test_user r.file.save(f["filename"], ContentFile(test_file_content)) r.make_current() mindtouch_url = reverse( "attachments.mindtouch_file_redirect", args=(), kwargs={"file_id": f["file_id"], "filename": f["filename"]}, ) resp = self.client.get(mindtouch_url) eq_(301, resp.status_code) ok_(a.get_file_url() in resp["Location"])
def test_mail_handler(self): self.logger.handlers = [AdminEmailHandler()] response = self.client.get(self.suspicous_path) eq_(response.status_code, 400) eq_(1, len(mail.outbox)) ok_('*****@*****.**' in mail.outbox[0].to) ok_(self.suspicous_path in mail.outbox[0].body)
def test_outdated(self): # first create and populate an index main_index = Index.objects.create(name='first') main_index.populate() main_index = self._reload(main_index) ok_(main_index.populated) main_index.promote() eq_(Index.objects.get_current().prefixed_name, main_index.prefixed_name) # then create a successor and render a document against the old index successor_index = Index.objects.create(name='second') doc = Document.objects.get(pk=1) doc.title = 'test outdated' doc.slug = 'test-outdated' doc.save() doc.render() eq_(successor_index.outdated_objects.count(), 1) # .populate() creates the index and populates it. successor_index.populate() S = WikiDocumentType.search eq_(S(index=successor_index.prefixed_name).count(), 7) eq_(S().query('match', title='lorem').execute()[0].slug, 'lorem-ipsum') # Promotion reindexes outdated documents. Test that our change is # reflected in the index. successor_index.promote() self.refresh(index=successor_index.prefixed_name) eq_(successor_index.outdated_objects.count(), 0) eq_(S(index=successor_index.prefixed_name) .query('match', title='outdated').execute()[0].slug, 'test-outdated')
def _test_form_maintains_based_on_rev(client, doc, view, post_data, trans_lang=None, locale=None): """Confirm that the based_on value set in the revision created by an edit or translate form is the current_revision of the document as of when the form was first loaded, even if other revisions have been approved in the meantime.""" if trans_lang: translate_path = doc.slug uri = urllib.quote(reverse('wiki.translate', locale=trans_lang, args=[translate_path])) else: uri = reverse(view, locale=locale, args=[doc.slug]) response = client.get(uri) orig_rev = doc.current_revision eq_(orig_rev.id, int(pq(response.content)('input[name=based_on]').attr('value'))) # While Fred is editing the above, Martha approves a new rev: martha_rev = revision(document=doc) martha_rev.is_approved = True martha_rev.save() # Then Fred saves his edit: post_data_copy = {'based_on': orig_rev.id, 'slug': orig_rev.slug} post_data_copy.update(post_data) # Don't mutate arg. response = client.post(uri, data=post_data_copy) ok_(response.status_code in (200, 302)) fred_rev = Revision.objects.all().order_by('-id')[0] eq_(orig_rev, fred_rev.based_on)
def test_contributors_ordering(self): contrib_1 = user(save=True) contrib_2 = user(save=True) contrib_3 = user(save=True) rev_1 = revision(creator=contrib_1, save=True) rev_2 = revision(creator=contrib_2, document=rev_1.document, # live in the future to make sure we handle the lack # of microseconds support in Django 1.7 nicely created=rev_1.created + timedelta(seconds=1), save=True) ok_(rev_1.created < rev_2.created) job = DocumentContributorsJob() job_user_pks = [contributor['id'] for contributor in job.fetch(rev_1.document.pk)] # the user with the more recent revision first recent_contributors_pks = [contrib_2.pk, contrib_1.pk] eq_(job_user_pks, recent_contributors_pks) # a third revision should now show up again and # the job's cache is invalidated rev_3 = revision(creator=contrib_3, document=rev_1.document, created=rev_2.created + timedelta(seconds=1), save=True) ok_(rev_2.created < rev_3.created) job_user_pks = [contributor['id'] for contributor in job.fetch(rev_1.document.pk)] # The new revision shows up eq_(job_user_pks, [contrib_3.pk] + recent_contributors_pks)
def test_main_view(self): response = self.client.get(reverse('dashboards.revisions', locale='en-US')) eq_(200, response.status_code) ok_('text/html' in response['Content-Type']) ok_('dashboards/revisions.html' in [template.name for template in response.templates])
def test_user_revisions_in_one_click_page_template(self): """The user's revisions show up in the ban and cleanup template.""" # Create 3 revisions for testuser, titled 'Revision 1', 'Revision 2'... revisions_expected = self.create_revisions( num=3, creator=self.testuser, document=self.document) self.client.login(username='******', password='******') ban_url = reverse('users.ban_user_and_cleanup', kwargs={'user_id': self.testuser.id}) resp = self.client.get(ban_url, follow=True) eq_(200, resp.status_code) page = pq(resp.content) revisions_found = page.find('.dashboard-row') revisions_found_text = '' for rev in revisions_found: revisions_found_text += rev.text_content() eq_(len(revisions_found), len(revisions_expected)) # The title for each of the created revisions shows up in the template for revision in revisions_expected: ok_(revision.title in revisions_found_text) # The original revision created by the admin user is not in the template ok_(self.original_revision.title not in revisions_found_text)
def test_post_submits_revisions_to_akismet_as_spam(self, mock_requests): """POSTing to ban_user_and_cleanup url submits revisions to akismet.""" # Create 3 revisions for self.testuser, titled 'Revision 1', 'Revision 2'... # Don't specify document so a new one is created for each revision num_revisions = 3 revisions_created = self.create_revisions( num=num_revisions, creator=self.testuser) # Enable Akismet and mock calls to it mock_requests = self.enable_akismet_and_mock_requests(mock_requests) # The request data = {'revision-id': [rev.id for rev in revisions_created]} resp = self.client.post(self.ban_testuser_url, data=data) eq_(200, resp.status_code) # All of self.testuser's revisions have been submitted testuser_submissions = RevisionAkismetSubmission.objects.filter(revision__creator=self.testuser.id) eq_(testuser_submissions.count(), num_revisions) for submission in testuser_submissions: ok_(submission.revision in revisions_created) # Akismet endpoints were called twice for each revision ok_(mock_requests.called) eq_(mock_requests.call_count, 2 * num_revisions)
def test_my_user_edit(self): u = self.user_model.objects.get(username='******') self.client.login(username=u.username, password=TESTUSER_PASSWORD) resp = self.client.get(reverse('users.my_edit_page')) eq_(302, resp.status_code) ok_(reverse('users.user_edit', args=(u.username,)) in resp['Location'])
def test_SiteURLField(self): class FakeValue(object): slug = 'Firefox' locale = 'de' field = SiteURLField('wiki.document', args=['slug']) value = field.to_representation(FakeValue()) ok_('/de/docs/Firefox' in value)
def test_404_logins(self): """The login buttons should display on the 404 page""" response = self.client.get('/something-doesnt-exist', follow=True) doc = pq(response.content) login_block = doc.find('.socialaccount-providers') ok_(len(login_block) > 0) eq_(404, response.status_code)
def test_no_highlight_filter(self): class HighlightView(SearchView): filter_backends = (SearchQueryBackend, HighlightFilterBackend) view = HighlightView.as_view() request = self.get_request('/en-US/search?q=article&highlight=false') response = view(request) ok_('<mark>' not in response.data['documents'][0]['excerpt'])
def test_can_keep_legacy_username(self): test_user = user(username='******', save=True) ok_(test_user.has_legacy_username) data = { 'username': '******' } form = UserEditForm(data, instance=test_user) ok_(form.is_valid(), repr(form.errors))
def test_get_calls_format_slug_for_templates(self, mock_format_slug): doc = document(title='Template:Test', slug='Template:Test', html='<%= "Test" %>', save=True) mock_format_slug.return_value = doc.slug kumascript.get(doc, 'no-cache', 'https://testserver') ok_(mock_format_slug.called, "format slug should have been called")
def test_translate_GET_logged_out(self): """Try to create a translation while logged out.""" self.client.logout() translate_uri = self._translate_uri() response = self.client.get(translate_uri) eq_(302, response.status_code) expected_url = "%s?next=%s" % (reverse("account_login", locale="en-US"), urlquote(translate_uri)) ok_(expected_url in response["Location"])
def test_cannot_change_legacy_username(self): test_user = user(username='******', save=True) ok_(test_user.has_legacy_username) data = { 'username': '******' } form = UserEditForm(data, instance=test_user) eq_(form.is_valid(), False) eq_(form.errors, {'username': [USERNAME_CHARACTERS]})
def test_get_does_not_call_format_slug_for_docs(self, mock_format_slug): doc = document(title='Test', slug='Test', html='Test', save=True) mock_format_slug.return_value = doc.slug kumascript.get(doc, 'no-cache', 'https://testserver') ok_(not mock_format_slug.called, "format slug should not have been called")
def test_translate_GET_logged_out(self): """Try to create a translation while logged out.""" self.client.logout() translate_uri = self._translate_uri() response = self.client.get(translate_uri) eq_(302, response.status_code) expected_url = '{0!s}?next={1!s}'.format(reverse('account_login', locale='en-US'), urlquote(translate_uri)) ok_(expected_url in response['Location'])
def test_never_cache(self): request = RequestFactory().get('/foo') view = never_cache(simple_view) response = view(request) eq_(200, response.status_code) [ok_(value in response['Cache-Control']) for value in ['no-cache', 'no-store', 'must-revalidate']] ok_('no-cache' in response['Pragma']) eq_('0', response['Expires'])
def test_new_document_POST_empty_title(self): """Trigger required field validation for title.""" self.client.login(username="******", password="******") data = new_document_data(["tag1", "tag2"]) data["title"] = "" response = self.client.post(reverse("wiki.create"), data, follow=True) doc = pq(response.content) ul = doc("article ul.errorlist") ok_(len(ul) > 0) ok_("Please provide a title." in ul("li").text())
def test_edit_attachment(self): file_for_upload = make_test_file( content='I am a test file for editing.') post_data = { 'title': 'Test editing file', 'description': 'A test file for editing.', 'comment': 'Initial upload', 'file': file_for_upload, } resp = self.client.post(reverse('attachments.new_attachment'), data=post_data) tdir = tempfile.gettempdir() edited_file_for_upload = tempfile.NamedTemporaryFile(suffix=".txt", dir=tdir) edited_file_for_upload.write( 'I am a new version of the test file for editing.') edited_file_for_upload.seek(0) post_data = { 'title': 'Test editing file', 'description': 'A test file for editing.', 'comment': 'Second revision.', 'file': edited_file_for_upload, } attachment = Attachment.objects.get(title='Test editing file') resp = self.client.post(reverse('attachments.edit_attachment', kwargs={ 'attachment_id': attachment.id, }), data=post_data) eq_(302, resp.status_code) # Re-fetch because it's been updated. attachment = Attachment.objects.get(title='Test editing file') eq_(resp['Location'], 'http://testserver%s' % attachment.get_absolute_url()) eq_(2, attachment.revisions.count()) rev = attachment.current_revision eq_('admin', rev.creator.username) eq_('Second revision.', rev.comment) ok_(rev.is_approved) url = attachment.get_file_url() resp = self.client.get(url, HTTP_HOST=settings.ATTACHMENT_HOST) eq_('text/plain', rev.mime_type) ok_('I am a new version of the test file for editing.' in resp.streaming_content)
def test_new_document_POST_empty_title(self): """Trigger required field validation for title.""" self.client.login(username='******', password='******') data = new_document_data(['tag1', 'tag2']) data['title'] = '' response = self.client.post(reverse('wiki.create'), data, follow=True) doc = pq(response.content) ul = doc('article ul.errorlist') ok_(len(ul) > 0) ok_('Please provide a title.' in ul('li').text())
def test_new_revision_POST_document_with_current(self, get_current): """HTTP POST to new revision URL creates the revision on a document. The document in this case already has a current_revision, therefore the document document fields are not editable. Also assert that the edited and reviewable notifications go out. """ get_current.return_value.domain = 'testserver' # Sign up for notifications: EditDocumentEvent.notify('*****@*****.**', self.d).activate().save() # Edit a document data = { 'summary': 'A brief summary', 'content': 'The article content', 'keywords': 'keyword1 keyword2', 'slug': self.d.slug, 'toc_depth': 1, 'based_on': self.d.current_revision.id, 'form-type': 'rev', } edit_url = reverse('wiki.edit', args=[self.d.slug]) response = self.client.post(edit_url, data) ok_(response.status_code in (200, 302)) eq_(2, self.d.revisions.count()) new_rev = self.d.revisions.order_by('-id')[0] eq_(self.d.current_revision, new_rev.based_on) # Assert notifications fired and have the expected content: # 1 email for the first time edit notification # 1 email for the EditDocumentEvent to [email protected] # Regression check: # messing with context processors can # cause notification emails to error # and stop being sent. time.sleep(1) eq_(2, len(mail.outbox)) first_edit_email = mail.outbox[0] expected_to = [config.EMAIL_LIST_SPAM_WATCH] expected_subject = u'[MDN] %(username)s made their first edit, to: %(title)s' % ( { 'username': new_rev.creator.username, 'title': self.d.title }) eq_(expected_subject, first_edit_email.subject) eq_(expected_to, first_edit_email.to) edited_email = mail.outbox[1] expected_to = [u'*****@*****.**'] expected_subject = u'[MDN] Page "%s" changed by %s' % (self.d.title, new_rev.creator) eq_(expected_subject, edited_email.subject) eq_(expected_to, edited_email.to) ok_('%s changed %s.' % (unicode(self.username), unicode(self.d.title)) in edited_email.body) ok_(u'https://testserver/en-US/docs/%s$history?utm_campaign=' % self.d.slug in edited_email.body)
def test_get_excerpt_strips_html(self): self.refresh() results = WikiDocumentType.search().query('match', content='audio') ok_(results.count() > 0) for doc in results.execute(): excerpt = doc.get_excerpt() ok_('audio' in excerpt) ok_('<strong>' not in excerpt)
def test_get_excerpt_uses_summary(self): self.refresh() results = WikiDocumentType.search().query('match', content='audio') ok_(results.count() > 0) for doc in results.execute(): excerpt = doc.get_excerpt() ok_('the word for tough things' in excerpt) ok_('extra content' not in excerpt)
def test_persona_signup_create_socialaccount(self): """ Signing up with Persona creates a new SocialAccount instance. """ persona_signup_email = '*****@*****.**' persona_signup_username = '******' with mock.patch('requests.post') as requests_mock: requests_mock.return_value.json.return_value = { 'status': 'okay', 'email': persona_signup_email, } self.client.post(reverse('persona_login'), follow=True) data = { 'website': '', 'username': persona_signup_username, 'email': persona_signup_email, 'terms': True, 'g-recaptcha-response': 'PASSED' } signup_url = reverse('socialaccount_signup', locale=settings.WIKI_DEFAULT_LANGUAGE) self.client.post(signup_url, data=data, follow=True) try: socialaccount = (SocialAccount.objects.filter( user__username=persona_signup_username))[0] except IndexError: socialaccount = None ok_(socialaccount is not None) eq_('persona', socialaccount.provider) eq_(persona_signup_email, socialaccount.uid) eq_({ 'status': 'okay', 'email': persona_signup_email }, socialaccount.extra_data) testuser = self.user_model.objects.get( username=persona_signup_username) eq_(testuser.id, socialaccount.user.id)
def test_no_tidied_content(self): """ Verify revisions without tidied content show appropriate message. """ # update() to skip the tidy_revision_content post_save signal handler Revision.objects.filter( id__in=[self.revision1.id, self.revision2.id] ).update( tidied_content='' ) url = reverse('wiki.compare_revisions', args=[self.document.slug]) query = {'from': self.revision1.id, 'to': self.revision2.id} url = urlparams(url, **query) response = self.client.get(url) eq_(200, response.status_code) ok_('Please refresh this page in a few minutes.' in response.content) url = url + '&raw=1' response = self.client.get(url) eq_(200, response.status_code) ok_('Please refresh this page in a few minutes.' in response.content)
def test_new_revision_POST_document_without_current( self, get_current, edited_fire): """HTTP POST to new revision URL creates the revision on a document. The document in this case doesn't have a current_revision, therefore the document fields are open for editing. """ get_current.return_value.domain = 'testserver' self.d.current_revision = None self.d.save() tags = ['tag1', 'tag2', 'tag3'] data = new_document_data(tags) data['form'] = 'rev' response = self.client.post(reverse('wiki.edit', args=[self.d.slug]), data) eq_(302, response.status_code) eq_(2, self.d.revisions.count()) new_rev = self.d.revisions.order_by('-id')[0] # There are no approved revisions, so it's based_on nothing: eq_(None, new_rev.based_on) ok_(edited_fire.called)
def test_legacy_redirect(self): test_user = self.user_model.objects.get(username='******') test_file_content = 'Meh meh I am a test file.' test_files = ( {'file_id': 97, 'filename': 'Canvas_rect.png', 'title': 'Canvas rect', 'slug': 'canvas-rect'}, {'file_id': 107, 'filename': 'Canvas_smiley.png', 'title': 'Canvas smiley', 'slug': 'canvas-smiley'}, {'file_id': 86, 'filename': 'Canvas_lineTo.png', 'title': 'Canvas lineTo', 'slug': 'canvas-lineto'}, {'file_id': 55, 'filename': 'Canvas_arc.png', 'title': 'Canvas arc', 'slug': 'canvas-arc'}, ) for f in test_files: a = Attachment(title=f['title'], slug=f['slug'], mindtouch_attachment_id=f['file_id']) a.save() now = datetime.datetime.now() r = AttachmentRevision( attachment=a, mime_type='text/plain', title=f['title'], slug=f['slug'], description='', created=now, is_approved=True) r.creator = test_user r.file.save(f['filename'], ContentFile(test_file_content)) r.make_current() mindtouch_url = reverse('attachments.mindtouch_file_redirect', args=(), kwargs={'file_id': f['file_id'], 'filename': f['filename']}) resp = self.client.get(mindtouch_url) eq_(301, resp.status_code) ok_(a.get_file_url() in resp['Location'])
def test_attachment_raw_requires_attachment_host(self): resp = self._post_new_attachment() attachment = Attachment.objects.get(title='Test uploaded file') url = attachment.get_file_url() resp = self.client.get(url) eq_(301, resp.status_code) eq_(attachment.get_file_url(), resp['Location']) url = attachment.get_file_url() resp = self.client.get(url, HTTP_HOST=settings.ATTACHMENT_HOST) eq_('ALLOW-FROM: %s' % settings.DOMAIN, resp['x-frame-options']) eq_(200, resp.status_code) ok_('Last-Modified' in resp) ok_('1970' not in resp['Last-Modified']) ok_('GMT' in resp['Last-Modified']) ok_(parse_http_date_safe(resp['Last-Modified']) is not None)
def test_account_connected_message(self): """ https://bugzil.la/1054461 """ message_template = 'socialaccount/messages/account_connected.txt' request = self.rf.get('/') # first check for the case in which the next url in the account # connection process is the frontpage, there shouldn't be a message session = self.client.session session['sociallogin_next_url'] = '/' session.save() request.session = session request.user = self.user_model.objects.get(username='******') request.LANGUAGE_CODE = 'en-US' messages = self.get_messages(request) self.adapter.add_message(request, django_messages.INFO, message_template) eq_(len(messages), 0) # secondly check for the case in which the next url in the connection # process is the profile edit page, there should be a message session = self.client.session next_url = reverse('users.user_edit', kwargs={'username': request.user.username}, locale=request.LANGUAGE_CODE) session['sociallogin_next_url'] = next_url session.save() request.session = session messages = self.get_messages(request) self.adapter.add_message(request, django_messages.INFO, message_template) queued_messages = list(messages) eq_(len(queued_messages), 1) eq_(django_messages.SUCCESS, queued_messages[0].level) ok_('connected' in queued_messages[0].message)
def test_non_ascii_section_headers(self): headers = [ (u'Documentation à propos de HTML', u'Documentation_à_propos_de_HTML'), (u'Outils facilitant le développement HTML', u'Outils_facilitant_le_développement_HTML'), (u'字面值(literals)', u'字面值(literals)'), (u'Documentação', u'Documentação'), (u'Lektury uzupełniające', u'Lektury_uzupełniające'), (u'Атрибуты', u'Атрибуты'), (u'HTML5 엘리먼트', u'HTML5_엘리먼트'), (u'Non safe title "#$%&+,/:;=?@[\\]^`{|}~', u'Non_safe_title'), ] section_filter = SectionIDFilter('') for original, slugified in headers: ok_(slugified == section_filter.slugify(original))
def test_there_can_be_only_one(self): """Tests that when one index is promoted, all others are demoted.""" index1 = Index.objects.get_current() ok_(index1.promoted) index2 = Index.objects.create(name='second') index2.promote() index1 = self._reload(index1) ok_(index2.promoted) ok_(not index1.promoted)
def test_promote_index(self): index = Index.objects.create() index.populate() index = self._reload(index) ok_(index.populated) index.promote() ok_(index.promoted) eq_(Index.objects.get_current().prefixed_name, index.prefixed_name) index.demote() ok_(not index.promoted)
def test_persona_signup_create_django_user(self): """ Signing up with Persona creates a new Django User instance. """ persona_signup_email = '*****@*****.**' persona_signup_username = '******' with mock.patch('requests.post') as requests_mock: old_count = self.user_model.objects.count() requests_mock.return_value.json.return_value = { 'status': 'okay', 'email': persona_signup_email, } self.client.post(reverse('persona_login'), follow=True) data = { 'website': '', 'username': persona_signup_username, 'email': persona_signup_email, 'terms': True, 'g-recaptcha-response': 'PASSED' } signup_url = reverse('socialaccount_signup', locale=settings.WIKI_DEFAULT_LANGUAGE) response = self.client.post(signup_url, data=data, follow=True) eq_(response.status_code, 200) # not on the signup page anymore ok_('form' not in response.context) # Did we get a new user? eq_(old_count + 1, self.user_model.objects.count()) # Does it have the right attributes? testuser = None try: testuser = self.user_model.objects.order_by('-date_joined')[0] except IndexError: pass ok_(testuser) ok_(testuser.is_active) eq_(persona_signup_username, testuser.username) eq_(persona_signup_email, testuser.email) ok_(testuser.password.startswith(UNUSABLE_PASSWORD_PREFIX))
def test_document_serializer(self): search = WikiDocumentType.search() result = search.execute() doc_serializer = DocumentSerializer(result, many=True) list_data = doc_serializer.data eq_(len(list_data), 7) ok_(isinstance(list_data, list)) ok_(1 in [data['id'] for data in list_data]) doc_serializer = DocumentSerializer(result[0], many=False) dict_data = doc_serializer.data ok_(isinstance(dict_data, dict)) eq_(dict_data['id'], result[0].id)
def test_section_ids(self): doc_src = """ <h1 class="header1">Header One</h1> <p>test</p> <section> <h1 class="header2">Header Two</h1> <p>test</p> </section> <h2 name="Constants" class="hasname">This title does not match the name</h2> <p>test</p> <h1 id="i-already-have-an-id" class="hasid">This text clobbers the ID</h1> <h1 class="header3">Header Three</h1> <p>test</p> <section id="Quick_Links" class="Quick_Links"> <ol> <li>Hey look, quick links</li> </ol> </section> """ result_src = (kuma.wiki.content .parse(doc_src) .injectSectionIDs() .serialize()) result_doc = pq(result_src) expected = ( ('header1', 'Header_One'), ('header2', 'Header_Two'), ('hasname', 'Constants'), ('hasid', 'This_text_clobbers_the_ID'), ('Quick_Links', 'Quick_Links'), ) for cls, id in expected: eq_(id, result_doc.find('.%s' % cls).attr('id')) # Then, ensure all elements in need of an ID now all have unique IDs. ok_(len(SECTION_TAGS) > 0) els = result_doc.find(', '.join(SECTION_TAGS)) seen_ids = set() for i in range(0, len(els)): id = els.eq(i).attr('id') ok_(id is not None) ok_(id not in seen_ids) seen_ids.add(id)
def test_ban_view(self): testuser = self.user_model.objects.get(username='******') admin = self.user_model.objects.get(username='******') self.client.login(username='******', password='******') data = {'reason': 'Banned by unit test.'} ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id}) resp = self.client.post(ban_url, data) eq_(302, resp.status_code) ok_(testuser.get_absolute_url() in resp['Location']) testuser_banned = self.user_model.objects.get(username='******') ok_(not testuser_banned.is_active) bans = UserBan.objects.filter(user=testuser, by=admin, reason='Banned by unit test.') ok_(bans.count())
def test_wiki_revisions(self): user = self.user_model.objects.get(username='******') rev = revision(save=True, is_approved=True) ok_(rev.pk in user.wiki_revisions().values_list('pk', flat=True))
def test_can_keep_legacy_username(self): test_user = user(username='******', save=True) ok_(test_user.has_legacy_username) data = {'username': '******'} form = UserEditForm(data, instance=test_user) ok_(form.is_valid(), repr(form.errors))
def test_secret_generation(self): """Generated secret should be saved as a hash and pass a check""" u = user(username="******", email="*****@*****.**", save=True) key = Key(user=u) secret = key.generate_secret() key.save() ok_(key.key) ok_(key.hashed_secret) ok_(len(key.hashed_secret) > 0) ok_(len(secret) > 0) ok_(secret != key.hashed_secret) ok_(not key.check_secret("I AM A FAKE")) ok_(key.check_secret(secret))
def test_lang_switcher_footer(self): """Test the language switcher footer""" parent = document(locale=settings.WIKI_DEFAULT_LANGUAGE, save=True) trans_bn_bd = document(parent=parent, locale="bn-BD", save=True) trans_ar = document(parent=parent, locale="ar", save=True) trans_pt_br = document(parent=parent, locale="pt-BR", save=True) trans_fr = document(parent=parent, locale="fr", save=True) response = self.client.get(trans_pt_br.get_absolute_url()) eq_(200, response.status_code) doc = pq(response.content) options = doc(".languages.go select.wiki-l10n option") # The requeseted document language name should be at first ok_(trans_pt_br.language in options[0].text) ok_(parent.language not in options[0].text) # The parent document language should be at at second ok_(parent.language in options[1].text) ok_(trans_ar.language not in options[1].text) # Then should be ar, bn-BD, fr ok_(trans_ar.language in options[2].text) ok_(trans_bn_bd.language in options[3].text) ok_(trans_fr.language in options[4].text)
def test_default_gravatar(self): d_param = urllib.urlencode({'d': settings.DEFAULT_AVATAR}) ok_(d_param in gravatar_url(self.u.email), "Bad default avatar: {0!s}".format(gravatar_url(self.u.email)))
def test_contribute_json(self): r = self.client.get(reverse('contribute_json')) eq_(200, r.status_code) ok_('application/json' in r['Content-Type'])
def test_key_auth_decorator(self): u = user(username="******", email="*****@*****.**", save=True) key = Key(user=u) secret = key.generate_secret() key.save() @accepts_auth_key def fake_view(request, foo, bar): return (foo, bar) cases = ((key.key, secret, True), (key.key, 'FAKE', False), ('FAKE', secret, False), ('FAKE', 'FAKE', False)) for k, s, success in cases: request = HttpRequest() request.user = AnonymousUser() auth = '%s:%s' % (k, s) b64_auth = base64.encodestring(auth) request.META['HTTP_AUTHORIZATION'] = 'Basic %s' % b64_auth foo, bar = fake_view(request, 'foo', 'bar') eq_('foo', foo) eq_('bar', bar) if not success: ok_(not request.user.is_authenticated()) else: ok_(request.user.is_authenticated()) ok_(request.user == u) ok_(request.authkey) ok_(request.authkey == key) # Test with incorrect auth header request = HttpRequest() request.user = AnonymousUser() request.META['HTTP_AUTHORIZATION'] = "Basic bad_auth_string" # Make a request to the view fake_view(request, 'foo', 'bar') # The user should not be authonticated and no server error should raise ok_(not request.user.is_authenticated())
def test_list_files(self): list_files_url = reverse('attachments.list_files', locale=settings.WIKI_DEFAULT_LANGUAGE) resp = self.client.get(list_files_url) eq_(200, resp.status_code) ok_('All Files' in resp.content)
def test_gravatar_url(self): self.u.email = '*****@*****.**' ok_(md5(self.u.email).hexdigest() in gravatar_url(self.u.email))
def test_account_email_page_requires_signin(self): url = reverse('account_email') response = self.client.get(url, follow=True) self.assertContains(response, 'Please sign in') ok_(len(response.redirect_chain) > 0)
def test_irc_nickname(self): """We've added IRC nickname as a profile field. Make sure it shows up.""" user = self.user_model.objects.get(username='******') ok_(hasattr(user, 'irc_nickname')) eq_('testuser', user.irc_nickname)
def test_ban_user(self): testuser = self.user_model.objects.get(username='******') admin = self.user_model.objects.get(username='******') ok_(testuser.is_active) ban = UserBan(user=testuser, by=admin, reason='Banned by unit test') ban.save() testuser_banned = self.user_model.objects.get(username='******') ok_(not testuser_banned.is_active) ok_(testuser_banned.active_ban.by == admin) ban.is_active = False ban.save() testuser_unbanned = self.user_model.objects.get(username='******') ok_(testuser_unbanned.is_active) ban.is_active = True ban.save() testuser_banned = self.user_model.objects.get(username='******') ok_(not testuser_banned.is_active) ok_(testuser_unbanned.active_ban) ban.delete() testuser_unbanned = self.user_model.objects.get(username='******') ok_(testuser_unbanned.is_active) ok_(testuser_unbanned.active_ban is None)
def test_permissions(self): """Ensure that the negative and positive permissions for adding attachments work.""" # Get the negative and positive permissions ct = ContentType.objects.get(app_label='attachments', model='attachment') p1 = Permission.objects.get(codename='disallow_add_attachment', content_type=ct) p2 = Permission.objects.get(codename='add_attachment', content_type=ct) # Create a group with the negative permission. g1, created = Group.objects.get_or_create(name='cannot_attach') g1.permissions = [p1] g1.save() # Create a group with the positive permission. g2, created = Group.objects.get_or_create(name='can_attach') g2.permissions = [p2] g2.save() # User with no explicit permission is allowed u2 = user(username='******', save=True) ok_(allow_add_attachment_by(u2)) # User in group with negative permission is disallowed u3 = user(username='******', save=True) u3.groups = [g1] u3.save() ok_(not allow_add_attachment_by(u3)) # Superusers can do anything, despite group perms u1 = user(username='******', is_superuser=True, save=True) u1.groups = [g1] u1.save() ok_(allow_add_attachment_by(u1)) # User with negative permission is disallowed u4 = user(username='******', save=True) u4.user_permissions.add(p1) u4.save() ok_(not allow_add_attachment_by(u4)) # User with positive permission overrides group u5 = user(username='******', save=True) u5.groups = [g1] u5.user_permissions.add(p2) u5.save() ok_(allow_add_attachment_by(u5)) # Group with positive permission takes priority u6 = user(username='******', save=True) u6.groups = [g1, g2] u6.save() ok_(allow_add_attachment_by(u6)) # positive permission takes priority, period. u7 = user(username='******', save=True) u7.user_permissions.add(p1) u7.user_permissions.add(p2) u7.save() ok_(allow_add_attachment_by(u7))