def test_check_password(self):
user = User(password="******")
assert user.password != "test"
assert not user.check_password("test!")
assert user.check_password("test")
def test_can_delete(self):
assert not self.comment.permissions.delete.allows(AnonymousIdentity())
identity = Identity(self.user.id)
identity.provides.update(self.user.provides)
assert self.comment.permissions.delete.allows(identity)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
db.session.commit()
identity = Identity(user.id)
assert not self.comment.permissions.delete.allows(identity)
user.role = User.MODERATOR
identity.provides.update(user.provides)
assert self.comment.permissions.delete.allows(identity)
user.role = User.ADMIN
del user.provides
identity.provides.update(user.provides)
assert self.comment.permissions.delete.allows(identity)
def test_check_openid(self):
user = User(openid="google")
assert user.openid != "google"
assert not user.check_openid("test")
assert user.check_openid("google")
def test_follow(self):
user = User(username="******",
email="*****@*****.**")
db.session.add(user)
assert user.get_following().count() == 0
user2 = User(username="******",
email="*****@*****.**")
db.session.add(user2)
assert user2.get_followers().count() == 0
db.session.commit()
user.follow(user2)
db.session.commit()
assert user.get_following().count() == 1
assert user.get_following().first().id == user2.id
assert user2.get_followers().count() == 1
assert user2.get_followers().first().id == user.id
def test_check_openid(self):
user = User(openid="google")
assert user.openid != "google"
assert not user.check_openid("test")
assert user.check_openid("google")
def test_check_password(self):
user = User(password="******")
assert user.password != "test"
assert not user.check_password("test!")
assert user.check_password("test")
def test_can_delete(self):
assert not self.post.permissions.delete.allows(AnonymousIdentity())
identity = Identity(self.user.id)
identity.provides.update(self.user.provides)
assert self.post.permissions.delete.allows(identity)
user = User(username="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
identity = Identity(user.id)
assert not self.post.permissions.delete.allows(identity)
user.role = User.MODERATOR
identity.provides.update(user.provides)
assert self.post.permissions.delete.allows(identity)
user.role = User.ADMIN
del user.provides
identity.provides.update(user.provides)
assert self.post.permissions.delete.allows(identity)
def test_gravatar(self):
user = User()
assert user.gravatar == ''
user = User(email="*****@*****.**")
assert user.gravatar == "f40aca99b2ca1491dbf6ec55597c4397"
def test_following(self):
user = User()
assert user.following == set()
user.following = set([1])
assert user.following == set([1])
def test_followers(self):
user = User()
assert user.followers == set()
user.followers = set([1])
assert user.followers == set([1])
def test_following(self):
user = User()
assert user.following == set()
user.following = set([1])
assert user.following == set([1])
def test_followers(self):
user = User()
assert user.followers == set()
user.followers = set([1])
assert user.followers == set([1])
def test_gravatar_url(self):
user = User()
assert user.gravatar_url(80) == ''
user = User(email="*****@*****.**")
assert user.gravatar_url(80) == \
"http://www.gravatar.com/avatar/f40aca99b2ca1491dbf6ec55597c4397.jpg?s=80"
def test_is_friend(self):
user = User(username="******",
email="*****@*****.**")
db.session.add(user)
assert user.get_following().count() == 0
user2 = User(username="******",
email="*****@*****.**")
db.session.add(user2)
db.session.commit()
assert not user.is_friend(user2)
assert not user2.is_friend(user)
user.follow(user2)
db.session.commit()
assert not user.is_friend(user2)
assert not user2.is_friend(user)
def test_restricted(self):
db.session.delete(self.post)
db.session.delete(self.comment)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test", author=user, access=Post.PRIVATE)
db.session.add(post)
db.session.commit()
comment = Comment(author=user, post=post, comment="test")
db.session.add(comment)
db.session.commit()
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 0
assert Comment.query.restricted(user2).count() == 0
post.access = Post.PUBLIC
db.session.commit()
posts = Post.query.restricted(user)
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 1
assert Comment.query.restricted(user2).count() == 1
post.access = Post.FRIENDS
db.session.commit()
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 0
assert Comment.query.restricted(user2).count() == 0
user2.follow(user)
user.follow(user2)
db.session.commit()
assert Comment.query.restricted(user2).count() == 1
def signup():
if 'openid' not in session:
abort(403)
form = OpenIdSignupForm(next=request.args.get("next"),
username=request.args.get("name"),
email=request.args.get("email"))
if form.validate_on_submit():
user = User(openid=session.pop('openid'))
form.populate_obj(user)
db.session.add(user)
db.session.commit()
session.permanent = True
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(_("Welcome, %%s") % user.username, "success")
next_url = form.next.data or \
url_for("user.posts", username=user.username)
return redirect(next_url)
return render_template("openid/signup.html", form=form)
def signup():
form = SignupForm(next=request.args.get("next"))
if form.validate_on_submit():
user = User()
form.populate_obj(user)
db.session.add(user)
db.session.commit()
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(_("Welcome, %(name)s", name=user.username), "success")
next_url = form.next.data
if not next_url or next_url == request.path:
next_url = url_for('user.posts', username=user.username)
return redirect(next_url)
return render_template("account/signup.html", form=form)
def test_delete_post_logged_in_as_admin(self):
user = self.create_user(False)
admin_user = User(username="******",
email="*****@*****.**",
password="******",
role=User.ADMIN)
db.session.add(admin_user)
db.session.commit()
self.login(login="******", password="******")
post = Post(author=user,
title="test",
description="test")
db.session.add(post)
db.session.commit()
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/delete/" % post.id)
assert response.json['success']
assert Post.query.count() == 0
assert len(outbox) == 1
def test_can_vote(self):
assert not self.post.permissions.vote.allows(AnonymousIdentity())
identity = Identity(self.user.id)
identity.provides.update(self.user.provides)
assert not self.post.permissions.vote.allows(identity)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
db.session.commit()
identity = Identity(user.id)
identity.provides.update(user.provides)
assert self.post.permissions.vote.allows(identity)
votes = self.post.votes
votes.add(user.id)
self.post.votes = votes
del self.post.permissions
assert not self.post.permissions.vote.allows(identity)
def test_login(self):
response = self.client.get("/acct/login/")
self.assert_200(response)
response = self.client.post("/acct/login/",
data={"login" : "tester", "password" : "test"})
self.assert_200(response)
assert "invalid login" in response.data
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
response = self.client.post("/acct/login/",
data={"login" : "tester", "password" : "test"})
self.assert_redirects(response, "/user/tester/")
response = self.client.post("/acct/login/",
data={"login" : "tester", "password" : "test",
"next" : "/submit/"})
self.assert_redirects(response, "/submit/")
def create_user(self):
user = User(username="******",
email="*****@*****.**",
password="******")
db.session.add(user)
db.session.commit()
return user
def create_user(self, login=False):
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
if login:
self.login(login="******", password="******")
return user
def test_submit_logged_in(self):
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
self.login(login="******", password="******")
response = self.client.get("/submit/")
self.assert_200(response)
def test_restricted(self):
db.session.delete(self.post)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
assert user.id
post = Post(title="test",
author=user,
access=Post.PRIVATE)
db.session.add(post)
db.session.commit()
posts = Post.query.restricted(user)
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 0
assert Post.query.restricted(user2).count() == 0
post.access = Post.PUBLIC
db.session.commit()
posts = Post.query.restricted(user)
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 1
assert Post.query.restricted(user2).count() == 1
post.access = Post.FRIENDS
db.session.commit()
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 0
assert Post.query.restricted(user2).count() == 0
user2.follow(user)
user.follow(user2)
db.session.commit()
assert Post.query.restricted(user2).count() == 1
def test_can_access(self):
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test", author_id=user.id, access=Post.PRIVATE)
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
post.access = Post.PUBLIC
assert post.can_access(user)
assert post.can_access(admin)
assert post.can_access(user2)
assert post.can_access(None)
post.access = Post.FRIENDS
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
user.follow(user2)
user2.follow(user)
assert post.can_access(user2)
def test_votes(self):
comment = Comment()
user = User(username="******", email="*****@*****.**")
db.session.add(user)
db.session.commit()
assert comment.votes == set([])
comment.vote(user)
assert user.id in comment.votes
def createuser(username=None, password=None, email=None, role=None):
"""
Create a new user
"""
if username is None:
while True:
username = prompt("Username")
user = User.query.filter(User.username==username).first()
if user is not None:
print "Username %s is already taken" % username
else:
break
if email is None:
while True:
email = prompt("Email address")
user = User.query.filter(User.email==email).first()
if user is not None:
print "Email %s is already taken" % email
else:
break
if password is None:
password = prompt_pass("Password")
while True:
password_again = prompt_pass("Password again")
if password != password_again:
print "Passwords do not match"
else:
break
roles = (
(User.MEMBER, "member"),
(User.MODERATOR, "moderator"),
(User.ADMIN, "admin"),
)
if role is None:
role = prompt_choices("Role", roles, resolve=int, default=User.MEMBER)
user = User(username=username,
email=email,
password=password,
role=role)
db.session.add(user)
db.session.commit()
print "User created with ID", user.id
def test_votes(self):
assert self.post.votes == set([])
user = User(username="******", email="*****@*****.**")
db.session.add(user)
db.session.commit()
self.post.vote(user)
assert user.id in self.post.votes
post = Post.query.get(self.post.id)
assert user.id in post.votes
def test_edit_comment_not_logged_in_as_author(self):
comment = self.create_comment()
user = User(username="******",
email="*****@*****.**",
password="******")
db.session.add(user)
db.session.commit()
self.login(login="******", password="******")
response = self.client.get("/comment/%d/edit/" % comment.id)
self.assert_403(response)
def test_view_post(self):
response = self.client.get("/post/1/")
self.assert_404(response)
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
post = Post(author=user,
title="test",
description="test")
db.session.add(post)
db.session.commit()
response = self.client.get("/post/%d/" % post.id)
self.assert_200(response)
for i in xrange(100):
user = User(username="******" % i,
email="tester=%d.gmail.com" % i,
password="******")
comment = Comment(post=post,
author=user,
comment="a comment")
db.session.add(user)
db.session.add(comment)
db.session.commit()
response = self.client.get("/post/%d/" % post.id)
self.assert_200(response)
def test_authenticate_good_email(self):
user = User(username=u"tester",
email="*****@*****.**",
password="******")
db.session.add(user)
db.session.commit()
auth_user, is_auth = \
User.query.authenticate("*****@*****.**",
"test!")
assert auth_user.id == user.id
assert is_auth
def test_gravatar_url(self):
user = User()
assert user.gravatar_url(80) == ''
user = User(email="*****@*****.**")
assert user.gravatar_url(80) == \
"http://www.gravatar.com/avatar/f40aca99b2ca1491dbf6ec55597c4397.jpg?s=80"
def setUp(self):
super(TestPost, self).setUp()
self.user = User(username="******",
email="*****@*****.**",
password="******")
db.session.add(self.user)
self.post = Post(title="testing",
link="http://reddit.com",
author=self.user)
db.session.add(self.post)
db.session.commit()
def test_latest(self):
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
for i in xrange(100):
post = Post(author=user,
link="http://reddit.com",
title="test post")
db.session.add(post)
db.session.commit()
def create_comment(self):
user = User(username="******",
email="*****@*****.**",
password="******")
post = Post(author=user,
title="test")
comment = Comment(post=post,
author=user,
comment="test")
db.session.add_all([user, post, comment])
db.session.commit()
comment_added.send(post)
return comment
def test_tag_cloud_with_posts(self):
user = User(username="******",
email="*****@*****.**",
password="******")
db.session.add(user)
db.session.commit()
for i in xrange(20):
post = Post(author=user,
title="test",
tags="Music, comedy, IT crowd")
db.session.add(post)
db.session.commit()
for i in xrange(10):
post = Post(author=user,
title="test",
tags="Twitter, YouTube, funny")
db.session.add(post)
db.session.commit()
post = Post(author=user, title="test", tags="Beer, parties, kegs")
db.session.add(post)
db.session.commit()
assert Tag.query.count() == 9
tags = Tag.query.cloud()
for tag in tags:
if tag.name in ("it crowd", "music", "comedy"):
assert tag.size == 10
elif tag.name in ("twitter", "youtube", "funny"):
assert tag.size == 5
elif tag.name in ("beer", "parties", "kegs"):
assert tag.size == 1
def test_get_following(self):
user = User(username="******", email="*****@*****.**")
db.session.add(user)
assert user.get_following().count() == 0
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
user.following = set([user2.id])
assert user.get_following().count() == 1
assert user.get_following().first().id == user2.id
assert user.is_following(user2)
def test_edit_existing_post_not_logged_in_as_author(self):
post = Post(author=self.create_user(False),
title="test",
description="test")
db.session.add(post)
db.session.commit()
user = User(username="******",
password="******",
email="*****@*****.**")
db.session.add(user)
db.session.commit()
self.login(login="******", password="******")
response = self.client.get("/post/%d/edit/" % post.id)
self.assert_403(response)
def setUp(self):
super(TestFeeds, self).setUp()
user = User(username="******",
email="*****@*****.**",
password="******")
db.session.add(user)
db.session.commit()
for i in xrange(20):
post = Post(author=user,
tags="programming",
title="TESTING",
description="test")
db.session.add(post)
db.session.commit()
def test_can_access(self):
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test",
author_id=user.id,
access=Post.PRIVATE)
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
post.access = Post.PUBLIC
assert post.can_access(user)
assert post.can_access(admin)
assert post.can_access(user2)
assert post.can_access(None)
post.access = Post.FRIENDS
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
user.follow(user2)
user2.follow(user)
assert post.can_access(user2)
def test_check_openid_if_password_none(self):
user = User()
assert not user.check_openid("test")
def test_can_receive_mail(self):
user = User(username="******",
email="*****@*****.**")
db.session.add(user)
assert user.get_following().count() == 0
user2 = User(username="******",
email="*****@*****.**")
db.session.add(user2)
db.session.commit()
id1 = Identity(user.id)
id2 = Identity(user2.id)
id1.provides.update(user.provides)
id2.provides.update(user2.provides)
assert not user.permissions.send_message.allows(id2)
assert not user2.permissions.send_message.allows(id1)
user.follow(user2)
db.session.commit()
del user.permissions
del user2.permissions
assert not user.permissions.send_message.allows(id2)
assert not user2.permissions.send_message.allows(id1)
user2.follow(user)
user.receive_email = True
del user.permissions
del user2.permissions
assert user.permissions.send_message.allows(id2)
assert not user2.permissions.send_message.allows(id1)
user2.receive_email = True
del user.permissions
del user2.permissions
assert user.permissions.send_message.allows(id2)
assert user2.permissions.send_message.allows(id1)
user.unfollow(user2)
del user.permissions
del user2.permissions
assert not user.permissions.send_message.allows(id2)
assert not user2.permissions.send_message.allows(id1)
def test_add_comment(self):
response = self.client.get("/post/1/addcomment/")
self.assert_401(response)
user = User(username="******", email="*****@*****.**", password="******")
db.session.add(user)
db.session.commit()
self.login(login="******", password="******")
response = self.client.get("/post/1/addcomment/")
self.assert_404(response)
post = Post(author=user, title="test", link="http://reddit.com")
db.session.add(post)
db.session.commit()
response = self.client.get("/post/%d/addcomment/" % post.id)
self.assert_200(response)
response = self.client.get("/post/%d/1/reply/" % post.id)
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"})
assert len(outbox) == 0
comment = Comment.query.first()
self.assert_redirects(response, comment.url)
# reply to this comment
response = self.client.get("/post/%d/%d/reply/" % (post.id, comment.id))
self.assert_200(response)
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "hello"})
assert len(outbox) == 0
assert Comment.query.count() == 2
reply = Comment.query.filter(Comment.parent_id == comment.id).first()
assert reply.comment == "hello"
self.assert_redirects(response, reply.url)
# another user
user2 = User(username="******", email="*****@*****.**", password="******")
db.session.add(user2)
db.session.commit()
self.login(login="******", password="******")
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"})
assert len(outbox) == 0
user.email_alerts = True
db.session.add(user)
db.session.commit()
assert User.query.filter(User.email_alerts == True).count() == 1
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/addcomment/" % post.id, data={"comment": "testing"})
assert len(outbox) == 1
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "testing"})
assert len(outbox) == 1
# double check author doesn't receive own emails
self.login(login="******", password="******")
with mail.record_messages() as outbox:
response = self.client.post("/post/%d/%d/reply/" % (post.id, comment.id), data={"comment": "hello"})
assert len(outbox) == 0
