def test_clean__recipients_ignored_if_not_limited(self, visibility):
form = ContentForm(
data={"text": "barfoo", "visibility": visibility.value, "recipients": "foobar"},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
def test_untrusted_editor_text_is_cleaned(self, admin_client, rf):
request, view = self._get_request_and_view(rf)
request.user.trusted_editor = False
request.user.save()
form = ContentForm(data={"text": "<script>console.log</script>"}, user=request.user)
form.full_clean()
assert form.cleaned_data["text"] == "<script>console.log</script>"
def test_clean__recipients_ignored_if_not_limited(self, visibility):
form = ContentForm(
data={"text": "barfoo", "visibility": visibility.value, "recipients": "foobar"},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
def test_clean_text(self):
form = ContentForm(
data={"text": "<script>alert</script>", "visibility": Visibility.PUBLIC},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data.get('text'), "<script>alert</script>")
def test_untrusted_editor_text_is_cleaned(self):
self.user.trusted_editor = False
self.user.save()
form = ContentForm(data={"text": "<script>console.log</script>"},
user=self.user)
form.full_clean()
assert form.cleaned_data[
"text"] == "<script>console.log</script>"
def test_clean__recipients(self, values):
recipients, result = values
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.LIMITED.value, "recipients": recipients},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid() is result, values)
def test_clean_text(self):
form = ContentForm(
data={"text": "<script>alert</script>", "visibility": Visibility.PUBLIC},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data.get('text'), "<script>alert</script>")
def test_clean__recipients(self, values):
recipients, result = values
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.LIMITED.value, "recipients": recipients},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid() is result, values)
def test_clean_text__trusted_editor(self):
self.user.trusted_editor = True
form = ContentForm(
data={"text": "<script>alert</script>", "visibility": Visibility.PUBLIC},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data.get('text'), "<script>alert</script>")
def test_clean_text__trusted_editor(self):
self.user.trusted_editor = True
form = ContentForm(
data={"text": "<script>alert</script>", "visibility": Visibility.PUBLIC},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data.get('text'), "<script>alert</script>")
def test_form_valid(self):
view = self.get_instance(ContentCreateView, request=self.req)
form = ContentForm(data={"text": "barfoo", "visibility": Visibility.PUBLIC.value}, user=self.user)
form.full_clean()
response = view.form_valid(form)
assert response.status_code == 302
content = Content.objects.first()
assert content.text == "barfoo"
assert content.author == self.user.profile
assert content.visibility == Visibility.PUBLIC
def test_untrusted_editor_text_is_cleaned(self):
self.user.trusted_editor = False
self.user.save()
form = ContentForm(
data={"text": "<script>console.log</script>", "visibility": Visibility.PUBLIC.value},
instance=self.content,
user=self.user,
)
form.full_clean()
self.assertEqual(form.cleaned_data["text"], "<script>console.log</script>")
def test_form_valid(self):
view = self.get_instance(ContentCreateView, request=self.req)
form = ContentForm(data={"text": "barfoo", "visibility": Visibility.PUBLIC.value}, user=self.user)
form.full_clean()
response = view.form_valid(form)
assert response.status_code == 302
content = Content.objects.first()
assert content.text == "barfoo"
assert content.author == self.user.profile
assert content.visibility == Visibility.PUBLIC
def test_untrusted_editor_text_is_cleaned(self):
self.user.trusted_editor = False
self.user.save()
form = ContentForm(
data={"text": "<script>console.log</script>", "visibility": Visibility.PUBLIC.value},
instance=self.content,
user=self.user,
)
form.full_clean()
self.assertEqual(form.cleaned_data["text"], "<script>console.log</script>")
def test_untrusted_editor_text_is_cleaned(self, admin_client, rf):
request, view, content = self._get_request_view_and_content(rf)
request.user.trusted_editor = False
request.user.save()
form = ContentForm(
data={"text": "<script>console.log</script>", "visibility": Visibility.PUBLIC.value},
instance=content,
user=request.user
)
form.full_clean()
assert form.cleaned_data["text"] == "<script>console.log</script>"
def test_form_valid(self):
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.PUBLIC.value},
instance=self.content,
user=self.user,
)
form.full_clean()
response = self.view.form_valid(form)
self.assertEqual(response.status_code, 302)
content = Content.objects.first()
self.assertEqual(content.author, self.user.profile)
self.assertEqual(content.visibility, Visibility.PUBLIC)
self.assertEqual(content.text, "barfoo")
def test_form_valid(self):
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.PUBLIC.value},
instance=self.content,
user=self.user,
)
form.full_clean()
response = self.view.form_valid(form)
self.assertEqual(response.status_code, 302)
content = Content.objects.first()
self.assertEqual(content.author, self.user.profile)
self.assertEqual(content.visibility, Visibility.PUBLIC)
self.assertEqual(content.text, "barfoo")
def test_save__collects_recipients__reply_copies_from_parent(self):
form = ContentForm(
data={
"text": "foobar",
},
user=self.user,
is_reply=True,
)
form.full_clean()
self.assertTrue(form.is_valid())
content = form.save(parent=self.limited_content)
self.assertEqual(
set(content.limited_visibilities.all()),
{self.profile, self.profile2},
)
def test_save__collects_recipients__reply_copies_from_parent(self):
form = ContentForm(
data={
"text": "foobar",
},
user=self.user,
is_reply=True,
)
form.full_clean()
self.assertTrue(form.is_valid())
content = form.save(parent=self.limited_content)
self.assertEqual(
set(content.limited_visibilities.all()),
{self.profile, self.profile2},
)
def test_save__collects_recipients(self):
form = ContentForm(
data={
"text": "foobar",
"visibility": Visibility.LIMITED,
"recipients": "[email protected],[email protected]"
},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
content = form.save()
self.assertEqual(
set(content.limited_visibilities.all()),
{self.profile, self.profile2},
)
def test_save__collects_recipients(self):
form = ContentForm(
data={
"text": "foobar",
"visibility": Visibility.LIMITED,
"recipients": "[email protected],[email protected]"
},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
content = form.save()
self.assertEqual(
set(content.limited_visibilities.all()),
{self.profile, self.profile2},
)
def test_clean__recipients_and_include_following_cant_both_be_empty(self):
form = ContentForm(data={
"text": "barfoo",
"visibility": Visibility.LIMITED.value
},
user=self.user)
form.full_clean()
self.assertFalse(form.is_valid())
form = ContentForm(
data={
"text": "barfoo",
"visibility": Visibility.LIMITED.value,
"recipients": self.user.profile.fid
},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
form = ContentForm(
data={
"text": "barfoo",
"visibility": Visibility.LIMITED.value,
"include_following": True
},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
def test_clean__recipients_and_include_following_cant_both_be_empty(self):
form = ContentForm(data={"text": "barfoo", "visibility": Visibility.LIMITED.value}, user=self.user)
form.full_clean()
self.assertFalse(form.is_valid())
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.LIMITED.value, "recipients": self.user.profile.fid},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
form = ContentForm(
data={"text": "barfoo", "visibility": Visibility.LIMITED.value, "include_following": True},
user=self.user,
)
form.full_clean()
self.assertTrue(form.is_valid())
def test_untrusted_editor_text_is_cleaned(self):
self.user.trusted_editor = False
self.user.save()
form = ContentForm(data={"text": "<script>console.log</script>"}, user=self.user)
form.full_clean()
assert form.cleaned_data["text"] == "<script>console.log</script>"