示例#1
0
def test_authenticated_users_get_redirected_to_home(app, client_without_db):
    client = client_without_db
    with set_user(app, as_user(client)):
        with app.app_context():
            resp = client.get("/auth/login")
            assert resp.status_code == 302
            assert resp.headers.get("Location") == "http://localhost/"
示例#2
0
def test_save_editor_data_as_user(
    app, client, query, data, expected_code, expected_response
):
    with set_user(app, as_user(client)):
        resp = client.post("/api/save_editor_data", json=data, query_string=query)

        assert resp.status_code == 403
        assert "application/json" in resp.headers["Content-Type"]
        assert b"Forbidden" in resp.data
示例#3
0
def test_logout_clears_the_session(app, client_without_db):
    client = client_without_db

    with set_user(app, as_user(client)):
        with app.app_context():
            with client.session_transaction() as session:
                session["something_else"] = True
            # request /maintenance as it doesn't use the database
            resp = client.get("/maintenance")
            assert resp.status_code == 200
            with client.session_transaction() as session:
                assert "user_info" in session
                assert "something_else" in session

            resp = client.get("/auth/logout")
            assert resp.status_code == 302
            assert resp.headers.get("Location") == "http://localhost/"
            with client.session_transaction() as session:
                assert "user_info" not in session
                assert "something_else" not in session
示例#4
0
def test_logout_clears_the_session(app, client_without_db):
    client = client_without_db

    with set_user(app, as_user(client)):
        with app.app_context():
            with client.session_transaction() as session:
                session['something_else'] = True
            # request /maintenance as it doesn't use the database
            resp = client.get('/maintenance')
            assert resp.status_code == 200
            with client.session_transaction() as session:
                assert 'user_info' in session
                assert 'something_else' in session

            resp = client.get('/auth/logout')
            assert resp.status_code == 302
            assert resp.headers.get('Location') == 'http://localhost/'
            with client.session_transaction() as session:
                assert 'user_info' not in session
                assert 'something_else' not in session