Added more tests
This commit is contained in:
parent
bf96347bf7
commit
f42411db1a
|
|
@ -1,3 +1,5 @@
|
|||
pytest
|
||||
bandit
|
||||
beautifulsoup4
|
||||
beautifulsoup4
|
||||
mock
|
||||
pytest-mock
|
||||
|
|
@ -2,11 +2,34 @@ import pytest
|
|||
|
||||
from bs4 import BeautifulSoup
|
||||
|
||||
from flask import Response
|
||||
from utils import user_datastore
|
||||
from models import db
|
||||
from models import db, Item, Purchase
|
||||
import app
|
||||
|
||||
|
||||
def create_db_setup():
|
||||
db.drop_all()
|
||||
db.create_all()
|
||||
user_datastore.create_role(name='administrator')
|
||||
admin_user = user_datastore.create_user(email="admin", password="admin", roles=['administrator'])
|
||||
other_user = user_datastore.create_user(email="user", password="user")
|
||||
admin_user.name = 'admin'
|
||||
other_user.name = 'user'
|
||||
|
||||
item_a = Item(name="a", uploader=admin_user)
|
||||
item_b = Item(name="b", uploader=admin_user)
|
||||
item_c = Item(name="c", uploader=other_user)
|
||||
purchase = Purchase(item=item_a, purchaser=other_user)
|
||||
|
||||
db.session.add(item_a)
|
||||
db.session.add(item_b)
|
||||
db.session.add(item_c)
|
||||
db.session.add(purchase)
|
||||
|
||||
db.session.commit()
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def anonymous_client():
|
||||
app.app.config['TESTING'] = True
|
||||
|
|
@ -24,11 +47,7 @@ def logged_in_client():
|
|||
|
||||
with app.app.test_client() as client:
|
||||
with app.app.app_context():
|
||||
db.drop_all()
|
||||
db.create_all()
|
||||
user = user_datastore.create_user(email="test", password="test")
|
||||
user.name = 'test'
|
||||
|
||||
create_db_setup()
|
||||
r = client.get('/login')
|
||||
|
||||
soup = BeautifulSoup(r.data.decode(), 'html.parser')
|
||||
|
|
@ -38,8 +57,8 @@ def logged_in_client():
|
|||
csrf_token = input_tag['value']
|
||||
|
||||
r = client.post('/login', data=dict(
|
||||
email='test',
|
||||
password='test',
|
||||
email='user',
|
||||
password='user',
|
||||
csrf_token=csrf_token
|
||||
), follow_redirects=True)
|
||||
|
||||
|
|
@ -53,11 +72,7 @@ def admin_client():
|
|||
|
||||
with app.app.test_client() as client:
|
||||
with app.app.app_context():
|
||||
db.drop_all()
|
||||
db.create_all()
|
||||
user_datastore.create_role(name='administrator')
|
||||
user = user_datastore.create_user(email="test", password="test", roles=['administrator'])
|
||||
user.name = 'test'
|
||||
create_db_setup()
|
||||
|
||||
r = client.get('/login')
|
||||
|
||||
|
|
@ -68,8 +83,8 @@ def admin_client():
|
|||
csrf_token = input_tag['value']
|
||||
|
||||
r = client.post('/login', data=dict(
|
||||
email='test',
|
||||
password='test',
|
||||
email='admin',
|
||||
password='admin',
|
||||
csrf_token=csrf_token
|
||||
), follow_redirects=True)
|
||||
|
||||
|
|
@ -143,6 +158,11 @@ def test_anonymous_have_to_login_protected_pages(anonymous_client):
|
|||
assert 'Log in' == soup.find_all('p')[0].a.string
|
||||
|
||||
|
||||
#
|
||||
# Some status code based tests
|
||||
#
|
||||
|
||||
|
||||
def test_anonymous_get_login_required_redirect(anonymous_client):
|
||||
for path in ['/content/caff/1', '/profile']:
|
||||
r = anonymous_client.get(path)
|
||||
|
|
@ -155,10 +175,44 @@ def test_anonymous_post_login_required_redirect(anonymous_client):
|
|||
assert r.status_code == 302
|
||||
|
||||
|
||||
def test_logged_in_ok(logged_in_client):
|
||||
def test_user_profile_ok(logged_in_client):
|
||||
r = logged_in_client.get('/profile')
|
||||
assert r.status_code == 200
|
||||
|
||||
#
|
||||
# Content stuff
|
||||
#
|
||||
|
||||
def test_user_content_nonexistent(logged_in_client):
|
||||
r = logged_in_client.get('/content/caff/4') # nonexistant
|
||||
assert r.status_code == 404
|
||||
|
||||
|
||||
def test_user_content_uploaded(logged_in_client, mocker):
|
||||
mocker.patch(
|
||||
'views.contentview.ContentView._stream_from_minio',
|
||||
side_effect=lambda bucket, id, fname: Response(status=200)
|
||||
)
|
||||
|
||||
r = logged_in_client.get('/content/caff/3') # existant, uploaded
|
||||
assert r.status_code == 200
|
||||
|
||||
|
||||
def test_user_content_unpurchased(logged_in_client):
|
||||
r = logged_in_client.get('/content/caff/2') # existant, unpurchased
|
||||
assert r.status_code == 403
|
||||
|
||||
|
||||
def test_user_content_purchased(logged_in_client, mocker):
|
||||
mocker.patch(
|
||||
'views.contentview.ContentView._stream_from_minio',
|
||||
side_effect=lambda bucket, id, fname: Response(status=200)
|
||||
)
|
||||
|
||||
r = logged_in_client.get('/content/caff/1') # purchased
|
||||
assert r.status_code == 200
|
||||
|
||||
|
||||
|
||||
#
|
||||
# Admin pages
|
||||
|
|
|
|||
Loading…
Reference in New Issue