Added more tests
This commit is contained in:
parent
bf96347bf7
commit
f42411db1a
@ -1,3 +1,5 @@
|
|||||||
pytest
|
pytest
|
||||||
bandit
|
bandit
|
||||||
beautifulsoup4
|
beautifulsoup4
|
||||||
|
mock
|
||||||
|
pytest-mock
|
||||||
@ -2,11 +2,34 @@ import pytest
|
|||||||
|
|
||||||
from bs4 import BeautifulSoup
|
from bs4 import BeautifulSoup
|
||||||
|
|
||||||
|
from flask import Response
|
||||||
from utils import user_datastore
|
from utils import user_datastore
|
||||||
from models import db
|
from models import db, Item, Purchase
|
||||||
import app
|
import app
|
||||||
|
|
||||||
|
|
||||||
|
def create_db_setup():
|
||||||
|
db.drop_all()
|
||||||
|
db.create_all()
|
||||||
|
user_datastore.create_role(name='administrator')
|
||||||
|
admin_user = user_datastore.create_user(email="admin", password="admin", roles=['administrator'])
|
||||||
|
other_user = user_datastore.create_user(email="user", password="user")
|
||||||
|
admin_user.name = 'admin'
|
||||||
|
other_user.name = 'user'
|
||||||
|
|
||||||
|
item_a = Item(name="a", uploader=admin_user)
|
||||||
|
item_b = Item(name="b", uploader=admin_user)
|
||||||
|
item_c = Item(name="c", uploader=other_user)
|
||||||
|
purchase = Purchase(item=item_a, purchaser=other_user)
|
||||||
|
|
||||||
|
db.session.add(item_a)
|
||||||
|
db.session.add(item_b)
|
||||||
|
db.session.add(item_c)
|
||||||
|
db.session.add(purchase)
|
||||||
|
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def anonymous_client():
|
def anonymous_client():
|
||||||
app.app.config['TESTING'] = True
|
app.app.config['TESTING'] = True
|
||||||
@ -24,11 +47,7 @@ def logged_in_client():
|
|||||||
|
|
||||||
with app.app.test_client() as client:
|
with app.app.test_client() as client:
|
||||||
with app.app.app_context():
|
with app.app.app_context():
|
||||||
db.drop_all()
|
create_db_setup()
|
||||||
db.create_all()
|
|
||||||
user = user_datastore.create_user(email="test", password="test")
|
|
||||||
user.name = 'test'
|
|
||||||
|
|
||||||
r = client.get('/login')
|
r = client.get('/login')
|
||||||
|
|
||||||
soup = BeautifulSoup(r.data.decode(), 'html.parser')
|
soup = BeautifulSoup(r.data.decode(), 'html.parser')
|
||||||
@ -38,8 +57,8 @@ def logged_in_client():
|
|||||||
csrf_token = input_tag['value']
|
csrf_token = input_tag['value']
|
||||||
|
|
||||||
r = client.post('/login', data=dict(
|
r = client.post('/login', data=dict(
|
||||||
email='test',
|
email='user',
|
||||||
password='test',
|
password='user',
|
||||||
csrf_token=csrf_token
|
csrf_token=csrf_token
|
||||||
), follow_redirects=True)
|
), follow_redirects=True)
|
||||||
|
|
||||||
@ -53,11 +72,7 @@ def admin_client():
|
|||||||
|
|
||||||
with app.app.test_client() as client:
|
with app.app.test_client() as client:
|
||||||
with app.app.app_context():
|
with app.app.app_context():
|
||||||
db.drop_all()
|
create_db_setup()
|
||||||
db.create_all()
|
|
||||||
user_datastore.create_role(name='administrator')
|
|
||||||
user = user_datastore.create_user(email="test", password="test", roles=['administrator'])
|
|
||||||
user.name = 'test'
|
|
||||||
|
|
||||||
r = client.get('/login')
|
r = client.get('/login')
|
||||||
|
|
||||||
@ -68,8 +83,8 @@ def admin_client():
|
|||||||
csrf_token = input_tag['value']
|
csrf_token = input_tag['value']
|
||||||
|
|
||||||
r = client.post('/login', data=dict(
|
r = client.post('/login', data=dict(
|
||||||
email='test',
|
email='admin',
|
||||||
password='test',
|
password='admin',
|
||||||
csrf_token=csrf_token
|
csrf_token=csrf_token
|
||||||
), follow_redirects=True)
|
), follow_redirects=True)
|
||||||
|
|
||||||
@ -143,6 +158,11 @@ def test_anonymous_have_to_login_protected_pages(anonymous_client):
|
|||||||
assert 'Log in' == soup.find_all('p')[0].a.string
|
assert 'Log in' == soup.find_all('p')[0].a.string
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Some status code based tests
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
def test_anonymous_get_login_required_redirect(anonymous_client):
|
def test_anonymous_get_login_required_redirect(anonymous_client):
|
||||||
for path in ['/content/caff/1', '/profile']:
|
for path in ['/content/caff/1', '/profile']:
|
||||||
r = anonymous_client.get(path)
|
r = anonymous_client.get(path)
|
||||||
@ -155,10 +175,44 @@ def test_anonymous_post_login_required_redirect(anonymous_client):
|
|||||||
assert r.status_code == 302
|
assert r.status_code == 302
|
||||||
|
|
||||||
|
|
||||||
def test_logged_in_ok(logged_in_client):
|
def test_user_profile_ok(logged_in_client):
|
||||||
r = logged_in_client.get('/profile')
|
r = logged_in_client.get('/profile')
|
||||||
assert r.status_code == 200
|
assert r.status_code == 200
|
||||||
|
|
||||||
|
#
|
||||||
|
# Content stuff
|
||||||
|
#
|
||||||
|
|
||||||
|
def test_user_content_nonexistent(logged_in_client):
|
||||||
|
r = logged_in_client.get('/content/caff/4') # nonexistant
|
||||||
|
assert r.status_code == 404
|
||||||
|
|
||||||
|
|
||||||
|
def test_user_content_uploaded(logged_in_client, mocker):
|
||||||
|
mocker.patch(
|
||||||
|
'views.contentview.ContentView._stream_from_minio',
|
||||||
|
side_effect=lambda bucket, id, fname: Response(status=200)
|
||||||
|
)
|
||||||
|
|
||||||
|
r = logged_in_client.get('/content/caff/3') # existant, uploaded
|
||||||
|
assert r.status_code == 200
|
||||||
|
|
||||||
|
|
||||||
|
def test_user_content_unpurchased(logged_in_client):
|
||||||
|
r = logged_in_client.get('/content/caff/2') # existant, unpurchased
|
||||||
|
assert r.status_code == 403
|
||||||
|
|
||||||
|
|
||||||
|
def test_user_content_purchased(logged_in_client, mocker):
|
||||||
|
mocker.patch(
|
||||||
|
'views.contentview.ContentView._stream_from_minio',
|
||||||
|
side_effect=lambda bucket, id, fname: Response(status=200)
|
||||||
|
)
|
||||||
|
|
||||||
|
r = logged_in_client.get('/content/caff/1') # purchased
|
||||||
|
assert r.status_code == 200
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Admin pages
|
# Admin pages
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user