Added more tests

This commit is contained in:
Pünkösd Marcell 2020-11-29 21:53:57 +01:00
parent bf96347bf7
commit f42411db1a
2 changed files with 73 additions and 17 deletions

View File

@ -1,3 +1,5 @@
pytest
bandit
beautifulsoup4
mock
pytest-mock

View File

@ -2,11 +2,34 @@ import pytest
from bs4 import BeautifulSoup
from flask import Response
from utils import user_datastore
from models import db
from models import db, Item, Purchase
import app
def create_db_setup():
db.drop_all()
db.create_all()
user_datastore.create_role(name='administrator')
admin_user = user_datastore.create_user(email="admin", password="admin", roles=['administrator'])
other_user = user_datastore.create_user(email="user", password="user")
admin_user.name = 'admin'
other_user.name = 'user'
item_a = Item(name="a", uploader=admin_user)
item_b = Item(name="b", uploader=admin_user)
item_c = Item(name="c", uploader=other_user)
purchase = Purchase(item=item_a, purchaser=other_user)
db.session.add(item_a)
db.session.add(item_b)
db.session.add(item_c)
db.session.add(purchase)
db.session.commit()
@pytest.fixture
def anonymous_client():
app.app.config['TESTING'] = True
@ -24,11 +47,7 @@ def logged_in_client():
with app.app.test_client() as client:
with app.app.app_context():
db.drop_all()
db.create_all()
user = user_datastore.create_user(email="test", password="test")
user.name = 'test'
create_db_setup()
r = client.get('/login')
soup = BeautifulSoup(r.data.decode(), 'html.parser')
@ -38,8 +57,8 @@ def logged_in_client():
csrf_token = input_tag['value']
r = client.post('/login', data=dict(
email='test',
password='test',
email='user',
password='user',
csrf_token=csrf_token
), follow_redirects=True)
@ -53,11 +72,7 @@ def admin_client():
with app.app.test_client() as client:
with app.app.app_context():
db.drop_all()
db.create_all()
user_datastore.create_role(name='administrator')
user = user_datastore.create_user(email="test", password="test", roles=['administrator'])
user.name = 'test'
create_db_setup()
r = client.get('/login')
@ -68,8 +83,8 @@ def admin_client():
csrf_token = input_tag['value']
r = client.post('/login', data=dict(
email='test',
password='test',
email='admin',
password='admin',
csrf_token=csrf_token
), follow_redirects=True)
@ -143,6 +158,11 @@ def test_anonymous_have_to_login_protected_pages(anonymous_client):
assert 'Log in' == soup.find_all('p')[0].a.string
#
# Some status code based tests
#
def test_anonymous_get_login_required_redirect(anonymous_client):
for path in ['/content/caff/1', '/profile']:
r = anonymous_client.get(path)
@ -155,10 +175,44 @@ def test_anonymous_post_login_required_redirect(anonymous_client):
assert r.status_code == 302
def test_logged_in_ok(logged_in_client):
def test_user_profile_ok(logged_in_client):
r = logged_in_client.get('/profile')
assert r.status_code == 200
#
# Content stuff
#
def test_user_content_nonexistent(logged_in_client):
r = logged_in_client.get('/content/caff/4') # nonexistant
assert r.status_code == 404
def test_user_content_uploaded(logged_in_client, mocker):
mocker.patch(
'views.contentview.ContentView._stream_from_minio',
side_effect=lambda bucket, id, fname: Response(status=200)
)
r = logged_in_client.get('/content/caff/3') # existant, uploaded
assert r.status_code == 200
def test_user_content_unpurchased(logged_in_client):
r = logged_in_client.get('/content/caff/2') # existant, unpurchased
assert r.status_code == 403
def test_user_content_purchased(logged_in_client, mocker):
mocker.patch(
'views.contentview.ContentView._stream_from_minio',
side_effect=lambda bucket, id, fname: Response(status=200)
)
r = logged_in_client.get('/content/caff/1') # purchased
assert r.status_code == 200
#
# Admin pages