-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest_message_views.py
182 lines (121 loc) · 5.53 KB
/
test_message_views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
"""Message View tests."""
# run these tests like:
#
# FLASK_DEBUG=False python -m unittest test_message_views.py
import os
from unittest import TestCase
from models import db, Message, User, connect_db
# BEFORE we import our app, let's set an environmental variable
# to use a different database for tests (we need to do this
# before we import our app, since that will have already
# connected to the database
os.environ['DATABASE_URL'] = "postgresql:///warbler_test"
# Now we can import app
from app import app, CURR_USER_KEY, do_logout, do_login, session, g
app.config['DEBUG_TB_INTERCEPT_REDIRECTS'] = False
# This is a bit of hack, but don't use Flask DebugToolbar
app.config['DEBUG_TB_HOSTS'] = ['dont-show-debug-toolbar']
# Create our tables (we do this here, so we only create the tables
# once for all tests --- in each test, we'll delete the data
# and create fresh new clean test data
connect_db(app)
db.drop_all()
db.create_all()
# Don't have WTForms use CSRF at all, since it's a pain to test
app.config['WTF_CSRF_ENABLED'] = False
class MessageBaseViewTestCase(TestCase):
def setUp(self):
User.query.delete()
u1 = User.signup("u1", "u1@email.com", "password", None)
u2 = User.signup("u2", "u2@email.com", "password", None)
db.session.flush()
m1 = Message(text="m1-text", user_id=u1.id)
db.session.add_all([m1])
db.session.commit()
self.u1_id = u1.id
self.u2_id = u2.id
self.m1_id = m1.id
self.client = app.test_client()
def tearDown(self):
""" Rolls back the test environment and actions made in tests """
db.session.rollback()
class MessageAddViewTestCase(MessageBaseViewTestCase):
def test_add_message(self):
# Since we need to change the session to mimic logging in,
# we need to use the changing-session trick:
with self.client as c:
with c.session_transaction() as sess:
sess[CURR_USER_KEY] = self.u1_id
# Now, that session setting is saved, so we can have
# the rest of ours test
resp = c.post("/messages/new", data={"text": "Hello"})
self.assertEqual(resp.status_code, 302)
Message.query.filter_by(text="Hello").one()
def test_unauth_add_msg(self):
""" Testing that unlogged in user cant add message """
with self.client as c:
resp = c.post("/messages/new", data={
"text" : "random"
}, follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Access unauthorized.", html)
def test_unauth_view_add_form(self):
""" Testing that unlogged user cannot see add msg form """
with self.client as c:
resp = c.get("/messages/new", follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Access unauthorized.", html)
def test_unauth_delete_msg(self):
""" Testing that unlogged in user cant add message """
with self.client as c:
resp = c.post(f"/messages/{self.m1_id}/delete",
follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Access unauthorized.", html)
def test_auth_view_add_msg(self):
""" Testing that logged in user can see add msg form """
with self.client as c:
with c.session_transaction() as sess:
sess[CURR_USER_KEY] = self.u1_id
resp = c.get("/messages/new", follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Add my message!</button>", html)
def test_auth_add_msg(self):
""" Testing that logged in user can add message """
with self.client as c:
with c.session_transaction() as sess:
sess[CURR_USER_KEY] = self.u1_id
resp = c.post("/messages/new", data={
"text" : "random"
}, follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("random", html)
def test_auth_delete_msg(self):
""" Testing that logged in user can delete a message """
with self.client as c:
with c.session_transaction() as sess:
sess[CURR_USER_KEY] = self.u1_id
message = Message.query.get(self.m1_id)
resp = c.post(f"/messages/{self.m1_id}/delete",
follow_redirects=True)
html = resp.get_data(as_text=True)
deleted_message = Message.query.get(self.m1_id)
self.assertEqual(resp.status_code, 200)
self.assertIn('<p class="small">Messages</p>', html)
self.assertNotIn(message.text, html)
self.assertIsNone(deleted_message)
def test_auth_other_dmsg_delete(self):
""" Testing that logged in user can't delete other user's message """
with self.client as c:
with c.session_transaction() as sess:
sess[CURR_USER_KEY] = self.u2_id
resp = c.post(f"/messages/{self.m1_id}/delete",
follow_redirects=True)
html = resp.get_data(as_text=True)
self.assertEqual(resp.status_code, 200)
self.assertIn("Access unauthorized.", html)