[mediagoblin.git] / mediagoblin / tests / test_edit.py

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors.  See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import pytest

from mediagoblin import mg_globals
from mediagoblin.db.models import User
from mediagoblin.tests.tools import fixture_add_user
from mediagoblin.tools import template
from mediagoblin.auth.lib import bcrypt_check_password

class TestUserEdit(object):
    def setup(self):
        # set up new user
        self.user_password = u'toast'
        self.user = fixture_add_user(password = self.user_password)

    def login(self, test_app):
        test_app.post(
            '/auth/login/', {
                'username': self.user.username,
                'password': self.user_password})


    def test_user_deletion(self, test_app):
        """Delete user via web interface"""
        self.login(test_app)

        # Make sure user exists
        assert User.query.filter_by(username=u'chris').first()

        res = test_app.post('/edit/account/delete/', {'confirmed': 'y'})

        # Make sure user has been deleted
        assert User.query.filter_by(username=u'chris').first() == None

        #TODO: make sure all corresponding items comments etc have been
        # deleted too. Perhaps in submission test?

        #Restore user at end of test
        self.user = fixture_add_user(password = self.user_password)
        self.login(test_app)


    def test_change_password(self, test_app):
        """Test changing password correctly and incorrectly"""
        self.login(test_app)

        # test that the password can be changed
        # template.clear_test_template_context()
        res = test_app.post(
            '/edit/account/', {
                'old_password': 'toast',
                'new_password': '123456',
                'wants_comment_notification': 'y'
                })

        # Check for redirect on success
        assert res.status_int == 302
        # test_user has to be fetched again in order to have the current values
        test_user = User.query.filter_by(username=u'chris').first()
        assert bcrypt_check_password('123456', test_user.pw_hash)
        # Update current user passwd
        self.user_password = '123456'

        # test that the password cannot be changed if the given
        # old_password is wrong template.clear_test_template_context()
        test_app.post(
            '/edit/account/', {
                'old_password': 'toast',
                'new_password': '098765',
                })

        test_user = User.query.filter_by(username=u'chris').first()
        assert not bcrypt_check_password('098765', test_user.pw_hash)


    def test_change_bio_url(self, test_app):
        """Test changing bio and URL"""
        self.login(test_app)

        # Test if legacy profile editing URL redirects correctly
        res = test_app.post(
            '/edit/profile/', {
                'bio': u'I love toast!',
                'url': u'http://dustycloud.org/'}, expect_errors=True)

        # Should redirect to /u/chris/edit/
        assert res.status_int == 302
        assert res.headers['Location'].endswith("/u/chris/edit/")

        res = test_app.post(
            '/u/chris/edit/', {
                'bio': u'I love toast!',
                'url': u'http://dustycloud.org/'})

        test_user = User.query.filter_by(username=u'chris').first()
        assert test_user.bio == u'I love toast!'
        assert test_user.url == u'http://dustycloud.org/'

        # change a different user than the logged in (should fail with 403)
        fixture_add_user(username=u"foo")
        res = test_app.post(
            '/u/foo/edit/', {
                'bio': u'I love toast!',
                'url': u'http://dustycloud.org/'}, expect_errors=True)
        assert res.status_int == 403

        # test changing the bio and the URL inproperly
        too_long_bio = 150 * 'T' + 150 * 'o' + 150 * 'a' + 150 * 's' + 150* 't'

        test_app.post(
            '/u/chris/edit/', {
                # more than 500 characters
                'bio': too_long_bio,
                'url': 'this-is-no-url'})

        # Check form errors
        context = template.TEMPLATE_TEST_CONTEXT[
            'mediagoblin/edit/edit_profile.html']
        form = context['form']

        assert form.bio.errors == [
            u'Field must be between 0 and 500 characters long.']
        assert form.url.errors == [
            u'This address contains errors']

# test changing the url inproperly
Commit	Line	Data
c8ccd23e	1	# GNU MediaGoblin -- federated, autonomous media hosting
cf29e8a8	2	# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
c8ccd23e JK	3	#
	4	# This program is free software: you can redistribute it and/or modify
	5	# it under the terms of the GNU Affero General Public License as published by
	6	# the Free Software Foundation, either version 3 of the License, or
	7	# (at your option) any later version.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU Affero General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16
7d503a89	17	import pytest
a3b98853	18
c8ccd23e	19	from mediagoblin import mg_globals
a3b98853	20	from mediagoblin.db.models import User
5c2ece74	21	from mediagoblin.tests.tools import fixture_add_user
c8ccd23e	22	from mediagoblin.tools import template
9754802d	23	from mediagoblin.auth.lib import bcrypt_check_password
c8ccd23e	24
a3b98853	25	class TestUserEdit(object):
958080be	26	def setup(self):
a3b98853 SS	27	# set up new user
	28	self.user_password = u'toast'
	29	self.user = fixture_add_user(password = self.user_password)
a3b98853	30
5c2ece74 CAW	31	def login(self, test_app):
5c2ece74 CAW	32	test_app.post(
a3b98853 SS	33	'/auth/login/', {
	34	'username': self.user.username,
	35	'password': self.user_password})
	36
	37
5c2ece74	38	def test_user_deletion(self, test_app):
6deb589d	39	"""Delete user via web interface"""
5c2ece74 CAW	40	self.login(test_app)
5c2ece74 CAW	41
6deb589d SS	42	# Make sure user exists
	43	assert User.query.filter_by(username=u'chris').first()
	44
5c2ece74	45	res = test_app.post('/edit/account/delete/', {'confirmed': 'y'})
6deb589d SS	46
	47	# Make sure user has been deleted
	48	assert User.query.filter_by(username=u'chris').first() == None
	49
	50	#TODO: make sure all corresponding items comments etc have been
	51	# deleted too. Perhaps in submission test?
	52
	53	#Restore user at end of test
	54	self.user = fixture_add_user(password = self.user_password)
5c2ece74	55	self.login(test_app)
6deb589d SS	56
6deb589d SS	57
5c2ece74	58	def test_change_password(self, test_app):
a3b98853	59	"""Test changing password correctly and incorrectly"""
5c2ece74 CAW	60	self.login(test_app)
5c2ece74 CAW	61
a3b98853 SS	62	# test that the password can be changed
a3b98853 SS	63	# template.clear_test_template_context()
5c2ece74	64	res = test_app.post(
a3b98853 SS	65	'/edit/account/', {
	66	'old_password': 'toast',
	67	'new_password': '123456',
	68	'wants_comment_notification': 'y'
	69	})
	70
	71	# Check for redirect on success
7d503a89	72	assert res.status_int == 302
a3b98853 SS	73	# test_user has to be fetched again in order to have the current values
	74	test_user = User.query.filter_by(username=u'chris').first()
	75	assert bcrypt_check_password('123456', test_user.pw_hash)
	76	# Update current user passwd
	77	self.user_password = '123456'
	78
	79	# test that the password cannot be changed if the given
	80	# old_password is wrong template.clear_test_template_context()
5c2ece74	81	test_app.post(
a3b98853 SS	82	'/edit/account/', {
	83	'old_password': 'toast',
	84	'new_password': '098765',
	85	})
	86
	87	test_user = User.query.filter_by(username=u'chris').first()
	88	assert not bcrypt_check_password('098765', test_user.pw_hash)
	89
	90
5c2ece74	91	def test_change_bio_url(self, test_app):
a3b98853	92	"""Test changing bio and URL"""
5c2ece74 CAW	93	self.login(test_app)
5c2ece74 CAW	94
a3b98853	95	# Test if legacy profile editing URL redirects correctly
5c2ece74	96	res = test_app.post(
a3b98853 SS	97	'/edit/profile/', {
	98	'bio': u'I love toast!',
	99	'url': u'http://dustycloud.org/'}, expect_errors=True)
	100
	101	# Should redirect to /u/chris/edit/
7d503a89	102	assert res.status_int == 302
a3b98853 SS	103	assert res.headers['Location'].endswith("/u/chris/edit/")
a3b98853 SS	104
5c2ece74	105	res = test_app.post(
a3b98853 SS	106	'/u/chris/edit/', {
	107	'bio': u'I love toast!',
	108	'url': u'http://dustycloud.org/'})
	109
	110	test_user = User.query.filter_by(username=u'chris').first()
7d503a89 CAW	111	assert test_user.bio == u'I love toast!'
7d503a89 CAW	112	assert test_user.url == u'http://dustycloud.org/'
a3b98853 SS	113
	114	# change a different user than the logged in (should fail with 403)
	115	fixture_add_user(username=u"foo")
5c2ece74	116	res = test_app.post(
a3b98853 SS	117	'/u/foo/edit/', {
	118	'bio': u'I love toast!',
	119	'url': u'http://dustycloud.org/'}, expect_errors=True)
7d503a89	120	assert res.status_int == 403
a3b98853 SS	121
	122	# test changing the bio and the URL inproperly
	123	too_long_bio = 150 * 'T' + 150 * 'o' + 150 * 'a' + 150 * 's' + 150* 't'
	124
5c2ece74	125	test_app.post(
a3b98853 SS	126	'/u/chris/edit/', {
	127	# more than 500 characters
	128	'bio': too_long_bio,
	129	'url': 'this-is-no-url'})
	130
	131	# Check form errors
7d503a89 CAW	132	context = template.TEMPLATE_TEST_CONTEXT[
7d503a89 CAW	133	'mediagoblin/edit/edit_profile.html']
a3b98853 SS	134	form = context['form']
a3b98853 SS	135
7d503a89 CAW	136	assert form.bio.errors == [
	137	u'Field must be between 0 and 500 characters long.']
	138	assert form.url.errors == [
	139	u'This address contains errors']
a3b98853 SS	140
a3b98853 SS	141	# test changing the url inproperly