Commit | Line | Data |
---|---|---|
1975b5dd CM |
1 | # GNU MediaGoblin -- federated, autonomous media hosting |
2 | # Copyright (C) 2011 Free Software Foundation, Inc | |
3 | # | |
4 | # This program is free software: you can redistribute it and/or modify | |
5 | # it under the terms of the GNU Affero General Public License as published by | |
6 | # the Free Software Foundation, either version 3 of the License, or | |
7 | # (at your option) any later version. | |
8 | # | |
9 | # This program is distributed in the hope that it will be useful, | |
10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
12 | # GNU Affero General Public License for more details. | |
13 | # | |
14 | # You should have received a copy of the GNU Affero General Public License | |
15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
16 | ||
17 | import urlparse | |
9df37e8a | 18 | import pkg_resources |
1975b5dd CM |
19 | |
20 | from nose.tools import assert_equal | |
21 | ||
22 | from mediagoblin.auth import lib as auth_lib | |
0a78be3e | 23 | from mediagoblin.tests.tools import setup_fresh_app, get_test_app |
1975b5dd CM |
24 | from mediagoblin import mg_globals |
25 | from mediagoblin import util | |
26 | ||
9df37e8a CM |
27 | GOOD_JPG = pkg_resources.resource_filename( |
28 | 'mediagoblin.tests', 'test_submission/good.jpg') | |
29 | GOOD_PNG = pkg_resources.resource_filename( | |
30 | 'mediagoblin.tests', 'test_submission/good.png') | |
31 | EVIL_FILE = pkg_resources.resource_filename( | |
32 | 'mediagoblin.tests', 'test_submission/evil') | |
33 | EVIL_JPG = pkg_resources.resource_filename( | |
34 | 'mediagoblin.tests', 'test_submission/evil.jpg') | |
35 | EVIL_PNG = pkg_resources.resource_filename( | |
36 | 'mediagoblin.tests', 'test_submission/evil.png') | |
75ce65cf | 37 | |
8ff4dec7 CFD |
38 | GOOD_TAG_STRING = 'yin,yang' |
39 | BAD_TAG_STRING = 'rage,' + 'f' * 26 + 'u' * 26 | |
40 | ||
1975b5dd | 41 | |
1975b5dd CM |
42 | class TestSubmission: |
43 | def setUp(self): | |
0a78be3e CM |
44 | self.test_app = get_test_app() |
45 | ||
75ce65cf CM |
46 | # TODO: Possibly abstract into a decorator like: |
47 | # @as_authenticated_user('chris') | |
1975b5dd CM |
48 | test_user = mg_globals.database.User() |
49 | test_user['username'] = u'chris' | |
50 | test_user['email'] = u'chris@example.com' | |
ad35dd49 CM |
51 | test_user['email_verified'] = True |
52 | test_user['status'] = u'active' | |
1975b5dd CM |
53 | test_user['pw_hash'] = auth_lib.bcrypt_gen_password_hash('toast') |
54 | test_user.save() | |
55 | ||
75ce65cf CM |
56 | self.test_app.post( |
57 | '/auth/login/', { | |
58 | 'username': u'chris', | |
59 | 'password': 'toast'}) | |
60 | ||
61 | def test_missing_fields(self): | |
ad35dd49 CM |
62 | # Test blank form |
63 | # --------------- | |
64 | util.clear_test_template_context() | |
65 | response = self.test_app.post( | |
66 | '/submit/', {}) | |
67 | context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] | |
68 | form = context['submit_form'] | |
69 | assert form.file.errors == [u'You must provide a file.'] | |
70 | ||
71 | # Test blank file | |
72 | # --------------- | |
73 | util.clear_test_template_context() | |
74 | response = self.test_app.post( | |
75 | '/submit/', { | |
76 | 'title': 'test title'}) | |
77 | context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] | |
78 | form = context['submit_form'] | |
79 | assert form.file.errors == [u'You must provide a file.'] | |
80 | ||
75ce65cf CM |
81 | |
82 | def test_normal_uploads(self): | |
75ce65cf | 83 | # Test JPG |
ad35dd49 CM |
84 | # -------- |
85 | util.clear_test_template_context() | |
86 | response = self.test_app.post( | |
87 | '/submit/', { | |
88 | 'title': 'Normal upload 1' | |
89 | }, upload_files=[( | |
9df37e8a | 90 | 'file', GOOD_JPG)]) |
ad35dd49 CM |
91 | |
92 | # User should be redirected | |
93 | response.follow() | |
94 | assert_equal( | |
95 | urlparse.urlsplit(response.location)[2], | |
9df37e8a | 96 | '/u/chris/') |
ad35dd49 | 97 | assert util.TEMPLATE_TEST_CONTEXT.has_key( |
9df37e8a | 98 | 'mediagoblin/user_pages/user.html') |
ad35dd49 | 99 | |
75ce65cf | 100 | # Test PNG |
ad35dd49 CM |
101 | # -------- |
102 | util.clear_test_template_context() | |
103 | response = self.test_app.post( | |
104 | '/submit/', { | |
105 | 'title': 'Normal upload 2' | |
106 | }, upload_files=[( | |
9df37e8a | 107 | 'file', GOOD_PNG)]) |
ad35dd49 CM |
108 | |
109 | response.follow() | |
110 | assert_equal( | |
111 | urlparse.urlsplit(response.location)[2], | |
9df37e8a | 112 | '/u/chris/') |
ad35dd49 | 113 | assert util.TEMPLATE_TEST_CONTEXT.has_key( |
9df37e8a | 114 | 'mediagoblin/user_pages/user.html') |
75ce65cf | 115 | |
8ff4dec7 CFD |
116 | def test_tags(self): |
117 | # Good tag string | |
118 | # -------- | |
119 | util.clear_test_template_context() | |
120 | response = self.test_app.post( | |
121 | '/submit/', { | |
122 | 'title': 'Balanced Goblin', | |
123 | 'tags': GOOD_TAG_STRING | |
124 | }, upload_files=[( | |
125 | 'file', GOOD_JPG)]) | |
126 | ||
127 | # New media entry with correct tags should be created | |
128 | response.follow() | |
129 | context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/user_pages/user.html'] | |
130 | request = context['request'] | |
131 | media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0] | |
132 | assert_equal(media['tags'], | |
133 | [{'name': u'yin', 'slug': u'yin'}, | |
134 | {'name': u'yang', 'slug': u'yang'}]) | |
135 | ||
136 | # Test tags that are too long | |
137 | # --------------- | |
138 | util.clear_test_template_context() | |
139 | response = self.test_app.post( | |
140 | '/submit/', { | |
141 | 'title': 'Balanced Goblin', | |
142 | 'tags': BAD_TAG_STRING | |
143 | }, upload_files=[( | |
144 | 'file', GOOD_JPG)]) | |
145 | ||
146 | # Too long error should be raised | |
147 | context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] | |
148 | form = context['submit_form'] | |
149 | assert form.tags.errors == [ | |
150 | u'Tags must be shorter than 50 characters. Tags that are too long'\ | |
151 | ': ffffffffffffffffffffffffffuuuuuuuuuuuuuuuuuuuuuuuuuu'] | |
75ce65cf CM |
152 | |
153 | def test_malicious_uploads(self): | |
ad35dd49 CM |
154 | # Test non-suppoerted file with non-supported extension |
155 | # ----------------------------------------------------- | |
156 | util.clear_test_template_context() | |
157 | response = self.test_app.post( | |
158 | '/submit/', { | |
159 | 'title': 'Malicious Upload 2' | |
160 | }, upload_files=[( | |
9df37e8a | 161 | 'file', EVIL_FILE)]) |
ad35dd49 CM |
162 | |
163 | context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] | |
164 | form = context['submit_form'] | |
165 | assert form.file.errors == ['The file doesn\'t seem to be an image!'] | |
166 | ||
9df37e8a CM |
167 | # NOTE: The following 2 tests will fail. These can be uncommented |
168 | # after http://bugs.foocorp.net/issues/324 is resolved and | |
169 | # bad files are handled properly. | |
170 | ||
75ce65cf | 171 | # Test non-supported file with .jpg extension |
ad35dd49 | 172 | # ------------------------------------------- |
9df37e8a CM |
173 | #util.clear_test_template_context() |
174 | #response = self.test_app.post( | |
175 | # '/submit/', { | |
176 | # 'title': 'Malicious Upload 2' | |
177 | # }, upload_files=[( | |
178 | # 'file', EVIL_JPG)]) | |
ad35dd49 | 179 | |
9df37e8a CM |
180 | #context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] |
181 | #form = context['submit_form'] | |
182 | #assert form.file.errors == ['The file doesn\'t seem to be an image!'] | |
ad35dd49 | 183 | |
75ce65cf | 184 | # Test non-supported file with .png extension |
ad35dd49 | 185 | # ------------------------------------------- |
9df37e8a CM |
186 | #util.clear_test_template_context() |
187 | #response = self.test_app.post( | |
188 | # '/submit/', { | |
189 | # 'title': 'Malicious Upload 3' | |
190 | # }, upload_files=[( | |
191 | # 'file', EVIL_PNG)]) | |
192 | ||
193 | #context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html'] | |
194 | #form = context['submit_form'] | |
195 | #assert form.file.errors == ['The file doesn\'t seem to be an image!'] | |
0a78be3e | 196 |