1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011 Free Software Foundation, Inc
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
20 from nose
.tools
import assert_equal
22 from mediagoblin
.auth
import lib
as auth_lib
23 from mediagoblin
.tests
.tools
import setup_fresh_app
, get_test_app
24 from mediagoblin
import mg_globals
25 from mediagoblin
import util
27 GOOD_JPG
= pkg_resources
.resource_filename(
28 'mediagoblin.tests', 'test_submission/good.jpg')
29 GOOD_PNG
= pkg_resources
.resource_filename(
30 'mediagoblin.tests', 'test_submission/good.png')
31 EVIL_FILE
= pkg_resources
.resource_filename(
32 'mediagoblin.tests', 'test_submission/evil')
33 EVIL_JPG
= pkg_resources
.resource_filename(
34 'mediagoblin.tests', 'test_submission/evil.jpg')
35 EVIL_PNG
= pkg_resources
.resource_filename(
36 'mediagoblin.tests', 'test_submission/evil.png')
38 GOOD_TAG_STRING
= 'yin,yang'
39 BAD_TAG_STRING
= 'rage,' + 'f' * 26 + 'u' * 26
44 self
.test_app
= get_test_app()
46 # TODO: Possibly abstract into a decorator like:
47 # @as_authenticated_user('chris')
48 test_user
= mg_globals
.database
.User()
49 test_user
['username'] = u
'chris'
50 test_user
['email'] = u
'chris@example.com'
51 test_user
['email_verified'] = True
52 test_user
['status'] = u
'active'
53 test_user
['pw_hash'] = auth_lib
.bcrypt_gen_password_hash('toast')
61 def test_missing_fields(self
):
64 util
.clear_test_template_context()
65 response
= self
.test_app
.post(
67 context
= util
.TEMPLATE_TEST_CONTEXT
['mediagoblin/submit/start.html']
68 form
= context
['submit_form']
69 assert form
.file.errors
== [u
'You must provide a file.']
73 util
.clear_test_template_context()
74 response
= self
.test_app
.post(
76 'title': 'test title'})
77 context
= util
.TEMPLATE_TEST_CONTEXT
['mediagoblin/submit/start.html']
78 form
= context
['submit_form']
79 assert form
.file.errors
== [u
'You must provide a file.']
82 def test_normal_uploads(self
):
85 util
.clear_test_template_context()
86 response
= self
.test_app
.post(
88 'title': 'Normal upload 1'
92 # User should be redirected
95 urlparse
.urlsplit(response
.location
)[2],
97 assert util
.TEMPLATE_TEST_CONTEXT
.has_key(
98 'mediagoblin/user_pages/user.html')
102 util
.clear_test_template_context()
103 response
= self
.test_app
.post(
105 'title': 'Normal upload 2'
111 urlparse
.urlsplit(response
.location
)[2],
113 assert util
.TEMPLATE_TEST_CONTEXT
.has_key(
114 'mediagoblin/user_pages/user.html')
119 util
.clear_test_template_context()
120 response
= self
.test_app
.post(
122 'title': 'Balanced Goblin',
123 'tags': GOOD_TAG_STRING
127 # New media entry with correct tags should be created
129 context
= util
.TEMPLATE_TEST_CONTEXT
['mediagoblin/user_pages/user.html']
130 request
= context
['request']
131 media
= request
.db
.MediaEntry
.find({'title': 'Balanced Goblin'})[0]
132 assert_equal(media
['tags'],
133 [{'name': u
'yin', 'slug': u
'yin'},
134 {'name': u
'yang', 'slug': u
'yang'}])
136 # Test tags that are too long
138 util
.clear_test_template_context()
139 response
= self
.test_app
.post(
141 'title': 'Balanced Goblin',
142 'tags': BAD_TAG_STRING
146 # Too long error should be raised
147 context
= util
.TEMPLATE_TEST_CONTEXT
['mediagoblin/submit/start.html']
148 form
= context
['submit_form']
149 assert form
.tags
.errors
== [
150 u
'Tags must be shorter than 50 characters. Tags that are too long'\
151 ': ffffffffffffffffffffffffffuuuuuuuuuuuuuuuuuuuuuuuuuu']
153 def test_malicious_uploads(self
):
154 # Test non-suppoerted file with non-supported extension
155 # -----------------------------------------------------
156 util
.clear_test_template_context()
157 response
= self
.test_app
.post(
159 'title': 'Malicious Upload 2'
163 context
= util
.TEMPLATE_TEST_CONTEXT
['mediagoblin/submit/start.html']
164 form
= context
['submit_form']
165 assert form
.file.errors
== ['The file doesn\'t seem to be an image!']
167 # NOTE: The following 2 tests will fail. These can be uncommented
168 # after http://bugs.foocorp.net/issues/324 is resolved and
169 # bad files are handled properly.
171 # Test non-supported file with .jpg extension
172 # -------------------------------------------
173 #util.clear_test_template_context()
174 #response = self.test_app.post(
176 # 'title': 'Malicious Upload 2'
178 # 'file', EVIL_JPG)])
180 #context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
181 #form = context['submit_form']
182 #assert form.file.errors == ['The file doesn\'t seem to be an image!']
184 # Test non-supported file with .png extension
185 # -------------------------------------------
186 #util.clear_test_template_context()
187 #response = self.test_app.post(
189 # 'title': 'Malicious Upload 3'
191 # 'file', EVIL_PNG)])
193 #context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
194 #form = context['submit_form']
195 #assert form.file.errors == ['The file doesn\'t seem to be an image!']