projects / mediagoblin.git / blob
? search:


b70138394fe4d8f56118f2f37f57c66b301b3a94
[mediagoblin.git] / mediagoblin / tests / test_submission.py
1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011 MediaGoblin contributors. See AUTHORS.
3 #
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
8 #
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
13 #
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16
17 import urlparse
18 import pkg_resources
19
20 from nose.tools import assert_equal, assert_true, assert_false
21
22 from mediagoblin.auth import lib as auth_lib
23 from mediagoblin.tests.tools import setup_fresh_app, get_test_app
24 from mediagoblin import mg_globals
25 from mediagoblin import util
26
27 GOOD_JPG = pkg_resources.resource_filename(
28 'mediagoblin.tests', 'test_submission/good.jpg')
29 GOOD_PNG = pkg_resources.resource_filename(
30 'mediagoblin.tests', 'test_submission/good.png')
31 EVIL_FILE = pkg_resources.resource_filename(
32 'mediagoblin.tests', 'test_submission/evil')
33 EVIL_JPG = pkg_resources.resource_filename(
34 'mediagoblin.tests', 'test_submission/evil.jpg')
35 EVIL_PNG = pkg_resources.resource_filename(
36 'mediagoblin.tests', 'test_submission/evil.png')
37
38 GOOD_TAG_STRING = 'yin,yang'
39 BAD_TAG_STRING = 'rage,' + 'f' * 26 + 'u' * 26
40
41
42 class TestSubmission:
43 def setUp(self):
44 self.test_app = get_test_app()
45
46 # TODO: Possibly abstract into a decorator like:
47 # @as_authenticated_user('chris')
48 test_user = mg_globals.database.User()
49 test_user['username'] = u'chris'
50 test_user['email'] = u'chris@example.com'
51 test_user['email_verified'] = True
52 test_user['status'] = u'active'
53 test_user['pw_hash'] = auth_lib.bcrypt_gen_password_hash('toast')
54 test_user.save()
55
56 self.test_user = test_user
57
58 self.test_app.post(
59 '/auth/login/', {
60 'username': u'chris',
61 'password': 'toast'})
62
63 def test_missing_fields(self):
64 # Test blank form
65 # ---------------
66 util.clear_test_template_context()
67 response = self.test_app.post(
68 '/submit/', {})
69 context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
70 form = context['submit_form']
71 assert form.file.errors == [u'You must provide a file.']
72
73 # Test blank file
74 # ---------------
75 util.clear_test_template_context()
76 response = self.test_app.post(
77 '/submit/', {
78 'title': 'test title'})
79 context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
80 form = context['submit_form']
81 assert form.file.errors == [u'You must provide a file.']
82
83
84 def test_normal_uploads(self):
85 # Test JPG
86 # --------
87 util.clear_test_template_context()
88 response = self.test_app.post(
89 '/submit/', {
90 'title': 'Normal upload 1'
91 }, upload_files=[(
92 'file', GOOD_JPG)])
93
94 # User should be redirected
95 response.follow()
96 assert_equal(
97 urlparse.urlsplit(response.location)[2],
98 '/u/chris/')
99 assert util.TEMPLATE_TEST_CONTEXT.has_key(
100 'mediagoblin/user_pages/user.html')
101
102 # Test PNG
103 # --------
104 util.clear_test_template_context()
105 response = self.test_app.post(
106 '/submit/', {
107 'title': 'Normal upload 2'
108 }, upload_files=[(
109 'file', GOOD_PNG)])
110
111 response.follow()
112 assert_equal(
113 urlparse.urlsplit(response.location)[2],
114 '/u/chris/')
115 assert util.TEMPLATE_TEST_CONTEXT.has_key(
116 'mediagoblin/user_pages/user.html')
117
118 def test_tags(self):
119 # Good tag string
120 # --------
121 util.clear_test_template_context()
122 response = self.test_app.post(
123 '/submit/', {
124 'title': 'Balanced Goblin',
125 'tags': GOOD_TAG_STRING
126 }, upload_files=[(
127 'file', GOOD_JPG)])
128
129 # New media entry with correct tags should be created
130 response.follow()
131 context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/user_pages/user.html']
132 request = context['request']
133 media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
134 assert_equal(media['tags'],
135 [{'name': u'yin', 'slug': u'yin'},
136 {'name': u'yang', 'slug': u'yang'}])
137
138 # Test tags that are too long
139 # ---------------
140 util.clear_test_template_context()
141 response = self.test_app.post(
142 '/submit/', {
143 'title': 'Balanced Goblin',
144 'tags': BAD_TAG_STRING
145 }, upload_files=[(
146 'file', GOOD_JPG)])
147
148 # Too long error should be raised
149 context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
150 form = context['submit_form']
151 assert form.tags.errors == [
152 u'Tags must be shorter than 50 characters. Tags that are too long'\
153 ': ffffffffffffffffffffffffffuuuuuuuuuuuuuuuuuuuuuuuuuu']
154
155 def test_delete(self):
156 util.clear_test_template_context()
157 response = self.test_app.post(
158 '/submit/', {
159 'title': 'Balanced Goblin',
160 }, upload_files=[(
161 'file', GOOD_JPG)])
162
163 # Post image
164 response.follow()
165
166 request = util.TEMPLATE_TEST_CONTEXT[
167 'mediagoblin/user_pages/user.html']['request']
168
169 media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
170
171 # Does media entry exist?
172 assert_true(media)
173
174 # Do not confirm deletion
175 # ---------------------------------------------------
176 response = self.test_app.post(
177 request.urlgen('mediagoblin.user_pages.media_confirm_delete',
178 # No work: user=media.uploader().username,
179 user=self.test_user['username'],
180 media=media['_id']),
181 {'confirm': 'False'})
182
183 response.follow()
184
185 request = util.TEMPLATE_TEST_CONTEXT[
186 'mediagoblin/user_pages/user.html']['request']
187
188 media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
189
190 # Does media entry still exist?
191 assert_true(media)
192
193 # Confirm deletion
194 # ---------------------------------------------------
195 response = self.test_app.post(
196 request.urlgen('mediagoblin.user_pages.media_confirm_delete',
197 # No work: user=media.uploader().username,
198 user=self.test_user['username'],
199 media=media['_id']),
200 {'confirm': 'True'})
201
202 response.follow()
203
204 request = util.TEMPLATE_TEST_CONTEXT[
205 'mediagoblin/user_pages/user.html']['request']
206
207 # Does media entry still exist?
208 assert_false(
209 request.db.MediaEntry.find(
210 {'_id': media['_id']}).count())
211
212 def test_malicious_uploads(self):
213 # Test non-suppoerted file with non-supported extension
214 # -----------------------------------------------------
215 util.clear_test_template_context()
216 response = self.test_app.post(
217 '/submit/', {
218 'title': 'Malicious Upload 1'
219 }, upload_files=[(
220 'file', EVIL_FILE)])
221
222 context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
223 form = context['submit_form']
224 assert form.file.errors == ['The file doesn\'t seem to be an image!']
225
226 # NOTE: The following 2 tests will ultimately fail, but they
227 # *will* pass the initial form submission step. Instead,
228 # they'll be caught as failures during the processing step.
229
230 # Test non-supported file with .jpg extension
231 # -------------------------------------------
232 util.clear_test_template_context()
233 response = self.test_app.post(
234 '/submit/', {
235 'title': 'Malicious Upload 2'
236 }, upload_files=[(
237 'file', EVIL_JPG)])
238 response.follow()
239 assert_equal(
240 urlparse.urlsplit(response.location)[2],
241 '/u/chris/')
242
243 entry = mg_globals.database.MediaEntry.find_one(
244 {'title': 'Malicious Upload 2'})
245 assert_equal(entry['state'], 'failed')
246 assert_equal(
247 entry['fail_error'],
248 u'mediagoblin.process_media.errors:BadMediaFail')
249
250 # Test non-supported file with .png extension
251 # -------------------------------------------
252 util.clear_test_template_context()
253 response = self.test_app.post(
254 '/submit/', {
255 'title': 'Malicious Upload 3'
256 }, upload_files=[(
257 'file', EVIL_PNG)])
258 response.follow()
259 assert_equal(
260 urlparse.urlsplit(response.location)[2],
261 '/u/chris/')
262
263 entry = mg_globals.database.MediaEntry.find_one(
264 {'title': 'Malicious Upload 3'})
265 assert_equal(entry['state'], 'failed')
266 assert_equal(
267 entry['fail_error'],
268 u'mediagoblin.process_media.errors:BadMediaFail')
Unnamed repository; edit this file 'description' to name the repository.