+
# GNU MediaGoblin -- federated, autonomous media hosting
-# Copyright (C) 2011 Free Software Foundation, Inc
+# Copyright (C) 2011 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import urlparse
+import pkg_resources
+import re
-from nose.tools import assert_equal
+from nose.tools import assert_equal, assert_true, assert_false
-from mediagoblin.auth import lib as auth_lib
-from mediagoblin.tests.tools import setup_fresh_app, get_test_app
+from mediagoblin.tests.tools import setup_fresh_app, get_test_app, \
+ fixture_add_user
from mediagoblin import mg_globals
-from mediagoblin import util
+from mediagoblin.tools import template, common
+
+GOOD_JPG = pkg_resources.resource_filename(
+ 'mediagoblin.tests', 'test_submission/good.jpg')
+GOOD_PNG = pkg_resources.resource_filename(
+ 'mediagoblin.tests', 'test_submission/good.png')
+EVIL_FILE = pkg_resources.resource_filename(
+ 'mediagoblin.tests', 'test_submission/evil')
+EVIL_JPG = pkg_resources.resource_filename(
+ 'mediagoblin.tests', 'test_submission/evil.jpg')
+EVIL_PNG = pkg_resources.resource_filename(
+ 'mediagoblin.tests', 'test_submission/evil.png')
-#TEST_JPG = ''
+GOOD_TAG_STRING = 'yin,yang'
+BAD_TAG_STRING = 'rage,' + 'f' * 26 + 'u' * 26
-# TODO:
-# - Define test files as globals
-# - supported mime types
-# - unsupported mime type with supported extension
-# - Remove any imports that aren't neccessary
-# - Get setup fixture working
class TestSubmission:
def setUp(self):
self.test_app = get_test_app()
- test_user = mg_globals.database.User()
- test_user['username'] = u'chris'
- test_user['email'] = u'chris@example.com'
- test_user['pw_hash'] = auth_lib.bcrypt_gen_password_hash('toast')
- test_user.save()
+ # TODO: Possibly abstract into a decorator like:
+ # @as_authenticated_user('chris')
+ test_user = fixture_add_user()
+
+ self.test_user = test_user
+
+ self.test_app.post(
+ '/auth/login/', {
+ 'username': u'chris',
+ 'password': 'toast'})
+
+ def test_missing_fields(self):
+ # Test blank form
+ # ---------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {})
+ context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
+ form = context['submit_form']
+ assert form.file.errors == [u'You must provide a file.']
+
+ # Test blank file
+ # ---------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'test title'})
+ context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
+ form = context['submit_form']
+ assert form.file.errors == [u'You must provide a file.']
+
+
+ def test_normal_uploads(self):
+ # Test JPG
+ # --------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Normal upload 1'
+ }, upload_files=[(
+ 'file', GOOD_JPG)])
+
+ # User should be redirected
+ response.follow()
+ assert_equal(
+ urlparse.urlsplit(response.location)[2],
+ '/u/chris/')
+ assert template.TEMPLATE_TEST_CONTEXT.has_key(
+ 'mediagoblin/user_pages/user.html')
+
+ # Test PNG
+ # --------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Normal upload 2'
+ }, upload_files=[(
+ 'file', GOOD_PNG)])
+
+ response.follow()
+ assert_equal(
+ urlparse.urlsplit(response.location)[2],
+ '/u/chris/')
+ assert template.TEMPLATE_TEST_CONTEXT.has_key(
+ 'mediagoblin/user_pages/user.html')
+
+ def test_tags(self):
+ # Good tag string
+ # --------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Balanced Goblin',
+ 'tags': GOOD_TAG_STRING
+ }, upload_files=[(
+ 'file', GOOD_JPG)])
+
+ # New media entry with correct tags should be created
+ response.follow()
+ context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/user_pages/user.html']
+ request = context['request']
+ media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
+ assert_equal(media['tags'],
+ [{'name': u'yin', 'slug': u'yin'},
+ {'name': u'yang', 'slug': u'yang'}])
+
+ # Test tags that are too long
+ # ---------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Balanced Goblin',
+ 'tags': BAD_TAG_STRING
+ }, upload_files=[(
+ 'file', GOOD_JPG)])
+
+ # Too long error should be raised
+ context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
+ form = context['submit_form']
+ assert form.tags.errors == [
+ u'Tags must be shorter than 50 characters. Tags that are too long'\
+ ': ffffffffffffffffffffffffffuuuuuuuuuuuuuuuuuuuuuuuuuu']
+
+ def test_delete(self):
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Balanced Goblin',
+ }, upload_files=[(
+ 'file', GOOD_JPG)])
+
+ # Post image
+ response.follow()
+
+ request = template.TEMPLATE_TEST_CONTEXT[
+ 'mediagoblin/user_pages/user.html']['request']
+
+ media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
+
+ # Does media entry exist?
+ assert_true(media)
+
+ # Do not confirm deletion
+ # ---------------------------------------------------
+ response = self.test_app.post(
+ request.urlgen('mediagoblin.user_pages.media_confirm_delete',
+ # No work: user=media.uploader().username,
+ user=self.test_user.username,
+ media=media._id),
+ # no value means no confirm
+ {})
+
+ response.follow()
+
+ request = template.TEMPLATE_TEST_CONTEXT[
+ 'mediagoblin/user_pages/user.html']['request']
+
+ media = request.db.MediaEntry.find({'title': 'Balanced Goblin'})[0]
+
+ # Does media entry still exist?
+ assert_true(media)
+
+ # Confirm deletion
+ # ---------------------------------------------------
+ response = self.test_app.post(
+ request.urlgen('mediagoblin.user_pages.media_confirm_delete',
+ # No work: user=media.uploader().username,
+ user=self.test_user.username,
+ media=media._id),
+ {'confirm': 'y'})
+
+ response.follow()
+
+ request = template.TEMPLATE_TEST_CONTEXT[
+ 'mediagoblin/user_pages/user.html']['request']
+
+ # Does media entry still exist?
+ assert_false(
+ request.db.MediaEntry.find(
+ {'_id': media._id}).count())
+
+ def test_malicious_uploads(self):
+ # Test non-suppoerted file with non-supported extension
+ # -----------------------------------------------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Malicious Upload 1'
+ }, upload_files=[(
+ 'file', EVIL_FILE)])
+
+ context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/submit/start.html']
+ form = context['submit_form']
+ assert re.match(r'^Could not extract any file extension from ".*?"$', str(form.file.errors[0]))
+ assert len(form.file.errors) == 1
+
+ # NOTE: The following 2 tests will ultimately fail, but they
+ # *will* pass the initial form submission step. Instead,
+ # they'll be caught as failures during the processing step.
+
+ # Test non-supported file with .jpg extension
+ # -------------------------------------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Malicious Upload 2'
+ }, upload_files=[(
+ 'file', EVIL_JPG)])
+ response.follow()
+ assert_equal(
+ urlparse.urlsplit(response.location)[2],
+ '/u/chris/')
+
+ entry = mg_globals.database.MediaEntry.find_one(
+ {'title': 'Malicious Upload 2'})
+ assert_equal(entry['state'], 'failed')
+ assert_equal(
+ entry['fail_error'],
+ u'mediagoblin.processing:BadMediaFail')
- def test_something(self):
- pass
+ # Test non-supported file with .png extension
+ # -------------------------------------------
+ template.clear_test_template_context()
+ response = self.test_app.post(
+ '/submit/', {
+ 'title': 'Malicious Upload 3'
+ }, upload_files=[(
+ 'file', EVIL_PNG)])
+ response.follow()
+ assert_equal(
+ urlparse.urlsplit(response.location)[2],
+ '/u/chris/')
+ entry = mg_globals.database.MediaEntry.find_one(
+ {'title': 'Malicious Upload 3'})
+ assert_equal(entry['state'], 'failed')
+ assert_equal(
+ entry['fail_error'],
+ u'mediagoblin.processing:BadMediaFail')