Skip to content

Commit

Permalink
test : Only logged users can add/update/delete categories and slides
Browse files Browse the repository at this point in the history
  • Loading branch information
@asmasma21
asmasma21 committed Jan 1, 2015
1 parent 2fceba6 commit c868bb7
Showing 1 changed file with 117 additions and 5 deletions.
122 changes: 117 additions & 5 deletions tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,19 @@
import unittest
import tempfile
import database
from models import CategoryModel

from flask.ext.login import login_user , logout_user
from models import CategoryModel,AdministratorModel,SlideModel

@slides.app.route('/test_login')
def test_login():
database.db_session.add(AdministratorModel("test"))
database.db_session.commit()
user = ( AdministratorModel.query.filter(AdministratorModel.email=="test").first())
login_user(user)
return "ok"

class SlidesTestCase(unittest.TestCase):

def setUp(self):
slides.app.config['TESTING'] = True
self.app = slides.app.test_client()
Expand All @@ -27,6 +34,11 @@ def test_add_new_category(self):
name='test'), follow_redirects=True)
assert "Category added succefully" in rv.data

def test_only_logged_users_can_add_new_category(self):
rv = self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)
assert 'Unauthorized' in rv.data

def test_add_existing_category(self):
self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)
Expand All @@ -45,6 +57,20 @@ def test_update_category(self):
id=c.id, title="test2"), follow_redirects=True)
assert "Category updated succefully" in rv.data

def test_only_logged_users_can_update_category(self):
self.app.get("/test_login")

self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)

c = CategoryModel.query.filter(CategoryModel.name=="test").first()

self.app.post("/api/logout")

rv = self.app.post('/updatecategory', data=dict(
id=c.id, title="test2"), follow_redirects=True)
assert 'Unauthorized' in rv.data

@unittest.expectedFailure
def test_update_category_with_existing_name(self):

Expand Down Expand Up @@ -82,6 +108,20 @@ def test_delete_category(self):
id=c.id), follow_redirects=True)
assert "Category deleted succefully" in rv.data

def test_only_logged_users_can_delete_category(self):
self.app.get("/test_login")

self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)

c = CategoryModel.query.filter(CategoryModel.name=="test").first()

self.app.post("/api/logout")

rv = self.app.post('/deletecategory', data=dict(
id=c.id), follow_redirects=True)
assert 'Unauthorized' in rv.data

def test_delete_uncategorised_category(self):
self.app.get('/init')

Expand Down Expand Up @@ -140,10 +180,82 @@ def test_add_new_slide_with_non_gh_pages_branch(self):
)

assert "You have to create a 'gh-pages' branch" in rv.data


def test_only_logged_users_can_add_slide(self):
self.app.get("/test_login")
self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)

c = CategoryModel.query.filter(CategoryModel.name=="test").first()

self.app.post("/api/logout")

rv = self.app.post('/addSlide', data=dict(
title='Firefox OS App Day Tunisia',
url='https://github.com/moztn/firefoxOSAppDay-Slides',
description='Firefox OS App Day Tunisia Event',
categorie=c.id)
)
assert 'Unauthorized' in rv.data

def test_only_logged_users_can_update_slide(self):
self.app.get("/test_login")
self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)

c = CategoryModel.query.filter(CategoryModel.name=="test").first()

self.app.post('/addSlide', data=dict(
title='Firefox OS App Day Tunisia',
url='https://github.com/moztn/firefoxOSAppDay-Slides',
description='Firefox OS App Day Tunisia Event',
screenshot = "img/badge-reserved.jpg",
categorie=c.name)
)

s = SlideModel.query.filter(SlideModel.title=='Firefox OS App Day Tunisia').first()

self.app.post("/api/logout")

rv=self.app.post('/addSlide', data=dict(
id=s.id,
title='Firefox OS App Day TN',
url=s.url,
description=s.description,
screenshot = s.screenshot,
categorie=s.category)
)

assert 'Unauthorized' in rv.data

def test_only_logged_users_can_delete_slide(self):
self.app.get("/test_login")
self.app.post('/addCategory', data=dict(
name='test'), follow_redirects=True)

c = CategoryModel.query.filter(CategoryModel.name=="test").first()

self.app.post('/addSlide', data=dict(
title='Firefox OS App Day Tunisia',
url='https://github.com/moztn/firefoxOSAppDay-Slides',
description='Firefox OS App Day Tunisia Event',
screenshot = "img/badge-reserved.jpg",
categorie=c.name)
)

s = SlideModel.query.filter(SlideModel.title=='Firefox OS App Day Tunisia').first()

self.app.post("/api/logout")

rv=self.app.post('/deleteslide', data=dict(
id=s.id)
)

assert 'Unauthorized' in rv.data

def test_access_to_admin_page_denied_if_not_logged_in(self):
rv = self.app.get('/admin')
assert 'You must be logged in to access this page' in rv.data
assert 'You must be logged in to access this page' in rv.data



Expand Down

0 comments on commit c868bb7

Please sign in to comment.