diff options
Diffstat (limited to 'mediagoblin/tests/test_auth.py')
-rw-r--r-- | mediagoblin/tests/test_auth.py | 119 |
1 files changed, 103 insertions, 16 deletions
diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py index 1bbc3d01..618d02b6 100644 --- a/mediagoblin/tests/test_auth.py +++ b/mediagoblin/tests/test_auth.py @@ -1,4 +1,3 @@ - # GNU MediaGoblin -- federated, autonomous media hosting # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. # @@ -14,12 +13,16 @@ # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -import urlparse + import pkg_resources import pytest +import six + +import six.moves.urllib.parse as urlparse + from mediagoblin import mg_globals -from mediagoblin.db.models import User +from mediagoblin.db.models import User, LocalUser from mediagoblin.tests.tools import get_app, fixture_add_user from mediagoblin.tools import template, mail from mediagoblin.auth import tools as auth_tools @@ -76,9 +79,31 @@ def test_register_views(test_app): assert form.username.errors == [u'This field does not take email addresses.'] assert form.email.errors == [u'This field requires an email address.'] + ## invalid characters + template.clear_test_template_context() + test_app.post( + '/auth/register/', { + 'username': 'ampersand&invalid', + 'email': 'easter@egg.com'}) + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/register.html'] + form = context['register_form'] + + assert form.username.errors == [u'Invalid input.'] + ## At this point there should be no users in the database ;) assert User.query.count() == 0 + ## mixture of characters from all valid ranges + template.clear_test_template_context() + test_app.post( + '/auth/register/', { + 'username': 'Jean-Louis1_Le-Chat', + 'password': 'iamsohappy', + 'email': 'easter@egg.com'}) + + ## At this point there should on user in the database + assert User.query.count() == 1 + # Successful register # ------------------- template.clear_test_template_context() @@ -94,8 +119,9 @@ def test_register_views(test_app): assert 'mediagoblin/user_pages/user_nonactive.html' in template.TEMPLATE_TEST_CONTEXT ## Make sure user is in place - new_user = mg_globals.database.User.query.filter_by( - username=u'angrygirl').first() + new_user = mg_globals.database.LocalUser.query.filter( + LocalUser.username==u'angrygirl' + ).first() assert new_user ## Make sure that the proper privileges are granted on registration @@ -107,15 +133,15 @@ def test_register_views(test_app): ## Make sure user is logged in request = template.TEMPLATE_TEST_CONTEXT[ 'mediagoblin/user_pages/user_nonactive.html']['request'] - assert request.session['user_id'] == unicode(new_user.id) + assert request.session['user_id'] == six.text_type(new_user.id) ## Make sure we get email confirmation, and try verifying - assert len(mail.EMAIL_TEST_INBOX) == 1 + assert len(mail.EMAIL_TEST_INBOX) == 2 message = mail.EMAIL_TEST_INBOX.pop() assert message['To'] == 'angrygrrl@example.org' email_context = template.TEMPLATE_TEST_CONTEXT[ 'mediagoblin/auth/verification_email.txt'] - assert email_context['verification_url'] in message.get_payload(decode=True) + assert email_context['verification_url'].encode('ascii') in message.get_payload(decode=True) path = urlparse.urlsplit(email_context['verification_url'])[2] get_params = urlparse.urlsplit(email_context['verification_url'])[3] @@ -133,8 +159,9 @@ def test_register_views(test_app): # assert context['verification_successful'] == True # TODO: Would be good to test messages here when we can do so... - new_user = mg_globals.database.User.query.filter_by( - username=u'angrygirl').first() + new_user = mg_globals.database.LocalUser.query.filter( + LocalUser.username==u'angrygirl' + ).first() assert new_user ## Verify the email activation works @@ -145,8 +172,9 @@ def test_register_views(test_app): 'mediagoblin/user_pages/user.html'] # assert context['verification_successful'] == True # TODO: Would be good to test messages here when we can do so... - new_user = mg_globals.database.User.query.filter_by( - username=u'angrygirl').first() + new_user = mg_globals.database.LocalUser.query.filter( + LocalUser.username==u'angrygirl' + ).first() assert new_user # Uniqueness checks @@ -180,13 +208,13 @@ def test_register_views(test_app): assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT ## Make sure link to change password is sent by email - assert len(mail.EMAIL_TEST_INBOX) == 1 + assert len(mail.EMAIL_TEST_INBOX) == 2 message = mail.EMAIL_TEST_INBOX.pop() assert message['To'] == 'angrygrrl@example.org' email_context = template.TEMPLATE_TEST_CONTEXT[ 'mediagoblin/plugins/basic_auth/fp_verification_email.txt'] #TODO - change the name of verification_url to something forgot-password-ish - assert email_context['verification_url'] in message.get_payload(decode=True) + assert email_context['verification_url'].encode('ascii') in message.get_payload(decode=True) path = urlparse.urlsplit(email_context['verification_url'])[2] get_params = urlparse.urlsplit(email_context['verification_url'])[3] @@ -229,7 +257,6 @@ def test_register_views(test_app): assert urlparse.urlsplit(response.location)[2] == '/' assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT - def test_authentication_views(test_app): """ Test logging in and logging out @@ -305,7 +332,7 @@ def test_authentication_views(test_app): # Make sure user is in the session context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] session = context['request'].session - assert session['user_id'] == unicode(test_user.id) + assert session['user_id'] == six.text_type(test_user.id) # Successful logout # ----------------- @@ -332,6 +359,66 @@ def test_authentication_views(test_app): 'next' : '/u/chris/'}) assert urlparse.urlsplit(response.location)[2] == '/u/chris/' + ## Verify that username is lowercased on login attempt + template.clear_test_template_context() + response = test_app.post( + '/auth/login/', { + 'username': u'ANDREW', + 'password': 'fuselage'}) + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html'] + form = context['login_form'] + + # Username should no longer be uppercased; it should be lowercased + assert not form.username.data == u'ANDREW' + assert form.username.data == u'andrew' + + # Successful login with short user + # -------------------------------- + short_user = fixture_add_user(username=u'me', password=u'sho') + template.clear_test_template_context() + response = test_app.post( + '/auth/login/', { + 'username': u'me', + 'password': 'sho'}) + + # User should be redirected + response.follow() + + assert urlparse.urlsplit(response.location)[2] == '/' + assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT + + # Make sure user is in the session + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] + session = context['request'].session + assert session['user_id'] == six.text_type(short_user.id) + + # Must logout + template.clear_test_template_context() + response = test_app.get('/auth/logout/') + + # Successful login with long user + # ---------------- + long_user = fixture_add_user( + username=u'realllylonguser@reallylongdomain.com.co', password=u'sho') + template.clear_test_template_context() + response = test_app.post( + '/auth/login/', { + 'username': u'realllylonguser@reallylongdomain.com.co', + 'password': 'sho'}) + + # User should be redirected + response.follow() + assert urlparse.urlsplit(response.location)[2] == '/' + assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT + + # Make sure user is in the session + context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] + session = context['request'].session + assert session['user_id'] == six.text_type(long_user.id) + + template.clear_test_template_context() + response = test_app.get('/auth/logout/') + @pytest.fixture() def authentication_disabled_app(request): return get_app( |