From d24a82970ea34d90b684e1adaf9ddebacf215b89 Mon Sep 17 00:00:00 2001 From: Sebastian Spaeth Date: Tue, 11 Dec 2012 15:38:28 +0100 Subject: Fix CSRF tests with webtest 1.4.0 CSRF tests apparently passed with earlier versions of webtest, but failed with the latest webtest (1.4.0) package. It choked on passing a "key=value; " cookie as it split at the semicolon and failed to find additional values or something like that. Removing the semicolon makes this test pass. Signed-off-by: Sebastian Spaeth --- mediagoblin/tests/test_csrf_middleware.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index ad433fe8..d730909f 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -44,7 +44,7 @@ def test_csrf_token_must_match(test_app): # construct a request with a cookie, but no form token assert test_app.post('/auth/login/', - headers={'Cookie': str('%s=foo; ' % + headers={'Cookie': str('%s=foo' % mg_globals.app_config['csrf_cookie_name'])}, extra_environ={'gmg.verify_csrf': True}, expect_errors=True).status_int == 403 @@ -52,7 +52,7 @@ def test_csrf_token_must_match(test_app): # if both the cookie and form token are provided, they must match assert test_app.post('/auth/login/', {'csrf_token': 'blarf'}, - headers={'Cookie': str('%s=foo; ' % + headers={'Cookie': str('%s=foo' % mg_globals.app_config['csrf_cookie_name'])}, extra_environ={'gmg.verify_csrf': True}, expect_errors=True).\ @@ -60,7 +60,7 @@ def test_csrf_token_must_match(test_app): assert test_app.post('/auth/login/', {'csrf_token': 'foo'}, - headers={'Cookie': str('%s=foo; ' % + headers={'Cookie': str('%s=foo' % mg_globals.app_config['csrf_cookie_name'])}, extra_environ={'gmg.verify_csrf': True}).\ status_int == 200 -- cgit v1.2.3 From b97144dcc970750b265b8e9605f9a4da0cee50e4 Mon Sep 17 00:00:00 2001 From: Sebastian Spaeth Date: Tue, 8 Jan 2013 13:31:16 +0100 Subject: tests: More instances where a fresh database is not needed Save test runtime by not dumping the databases when not needed. --- mediagoblin/tests/test_csrf_middleware.py | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index d730909f..3aa405e0 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -14,13 +14,12 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -from mediagoblin.tests.tools import setup_fresh_app +from mediagoblin.tests.tools import get_test_app from mediagoblin import mg_globals -@setup_fresh_app -def test_csrf_cookie_set(test_app): - +def test_csrf_cookie_set(): + test_app = get_test_app(dump_old_app=False) cookie_name = mg_globals.app_config['csrf_cookie_name'] # get login page @@ -34,9 +33,8 @@ def test_csrf_cookie_set(test_app): assert response.headers.get('Vary', False) == 'Cookie' -@setup_fresh_app -def test_csrf_token_must_match(test_app): - +def test_csrf_token_must_match(): + test_app = get_test_app(dump_old_app=False) # construct a request with no cookie or form token assert test_app.post('/auth/login/', extra_environ={'gmg.verify_csrf': True}, @@ -65,9 +63,8 @@ def test_csrf_token_must_match(test_app): extra_environ={'gmg.verify_csrf': True}).\ status_int == 200 -@setup_fresh_app -def test_csrf_exempt(test_app): - +def test_csrf_exempt(): + test_app = get_test_app(dump_old_app=False) # monkey with the views to decorate a known endpoint import mediagoblin.auth.views from mediagoblin.meddleware.csrf import csrf_exempt -- cgit v1.2.3 From 6de8b42e4ed1f1cd663501d5f61032ba41ed0285 Mon Sep 17 00:00:00 2001 From: Elrond Date: Wed, 9 Jan 2013 00:19:24 +0100 Subject: Fix tests on webtest < 1.3.6. Debian testing ships webtest 1.3.4. And it would be nice to use the base packages. One of the csrf tests fails on webtest < 1.3.6. But using a fresh app fixes it. We have no clue, why exactly. When we require webtest 1.3.6, change this. --- mediagoblin/tests/test_csrf_middleware.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index 3aa405e0..22a0eb04 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -34,7 +34,11 @@ def test_csrf_cookie_set(): def test_csrf_token_must_match(): - test_app = get_test_app(dump_old_app=False) + # We need a fresh app for this test on webtest < 1.3.6. + # We do not understand why, but it fixes the tests. + # If we require webtest >= 1.3.6, we can switch to a non fresh app here. + test_app = get_test_app(dump_old_app=True) + # construct a request with no cookie or form token assert test_app.post('/auth/login/', extra_environ={'gmg.verify_csrf': True}, -- cgit v1.2.3 From 1be247b36e58c8c71a974b65dff7194f28483f12 Mon Sep 17 00:00:00 2001 From: Elrond Date: Fri, 18 Jan 2013 11:40:40 +0100 Subject: Rename get_test_app to get_app. nosetests runs everything that even vaguely looks like a test case... even our get_test_app. And as it is imported everywhere... it is run everywhere as a test case. Renaming it saves us about 10+ tests and a few seconds of time. --- mediagoblin/tests/test_csrf_middleware.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index 22a0eb04..e720264c 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -14,12 +14,12 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -from mediagoblin.tests.tools import get_test_app +from mediagoblin.tests.tools import get_app from mediagoblin import mg_globals def test_csrf_cookie_set(): - test_app = get_test_app(dump_old_app=False) + test_app = get_app(dump_old_app=False) cookie_name = mg_globals.app_config['csrf_cookie_name'] # get login page @@ -37,7 +37,7 @@ def test_csrf_token_must_match(): # We need a fresh app for this test on webtest < 1.3.6. # We do not understand why, but it fixes the tests. # If we require webtest >= 1.3.6, we can switch to a non fresh app here. - test_app = get_test_app(dump_old_app=True) + test_app = get_app(dump_old_app=True) # construct a request with no cookie or form token assert test_app.post('/auth/login/', @@ -68,7 +68,7 @@ def test_csrf_token_must_match(): status_int == 200 def test_csrf_exempt(): - test_app = get_test_app(dump_old_app=False) + test_app = get_app(dump_old_app=False) # monkey with the views to decorate a known endpoint import mediagoblin.auth.views from mediagoblin.meddleware.csrf import csrf_exempt -- cgit v1.2.3 From 5c2ece7401723486d76ea0fcd2f99ba4d1002504 Mon Sep 17 00:00:00 2001 From: Christopher Allan Webber Date: Thu, 4 Apr 2013 19:23:04 -0500 Subject: Switch test_app generation over to use py.test fixtures. By doing this, we can take advantage of py.test's ability to create temporary directories that are then cleaned up later during testing. This helps for sandboxing things. This also involves a ton of changes: - Changing the get_app stuff appropriately, getting rid of the setup_fresh_app decorator - Making said fixture - Switching over a billion tests to use it --- mediagoblin/tests/test_csrf_middleware.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index e720264c..a272caf6 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -14,12 +14,10 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -from mediagoblin.tests.tools import get_app from mediagoblin import mg_globals -def test_csrf_cookie_set(): - test_app = get_app(dump_old_app=False) +def test_csrf_cookie_set(test_app): cookie_name = mg_globals.app_config['csrf_cookie_name'] # get login page @@ -33,11 +31,14 @@ def test_csrf_cookie_set(): assert response.headers.get('Vary', False) == 'Cookie' -def test_csrf_token_must_match(): - # We need a fresh app for this test on webtest < 1.3.6. - # We do not understand why, but it fixes the tests. - # If we require webtest >= 1.3.6, we can switch to a non fresh app here. - test_app = get_app(dump_old_app=True) +# We need a fresh app for this test on webtest < 1.3.6. +# We do not understand why, but it fixes the tests. +# If we require webtest >= 1.3.6, we can switch to a non fresh app here. +# +# ... this comment might be irrelevant post-pytest-fixtures, but I'm not +# removing it yet in case we move to module-level tests :) +# -- cwebber +def test_csrf_token_must_match(test_app): # construct a request with no cookie or form token assert test_app.post('/auth/login/', @@ -67,8 +68,7 @@ def test_csrf_token_must_match(): extra_environ={'gmg.verify_csrf': True}).\ status_int == 200 -def test_csrf_exempt(): - test_app = get_app(dump_old_app=False) +def test_csrf_exempt(test_app): # monkey with the views to decorate a known endpoint import mediagoblin.auth.views from mediagoblin.meddleware.csrf import csrf_exempt -- cgit v1.2.3 From 0536306048daa0970d2e43411ba2a9bf073e570e Mon Sep 17 00:00:00 2001 From: Christopher Allan Webber Date: Thu, 16 May 2013 17:51:21 -0500 Subject: Always activate testing in every test module ever. Kind of a dorky way to implement this, but... --- mediagoblin/tests/test_csrf_middleware.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index a272caf6..f63c75c4 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -15,6 +15,9 @@ # along with this program. If not, see . from mediagoblin import mg_globals +from mediagoblin.tools.testing import _activate_testing + +_activate_testing() def test_csrf_cookie_set(test_app): -- cgit v1.2.3 From 9a9bafc078192317695a4f06233ea261fe147989 Mon Sep 17 00:00:00 2001 From: Christopher Allan Webber Date: Fri, 17 May 2013 11:12:56 -0500 Subject: Reverting "Always activate testing in every test module ever." Revert "Always activate testing in every test module ever." This reverts commit 0536306048daa0970d2e43411ba2a9bf073e570e. --- mediagoblin/tests/test_csrf_middleware.py | 3 --- 1 file changed, 3 deletions(-) (limited to 'mediagoblin/tests/test_csrf_middleware.py') diff --git a/mediagoblin/tests/test_csrf_middleware.py b/mediagoblin/tests/test_csrf_middleware.py index f63c75c4..a272caf6 100644 --- a/mediagoblin/tests/test_csrf_middleware.py +++ b/mediagoblin/tests/test_csrf_middleware.py @@ -15,9 +15,6 @@ # along with this program. If not, see . from mediagoblin import mg_globals -from mediagoblin.tools.testing import _activate_testing - -_activate_testing() def test_csrf_cookie_set(test_app): -- cgit v1.2.3