1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import base64
import json
import pytest
from mediagoblin import mg_globals
from mediagoblin.tools import template, pluginapi
from mediagoblin.tests.tools import fixture_add_user
from .resources import GOOD_JPG, GOOD_PNG, EVIL_FILE, EVIL_JPG, EVIL_PNG, \
BIG_BLUE
_log = logging.getLogger(__name__)
class TestAPI:
def setup(self):
self.db = mg_globals.database
self.user_password = '4cc355_70k3N'
self.user = fixture_add_user('joapi', self.user_password,
privileges=['active','uploader'])
def login(self, test_app):
test_app.post(
'/auth/login/', {
'username': self.user.username,
'password': self.user_password})
def get_context(self, template_name):
return template.TEMPLATE_TEST_CONTEXT[template_name]
def http_auth_headers(self):
return {'Authorization': ('Basic {}'.format(
base64.b64encode((':'.join([
self.user.username,
self.user_password])).encode('ascii')).decode()))}
def do_post(self, data, test_app, **kwargs):
url = kwargs.pop('url', '/api/submit')
do_follow = kwargs.pop('do_follow', False)
if not 'headers' in kwargs.keys():
kwargs['headers'] = self.http_auth_headers()
response = test_app.post(url, data, **kwargs)
if do_follow:
response.follow()
return response
def upload_data(self, filename):
return {'upload_files': [('file', filename)]}
def test_1_test_test_view(self, test_app):
self.login(test_app)
response = test_app.get(
'/api/test',
headers=self.http_auth_headers())
assert json.loads(response.body.decode()) == {
"username": "joapi", "email": "joapi@example.com"}
def test_2_test_submission(self, test_app):
self.login(test_app)
response = self.do_post(
{'title': 'Great JPG!'},
test_app,
**self.upload_data(GOOD_JPG))
assert response.status_int == 200
assert self.db.MediaEntry.query.filter_by(title='Great JPG!').first()
|
