tmeissner
/
flasky
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 Commits
1 Branch
1.8 MiB
Tree: f35793218a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f35793218a'
${ noResults }
flasky/tests/test_user_model.py

208 lines
7.5 KiB
Raw Normal View History

Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 10: User profiles (10a)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 12: Database representaton of followers (12a)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 9: User roles and permissions (9a)
6 years ago
Chapter 8: Password hashing with Werkzeug (8a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
Chapter 9: User roles and permissions (9a)
6 years ago
Chapter 10: User profiles (10a)
6 years ago
Chapter 10: User avatars (10c)
6 years ago
Chapter 10: Caching of user avatar hashes (10d)
6 years ago
Chapter 10: User avatars (10c)
6 years ago
Chapter 10: Caching of user avatar hashes (10d)
6 years ago
Chapter 12: Database representaton of followers (12a)
6 years ago
 
  1. import unittest
  2. import time
  3. from datetime import datetime
  4. from app import create_app, db
  5. from app.models import User, AnonymousUser, Role, Permission, Follow
  6. 

  7. 

  8. class UserModelTestCase(unittest.TestCase):
  9.     def setUp(self):
  10.         self.app = create_app('testing')
  11.         self.app_context = self.app.app_context()
  12.         self.app_context.push()
  13.         db.create_all()
  14.         Role.insert_roles()
  15. 

  16.     def tearDown(self):
  17.         db.session.remove()
  18.         db.drop_all()
  19.         self.app_context.pop()
  20. 

  21.     def test_password_setter(self):
  22.         u = User(password='cat')
  23.         self.assertTrue(u.password_hash is not None)
  24. 

  25.     def test_no_password_getter(self):
  26.         u = User(password='cat')
  27.         with self.assertRaises(AttributeError):
  28.             u.password
  29. 

  30.     def test_password_verification(self):
  31.         u = User(password='cat')
  32.         self.assertTrue(u.verify_password('cat'))
  33.         self.assertFalse(u.verify_password('dog'))
  34. 

  35.     def test_password_salts_are_random(self):
  36.         u = User(password='cat')
  37.         u2 = User(password='cat')
  38.         self.assertTrue(u.password_hash != u2.password_hash)
  39. 

  40.     def test_valid_confirmation_token(self):
  41.         u = User(password='cat')
  42.         db.session.add(u)
  43.         db.session.commit()
  44.         token = u.generate_confirmation_token()
  45.         self.assertTrue(u.confirm(token))
  46. 

  47.     def test_invalid_confirmation_token(self):
  48.         u1 = User(password='cat')
  49.         u2 = User(password='dog')
  50.         db.session.add(u1)
  51.         db.session.add(u2)
  52.         db.session.commit()
  53.         token = u1.generate_confirmation_token()
  54.         self.assertFalse(u2.confirm(token))
  55. 

  56.     def test_expired_confirmation_token(self):
  57.         u = User(password='cat')
  58.         db.session.add(u)
  59.         db.session.commit()
  60.         token = u.generate_confirmation_token(1)
  61.         time.sleep(2)
  62.         self.assertFalse(u.confirm(token))
  63. 

  64.     def test_valid_reset_token(self):
  65.         u = User(password='cat')
  66.         db.session.add(u)
  67.         db.session.commit()
  68.         token = u.generate_reset_token()
  69.         self.assertTrue(User.reset_password(token, 'dog'))
  70.         self.assertTrue(u.verify_password('dog'))
  71. 

  72.     def test_invalid_reset_token(self):
  73.         u = User(password='cat')
  74.         db.session.add(u)
  75.         db.session.commit()
  76.         token = u.generate_reset_token()
  77.         self.assertFalse(User.reset_password(token+'a', 'horse'))
  78.         self.assertTrue(u.verify_password('cat'))
  79. 

  80.     def test_valid_email_change_token(self):
  81.         u = User(email='max@mustermann.de', password='cat')
  82.         db.session.add(u)
  83.         db.session.commit()
  84.         token = u.generate_email_change_token('foo@bar.de')
  85.         self.assertTrue(u.change_email(token))
  86.         self.assertTrue(u.email == 'foo@bar.de')
  87. 

  88.     def test_invalid_email_change_token(self):
  89.         u1 = User(email='max@mustermann.de', password='cat')
  90.         u2 = User(email='dirk@mustermann.de', password='dog')
  91.         db.session.add(u1)
  92.         db.session.add(u2)
  93.         db.session.commit()
  94.         token = u1.generate_email_change_token('foo@bar.de')
  95.         self.assertFalse(u2.change_email(token))
  96.         self.assertTrue(u2.email == 'dirk@mustermann.de')
  97. 

  98.     def test_duplicate_email_change_token(self):
  99.         u1 = User(email='max@mustermann.de', password='cat')
  100.         u2 = User(email='dirk@mustermann.de', password='dog')
  101.         db.session.add(u1)
  102.         db.session.add(u2)
  103.         db.session.commit()
  104.         token = u2.generate_email_change_token(u1.email)
  105.         self.assertFalse(u2.change_email(token))
  106.         self.assertTrue(u2.email == 'dirk@mustermann.de')
  107. 

  108.     def test_user_role(self):
  109.         u = User(email='max@mustermann.de', password='cat')
  110.         self.assertTrue(u.can(Permission.FOLLOW))
  111.         self.assertTrue(u.can(Permission.COMMENT))
  112.         self.assertTrue(u.can(Permission.WRITE))
  113.         self.assertFalse(u.can(Permission.MODERATE))
  114.         self.assertFalse(u.can(Permission.ADMIN))
  115. 

  116.     def test_moderator_role(self):
  117.         r = Role.query.filter_by(name='Moderator').first()
  118.         u = User(email='max@mustermann.de', password='cat', role=r)
  119.         self.assertTrue(u.can(Permission.FOLLOW))
  120.         self.assertTrue(u.can(Permission.COMMENT))
  121.         self.assertTrue(u.can(Permission.WRITE))
  122.         self.assertTrue(u.can(Permission.MODERATE))
  123.         self.assertFalse(u.can(Permission.ADMIN))
  124. 

  125.     def test_administrator_role(self):
  126.         r = Role.query.filter_by(name='Administrator').first()
  127.         u = User(email='max@mustermann.de', password='cat', role=r)
  128.         self.assertTrue(u.can(Permission.FOLLOW))
  129.         self.assertTrue(u.can(Permission.COMMENT))
  130.         self.assertTrue(u.can(Permission.WRITE))
  131.         self.assertTrue(u.can(Permission.MODERATE))
  132.         self.assertTrue(u.can(Permission.ADMIN))
  133. 

  134.     def test_anonymous_user(self):
  135.         u = AnonymousUser()
  136.         self.assertFalse(u.can(Permission.FOLLOW))
  137.         self.assertFalse(u.can(Permission.COMMENT))
  138.         self.assertFalse(u.can(Permission.WRITE))
  139.         self.assertFalse(u.can(Permission.MODERATE))
  140.         self.assertFalse(u.can(Permission.ADMIN))
  141. 

  142.     def test_timestamps(self):
  143.         u = User(password='cat')
  144.         db.session.add(u)
  145.         db.session.commit()
  146.         self.assertTrue(
  147.             (datetime.utcnow() - u.member_since).total_seconds() < 1)
  148.         self.assertTrue(
  149.             (datetime.utcnow() - u.last_seen).total_seconds() < 3)
  150. 

  151.     def test_ping(self):
  152.         u = User(password='cat')
  153.         db.session.add(u)
  154.         db.session.commit()
  155.         time.sleep(2)
  156.         last_seen_before = u.last_seen
  157.         u.ping()
  158.         self.assertTrue(u.last_seen > last_seen_before)
  159. 

  160.     def test_gravatar(self):
  161.         u = User(email='max@mustermann.de', password='cat')
  162.         with self.app.test_request_context('/'):
  163.             gravatar = u.gravatar()
  164.             gravatar_256 = u.gravatar(size=256)
  165.             gravatar_pg = u.gravatar(rating='pg')
  166.             gravatar_retro = u.gravatar(default='retro')
  167.             self.assertTrue('https://secure.gravatar.com/avatar/' +
  168.                             '3e64c371ba2b93f1c0fead369fe004ef' in gravatar)
  169.             self.assertTrue('s=256' in gravatar_256)
  170.             self.assertTrue('r=pg'in gravatar_pg)
  171.             self.assertTrue('d=retro' in gravatar_retro)
  172. 

  173.     def test_follows(self):
  174.         u1 = User(email='john@example.com', password='cat')
  175.         u2 = User(email='susan@example.org', password='dog')
  176.         db.session.add(u1)
  177.         db.session.add(u2)
  178.         db.session.commit()
  179.         self.assertFalse(u1.is_following(u2))
  180.         self.assertFalse(u1.is_followed_by(u2))
  181.         timestamp_before = datetime.utcnow()
  182.         u1.follow(u2)
  183.         db.session.add(u1)
  184.         db.session.commit()
  185.         timestamp_after = datetime.utcnow()
  186.         self.assertTrue(u1.is_following(u2))
  187.         self.assertFalse(u1.is_followed_by(u2))
  188.         self.assertTrue(u2.is_followed_by(u1))
  189.         self.assertTrue(u1.followed.count() == 1)
  190.         self.assertTrue(u2.followers.count() == 1)
  191.         f = u1.followed.all()[-1]
  192.         self.assertTrue(f.followed == u2)
  193.         self.assertTrue(timestamp_before <= f.timestamp <= timestamp_after)
  194.         f = u2.followers.all()[-1]
  195.         self.assertTrue(f.follower == u1)
  196.         u1.unfollow(u2)
  197.         db.session.add(u1)
  198.         db.session.commit()
  199.         self.assertTrue(u1.followed.count() == 0)
  200.         self.assertTrue(u2.followers.count() == 0)
  201.         self.assertTrue(Follow.query.count() == 0)
  202.         u2.follow(u1)
  203.         db.session.add(u1)
  204.         db.session.add(u2)
  205.         db.session.commit()
  206.         db.session.delete(u2)
  207.         db.session.commit()
  208.         self.assertTrue(Follow.query.count() == 0)