diff --git a/tests/test_client.py b/tests/test_client.py index f1f07958..584d9691 100644 --- a/tests/test_client.py +++ b/tests/test_client.py @@ -23,7 +23,7 @@ class FlaskClientTestCase(unittest.TestCase): self.assertEqual(response.status_code, 200) self.assertTrue('Stranger' in response.get_data(as_text=True)) - def test_register_and_login(self): + def test_register(self): # register a new account response = self.client.post('/auth/register', data={ 'email': 'john@example.com', @@ -33,14 +33,68 @@ class FlaskClientTestCase(unittest.TestCase): }) self.assertEqual(response.status_code, 302) + def test_login(self): # login with the new account response = self.client.post('/auth/login', data={ 'email': 'john@example.com', 'password': 'cat' }, follow_redirects=True) self.assertEqual(response.status_code, 200) - self.assertTrue(re.search(r'Hello,\sjohn!', - response.get_data(as_text=True))) - self.assertTrue( - 'You have not confirmed your account yet' in response.get_data( - as_text=True)) + + def test_register_false_username(self): + # register a new account with wrong username + response = self.client.post('/auth/register', data={ + 'email': 'john@example.com', + 'username': 'john.,*Ä#ä+=?', + 'password': 'cat', + 'password2': 'cat' + }) + self.assertEqual(response.status_code, 200) + self.assertTrue('Usernames must have only letters, numbers, dots or underscores' in response.get_data(as_text=True)) + + def test_register_false_email(self): + # register a new account with wrong username + response = self.client.post('/auth/register', data={ + 'email': 'john@example', + 'username': 'john', + 'password': 'cat', + 'password2': 'cat' + }) + self.assertEqual(response.status_code, 200) + self.assertTrue('Invalid email address.' in response.get_data(as_text=True)) + + def test_duplicates(self): + # tries to register an account that has already been registered + # test duplicate username and duplicate email + response = self.client.post('/auth/register', data={ + 'email': 'john@example.com', + 'username': 'john', + 'password': 'cat', + 'password2': 'cat' + }) + self.assertEqual(response.status_code, 302) + response = self.client.post('/auth/register', data={ + 'email': 'john@example2.com', + 'username': 'john', + 'password': 'cat', + 'password2': 'cat' + }) + self.assertEqual(response.status_code, 200) + self.assertTrue('Username already in use.' in response.get_data(as_text=True)) + response = self.client.post('/auth/register', data={ + 'email': 'john@example.com', + 'username': 'johnsmith', + 'password': 'cat', + 'password2': 'cat' + }) + self.assertEqual(response.status_code, 200) + self.assertTrue('Email already registered.' in response.get_data(as_text=True)) + + def test_admin_forbidden(self): + response = self.client.post('/auth/login', data={ + 'email': 'john@example.com', + 'password': 'cat' + }, follow_redirects=True) + self.assertEqual(response.status_code, 200) + response = self.client.get('/admin') + self.assertEqual(response.status_code, 403) diff --git a/tests/test_user_model.py b/tests/test_user_model.py index b7d08147..adc650bd 100644 --- a/tests/test_user_model.py +++ b/tests/test_user_model.py @@ -1,10 +1,22 @@ import unittest import time -from app.models import User -from app import db +from app import create_app, db +from app.models import User, AnonymousUser, Role, Permission class UserModelTestCase(unittest.TestCase): + def setUp(self): + self.app = create_app('testing') + self.app_context = self.app.app_context() + self.app_context.push() + db.create_all() + Role.insert_roles() + + def tearDown(self): + db.session.remove() + db.drop_all() + self.app_context.pop() + def test_password_setter(self): u = User(password='cat') self.assertTrue(u.password_hash is not None) @@ -47,3 +59,13 @@ class UserModelTestCase(unittest.TestCase): token = u.generate_confirmation_token(1) time.sleep(2) self.assertFalse(u.confirm(token)) + + def test_user_role(self): + u = User(email='john@example.com', password='cat') + self.assertTrue(u.can(Permission.CREATE_JOB)) + self.assertFalse(u.can(Permission.ADMIN)) + + def test_anonymous_user(self): + u = AnonymousUser() + self.assertFalse(u.can(Permission.CREATE_JOB)) + self.assertFalse(u.can(Permission.ADMIN))