forked from expo/troggle
450 lines
18 KiB
Python
450 lines
18 KiB
Python
"""
|
|
Originally written for CUYC
|
|
Philip Sargent (Feb.2021)
|
|
|
|
Modified for Expo April 2021.
|
|
"""
|
|
|
|
import pathlib
|
|
import re
|
|
from http import HTTPStatus
|
|
|
|
from django.test import Client, TestCase
|
|
|
|
import troggle.settings as settings
|
|
from troggle.core.models.wallets import Wallet
|
|
from troggle.core.models.troggle import Expedition
|
|
|
|
|
|
class DataTests(TestCase):
|
|
"""These check that the NULL and NON-UNIQUE constraints are working in the database"""
|
|
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
pass
|
|
|
|
def setUp(self):
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User()
|
|
u.pk = 9000
|
|
u.user_id = 8000
|
|
u.username, u.password = "stinker", "secretword"
|
|
u.email = "philip.sargent+SP@gmail.com"
|
|
u.first_name, u.last_name = "Stinker", "Pinker"
|
|
u.save()
|
|
self.user = u
|
|
|
|
def tearDown(self):
|
|
# self.member.delete() # must delete member before user
|
|
# self.user.delete() # horrible crash, why?
|
|
pass
|
|
|
|
|
|
class FixturePageTests(TestCase):
|
|
# The fixtures have a password hash which is compatible with plain-text password 'secretword'
|
|
fixtures = ["auth_users"]
|
|
|
|
def setUp(self):
|
|
from django.contrib.auth.models import User
|
|
|
|
self.user = User.objects.get(username="expotest")
|
|
|
|
def tearDown(self):
|
|
pass
|
|
|
|
def test_fix_admin_login_fail(self):
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
|
|
logged_in = c.login(username=u.username, password="secretword") # fails to work if password=u.password !
|
|
self.assertTrue(logged_in, "FAILED to login as '" + u.username + "'")
|
|
|
|
response = c.get("/admin/")
|
|
content = response.content.decode()
|
|
# with open('admin-op.html', 'w') as f:
|
|
# f.write(content)
|
|
t = re.search(r"Troggle administration", content)
|
|
self.assertIsNone(t, "Logged in as '" + u.username + "' (not staff) but still managed to get the Admin page")
|
|
|
|
|
|
class PostTests(TestCase):
|
|
"""Tests walletedit form"""
|
|
|
|
fixtures = ["auth_users"]
|
|
|
|
@classmethod
|
|
def setUpTestData(cls):
|
|
pass
|
|
|
|
def setUp(self):
|
|
from django.contrib.auth.models import User
|
|
|
|
self.user = User.objects.get(username="expotest")
|
|
self.client = Client()
|
|
|
|
testyear = "2022"
|
|
wname = f"{testyear}:00"
|
|
self.testyear = testyear
|
|
w = Wallet()
|
|
w.pk = 9100
|
|
w.fpath = str(pathlib.Path(settings.SCANS_ROOT, wname))
|
|
w.walletname = wname
|
|
w.save()
|
|
self.wallet = w
|
|
|
|
e = Expedition()
|
|
e.year = testyear
|
|
e.save()
|
|
self.expedition = e
|
|
|
|
def test_file_permissions(self):
|
|
"""Expect to be allowed to write to expofiles
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
testyear = self.testyear
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
for p in [settings.SCANS_ROOT,
|
|
settings.DRAWINGS_DATA / "walletjson",
|
|
settings.EXPOWEB / "documents",
|
|
settings.SURVEX_DATA / "docs"
|
|
]:
|
|
|
|
_test_file_path = pathlib.Path(p, "_created_by_test_suite.txt")
|
|
self.assertEqual(_test_file_path.is_file(), False)
|
|
|
|
with open(_test_file_path, "w") as f:
|
|
f.write("test string: can we write to this directory?")
|
|
self.assertEqual(_test_file_path.is_file(), True)
|
|
_test_file_path.unlink()
|
|
|
|
def test_scan_upload(self):
|
|
"""Expect scan upload to wallet to work on any file
|
|
Need to login first.
|
|
|
|
This upload form looks for the Cave and the Wallet, so the test fails if the database is not loaded with the cave
|
|
identified in the wallet
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
testyear = self.testyear
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
with open("core/fixtures/test_upload_file.txt", "r") as testf:
|
|
response = self.client.post(
|
|
f"/walletedit/{testyear}:00", data={"name": "test_upload_file.txt", "uploadfiles": testf}
|
|
)
|
|
content = response.content.decode()
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
with open("_test_response.html", "w") as f:
|
|
f.write(content)
|
|
for ph in [
|
|
r"test_upload_",
|
|
rf"← {testyear}#00 →",
|
|
r"description written",
|
|
r"Plan not required",
|
|
r"edit settings or upload a file",
|
|
]:
|
|
phmatch = re.search(ph, content)
|
|
self.assertIsNotNone(phmatch, "Failed to find expected text: '" + ph + "'")
|
|
|
|
# # Does not use the filename Django actually uses, assumes it is unchanged. Potential bug.
|
|
# remove_file = pathlib.Path(settings.SCANS_ROOT) / f'{testyear}' / f'{testyear}#00'/ 'test_upload_file.txt'
|
|
# remove_file.unlink()
|
|
# # Undo the auto create and commit of a new wallet
|
|
# cwd = settings.DRAWINGS_DATA
|
|
# sp = subprocess.run([settings.GIT, "reset", "--hard", "master^"], cwd=cwd, capture_output=True, text=True)
|
|
# print(f'git output: {cwd}:\n # {sp.stderr=}\n # {sp.stdout=} \n # return code: {str(sp.returncode)}')
|
|
# if sp.returncode != 0:
|
|
# print(f'git output: {cwd}:\n # {sp.stderr=}\n # {sp.stdout=} \n # return code: {str(sp.returncode)}')
|
|
|
|
def test_photo_upload(self):
|
|
"""Expect photo upload to work on any file (contrary to msg on screen)
|
|
Upload into current default year. settings.PHOTOS_YEAR
|
|
Deletes file afterwards
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
with open("core/fixtures/test_upload_file.txt", "r") as testf:
|
|
response = self.client.post(
|
|
"/photoupload/", data={"name": "test_upload_file.txt", "renameto": "", "uploadfiles": testf}
|
|
)
|
|
content = response.content.decode()
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
# with open('_test_response.html', 'w') as f:
|
|
# f.write(content)
|
|
for ph in [
|
|
r"test_upload_",
|
|
r"Upload photos into /photos/" + str(settings.PHOTOS_YEAR),
|
|
r" you can create a new folder in your name",
|
|
r"Create new Photographer folder",
|
|
r"only photo image files are accepted",
|
|
]:
|
|
phmatch = re.search(ph, content)
|
|
self.assertIsNotNone(phmatch, "Failed to find expected text: '" + ph + "'")
|
|
|
|
# Does not use the filename Django actually uses, assumes it is unchanged. Potential bug.
|
|
remove_file = pathlib.Path(settings.PHOTOS_ROOT, settings.PHOTOS_YEAR) / "test_upload_file.txt"
|
|
remove_file.unlink()
|
|
|
|
def test_photo_upload_rename(self):
|
|
"""Expect photo upload to work on any file (contrary to msg on screen)
|
|
Upload into current default year. settings.PHOTOS_YEAR
|
|
Deletes file afterwards
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
rename = "RENAMED-FILE.JPG"
|
|
with open("core/fixtures/test_upload_file.txt", "r") as testf:
|
|
response = self.client.post(
|
|
"/photoupload/", data={"name": "test_upload_file.txt", "renameto": rename, "uploadfiles": testf}
|
|
)
|
|
content = response.content.decode()
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
# with open('_test_response.html', 'w') as f:
|
|
# f.write(content)
|
|
for ph in [rename]:
|
|
phmatch = re.search(ph, content)
|
|
self.assertIsNotNone(phmatch, "Failed to find expected text: '" + ph + "'")
|
|
|
|
# Does not use the filename Django actually uses, assumes it is unchanged. Potential bug.
|
|
remove_file = pathlib.Path(settings.PHOTOS_ROOT, settings.PHOTOS_YEAR) / rename
|
|
remove_file.unlink()
|
|
|
|
def test_photo_folder_create(self):
|
|
"""Create folder for new user
|
|
Create in current default year. settings.PHOTOS_YEAR
|
|
Deletes folder afterwards
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
response = self.client.post("/photoupload/", data={"photographer": "GussieFinkNottle"})
|
|
content = response.content.decode()
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
# with open('_test_response.html', 'w') as f:
|
|
# f.write(content)
|
|
for ph in [r"/GussieFinkNottle/", r"Create new Photographer folder"]:
|
|
phmatch = re.search(ph, content)
|
|
self.assertIsNotNone(phmatch, "Failed to find expected text: '" + ph + "'")
|
|
|
|
# Does not use the filename Django actually uses, assumes it is unchanged. Potential bug.
|
|
remove_dir = pathlib.Path(settings.PHOTOS_ROOT, settings.PHOTOS_YEAR) / "GussieFinkNottle"
|
|
remove_dir.rmdir()
|
|
|
|
def test_dwg_upload_txt(self):
|
|
"""Expect .pdf file to be refused upload
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
with open("core/fixtures/test_upload_file.pdf", "r") as testf:
|
|
response = self.client.post(
|
|
"/dwgupload/uploads", data={"name": "test_upload_file.txt", "uploadfiles": testf}
|
|
)
|
|
content = response.content.decode()
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
t = re.search("Files refused:", content)
|
|
self.assertIsNotNone(t, 'Logged in but failed to see "Files refused:"')
|
|
|
|
def test_dwg_upload_drawing(self):
|
|
"""Expect no-suffix file to upload
|
|
Note that this skips the git commit process. That would need a new test.
|
|
Need to login first.
|
|
"""
|
|
c = self.client
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User.objects.get(username="expotest")
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
c.login(username=u.username, password="secretword")
|
|
|
|
with open("core/fixtures/test_upload_nosuffix", "r") as testf:
|
|
response = self.client.post(
|
|
"/dwguploadnogit/uploads", data={"name": "test_upload_nosuffix", "uploadfiles": testf}
|
|
)
|
|
content = response.content.decode()
|
|
# with open('_test_response.html', 'w') as f:
|
|
# f.write(content)
|
|
self.assertEqual(response.status_code, HTTPStatus.OK)
|
|
for ph in [
|
|
r"test_upload_nosuffix",
|
|
r"You cannot create folders here",
|
|
r"Creating a folder is done by a nerd",
|
|
]:
|
|
phmatch = re.search(ph, content)
|
|
self.assertIsNotNone(
|
|
phmatch, "Expect no-suffix file to upload OK. Failed to find expected text: '" + ph + "'"
|
|
)
|
|
|
|
# Does not use the filename Django actually uses, assumes it is unchanged. Bug: accumulates one file with random name added each time it is run.
|
|
remove_file = pathlib.Path(settings.DRAWINGS_DATA) / "uploads" / "test_upload_nosuffix"
|
|
remove_file.unlink()
|
|
|
|
|
|
class ComplexLoginTests(TestCase):
|
|
"""These test the login and capabilities of logged-in users, they do not use fixtures"""
|
|
|
|
def setUp(self):
|
|
"""setUp runs once for each test in this class"""
|
|
from django.contrib.auth.models import User
|
|
|
|
u = User()
|
|
u.pk = 9000
|
|
u.user_id = 8000
|
|
u.username, u.password = "expotest", "secretword"
|
|
u.email = "philip.sargent+ET@gmail.com"
|
|
u.first_name, u.last_name = "ExpoTest", "Caver"
|
|
u.is_staff = True
|
|
u.is_superuser = True
|
|
|
|
u.set_password(u.password) # This creates a new salt and thus a new key for EACH test
|
|
u.save() # vital that we save all this before attempting login
|
|
# print ('\n',u.password)
|
|
self.user = u
|
|
|
|
def tearDown(self):
|
|
self.client.logout() # not needed as each test creates a new self.client
|
|
# self.member.delete()
|
|
##self.user.delete() # id attribute set to None !
|
|
pass
|
|
|
|
# def test_login_redirect_for_non_logged_on_user(self): # need to fix this in real system
|
|
# c = self.client
|
|
# # Need to login first. Tests that we are redirected to login page if not logged in
|
|
# response = c.get('noinfo/cave-number-index')
|
|
# self.assertRedirects(response, "/login/?next=/committee/appointments/")
|
|
|
|
def test_ordinary_login(self):
|
|
c = self.client
|
|
u = self.user
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
|
|
logged_in = c.login(username=u.username, password="secretword") # fails to work if password=u.password !
|
|
self.assertTrue(logged_in, "FAILED to login as '" + u.username + "'")
|
|
|
|
response = c.get("/accounts/login/") # defined by auth system
|
|
content = response.content.decode()
|
|
t = re.search(r"You are now logged in", content)
|
|
self.assertIsNotNone(t, "Logged in as '" + u.username + "' but failed to get 'Now you can' greeting")
|
|
|
|
def test_authentication_login(self):
|
|
c = self.client
|
|
u = self.user
|
|
|
|
self.assertTrue(u.is_active, "User '" + u.username + "' is INACTIVE")
|
|
|
|
# This is weird. I thought that the user had to login before she was in the authenticated state
|
|
self.assertTrue(u.is_authenticated, "User '" + u.username + "' is NOT AUTHENTICATED before login")
|
|
|
|
logged_in = c.login(username=u.username, password="secretword") # fails to work if password=u.password !
|
|
self.assertTrue(logged_in, "FAILED to login as '" + u.username + "'")
|
|
|
|
self.assertTrue(u.is_authenticated, "User '" + u.username + "' is NOT AUTHENTICATED after login")
|
|
|
|
# c.logout() # This next test always means user is still authenticated after logout. Surely not?
|
|
# self.assertFalse(u.is_authenticated, 'User \'' + u.username + '\' is STILL AUTHENTICATED after logout')
|
|
|
|
def test_admin_login(self):
|
|
c = self.client
|
|
u = self.user
|
|
|
|
logged_in = c.login(username=u.username, password="secretword") # fails to work if password=u.password !
|
|
self.assertTrue(logged_in, "FAILED to login as '" + u.username + "'")
|
|
|
|
response = c.get("/admin/")
|
|
content = response.content.decode()
|
|
# with open('admin-op.html', 'w') as f:
|
|
# f.write(content)
|
|
t = re.search(r"Troggle database administration", content)
|
|
self.assertIsNotNone(t, "Logged in as '" + u.username + "' but failed to get the Troggle Admin page")
|
|
|
|
def test_noinfo_login(self):
|
|
|
|
c = self.client # inherited from TestCase
|
|
u = self.user
|
|
|
|
logged_in = c.login(username=u.username, password="secretword") # fails if password=u.password !
|
|
self.assertTrue(logged_in, "FAILED to login as '" + u.username + "'")
|
|
response = c.get("/stats") # a page with the Troggle menus
|
|
content = response.content.decode()
|
|
t = re.search(r"User\:expotest", content)
|
|
self.assertIsNotNone(t, "Logged in as '" + u.username + "' but failed to get 'User:expotest' heading")
|
|
|
|
response = c.get("/noinfo/cave-number-index")
|
|
content = response.content.decode()
|
|
t = re.search(r"2001-07 Hoffnungschacht", content)
|
|
self.assertIsNotNone(t, "Logged in as '" + u.username + "' but failed to get /noinfo/ content")
|
|
|
|
def test_user_force(self):
|
|
|
|
c = self.client
|
|
u = self.user
|
|
|
|
try:
|
|
c.force_login(u)
|
|
except:
|
|
self.assertIsNotNone(
|
|
None,
|
|
"Unexpected exception trying to force_login as '"
|
|
+ u.username
|
|
+ "' but failed (Bad Django documentation?)",
|
|
)
|
|
|
|
response = c.get("/stats") # a page with the Troggle menus
|
|
content = response.content.decode()
|
|
t = re.search(r"Log out", content)
|
|
self.assertIsNotNone(t, "Forced logged in as '" + u.username + "' but failed to get Log out heading")
|
|
|
|
response = c.get("/accounts/login/")
|
|
content = response.content.decode()
|
|
t = re.search(r"You are now logged in", content)
|
|
self.assertIsNotNone(t, "Forced logged in as '" + u.username + "' but failed to get /accounts/profile/ content")
|