Remove unneeded oauth fixtures and add test for image submission
This commit is contained in:
Jessica Tallon
parent
c9115b89c9
commit
ee9956c3de
@ -13,58 +13,100 @@
|
|||||||
#
|
#
|
||||||
# You should have received a copy of the GNU Affero General Public License
|
# You should have received a copy of the GNU Affero General Public License
|
||||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
import urllib
|
import urllib
|
||||||
|
import json
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
import mock
|
import mock
|
||||||
|
|
||||||
from oauthlib.oauth1 import Client
|
|
||||||
|
|
||||||
from mediagoblin import mg_globals
|
from mediagoblin import mg_globals
|
||||||
from mediagoblin.tests.tools import fixture_add_user
|
|
||||||
from .resources import GOOD_JPG
|
from .resources import GOOD_JPG
|
||||||
|
from mediagoblin.tests.tools import fixture_add_user
|
||||||
|
from mediagoblin.moderation.tools import take_away_privileges
|
||||||
|
from .resources import GOOD_JPG, GOOD_PNG, EVIL_FILE, EVIL_JPG, EVIL_PNG, \
|
||||||
|
BIG_BLUE
|
||||||
|
|
||||||
|
def mocked_oauth_required(*args, **kwargs):
|
||||||
|
""" Mocks mediagoblin.decorator.oauth_required to always validate """
|
||||||
|
|
||||||
|
def oauth_required(controller):
|
||||||
|
return controller
|
||||||
|
|
||||||
|
return oauth_required
|
||||||
|
|
||||||
class TestAPI(object):
|
class TestAPI(object):
|
||||||
|
|
||||||
def setup(self):
|
@pytest.fixture(autouse=True)
|
||||||
|
def setup(self, test_app):
|
||||||
|
self.test_app = test_app
|
||||||
self.db = mg_globals.database
|
self.db = mg_globals.database
|
||||||
self.user = fixture_add_user()
|
self.user = fixture_add_user(privileges=[u'active', u'uploader'])
|
||||||
|
|
||||||
def test_profile_endpoint(self, test_app):
|
def test_can_post_image(self, test_app):
|
||||||
""" Test that you can successfully get the profile of a user """
|
""" Tests that an image can be posted to the API """
|
||||||
@mock.patch("mediagoblin.decorators.oauth_required")
|
# First request we need to do is to upload the image
|
||||||
def _real_test(*args, **kwargs):
|
data = open(GOOD_JPG, "rb").read()
|
||||||
profile = test_app.get(
|
headers = {
|
||||||
"/api/user/{0}/profile".format(self.user.username)
|
"Content-Type": "image/jpeg",
|
||||||
).json
|
"Content-Length": str(len(data))
|
||||||
|
|
||||||
assert profile["preferredUsername"] == self.user.username
|
|
||||||
assert profile["objectType"] == "person"
|
|
||||||
|
|
||||||
_real_test()
|
|
||||||
|
|
||||||
def test_upload_file(self, test_app):
|
|
||||||
""" Test that i can upload a file """
|
|
||||||
context = {
|
|
||||||
"title": "Rel",
|
|
||||||
"description": "ayRel sunu oeru",
|
|
||||||
"qqfile": "my_picture.jpg",
|
|
||||||
}
|
}
|
||||||
encoded_context = urllib.urlencode(context)
|
|
||||||
response = test_app.post(
|
|
||||||
"/api/user/{0}/uploads?{1}".format(
|
with mock.patch("mediagoblin.decorators.oauth_required", new_callable=mocked_oauth_required):
|
||||||
self.user.username,
|
response = test_app.post(
|
||||||
encoded_context[1:]
|
"/api/user/{0}/uploads".format(self.user.username),
|
||||||
|
data,
|
||||||
|
headers=headers
|
||||||
)
|
)
|
||||||
)
|
image = json.loads(response.body)
|
||||||
|
|
||||||
picture = self.db.MediaEntry.query.filter_by(title=context["title"])
|
|
||||||
picture = picture.first()
|
|
||||||
|
|
||||||
assert response.status_int == 200
|
|
||||||
assert picture
|
|
||||||
raise Exception(str(dir(picture)))
|
|
||||||
assert picture.description == context["description"]
|
|
||||||
|
|
||||||
|
|
||||||
|
# I should have got certain things back
|
||||||
|
assert response.status_code == 200
|
||||||
|
|
||||||
|
assert "id" in image
|
||||||
|
assert "fullImage" in image
|
||||||
|
assert "url" in image["fullImage"]
|
||||||
|
assert "url" in image
|
||||||
|
assert "author" in image
|
||||||
|
assert "published" in image
|
||||||
|
assert "updated" in image
|
||||||
|
assert image["objectType"] == "image"
|
||||||
|
|
||||||
|
# Now post this to the feed
|
||||||
|
activity = {
|
||||||
|
"verb": "post",
|
||||||
|
"object": image,
|
||||||
|
}
|
||||||
|
response = test_app.post(
|
||||||
|
"/api/user/{0}/feed".format(self.user.username),
|
||||||
|
activity
|
||||||
|
)
|
||||||
|
|
||||||
|
# Check that we got the response we're expecting
|
||||||
|
assert response.status_code == 200
|
||||||
|
|
||||||
|
def test_only_uploaders_post_image(self, test_app):
|
||||||
|
""" Test that only uploaders can upload images """
|
||||||
|
# Remove uploader permissions from user
|
||||||
|
take_away_privileges(self.user.username, u"uploader")
|
||||||
|
|
||||||
|
# Now try and upload a image
|
||||||
|
data = open(GOOD_JPG, "rb").read()
|
||||||
|
headers = {
|
||||||
|
"Content-Type": "image/jpeg",
|
||||||
|
"Content-Length": str(len(data)),
|
||||||
|
}
|
||||||
|
|
||||||
|
with mock.patch("mediagoblin.decorators.oauth_required", new_callable=mocked_oauth_required):
|
||||||
|
response = test_app.post(
|
||||||
|
"/api/user/{0}/uploads".format(self.user.username),
|
||||||
|
data,
|
||||||
|
headers=headers
|
||||||
|
)
|
||||||
|
|
||||||
|
error = json.loads(response.body)
|
||||||
|
|
||||||
|
# Assert that we've got a 403
|
||||||
|
assert response.status_code == 403
|
||||||
|
assert "error" in error
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user