When using tempfile.* in testing, those files get created
in the system tempdir. The docs say, we should try to
remove them.
Yes, the next reboot will clean them up also.
And in the workbench case, check after each test, that the
global workbench dir is empty (so the sub-workbcnhes have
been destroyed).
Initially I was going to write a failing test for refresh tokens. Thus
this fix includes an orphaned 'expect_failure' method in test utils.
I ended up writing support for OAuth refresh tokens, as well as a lot of
cleanup (hopefully) in the OAuth plugin code.
**Rebase**: While waiting for this stuff to be merged, the testing
framework changed, it comes with batteries included regarding fails.
Removed legacy nosetest helper.
Also added a lot of backref=backref([...], cascade='all, delete-orphan')
By doing this, we can take advantage of py.test's ability to create
temporary directories that are then cleaned up later during testing.
This helps for sandboxing things.
This also involves a ton of changes:
- Changing the get_app stuff appropriately, getting rid of the
setup_fresh_app decorator
- Making said fixture
- Switching over a billion tests to use it
If one deletes a media with attachments, there have been
various problems:
1) If the file in the storage did not exist any more (maybe
because due to a previous deletion attempt?), the error
propagation failed, because the wrong thing was
gathered.
2) The attachment database entries were not deleted.
Using cascade for this, for now.
Also add a simple unit test, that tests both by having a
broken attachment on a media.
py3 does not have dict.has_key any more. You have to use
"key in dict" instead. As that works in python2 as well,
let's use that.
Also some small bits of pep8.
This currently fails (with foreign key constrain error):
1. Have user A and B.
2. User B creates media M.
3. User A post a comment on M.
4. User A deletes his own account.
The test is a little bit wider.
1) Remove mongo limitations (no 'or' when querying for either username
or email).
2) Lost password function revealed if an user name or email address
is registered, which can be considered a data leak.
Leaking user names is OK, they are public anyway, but don't reveal
lookup success in case the lookup happened by email address.
Simply respond: "If you have an account here, we have send you
your email"?
3) username and email search was case sensitive. Made username search
case insensitive (they are always stored lowercase in the db).
Keep email-address search case sensitive for now. This might need
further discussion
4) Remove a whole bunch of indention in the style of:
if no error:
...
if no error:
...
if no error:
actually do something in the regular case
by restructuring the function.
5) Outsource the sanity checking for username and email fields into the
validator function. This way, we get automatic case sanity checking
and sanitizing for all required fields.
6) Require 5-char password and fix tests
Originally, the Change password form required a password between 6-30
chars while the registration and login form did not require anything
special. This commit introduces a common minimum limit for all forms
which breaks the test suite which uses a 5 char password by
default. :-). As 5 chars seem sensible enough to enforce (people
should be picking much longer ones anyway), just reduce the limit to
5 chars, thereby making all tests pass.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This test fails, because it tries to set a slug with an "="
in it. And tests that the "=" gets replaced by "-".
Well, it currently is not being replaced.
The next (cherry picked) commit by Sebastian Spaeth fixes
this test!
nosetests runs everything that even vaguely looks like a
test case... even our get_test_app. And as it is imported
everywhere... it is run everywhere as a test case. Renaming
it saves us about 10+ tests and a few seconds of time.
Delete a user via web interface and see if it works. TODO: this does not test
that related entries are also cleaned up and we should extend the test to
do so.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
1) destroy_self() is a horrible function name, make it "destroy".
workbench.destroy() is descriptive enough.
2) WorkbenchManager.create_workbench() -> WorkbenchManager.create()
We use the pattern "with workbench_manager.create() as workbench:"
No need to mention workbenches three times in a row...
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Don't do "user = getUser() or newUser()" in one line. It is bound to
confuse poor souls. Be more explicit here and even add a code comment.
Thanks to Elrond for not liking the previous pattern.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We have a bunch of URLs that are more for internal use. At
least they're definitely not intended to be posted
somewhere for long term useage.
When those things affect a media, it's much better to
reference the media by its id. This can't change, ever.
This is better for races.
Like someone posting a comment while the owner
corrects a typo in the slug.
We only ever ran the password changing test here, and not the
half-existing test for changing the bio and homepage.
Fix the tests to actually run both tests. We check that setting bio and
homepage to a valid value works as expected. We also test for invalid
bio (too long) and invalid URLs setting fails. (which is what we want).
- Check that the old /edit/profile/ address redirects to /u/USER/edit/.
- Check that /u/USER/edit/ works as expected
- Check that /u/OTHERUSER/edit/ fails with a 403 Forbidden error when we
are not logged in as that user. The last remaining test that would be
useful is to make a user an admin and make sure the admin can edit
other users' profiles.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
Debian testing ships webtest 1.3.4. And it would be nice to
use the base packages.
One of the csrf tests fails on webtest < 1.3.6.
But using a fresh app fixes it.
We have no clue, why exactly.
When we require webtest 1.3.6, change this.
Factor all the migration related stuff out into a new
.db.sql.migration_tools.
First we don't have to load this module for our normal
server.
Second it makes all the import dependencies a little more
cleaner.
These tests, don't need fresh databases, so don't discard and recreate
the tables. This reduces test suite runtime on my laptop from 130 to 96
seconds.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
When the tests want to create a new user, don't fail if it already
exists and just reuse the existing one. This allows us to run tests
without dumping the whole database if that is not needed for the tests.
The upcoming tests for test_edit will make use of this.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This concludes the db.sql.* -> db.* move. Our db abstraction layer is
sqlalchemy, so there is no need to a separate db.sql.* hierarchy.
All tests have been run for each of the commit series to make sure
everything works at every step.
Now that sqlalchemy is providing the database abstractions, there is no
need to hide everything in db.sql. sub-modules. It complicates the code
and provides a futher layer of indirection.
Move the db.sql.util.py to db.util.py and adapt the importers.
Since sqlalchemy is providing our database abstraction and we have
moved away from Mongo as the underlying database, it is now time to
simplify things and rip out mongo. This provides the bulk of the
changes, and can stand on its own. There are some followup tasks
that can be done, such as removing now unneeded abstraction layers,
e.g. db.sql.fake.py
Bump bundled EXIF lib to 1.0.10 as release in Sep 2012.
Also skip unused detailed EXIF tags for reading, we might turn that
on when we need them.
Adapt test to wording change in EXIF Flas field and due to the fact
that we use "details=False" by default now (we did not use these
anyway)
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
We should handle SQLAlchemy warnings. And to make that a
lot easier, turn them into real errors. That way they
1) Turn up more prominently.
2) Have a useful backtrace.
This only happens in the testsuite, so that normal useage
is not impacted.
Replace webob usage in one more file. Document a TODO that should
be clarified, we should probably be using json_response rather than
Response() here.
Modify the TestMeddleware to not rely on the content_type attribute
being present, while werkzeug.wrappers Response() has it the BaseResponse()
object which is often returned in tests does not have it.
Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
