mediagoblin/mediagoblin/tests/test_moderation.py
tilly-Q 6acf4ee60e This should be my final code update before I am ready for review! Basically, in
this update I finished the search/sort function on the Reports Panel. I also
finished the Terms of Service and made the decision to remove the meta portion
of the site I had planned to create. I decided that the features involved were
just unnecessary at this point. I also dropped the User status column and added
a migration to establish default privileges (and create the privilege foundat-
-ions. I fixed a few small errors that were left over as well, in the implemen-
tation and in the tests. Next, I just need to await code review and work on the
documentation for these new features. I also need to supervise a new merge to
master.

===============================================================================
    Dropped the vestigial 'status' column
===============================================================================
--\ mediagoblin/db/migrations.py
--\ mediagoblin/db/models.py
--| Also added in comments describing the current situation with the `is_admin`
  | and `email_verified` columns, where they are 100% vestigial but cannot be
  | dropped.

===============================================================================
            Wrote necessary migrations to set up Privilege
    foundations and give users the necessary privileges on an older
     implementation of mediagoblin that is migrating into this update
===============================================================================
--\ mediagoblin/db/migrations.py

===============================================================================
    Deleted the meta pages
===============================================================================
--\ Deleted mediagoblin/meta/__init__.py
--\ Deleted mediagoblin/meta/routing.py
--\ Deleted mediagoblin/meta/views.py
--\ Deleted mediagoblin/templates/mediagoblin/meta/code_of_conduct.html
--\ Deleted mediagoblin/templates/mediagoblin/meta/reports_details.html
--\ Deleted mediagoblin/templates/mediagoblin/meta/reports_panel.html
    ----------------------------------------------------------------
        Moved the terms of service to /terms_of_service
    ----------------------------------------------------------------
    --\ Moved mediagoblin/templates/mediagoblin/meta/terms_of_service.html
        -> mediagoblin/templates/mediagoblin/terms_of_service.html
    --| I decided that terms of service were really the only necessary part of my
      | planned "meta" pages, so I moved it instead to its own singular page
    --\ mediagoblin/routing.py
    --\ mediagoblin/static/css/base.css
    --\ mediagoblin/templates/mediagoblin/base.html
    --\ mediagoblin/views.py

===============================================================================
          Simplified & Finished the Reports Panel Searching
===============================================================================
--\ mediagoblin/moderation/forms.py
--\ mediagoblin/moderation/tools.py
--\ mediagoblin/moderation/views.py
--\ mediagoblin/templates/mediagoblin/moderation/report_panel.html
--\ mediagoblin/templates/mediagoblin/moderation/user.html

===============================================================================
                  Fixed Small Errors
===============================================================================
--\ mediagoblin/templates/mediagoblin/user_pages/user.html
--\ mediagoblin/tests/test_moderation.py
--\ mediagoblin/tests/tools.py

===============================================================================
2013-09-10 13:17:07 -04:00

236 lines
9.8 KiB
Python

# GNU MediaGoblin -- federated, autonomous media hosting
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import pytest
from mediagoblin.tests.tools import (fixture_add_user,
fixture_add_comment_report, fixture_add_comment)
from mediagoblin.db.models import User, CommentReport, MediaComment, UserBan
from mediagoblin.moderation.tools import take_away_privileges, give_privileges
from mediagoblin.tools import template, mail
from datetime import date, timedelta
from webtest import AppError
class TestModerationViews:
@pytest.fixture(autouse=True)
def _setup(self, test_app):
self.test_app = test_app
fixture_add_user(u'admin',
privileges=[u'admin',u'active'])
fixture_add_user(u'moderator',
privileges=[u'moderator',u'active'])
fixture_add_user(u'regular',
privileges=[u'active',u'commenter'])
self.query_for_users()
def login(self, username):
self.test_app.post(
'/auth/login/', {
'username': username,
'password': 'toast'})
self.query_for_users()
def logout(self):
self.test_app.get('/auth/logout/')
self.query_for_users()
def query_for_users(self):
self.admin_user = User.query.filter(User.username==u'admin').first()
self.mod_user = User.query.filter(User.username==u'moderator').first()
self.user = User.query.filter(User.username==u'regular').first()
def do_post(self, data, *context_keys, **kwargs):
url = kwargs.pop('url', '/submit/')
do_follow = kwargs.pop('do_follow', False)
template.clear_test_template_context()
response = self.test_app.post(url, data, **kwargs)
if do_follow:
response.follow()
context_data = template.TEMPLATE_TEST_CONTEXT
for key in context_keys:
context_data = context_data[key]
return response, context_data
def testGiveOrTakeAwayPrivileges(self):
self.login(u'admin')
# First, test an admin taking away a privilege from a user
#----------------------------------------------------------------------
response, context = self.do_post({'privilege_name':u'commenter'},
url='/mod/users/{0}/privilege/'.format(self.user.username))
assert response.status == '302 FOUND'
self.query_for_users()
assert not self.user.has_privilege(u'commenter')
# Then, test an admin giving a privilege to a user
#----------------------------------------------------------------------
response, context = self.do_post({'privilege_name':u'commenter'},
url='/mod/users/{0}/privilege/'.format(self.user.username))
assert response.status == '302 FOUND'
self.query_for_users()
assert self.user.has_privilege(u'commenter')
# Then, test a mod trying to take away a privilege from a user
# they are not allowed to do this, so this will raise an error
#----------------------------------------------------------------------
self.logout()
self.login(u'moderator')
with pytest.raises(AppError) as excinfo:
response, context = self.do_post({'privilege_name':u'commenter'},
url='/mod/users/{0}/privilege/'.format(self.user.username))
assert 'Bad response: 403 FORBIDDEN' in str(excinfo)
self.query_for_users()
assert self.user.has_privilege(u'commenter')
def testReportResolution(self):
self.login(u'moderator')
# First, test a moderators taking away a user's privilege in response
# to a reported comment
#----------------------------------------------------------------------
fixture_add_comment_report(reported_user=self.user)
comment_report = CommentReport.query.filter(
CommentReport.reported_user==self.user).first()
response = self.test_app.get('/mod/reports/{0}/'.format(
comment_report.id))
assert response.status == '200 OK'
self.query_for_users()
comment_report = CommentReport.query.filter(
CommentReport.reported_user==self.user).first()
response, context = self.do_post({'action_to_resolve':[u'takeaway'],
'take_away_privileges':[u'commenter'],
'targeted_user':self.user.id},
url='/mod/reports/{0}/'.format(comment_report.id))
assert response.status == '302 FOUND'
fixture_add_comment_report(reported_user=self.user)
comment_report = CommentReport.query.filter(
CommentReport.reported_user==self.user).first()
assert not self.user.has_privilege(u'commenter')
# Then, test a moderator sending an email to a user in response to a
# reported comment
#----------------------------------------------------------------------
self.query_for_users()
response, context = self.do_post({'action_to_resolve':[u'sendmessage'],
'message_to_user':'This is your last warning, regular....',
'targeted_user':self.user.id},
url='/mod/reports/{0}/'.format(comment_report.id))
assert response.status == '302 FOUND'
assert mail.EMAIL_TEST_MBOX_INBOX == [{'to': [u'regular@example.com'],
'message': 'Content-Type: text/plain; charset="utf-8"\n\
MIME-Version: 1.0\nContent-Transfer-Encoding: base64\nSubject: Warning from- \
moderator \nFrom: notice@mediagoblin.example.org\nTo: regular@example.com\n\n\
VGhpcyBpcyB5b3VyIGxhc3Qgd2FybmluZywgcmVndWxhci4uLi4=\n',
'from': 'notice@mediagoblin.example.org'}]
# Then test a moderator banning a user AND a moderator deleting the
# offending comment. This also serves as a test for taking multiple
# actions to resolve a report
#----------------------------------------------------------------------
self.query_for_users()
fixture_add_comment(author=self.user.id,
comment=u'Comment will be removed')
test_comment = MediaComment.query.filter(
MediaComment.author==self.user.id).first()
fixture_add_comment_report(comment=test_comment,
reported_user=self.user)
comment_report = CommentReport.query.filter(
CommentReport.reported_user==self.user).first()
response, context = self.do_post(
{'action_to_resolve':[u'userban', u'delete'],
'targeted_user':self.user.id,
'why_user_was_banned':u'',
'user_banned_until':u''},
url='/mod/reports/{0}/'.format(comment_report.id))
assert response.status == '302 FOUND'
self.query_for_users()
test_user_ban = UserBan.query.filter(
UserBan.user_id == self.user.id).first()
assert test_user_ban is not None
test_comment = MediaComment.query.filter(
MediaComment.author==self.user.id).first()
assert test_comment is None
# Then, test what happens when a moderator attempts to punish an admin
# from a reported comment on an admin.
#----------------------------------------------------------------------
fixture_add_comment_report(reported_user=self.admin_user)
comment_report = CommentReport.query.filter(
CommentReport.reported_user==self.admin_user).first()
response, context = self.do_post({'action_to_resolve':[u'takeaway'],
'take_away_privileges':[u'active'],
'targeted_user':self.admin_user.id},
url='/mod/reports/{0}/'.format(comment_report.id))
self.query_for_users()
assert response.status == '200 OK'
assert self.admin_user.has_privilege(u'active')
def testAllModerationViews(self):
self.login(u'moderator')
username = self.user.username
self.query_for_users()
fixture_add_comment_report(reported_user=self.admin_user)
response = self.test_app.get('/mod/reports/')
assert response.status == "200 OK"
response = self.test_app.get('/mod/reports/1/')
assert response.status == "200 OK"
response = self.test_app.get('/mod/users/')
assert response.status == "200 OK"
user_page_url = '/mod/users/{0}/'.format(username)
response = self.test_app.get(user_page_url)
assert response.status == "200 OK"
self.test_app.get('/mod/media/')
assert response.status == "200 OK"
def testBanUnBanUser(self):
self.login(u'admin')
username = self.user.username
user_id = self.user.id
ban_url = '/mod/users/{0}/ban/'.format(username)
response, context = self.do_post({
'user_banned_until':u'',
'why_user_was_banned':u'Because I said so'},
url=ban_url)
assert response.status == "302 FOUND"
user_banned = UserBan.query.filter(UserBan.user_id==user_id).first()
assert user_banned is not None
assert user_banned.expiration_date is None
assert user_banned.reason == u'Because I said so'
response, context = self.do_post({},
url=ban_url)
assert response.status == "302 FOUND"
user_banned = UserBan.query.filter(UserBan.user_id==user_id).first()
assert user_banned is None