external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(test): FastAPI 0.87.0 - error fixes

Browse source 
FastAPI 0.87.0 switched to the httpx library for their TestClient

* allow_redirects is deprecated and replaced by follow_redirects

Signed-off-by: moson-mo <mo-son@mailbox.org>
This commit is contained in:
moson-mo 2022-11-24 22:23:37 +01:00
parent 512ba02389
commit 1216399d53
No known key found for this signature in database
GPG key ID: 4A4760AB4EE15296
8 changed files with 218 additions and 226 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
test/test_accounts_routes.py
View file

@ -70,6 +70,9 @@ def client() -> TestClient:
# Necessary for forged login CSRF protection on the login route. Set here
# instead of only on the necessary requests for convenience.
client.headers.update(TEST_REFERER)
# disable redirects for our tests
client.follow_redirects = False
yield client
@ -104,9 +107,7 @@ def test_get_passreset_authed_redirects(client: TestClient, user: User):
assert sid is not None
with client as request:
response = request.get(
"/passreset", cookies={"AURSID": sid}, allow_redirects=False
)
response = request.get("/passreset", cookies={"AURSID": sid})
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/"
@ -140,7 +141,7 @@ def test_get_passreset_translation(client: TestClient):
def test_get_passreset_with_resetkey(client: TestClient):
with client as request:
response = request.get("/passreset", data={"resetkey": "abcd"})
response = request.get("/passreset", params={"resetkey": "abcd"})
assert response.status_code == int(HTTPStatus.OK)
@ -153,7 +154,6 @@ def test_post_passreset_authed_redirects(client: TestClient, user: User):
"/passreset",
cookies={"AURSID": sid},
data={"user": "blah"},
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -323,7 +323,7 @@ def post_register(request, **kwargs):
for k, v in args.items():
data[k] = v
return request.post("/register", data=data, allow_redirects=False)
return request.post("/register", data=data)
def test_post_register(client: TestClient):
@ -737,7 +737,7 @@ def test_get_account_edit_unauthorized(client: TestClient, user: User):
endpoint = f"/account/{user2.Username}/edit"
with client as request:
# Try to edit `test2` while authenticated as `test`.
response = request.get(endpoint, cookies={"AURSID": sid}, allow_redirects=False)
response = request.get(endpoint, cookies={"AURSID": sid})
assert response.status_code == int(HTTPStatus.SEE_OTHER)
expected = f"/account/{user2.Username}"
@ -755,7 +755,6 @@ def test_post_account_edit(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -841,9 +840,7 @@ def test_post_account_edit_dev(client: TestClient, tu_user: User):
endpoint = f"/account/{tu_user.Username}/edit"
with client as request:
response = request.post(
endpoint, cookies={"AURSID": sid}, data=post_data, allow_redirects=False
)
response = request.post(endpoint, cookies={"AURSID": sid}, data=post_data)
assert response.status_code == int(HTTPStatus.OK)
expected = "The account, <strong>test</strong>, "
@ -867,7 +864,6 @@ def test_post_account_edit_language(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -897,7 +893,6 @@ def test_post_account_edit_timezone(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -914,7 +909,6 @@ def test_post_account_edit_error_missing_password(client: TestClient, user: User
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -934,7 +928,6 @@ def test_post_account_edit_error_invalid_password(client: TestClient, user: User
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1039,9 +1032,7 @@ def test_post_account_edit_error_unauthorized(client: TestClient, user: User):
endpoint = f"/account/{user2.Username}/edit"
with client as request:
# Attempt to edit 'test2' while logged in as 'test'.
response = request.post(
endpoint, cookies={"AURSID": sid}, data=post_data, allow_redirects=False
)
response = request.post(endpoint, cookies={"AURSID": sid}, data=post_data)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
expected = f"/account/{user2.Username}"
@ -1064,7 +1055,6 @@ def test_post_account_edit_ssh_pub_key(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -1077,7 +1067,6 @@ def test_post_account_edit_ssh_pub_key(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -1099,7 +1088,6 @@ def test_post_account_edit_missing_ssh_pubkey(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -1116,7 +1104,6 @@ def test_post_account_edit_missing_ssh_pubkey(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -1133,9 +1120,7 @@ def test_post_account_edit_invalid_ssh_pubkey(client: TestClient, user: User):
}
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
response = request.post(
"/account/test/edit", data=data, cookies=cookies, allow_redirects=False
)
response = request.post("/account/test/edit", data=data, cookies=cookies)
assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1157,7 +1142,6 @@ def test_post_account_edit_password(client: TestClient, user: User):
"/account/test/edit",
cookies={"AURSID": sid},
data=post_data,
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -1197,7 +1181,7 @@ def test_post_account_edit_other_user_as_user(client: TestClient, user: User):
endpoint = f"/account/{user2.Username}/edit"
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/account/{user2.Username}"
@ -1208,7 +1192,7 @@ def test_post_account_edit_self_type_as_tu(client: TestClient, tu_user: User):
# We cannot see the Account Type field on our own edit page.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
assert "id_type" in resp.text
@ -1239,7 +1223,7 @@ def test_post_account_edit_other_user_type_as_tu(
# As a TU, we can see the Account Type field for other users.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
assert "id_type" in resp.text
@ -1277,19 +1261,20 @@ def test_post_account_edit_other_user_suspend_as_tu(client: TestClient, tu_user:
# apart from `tu_user`s during our testing.
user_client = TestClient(app=app)
user_client.headers.update(TEST_REFERER)
user_client.follow_redirects = False
# Test that `user` can view their account edit page while logged in.
user_cookies = {"AURSID": sid}
with client as request:
endpoint = f"/account/{user.Username}/edit"
resp = request.get(endpoint, cookies=user_cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=user_cookies)
assert resp.status_code == HTTPStatus.OK
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
assert cookies is not None # This is useless, we create the dict here ^
# As a TU, we can see the Account for other users.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
# As a TU, we can modify other user's account types.
data = {
@ -1299,12 +1284,13 @@ def test_post_account_edit_other_user_suspend_as_tu(client: TestClient, tu_user:
"passwd": "testPassword",
}
with client as request:
resp = request.post(endpoint, data=data, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint, data=data)
assert resp.status_code == int(HTTPStatus.OK)
# Test that `user` no longer has a session.
with user_client as request:
resp = request.get(endpoint, cookies=user_cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=user_cookies)
assert resp.status_code == HTTPStatus.SEE_OTHER
# Since user is now suspended, they should not be able to login.
@ -1341,9 +1327,7 @@ def test_get_account(client: TestClient, user: User):
sid = user.login(request, "testPassword")
with client as request:
response = request.get(
"/account/test", cookies={"AURSID": sid}, allow_redirects=False
)
response = request.get("/account/test", cookies={"AURSID": sid})
assert response.status_code == int(HTTPStatus.OK)
@ -1353,16 +1337,14 @@ def test_get_account_not_found(client: TestClient, user: User):
sid = user.login(request, "testPassword")
with client as request:
response = request.get(
"/account/not_found", cookies={"AURSID": sid}, allow_redirects=False
)
response = request.get("/account/not_found", cookies={"AURSID": sid})
assert response.status_code == int(HTTPStatus.NOT_FOUND)
def test_get_account_unauthenticated(client: TestClient, user: User):
with client as request:
response = request.get("/account/test", allow_redirects=False)
response = request.get("/account/test")
assert response.status_code == int(HTTPStatus.UNAUTHORIZED)
content = response.content.decode()
@ -1832,7 +1814,7 @@ def test_get_terms_of_service(client: TestClient, user: User):
)
with client as request:
response = request.get("/tos", allow_redirects=False)
response = request.get("/tos")
assert response.status_code == int(HTTPStatus.SEE_OTHER)
request = Request()
@ -1842,12 +1824,12 @@ def test_get_terms_of_service(client: TestClient, user: User):
# First of all, let's test that we get redirected to /tos
# when attempting to browse authenticated without accepting terms.
with client as request:
response = request.get("/", cookies=cookies, allow_redirects=False)
response = request.get("/", cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/tos"
with client as request:
response = request.get("/tos", cookies=cookies, allow_redirects=False)
response = request.get("/tos", cookies=cookies)
assert response.status_code == int(HTTPStatus.OK)
with db.begin():
@ -1856,7 +1838,7 @@ def test_get_terms_of_service(client: TestClient, user: User):
)
with client as request:
response = request.get("/tos", cookies=cookies, allow_redirects=False)
response = request.get("/tos", cookies=cookies)
# We accepted the term, there's nothing left to accept.
assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -1865,7 +1847,7 @@ def test_get_terms_of_service(client: TestClient, user: User):
term.Revision = 2
with client as request:
response = request.get("/tos", cookies=cookies, allow_redirects=False)
response = request.get("/tos", cookies=cookies)
# This time, we have a modified term Revision that hasn't
# yet been agreed to via AcceptedTerm update.
assert response.status_code == int(HTTPStatus.OK)
@ -1874,7 +1856,7 @@ def test_get_terms_of_service(client: TestClient, user: User):
accepted_term.Revision = term.Revision
with client as request:
response = request.get("/tos", cookies=cookies, allow_redirects=False)
response = request.get("/tos", cookies=cookies)
# We updated the term revision, there's nothing left to accept.
assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -1931,7 +1913,7 @@ def test_post_terms_of_service(client: TestClient, user: User):
# Now, see that GET redirects us to / with no terms left to accept.
with client as request:
response = request.get("/tos", cookies=cookies, allow_redirects=False)
response = request.get("/tos", cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/"
@ -1946,7 +1928,7 @@ def test_account_comments_not_found(client: TestClient, user: User):
def test_accounts_unauthorized(client: TestClient, user: User):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.get("/accounts", cookies=cookies, allow_redirects=False)
resp = request.get("/accounts", cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == "/"

28
test/test_auth_routes.py
View file

@ -33,6 +33,9 @@ def client() -> TestClient:
# Necessary for forged login CSRF protection on the login route. Set here
# instead of only on the necessary requests for convenience.
client.headers.update(TEST_REFERER)
# disable redirects for our tests
client.follow_redirects = False
yield client
@ -58,21 +61,20 @@ def test_login_logout(client: TestClient, user: User):
response = request.get("/login")
assert response.status_code == int(HTTPStatus.OK)
response = request.post("/login", data=post_data, allow_redirects=False)
response = request.post("/login", data=post_data)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
# Simulate following the redirect location from above's response.
response = request.get(response.headers.get("location"))
assert response.status_code == int(HTTPStatus.OK)
response = request.post("/logout", data=post_data, allow_redirects=False)
response = request.post("/logout", data=post_data)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
response = request.post(
"/logout",
data=post_data,
cookies={"AURSID": response.cookies.get("AURSID")},
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -94,7 +96,7 @@ def test_login_email(client: TestClient, user: user):
post_data = {"user": user.Email, "passwd": "testPassword", "next": "/"}
with client as request:
resp = request.post("/login", data=post_data, allow_redirects=False)
resp = request.post("/login", data=post_data)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert "AURSID" in resp.cookies
@ -119,14 +121,14 @@ def test_insecure_login(getboolean: mock.Mock, client: TestClient, user: User):
# Perform a login request with the data matching our user.
with client as request:
response = request.post("/login", data=post_data, allow_redirects=False)
response = request.post("/login", data=post_data)
# Make sure we got the expected status out of it.
assert response.status_code == int(HTTPStatus.SEE_OTHER)
# Let's check what we got in terms of cookies for AURSID.
# Make sure that a secure cookie got passed to us.
cookie = next(c for c in response.cookies if c.name == "AURSID")
cookie = next(c for c in response.cookies.jar if c.name == "AURSID")
assert cookie.secure is False
assert cookie.has_nonstandard_attr("HttpOnly") is False
assert cookie.has_nonstandard_attr("SameSite") is True
@ -160,14 +162,14 @@ def test_secure_login(getboolean: mock.Mock, client: TestClient, user: User):
# Perform a login request with the data matching our user.
with client as request:
response = request.post("/login", data=post_data, allow_redirects=False)
response = request.post("/login", data=post_data)
# Make sure we got the expected status out of it.
assert response.status_code == int(HTTPStatus.SEE_OTHER)
# Let's check what we got in terms of cookies for AURSID.
# Make sure that a secure cookie got passed to us.
cookie = next(c for c in response.cookies if c.name == "AURSID")
cookie = next(c for c in response.cookies.jar if c.name == "AURSID")
assert cookie.secure is True
assert cookie.has_nonstandard_attr("HttpOnly") is True
assert cookie.has_nonstandard_attr("SameSite") is True
@ -186,7 +188,7 @@ def test_authenticated_login(client: TestClient, user: User):
with client as request:
# Try to login.
response = request.post("/login", data=post_data, allow_redirects=False)
response = request.post("/login", data=post_data)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/"
@ -194,9 +196,7 @@ def test_authenticated_login(client: TestClient, user: User):
# when requesting GET /login as an authenticated user.
# Now, let's verify that we receive 403 Forbidden when we
# try to get /login as an authenticated user.
response = request.get(
"/login", cookies=response.cookies, allow_redirects=False
)
response = request.get("/login", cookies=response.cookies)
assert response.status_code == int(HTTPStatus.OK)
assert "Logged-in as: <strong>test</strong>" in response.text
@ -205,7 +205,7 @@ def test_unauthenticated_logout_unauthorized(client: TestClient):
with client as request:
# Alright, let's verify that attempting to /logout when not
# authenticated returns 401 Unauthorized.
response = request.post("/logout", allow_redirects=False)
response = request.post("/logout")
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location").startswith("/login")
@ -232,7 +232,7 @@ def test_login_remember_me(client: TestClient, user: User):
}
with client as request:
response = request.post("/login", data=post_data, allow_redirects=False)
response = request.post("/login", data=post_data)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert "AURSID" in response.cookies

9
test/test_homepage.py
View file

@ -253,7 +253,8 @@ def test_homepage_dashboard_requests(redis, packages, user):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
response = request.get("/", cookies=cookies)
request.cookies = cookies
response = request.get("/")
assert response.status_code == int(HTTPStatus.OK)
root = parse_root(response.text)
@ -270,7 +271,8 @@ def test_homepage_dashboard_flagged_packages(redis, packages, user):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
response = request.get("/", cookies=cookies)
request.cookies = cookies
response = request.get("/")
assert response.status_code == int(HTTPStatus.OK)
# Check to see that the package showed up in the Flagged Packages table.
@ -293,7 +295,8 @@ def test_homepage_dashboard_flagged(user: User, user2: User, package: Package):
# flagged co-maintained packages.
comaint_cookies = {"AURSID": user2.login(Request(), "testPassword")}
with client as request:
resp = request.get("/", cookies=comaint_cookies)
request.cookies = comaint_cookies
resp = request.get("/")
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)

45
test/test_packages_routes.py
View file

@ -65,7 +65,11 @@ def setup(db_test):
@pytest.fixture
def client() -> TestClient:
"""Yield a FastAPI TestClient."""
yield TestClient(app=asgi.app)
client = TestClient(app=asgi.app)
# disable redirects for our tests
client.follow_redirects = False
yield client
def create_user(username: str) -> User:
@ -1142,7 +1146,6 @@ def test_packages_post_unknown_action(client: TestClient, user: User, package: P
"/packages",
data={"action": "unknown"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1159,7 +1162,6 @@ def test_packages_post_error(client: TestClient, user: User, package: Package):
"/packages",
data={"action": "stub"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1180,7 +1182,6 @@ def test_packages_post(client: TestClient, user: User, package: Package):
"/packages",
data={"action": "stub"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.OK)
@ -1203,7 +1204,8 @@ def test_packages_post_unflag(
# Don't supply any packages.
post_data = {"action": "unflag", "IDs": []}
with client as request:
resp = request.post("/packages", data=post_data, cookies=cookies)
request.cookies = cookies
resp = request.post("/packages", data=post_data)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
expected = "You did not select any packages to unflag."
@ -1212,7 +1214,8 @@ def test_packages_post_unflag(
# Unflag the package as `user`.
post_data = {"action": "unflag", "IDs": [package.ID]}
with client as request:
resp = request.post("/packages", data=post_data, cookies=cookies)
request.cookies = cookies
resp = request.post("/packages", data=post_data)
assert resp.status_code == int(HTTPStatus.OK)
assert package.PackageBase.Flagger is None
successes = get_successes(resp.text)
@ -1229,7 +1232,8 @@ def test_packages_post_unflag(
maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
post_data = {"action": "unflag", "IDs": [package.ID]}
with client as request:
resp = request.post("/packages", data=post_data, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.post("/packages", data=post_data)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
expected = "You did not select any packages to unflag."
@ -1387,7 +1391,8 @@ def test_packages_post_disown_as_maintainer(
# Try to run the disown action with no IDs; get an error.
cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
with client as request:
resp = request.post("/packages", data={"action": "disown"}, cookies=cookies)
request.cookies = cookies
resp = request.post("/packages", data={"action": "disown"})
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
expected = "You did not select any packages to disown."
@ -1396,9 +1401,8 @@ def test_packages_post_disown_as_maintainer(
# Try to disown `package` without giving the confirm argument.
with client as request:
resp = request.post(
"/packages", data={"action": "disown", "IDs": [package.ID]}, cookies=cookies
)
request.cookies = cookies
resp = request.post("/packages", data={"action": "disown", "IDs": [package.ID]})
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
assert package.PackageBase.Maintainer is not None
errors = get_errors(resp.text)
@ -1411,10 +1415,10 @@ def test_packages_post_disown_as_maintainer(
# Now, try to disown `package` without credentials (as `user`).
user_cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
request.cookies = user_cookies
resp = request.post(
"/packages",
data={"action": "disown", "IDs": [package.ID], "confirm": True},
cookies=user_cookies,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
assert package.PackageBase.Maintainer is not None
@ -1424,10 +1428,10 @@ def test_packages_post_disown_as_maintainer(
# Now, let's really disown `package` as `maintainer`.
with client as request:
request.cookies = cookies
resp = request.post(
"/packages",
data={"action": "disown", "IDs": [package.ID], "confirm": True},
cookies=cookies,
)
assert package.PackageBase.Maintainer is None
@ -1463,9 +1467,8 @@ def test_packages_post_delete(
# First, let's try to use the delete action with no packages IDs.
user_cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.post(
"/packages", data={"action": "delete"}, cookies=user_cookies
)
request.cookies = user_cookies
resp = request.post("/packages", data={"action": "delete"})
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
expected = "You did not select any packages to delete."
@ -1473,10 +1476,10 @@ def test_packages_post_delete(
# Now, let's try to delete real packages without supplying "confirm".
with client as request:
request.cookies = user_cookies
resp = request.post(
"/packages",
data={"action": "delete", "IDs": [package.ID]},
cookies=user_cookies,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
@ -1488,10 +1491,10 @@ def test_packages_post_delete(
# And again, with everything, but `user` doesn't have permissions.
with client as request:
request.cookies = user_cookies
resp = request.post(
"/packages",
data={"action": "delete", "IDs": [package.ID], "confirm": True},
cookies=user_cookies,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
@ -1503,10 +1506,10 @@ def test_packages_post_delete(
# an invalid package ID.
tu_cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
request.cookies = tu_cookies
resp = request.post(
"/packages",
data={"action": "delete", "IDs": [0], "confirm": True},
cookies=tu_cookies,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
errors = get_errors(resp.text)
@ -1516,10 +1519,10 @@ def test_packages_post_delete(
# Whoo. Now, let's finally make a valid request as `tu_user`
# to delete `package`.
with client as request:
request.cookies = tu_cookies
resp = request.post(
"/packages",
data={"action": "delete", "IDs": [package.ID], "confirm": True},
cookies=tu_cookies,
)
assert resp.status_code == int(HTTPStatus.OK)
successes = get_successes(resp.text)
@ -1541,7 +1544,7 @@ def test_account_comments_unauthorized(client: TestClient, user: User):
leverage existing fixtures."""
endpoint = f"/account/{user.Username}/comments"
with client as request:
resp = request.get(endpoint, allow_redirects=False)
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location").startswith("/login")

163
test/test_pkgbase_routes.py
View file

@ -59,7 +59,11 @@ def setup(db_test):
@pytest.fixture
def client() -> TestClient:
"""Yield a FastAPI TestClient."""
yield TestClient(app=asgi.app)
client = TestClient(app=asgi.app)
# disable redirects for our tests
client.follow_redirects = False
yield client
def create_user(username: str) -> User:
@ -245,7 +249,7 @@ def test_pkgbase_not_found(client: TestClient):
def test_pkgbase_redirect(client: TestClient, package: Package):
with client as request:
resp = request.get(f"/pkgbase/{package.Name}", allow_redirects=False)
resp = request.get(f"/pkgbase/{package.Name}")
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/packages/{package.Name}"
@ -256,7 +260,7 @@ def test_pkgbase(client: TestClient, package: Package):
expected = [package.Name, second.Name]
with client as request:
resp = request.get(f"/pkgbase/{package.Name}", allow_redirects=False)
resp = request.get(f"/pkgbase/{package.Name}")
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -287,7 +291,7 @@ def test_pkgbase_maintainer(
)
with client as request:
resp = request.get(f"/pkgbase/{package.Name}")
resp = request.get(f"/pkgbase/{package.Name}", follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -308,7 +312,7 @@ def test_pkgbase_voters(client: TestClient, tu_user: User, package: Package):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
# We should've gotten one link to the voter, tu_user.
@ -327,7 +331,7 @@ def test_pkgbase_voters_unauthorized(client: TestClient, user: User, package: Pa
db.create(PackageVote, User=user, PackageBase=pkgbase, VoteTS=now)
with client as request:
resp = request.get(endpoint, allow_redirects=False)
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -420,7 +424,7 @@ def test_pkgbase_comments(
assert resp.headers.get("location")[:prefix_len] == expected_prefix
with client as request:
resp = request.get(resp.headers.get("location"))
resp = request.get(resp.headers.get("location"), follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -461,7 +465,7 @@ def test_pkgbase_comments(
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
with client as request:
resp = request.get(resp.headers.get("location"))
resp = request.get(resp.headers.get("location"), follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -527,7 +531,8 @@ def test_pkgbase_comment_delete(
pkgbasename = package.PackageBase.Name
endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/delete"
with client as request:
resp = request.post(endpoint, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
expected = f"/pkgbase/{pkgbasename}"
@ -537,12 +542,14 @@ def test_pkgbase_comment_delete(
maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/undelete"
with client as request:
resp = request.post(endpoint, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
# And move on to undeleting it.
with client as request:
resp = request.post(endpoint, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -670,7 +677,7 @@ def test_pkgbase_comaintainers_not_found(client: TestClient, maintainer: User):
cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
endpoint = "/pkgbase/fake/comaintainers"
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -678,7 +685,7 @@ def test_pkgbase_comaintainers_post_not_found(client: TestClient, maintainer: Us
cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
endpoint = "/pkgbase/fake/comaintainers"
with client as request:
resp = request.post(endpoint, cookies=cookies, allow_redirects=False)
resp = request.post(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -689,7 +696,7 @@ def test_pkgbase_comaintainers_unauthorized(
endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -701,7 +708,7 @@ def test_pkgbase_comaintainers_post_unauthorized(
endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.post(endpoint, cookies=cookies, allow_redirects=False)
resp = request.post(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -713,9 +720,7 @@ def test_pkgbase_comaintainers_post_invalid_user(
endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
with client as request:
resp = request.post(
endpoint, data={"users": "\nfake\n"}, cookies=cookies, allow_redirects=False
)
resp = request.post(endpoint, data={"users": "\nfake\n"}, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -737,7 +742,6 @@ def test_pkgbase_comaintainers(
endpoint,
data={"users": f"\n{user.Username}\n{maintainer.Username}\n"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -748,7 +752,6 @@ def test_pkgbase_comaintainers(
endpoint,
data={"users": f"\n{user.Username}\n{maintainer.Username}\n"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -757,7 +760,7 @@ def test_pkgbase_comaintainers(
# let's perform a GET request to make sure that the backend produces
# the user we added in the users textarea.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -766,14 +769,12 @@ def test_pkgbase_comaintainers(
# Finish off by removing all the comaintainers.
with client as request:
resp = request.post(
endpoint, data={"users": str()}, cookies=cookies, allow_redirects=False
)
resp = request.post(endpoint, data={"users": str()}, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -856,7 +857,6 @@ def test_pkgbase_request_post_merge_not_found_error(
"comments": "We want to merge this.",
},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.OK)
@ -880,7 +880,6 @@ def test_pkgbase_request_post_merge_no_merge_into_error(
"comments": "We want to merge this.",
},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.OK)
@ -904,7 +903,6 @@ def test_pkgbase_request_post_merge_self_error(
"comments": "We want to merge this.",
},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.OK)
@ -927,26 +925,28 @@ def test_pkgbase_flag(
# Get the flag page.
with client as request:
resp = request.get(endpoint, cookies=cookies)
request.cookies = cookies
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.OK)
# Now, let's check the /pkgbase/{name}/flag-comment route.
flag_comment_endpoint = f"/pkgbase/{pkgbase.Name}/flag-comment"
with client as request:
resp = request.get(
flag_comment_endpoint, cookies=cookies, allow_redirects=False
)
request.cookies = cookies
resp = request.get(flag_comment_endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
# Try to flag it without a comment.
with client as request:
resp = request.post(endpoint, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
# Flag it with a valid comment.
with client as request:
resp = request.post(endpoint, data={"comments": "Test"}, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint, data={"comments": "Test"})
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgbase.Flagger == user
assert pkgbase.FlaggerComment == "Test"
@ -957,15 +957,15 @@ def test_pkgbase_flag(
# Now, let's check the /pkgbase/{name}/flag-comment route.
flag_comment_endpoint = f"/pkgbase/{pkgbase.Name}/flag-comment"
with client as request:
resp = request.get(
flag_comment_endpoint, cookies=cookies, allow_redirects=False
)
request.cookies = cookies
resp = request.get(flag_comment_endpoint)
assert resp.status_code == int(HTTPStatus.OK)
# Now try to perform a get; we should be redirected because
# it's already flagged.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
request.cookies = cookies
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
with db.begin():
@ -982,27 +982,29 @@ def test_pkgbase_flag(
user2_cookies = {"AURSID": user2.login(Request(), "testPassword")}
endpoint = f"/pkgbase/{pkgbase.Name}/unflag"
with client as request:
resp = request.post(endpoint, cookies=user2_cookies)
request.cookies = user2_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgbase.Flagger == user
# Now, test that the 'maintainer' user can.
maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
with client as request:
resp = request.post(endpoint, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgbase.Flagger is None
# Flag it again.
with client as request:
resp = request.post(
f"/pkgbase/{pkgbase.Name}/flag", data={"comments": "Test"}, cookies=cookies
)
request.cookies = cookies
resp = request.post(f"/pkgbase/{pkgbase.Name}/flag", data={"comments": "Test"})
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
# Now, unflag it for real.
with client as request:
resp = request.post(endpoint, cookies=cookies)
request.cookies = cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgbase.Flagger is None
@ -1113,7 +1115,7 @@ def test_pkgbase_disown_as_maint_with_comaint(
maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
with client as request:
resp = request.post(
endp, data=post_data, cookies=maint_cookies, allow_redirects=True
endp, data=post_data, cookies=maint_cookies, follow_redirects=True
)
assert resp.status_code == int(HTTPStatus.OK)
@ -1145,52 +1147,62 @@ def test_pkgbase_disown(
# GET as a normal user, which is rejected for lack of credentials.
with client as request:
resp = request.get(endpoint, cookies=user_cookies, allow_redirects=False)
request.cookies = user_cookies
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
# GET as a comaintainer.
with client as request:
resp = request.get(endpoint, cookies=comaint_cookies, allow_redirects=False)
request.cookies = comaint_cookies
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.OK)
# Ensure that the comaintainer can see "Disown Package" link
with client as request:
resp = request.get(pkgbase_endp, cookies=comaint_cookies)
request.cookies = comaint_cookies
resp = request.get(pkgbase_endp, follow_redirects=True)
assert "Disown Package" in resp.text
# GET as the maintainer.
with client as request:
resp = request.get(endpoint, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.get(endpoint)
assert resp.status_code == int(HTTPStatus.OK)
# Ensure that the maintainer can see "Disown Package" link
with client as request:
resp = request.get(pkgbase_endp, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.get(pkgbase_endp, follow_redirects=True)
assert "Disown Package" in resp.text
# POST as a normal user, which is rejected for lack of credentials.
with client as request:
resp = request.post(endpoint, cookies=user_cookies)
request.cookies = user_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
# POST as the comaintainer without "confirm".
with client as request:
resp = request.post(endpoint, cookies=comaint_cookies)
request.cookies = comaint_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
# POST as the maintainer without "confirm".
with client as request:
resp = request.post(endpoint, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.post(endpoint)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
# POST as the comaintainer with "confirm".
with client as request:
resp = request.post(endpoint, data={"confirm": True}, cookies=comaint_cookies)
request.cookies = comaint_cookies
resp = request.post(endpoint, data={"confirm": True})
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
# POST as the maintainer with "confirm".
with client as request:
resp = request.post(endpoint, data={"confirm": True}, cookies=maint_cookies)
request.cookies = maint_cookies
resp = request.post(endpoint, data={"confirm": True})
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -1207,21 +1219,21 @@ def test_pkgbase_adopt(
# Adopt the package base.
with client as request:
resp = request.post(endpoint, cookies=cookies, allow_redirects=False)
resp = request.post(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert package.PackageBase.Maintainer == maintainer
# Try to adopt it when it already has a maintainer; nothing changes.
user_cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.post(endpoint, cookies=user_cookies, allow_redirects=False)
resp = request.post(endpoint, cookies=user_cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert package.PackageBase.Maintainer == maintainer
# Steal the package as a TU.
tu_cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
resp = request.post(endpoint, cookies=tu_cookies, allow_redirects=False)
resp = request.post(endpoint, cookies=tu_cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert package.PackageBase.Maintainer == tu_user
@ -1233,7 +1245,7 @@ def test_pkgbase_delete_unauthorized(client: TestClient, user: User, package: Pa
# Test GET.
with client as request:
resp = request.get(endpoint, cookies=cookies, allow_redirects=False)
resp = request.get(endpoint, cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -1308,7 +1320,6 @@ def test_packages_post_unknown_action(client: TestClient, user: User, package: P
"/packages",
data={"action": "unknown"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1325,7 +1336,6 @@ def test_packages_post_error(client: TestClient, user: User, package: Package):
"/packages",
data={"action": "stub"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1346,7 +1356,6 @@ def test_packages_post(client: TestClient, user: User, package: Package):
"/packages",
data={"action": "stub"},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.OK)
@ -1521,7 +1530,7 @@ def test_pkgbase_merge_post(
def test_pkgbase_keywords(client: TestClient, user: User, package: Package):
endpoint = f"/pkgbase/{package.PackageBase.Name}"
with client as request:
resp = request.get(endpoint)
resp = request.get(endpoint, follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -1532,13 +1541,16 @@ def test_pkgbase_keywords(client: TestClient, user: User, package: Package):
cookies = {"AURSID": maint.login(Request(), "testPassword")}
post_endpoint = f"{endpoint}/keywords"
with client as request:
request.cookies = cookies
resp = request.post(
post_endpoint, data={"keywords": "abc test"}, cookies=cookies
post_endpoint,
data={"keywords": "abc test"},
)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
with client as request:
resp = request.get(resp.headers.get("location"))
request.cookies = {}
resp = request.get(resp.headers.get("location"), follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -1552,7 +1564,8 @@ def test_pkgbase_keywords(client: TestClient, user: User, package: Package):
def test_pkgbase_empty_keywords(client: TestClient, user: User, package: Package):
endpoint = f"/pkgbase/{package.PackageBase.Name}"
with client as request:
resp = request.get(endpoint)
request.cookies = {}
resp = request.get(endpoint, follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -1563,15 +1576,16 @@ def test_pkgbase_empty_keywords(client: TestClient, user: User, package: Package
cookies = {"AURSID": maint.login(Request(), "testPassword")}
post_endpoint = f"{endpoint}/keywords"
with client as request:
request.cookies = cookies
resp = request.post(
post_endpoint,
data={"keywords": "abc test foo bar "},
cookies=cookies,
)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
with client as request:
resp = request.get(resp.headers.get("location"))
request.cookies = {}
resp = request.get(resp.headers.get("location"), follow_redirects=True)
assert resp.status_code == int(HTTPStatus.OK)
root = parse_root(resp.text)
@ -1608,12 +1622,12 @@ def test_independent_user_unflag(client: TestClient, user: User, package: Packag
pkgbase = package.PackageBase
cookies = {"AURSID": flagger.login(Request(), "testPassword")}
with client as request:
request.cookies = cookies
endp = f"/pkgbase/{pkgbase.Name}/flag"
response = request.post(
endp,
data={"comments": "This thing needs a flag!"},
cookies=cookies,
allow_redirects=True,
follow_redirects=True,
)
assert response.status_code == HTTPStatus.OK
@ -1622,7 +1636,8 @@ def test_independent_user_unflag(client: TestClient, user: User, package: Packag
# page when browsing as that `flagger` user.
with client as request:
endp = f"/pkgbase/{pkgbase.Name}"
response = request.get(endp, cookies=cookies, allow_redirects=True)
request.cookies = cookies
response = request.get(endp, follow_redirects=True)
assert response.status_code == HTTPStatus.OK
# Assert that the "Unflag package" link appears in the DOM.
@ -1633,7 +1648,8 @@ def test_independent_user_unflag(client: TestClient, user: User, package: Packag
# Now, unflag the package by "clicking" the "Unflag package" link.
with client as request:
endp = f"/pkgbase/{pkgbase.Name}/unflag"
response = request.post(endp, cookies=cookies, allow_redirects=True)
request.cookies = cookies
response = request.post(endp, follow_redirects=True)
assert response.status_code == HTTPStatus.OK
# For the last time, let's check the GET response. The package should
@ -1641,7 +1657,8 @@ def test_independent_user_unflag(client: TestClient, user: User, package: Packag
# should be missing.
with client as request:
endp = f"/pkgbase/{pkgbase.Name}"
response = request.get(endp, cookies=cookies, allow_redirects=True)
request.cookies = cookies
response = request.get(endp, follow_redirects=True)
assert response.status_code == HTTPStatus.OK
# Assert that the "Unflag package" link does not appear in the DOM.

31
test/test_requests.py
View file

@ -29,7 +29,11 @@ def setup(db_test) -> None:
@pytest.fixture
def client() -> TestClient:
"""Yield a TestClient."""
yield TestClient(app=asgi.app)
client = TestClient(app=asgi.app)
# disable redirects for our tests
client.follow_redirects = False
yield client
def create_user(username: str, email: str) -> User:
@ -321,7 +325,8 @@ def test_request_post_deletion_autoaccept(
endpoint = f"/pkgbase/{pkgbase.Name}/request"
data = {"comments": "Test request.", "type": "deletion"}
with client as request:
resp = request.post(endpoint, data=data, cookies=auser.cookies)
request.cookies = auser.cookies
resp = request.post(endpoint, data=data)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
pkgreq = (
@ -642,7 +647,8 @@ def test_request_post_orphan_autoaccept(
"comments": "Test request.",
}
with client as request:
resp = request.post(endpoint, data=data, cookies=auser.cookies)
request.cookies = auser.cookies
resp = request.post(endpoint, data=data)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
pkgreq = pkgbase.requests.first()
@ -715,7 +721,7 @@ def test_pkgreq_by_id_not_found():
def test_requests_unauthorized(client: TestClient):
with client as request:
resp = request.get("/requests", allow_redirects=False)
resp = request.get("/requests")
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -879,9 +885,7 @@ def test_requests_selfmade(
def test_requests_close(client: TestClient, user: User, pkgreq: PackageRequest):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.get(
f"/requests/{pkgreq.ID}/close", cookies=cookies, allow_redirects=False
)
resp = request.get(f"/requests/{pkgreq.ID}/close", cookies=cookies)
assert resp.status_code == int(HTTPStatus.OK)
@ -890,9 +894,7 @@ def test_requests_close_unauthorized(
):
cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
with client as request:
resp = request.get(
f"/requests/{pkgreq.ID}/close", cookies=cookies, allow_redirects=False
)
resp = request.get(f"/requests/{pkgreq.ID}/close", cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == "/"
@ -906,7 +908,6 @@ def test_requests_close_post_unauthorized(
f"/requests/{pkgreq.ID}/close",
data={"reason": ACCEPTED_ID},
cookies=cookies,
allow_redirects=False,
)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert resp.headers.get("location") == "/"
@ -915,9 +916,7 @@ def test_requests_close_post_unauthorized(
def test_requests_close_post(client: TestClient, user: User, pkgreq: PackageRequest):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.post(
f"/requests/{pkgreq.ID}/close", cookies=cookies, allow_redirects=False
)
resp = request.post(f"/requests/{pkgreq.ID}/close", cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgreq.Status == REJECTED_ID
@ -930,9 +929,7 @@ def test_requests_close_post_rejected(
):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
resp = request.post(
f"/requests/{pkgreq.ID}/close", cookies=cookies, allow_redirects=False
)
resp = request.post(f"/requests/{pkgreq.ID}/close", cookies=cookies)
assert resp.status_code == int(HTTPStatus.SEE_OTHER)
assert pkgreq.Status == REJECTED_ID

8
test/test_routes.py
View file

@ -20,7 +20,11 @@ def setup(db_test):
@pytest.fixture
def client() -> TestClient:
yield TestClient(app=app)
client = TestClient(app=app)
# disable redirects for our tests
client.follow_redirects = False
yield client
@pytest.fixture
@ -66,7 +70,7 @@ def test_favicon(client: TestClient):
"""Test the favicon route at '/favicon.ico'."""
with client as request:
response1 = request.get("/static/images/favicon.ico")
response2 = request.get("/favicon.ico")
response2 = request.get("/favicon.ico", follow_redirects=True)
assert response1.status_code == int(HTTPStatus.OK)
assert response1.content == response2.content

82
test/test_trusted_user_routes.py
View file

@ -81,7 +81,11 @@ def setup(db_test):
def client():
from aurweb.asgi import app
yield TestClient(app=app)
client = TestClient(app=app)
# disable redirects for our tests
client.follow_redirects = False
yield client
@pytest.fixture
@ -151,7 +155,7 @@ def proposal(user, tu_user):
def test_tu_index_guest(client):
headers = {"referer": config.get("options", "aur_location") + "/tu"}
with client as request:
response = request.get("/tu", allow_redirects=False, headers=headers)
response = request.get("/tu", headers=headers)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
params = filters.urlencode({"next": "/tu"})
@ -162,7 +166,7 @@ def test_tu_index_unauthorized(client: TestClient, user: User):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
# Login as a normal user, not a TU.
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/"
@ -173,7 +177,7 @@ def test_tu_empty_index(client, tu_user):
# Make a default get request to /tu.
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == int(HTTPStatus.OK)
# Parse lxml root.
@ -226,7 +230,6 @@ def test_tu_index(client, tu_user):
"/tu",
cookies=cookies,
params={"cby": "BAD!", "pby": "blah"},
allow_redirects=False,
)
assert response.status_code == int(HTTPStatus.OK)
@ -292,7 +295,7 @@ def test_tu_index(client, tu_user):
def test_tu_stats(client: TestClient, tu_user: User):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == HTTPStatus.OK
root = parse_root(response.text)
@ -313,7 +316,7 @@ def test_tu_stats(client: TestClient, tu_user: User):
tu_user.InactivityTS = time.utcnow()
with client as request:
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == HTTPStatus.OK
root = parse_root(response.text)
@ -361,7 +364,7 @@ def test_tu_index_table_paging(client, tu_user):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == int(HTTPStatus.OK)
# Parse lxml.etree root.
@ -391,9 +394,7 @@ def test_tu_index_table_paging(client, tu_user):
# Now, get the next page of current votes.
offset = 10 # Specify coff=10
with client as request:
response = request.get(
"/tu", cookies=cookies, params={"coff": offset}, allow_redirects=False
)
response = request.get("/tu", cookies=cookies, params={"coff": offset})
assert response.status_code == int(HTTPStatus.OK)
old_rows = rows
@ -420,9 +421,7 @@ def test_tu_index_table_paging(client, tu_user):
offset = 20 # Specify coff=10
with client as request:
response = request.get(
"/tu", cookies=cookies, params={"coff": offset}, allow_redirects=False
)
response = request.get("/tu", cookies=cookies, params={"coff": offset})
assert response.status_code == int(HTTPStatus.OK)
# Do it again, we only have five left.
@ -471,7 +470,7 @@ def test_tu_index_sorting(client, tu_user):
# Make a default request to /tu.
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get("/tu", cookies=cookies, allow_redirects=False)
response = request.get("/tu", cookies=cookies)
assert response.status_code == int(HTTPStatus.OK)
# Get lxml handles of the document.
@ -498,9 +497,7 @@ def test_tu_index_sorting(client, tu_user):
# Make another request; one that sorts the current votes
# in ascending order instead of the default descending order.
with client as request:
response = request.get(
"/tu", cookies=cookies, params={"cby": "asc"}, allow_redirects=False
)
response = request.get("/tu", cookies=cookies, params={"cby": "asc"})
assert response.status_code == int(HTTPStatus.OK)
# Get lxml handles of the document.
@ -573,7 +570,8 @@ def test_tu_index_last_votes(
def test_tu_proposal_not_found(client, tu_user):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get("/tu", params={"id": 1}, cookies=cookies)
request.cookies = cookies
response = request.get("/tu", params={"id": 1}, follow_redirects=True)
assert response.status_code == int(HTTPStatus.NOT_FOUND)
@ -583,14 +581,12 @@ def test_tu_proposal_unauthorized(
cookies = {"AURSID": user.login(Request(), "testPassword")}
endpoint = f"/tu/{proposal[2].ID}"
with client as request:
response = request.get(endpoint, cookies=cookies, allow_redirects=False)
response = request.get(endpoint, cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/tu"
with client as request:
response = request.post(
endpoint, cookies=cookies, data={"decision": False}, allow_redirects=False
)
response = request.post(endpoint, cookies=cookies, data={"decision": False})
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/tu"
@ -606,7 +602,9 @@ def test_tu_running_proposal(
proposal_id = voteinfo.ID
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
response = request.get(f"/tu/{proposal_id}", cookies=cookies)
response = request.get(
f"/tu/{proposal_id}", cookies=cookies, follow_redirects=True
)
assert response.status_code == int(HTTPStatus.OK)
# Alright, now let's continue on to verifying some markup.
@ -676,7 +674,9 @@ def test_tu_running_proposal(
# Make another request now that we've voted.
with client as request:
response = request.get("/tu", params={"id": voteinfo.ID}, cookies=cookies)
response = request.get(
"/tu", params={"id": voteinfo.ID}, cookies=cookies, follow_redirects=True
)
assert response.status_code == int(HTTPStatus.OK)
# Parse our new root.
@ -734,9 +734,7 @@ def test_tu_proposal_vote_not_found(client, tu_user):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
data = {"decision": "Yes"}
response = request.post(
"/tu/1", cookies=cookies, data=data, allow_redirects=False
)
response = request.post("/tu/1", cookies=cookies, data=data)
assert response.status_code == int(HTTPStatus.NOT_FOUND)
@ -777,9 +775,7 @@ def test_tu_proposal_vote_unauthorized(
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
data = {"decision": "Yes"}
response = request.post(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
assert response.status_code == int(HTTPStatus.UNAUTHORIZED)
root = parse_root(response.text)
@ -788,9 +784,7 @@ def test_tu_proposal_vote_unauthorized(
with client as request:
data = {"decision": "Yes"}
response = request.get(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
assert response.status_code == int(HTTPStatus.OK)
root = parse_root(response.text)
@ -808,9 +802,7 @@ def test_tu_proposal_vote_cant_self_vote(client, proposal):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
data = {"decision": "Yes"}
response = request.post(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
assert response.status_code == int(HTTPStatus.BAD_REQUEST)
root = parse_root(response.text)
@ -819,9 +811,7 @@ def test_tu_proposal_vote_cant_self_vote(client, proposal):
with client as request:
data = {"decision": "Yes"}
response = request.get(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
assert response.status_code == int(HTTPStatus.OK)
root = parse_root(response.text)
@ -840,9 +830,7 @@ def test_tu_proposal_vote_already_voted(client, proposal):
cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
with client as request:
data = {"decision": "Yes"}
response = request.post(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
assert response.status_code == int(HTTPStatus.BAD_REQUEST)
root = parse_root(response.text)
@ -851,9 +839,7 @@ def test_tu_proposal_vote_already_voted(client, proposal):
with client as request:
data = {"decision": "Yes"}
response = request.get(
f"/tu/{voteinfo.ID}", cookies=cookies, data=data, allow_redirects=False
)
response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
assert response.status_code == int(HTTPStatus.OK)
root = parse_root(response.text)
@ -884,12 +870,12 @@ def test_tu_addvote_unauthorized(
):
cookies = {"AURSID": user.login(Request(), "testPassword")}
with client as request:
response = request.get("/addvote", cookies=cookies, allow_redirects=False)
response = request.get("/addvote", cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/tu"
with client as request:
response = request.post("/addvote", cookies=cookies, allow_redirects=False)
response = request.post("/addvote", cookies=cookies)
assert response.status_code == int(HTTPStatus.SEE_OTHER)
assert response.headers.get("location") == "/tu"