| |
@@ -1,10 +1,10 @@
|
| |
import json
|
| |
- import flask
|
| |
|
| |
from mock import call, Mock, patch
|
| |
from .utils import TestCase
|
| |
from .. import APP
|
| |
|
| |
+ PLUS_PLUS_TOKEN = APP.config['PLUS_PLUS_TOKEN']
|
| |
|
| |
class ViewTestCase(TestCase):
|
| |
|
| |
@@ -26,7 +26,7 @@
|
| |
increments=3,
|
| |
decrements=4,
|
| |
total=5,
|
| |
- )
|
| |
+ )
|
| |
self.karma_manager.stats.return_value = dummy_values
|
| |
response = self.client.get('/user/target')
|
| |
self.assertEqual(response.status_code, 200)
|
| |
@@ -39,13 +39,38 @@
|
| |
def test_post(self):
|
| |
self.karma_manager.change.return_value = 1
|
| |
self.karma_manager.stats.return_value = {}
|
| |
+ headers = {'Authorization': 'token {}'.format(PLUS_PLUS_TOKEN)}
|
| |
with APP.app_context():
|
| |
- flask.g.fas_user = "source"
|
| |
- response = self.client.post('/user/target', data={})
|
| |
+ response = self.client.post('/user/target',
|
| |
+ data=dict(sender='source'),
|
| |
+ headers=headers)
|
| |
self.assertEqual(response.status_code, 200)
|
| |
self.assertEqual(self.karma_manager.change.call_count, 1)
|
| |
self.assertEqual(
|
| |
self.karma_manager.change.call_args,
|
| |
- call("source", "target", False))
|
| |
+ call("source", "target", True))
|
| |
result = json.loads(response.data.decode('ascii'))
|
| |
self.assertEqual(result, dict(username="target"))
|
| |
+
|
| |
+ def test_return_403_when_sender_and_username_are_same(self):
|
| |
+ headers = {'Authorization': 'token {}'.format(PLUS_PLUS_TOKEN)}
|
| |
+ with APP.app_context():
|
| |
+ response = self.client.post('/user/target',
|
| |
+ data=dict(sender='target'),
|
| |
+ headers=headers)
|
| |
+ self.assertEqual(response.status_code, 403)
|
| |
+
|
| |
+ def test_return_401_when_not_auth_header(self):
|
| |
+ self.karma_manager.change.return_value = 1
|
| |
+ self.karma_manager.stats.return_value = {}
|
| |
+ with APP.app_context():
|
| |
+ response = self.client.post('/user/target',
|
| |
+ data=dict(sender='source'))
|
| |
+ self.assertEqual(response.status_code, 401)
|
| |
+
|
| |
+ def test_return_400_when_no_sender(self):
|
| |
+ headers = {'Authorization': 'token {}'.format(PLUS_PLUS_TOKEN)}
|
| |
+ with APP.app_context():
|
| |
+ response = self.client.post('/user/notarealfasuser',
|
| |
+ headers=headers)
|
| |
+ self.assertEqual(response.status_code, 400)
|
| |