from pydoc import cli from urllib import response from Website import create_app import json import pdb import Website from Website.db import get_db from .test_conf import client, app def test_config(): assert not create_app()["app"].testing assert create_app({'TESTING': True})["app"].testing #basic tests def test_favicon(client): response = client.get("/favicon.ico") assert response.status_code == 200 def test_index(client): response = client.get("/") assert 'window.location="/list"' in response.data.decode('utf-8') #/adduser def test_adduser(client): response = client.post('/adduser/user', data={}) assert "418" in response.data.decode('utf-8') def test_adduser_new(app, client): with app.app_context(): db = get_db() assert db is get_db() response = client.post('/adduser/user', data={user_name:"test"}) c = db.cursor() c.execute("SELECT * FROM users WHERE username = ?", ["test"]) data = c.fetchone() assert "tag was sucsesfully added" in response.data.decode('utf-8') assert data[0] == 1 assert data[1] == "test" assert data[2] == 0 def test_adduser_allreadyexists(client): response = client.post('/adduser/user', data={username:"test"}) assert "Error: 757" in response.data.decode('utf-8') #/addtag def test_addtag(client): response = client.get('/addtag') assert response.data.decode('utf-8') == "Error: 095" def test_addtag_userid_nan(client): response = client.post('/addtag', data={id:1}) assert response.data.decode('utf-8') == "Error: 095" def test_add_tag_direktli(app): with app.app_context(): db = get_db() assert db is get_db() c = db.cursor() c.execute("INSERT INTO tags (tagid, userid) VALUES (12345678, 1)") c.execute("INSERT INTO tags (tagid, userid) VALUES (23456789, 1)") db.commit() c.execute("SELECT * FROM tags WHERE tagid = 12345678") data_1 = c.fetchone() c.execute("SELECT * FROM tags WHERE tagid = 23456789") data_2 = c.fetchone() assert data_1[0] == 12345678 assert data_1[1] == 1 assert data_2[0] == 23456789 assert data_2[1] == 1 #/api def test_api_change(client): response = client.get('/api/change') assert json.loads(response.data.decode('utf-8')) == {"mode":"error", "error":"043"} def test_api_change_wrong_user(client): response = client.get('/api/change?id=2') assert json.loads(response.data.decode('utf-8')) == {"mode":"error", "error":"043"} def test_api_change_nan(client): response = client.get('/api/change?id=1&?change=test') assert json.loads(response.data.decode('utf-8')) == {"mode":"balance", "username":"test", "balance":-1} def test_api_change_none(client): response = client.get('/api/change?id=1') assert json.loads(response.data.decode('utf-8')) == {"mode":"balance", "username":"test", "balance":-2} def test_api_change_right_positiv(app, client): response = client.get('/api/change?id=1&change=7') with app.app_context(): db = get_db() assert db is get_db() c = db.cursor() c.execute("SELECT * FROM users WHERE username = ?", ["test"]) data = c.fetchone() assert json.loads(response.data.decode('utf-8')) == {"mode":"balance", "username":"test", "balance":5} assert data[0] == 1 assert data[1] == "test" assert data[2] == 5 def test_api_change_right_negativ(app, client): response = client.get('/api/change?id=1&change=-5') with app.app_context(): db = get_db() assert db is get_db() c = db.cursor() c.execute("SELECT * FROM users WHERE username = ?", ["test"]) data = c.fetchone() assert json.loads(response.data.decode('utf-8')) == {"mode":"balance", "username":"test", "balance":0} assert data[0] == 1 assert data[1] == "test" assert data[2] == 0 def test_api_tagid(app, client): response = client.get("/api/tag_id") assert json.loads(response.data.decode('utf-8')) == {'error': '054', 'mode': 'error'} def test_api_tagid_NaN(app, client): response = client.get("/api/tag_id?id=test") assert json.loads(response.data.decode('utf-8')) == {'error': '054', 'mode': 'error'} def test_api_tagid_wrong_id(app, client): response = client.get("/api/tag_id?id=1234") assert json.loads(response.data.decode('utf-8')) == {'error': '054', 'mode': 'error'} def test_api_tagid_right_firsttag(app, client): response = client.get("/api/tag_id?id=12345678") with app.app_context(): db = get_db() assert db is get_db() c = db.cursor() c.execute("SELECT * FROM users WHERE id = 1") data = c.fetchone() assert data[0] == 1 assert data[1] == "test" assert data[2] == -1 assert json.loads(response.data.decode('utf-8')) == {'balance': -1, 'mode': 'balance', 'username': 'test'} def test_api_tagid_right_seconttag(app, client): response = client.get("/api/tag_id?id=23456789") with app.app_context(): db = get_db() assert db is get_db() c = db.cursor() c.execute("SELECT * FROM users WHERE id = 1") data = c.fetchone() assert data[0] == 1 assert data[1] == "test" assert data[2] == -2 assert json.loads(response.data.decode('utf-8')) == {'balance': -2, 'mode': 'balance', 'username': 'test'} #db def test_sqlinjektion_adduser(app, client): injektion_list = ['"', "'--"] count = 2 for i in injektion_list: with app.app_context(): db = get_db() assert db is get_db() response = client.get('/adduser/user?username={i}') c = db.cursor() c.execute("SELECT * FROM users WHERE username = ?", [i]) data = c.fetchone() assert data[0] == count assert data[1] == i assert data[2] == 0 assert "tag was sucsesfully added" in response.data.decode('utf-8') count += 1