Page MenuHomec4science
Files F73915838

webcomment_regression_tests.py
No OneTemporary
Actions

File Metadata

Created
Thu, Jul 25, 06:21

webcomment_regression_tests.py
View Options

# -*- coding: utf-8 -*-
##
## This file is part of Invenio.
## Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 CERN.
##
## Invenio is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## Invenio is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with Invenio; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
"""WebComment Regression Test Suite."""
__revision__ = "$Id$"
import unittest
import shutil
from mechanize import Browser, LinkNotFoundError, HTTPError
from invenio.config import \
CFG_SITE_URL, \
CFG_WEBDIR, \
CFG_TMPDIR
from invenio.testutils import make_test_suite, run_test_suite, \
test_web_page_content, merge_error_messages
from invenio.dbquery import run_sql
from invenio.webcomment import query_add_comment_or_remark
from invenio.webcommentadminlib import query_delete_comment_auth
def prepare_attachments():
"""
We copy necessary files to temporary directory. Every time we will
attach files to a comment, these files get moved, so this function
must be called again.
"""
shutil.copy(CFG_WEBDIR + '/img/journal_water_dog.gif', CFG_TMPDIR)
shutil.copy(CFG_WEBDIR + '/img/invenio.css', CFG_TMPDIR)
class WebCommentWebPagesAvailabilityTest(unittest.TestCase):
"""Check WebComment web pages whether they are up or not."""
def test_your_baskets_pages_availability(self):
"""webcomment - availability of comments pages"""
baseurl = CFG_SITE_URL + '/record/10/comments/'
_exports = ['', 'display', 'add', 'vote', 'report']
error_messages = []
for url in [baseurl + page for page in _exports]:
error_messages.extend(test_web_page_content(url))
if error_messages:
self.fail(merge_error_messages(error_messages))
return
def test_webcomment_admin_interface_availability(self):
"""webcomment - availability of WebComment Admin interface pages"""
baseurl = CFG_SITE_URL + '/admin/webcomment/webcommentadmin.py/'
_exports = ['', 'comments', 'delete', 'users']
error_messages = []
for url in [baseurl + page for page in _exports]:
# first try as guest:
error_messages.extend(test_web_page_content(url,
username='guest',
expected_text=
'Authorization failure'))
# then try as admin:
error_messages.extend(test_web_page_content(url,
username='admin'))
if error_messages:
self.fail(merge_error_messages(error_messages))
return
def test_webcomment_admin_guide_availability(self):
"""webcomment - availability of WebComment Admin Guide"""
self.assertEqual([],
test_web_page_content(CFG_SITE_URL + '/help/admin/webcomment-admin-guide',
expected_text="WebComment Admin Guide"))
return
def test_webcomment_mini_review_availability(self):
"""webcomment - availability of mini-review panel on detailed record page"""
url = CFG_SITE_URL + '/record/12'
error_messages = test_web_page_content(url,
expected_text="(Not yet reviewed)")
class WebCommentRestrictionsTest(unittest.TestCase):
"""Check WebComment restrictions"""
def setUp(self):
"""Insert some comments in some records"""
# Comments have access restrictions when:
# - the comment is in a restricted collection ('viewrestrcoll' action)
# - the comment is in a restricted discussion page ('viewcomment' action)
# - the comment itself is restricted ('viewrestrcomment'
# action), either because of the markup of the record, or
# because it is a reply to a restricted comment.
self.public_record = 5
self.public_record_restr_comment = 6
self.restr_record = 42
self.restr_record_restr_comment = 41
self.restricted_discussion = 76
self.romeo_uid = 5
self.jekyll_uid = 2
self.attached_files = {'file1': CFG_TMPDIR + '/journal_water_dog.gif',
'file2': CFG_TMPDIR + '/invenio.css'}
# Load content of texual file2
prepare_attachments()
fp = file(self.attached_files['file2'])
self.attached_file2_content = fp.read()
fp.close()
# Insert a public comment in a public record (public collection)
self.msg1 = "A test comment 1"
self.public_comid = query_add_comment_or_remark(reviews=0, recID=self.public_record,
uid=self.romeo_uid, msg=self.msg1,
editor_type='textarea',
attached_files=self.attached_files)
# Insert a public comment in a restricted record (restricted collection)
self.msg2 = "A test comment 2"
prepare_attachments()
self.restr_comid_1 = \
query_add_comment_or_remark(reviews=0, recID=self.restr_record,
uid=self.jekyll_uid, msg=self.msg2,
editor_type='textarea',
attached_files=self.attached_files)
# Insert a restricted comment in a public collection
self.msg3 = "A test comment 3"
prepare_attachments()
self.restr_comid_2 = \
query_add_comment_or_remark(reviews=0, recID=self.public_record_restr_comment,
uid=self.jekyll_uid, msg=self.msg3,
editor_type='textarea',
attached_files=self.attached_files)
# Insert a restricted comment, in a restricted collection
self.msg5 = "A test comment 5"
prepare_attachments()
self.restr_comid_4 = \
query_add_comment_or_remark(reviews=0, recID=self.restr_record_restr_comment,
uid=self.romeo_uid, msg=self.msg5,
editor_type='textarea',
attached_files=self.attached_files)
# Insert a public comment in a restricted discussion
self.msg6 = "A test comment 6"
prepare_attachments()
self.restr_comid_5 = \
query_add_comment_or_remark(reviews=0, recID=self.restricted_discussion,
uid=self.romeo_uid, msg=self.msg6,
editor_type='textarea',
attached_files=self.attached_files)
self.restr_comid_3 = None
# Insert a public, deleted comment in a public record (public collection)
self.msg7 = "A test comment 7"
prepare_attachments()
self.deleted_comid = query_add_comment_or_remark(reviews=0, recID=self.public_record,
uid=self.romeo_uid, msg=self.msg7,
editor_type='textarea',
attached_files=self.attached_files)
query_delete_comment_auth(self.deleted_comid)
def tearDown(self):
"""Remove inserted comments"""
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.public_comid,))
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.restr_comid_1,))
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.restr_comid_2,))
if self.restr_comid_3:
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.restr_comid_3,))
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.restr_comid_4,))
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.restr_comid_5,))
run_sql("""DELETE FROM cmtRECORDCOMMENT WHERE id=%s""", (self.deleted_comid,))
pass
def test_access_public_record_public_discussion_public_comment(self):
"""webcomment - accessing "public" comment in a "public" discussion of a restricted record"""
# Guest user should not be able to access it
self.assertNotEqual([],
test_web_page_content("%s/record/%i/comments/" % (CFG_SITE_URL, self.restr_record),
expected_text=self.msg2))
# Accessing a non existing file for a restricted comment should also ask to login
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/not_existing_file" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1),
expected_text='You can use your nickname or your email address to login'))
# Check accessing file of a restricted comment
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1),
expected_text='You can use your nickname or your email address to login'))
def test_access_restricted_record_public_discussion_public_comment(self):
"""webcomment - accessing "public" comment in a "public" discussion of a restricted record"""
# Guest user should not be able to access it
self.assertNotEqual([],
test_web_page_content("%s/record/%i/comments/" % (CFG_SITE_URL, self.restr_record),
expected_text=self.msg2))
# Accessing a non existing file for a restricted comment should also ask to login
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/not_existing_file" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1),
expected_text='You can use your nickname or your email address to login'))
# Check accessing file of a restricted comment
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1),
expected_text='You can use your nickname or your email address to login'))
# Juliet should not be able to access the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/record/%i/comments/" % (CFG_SITE_URL, self.restr_record))
response = br.response().read()
if not self.msg2 in response:
pass
else:
self.fail("Oops, this user should not have access to this comment")
# Juliet should not be able to access the attached files
br.open("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1))
response = br.response().read()
if "You are not authorized" in response:
pass
else:
self.fail("Oops, this user should not have access to this comment attachment")
# Jekyll should be able to access the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/record/%i/comments/" % (CFG_SITE_URL, self.restr_record))
response = br.response().read()
if not self.msg2 in response:
self.fail("Oops, this user should have access to this comment")
# Jekyll should be able to access the attached files
br.open("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restr_record, self.restr_comid_1))
response = br.response().read()
self.assertEqual(self.attached_file2_content, response)
def test_access_public_record_restricted_discussion_public_comment(self):
"""webcomment - accessing "public" comment in a restricted discussion of a public record"""
# Guest user should not be able to access it
self.assertNotEqual([],
test_web_page_content("%s/record/%i/comments/" % (CFG_SITE_URL, self.restricted_discussion),
expected_text=self.msg2))
# Accessing a non existing file for a restricted comment should also ask to login
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/not_existing_file" % \
(CFG_SITE_URL, self.restricted_discussion, self.restr_comid_5),
expected_text='You can use your nickname or your email address to login'))
# Check accessing file of a restricted comment
self.assertEqual([],
test_web_page_content("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restricted_discussion, self.restr_comid_5),
expected_text='You can use your nickname or your email address to login'))
# Juliet should not be able to access the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/record/%i/comments/" % (CFG_SITE_URL, self.restricted_discussion))
response = br.response().read()
if not self.msg6 in response:
pass
else:
self.fail("Oops, this user should not have access to this comment")
# Juliet should not be able to access the attached files
br.open("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restricted_discussion, self.restr_comid_5))
response = br.response().read()
if "You are not authorized" in response:
pass
else:
self.fail("Oops, this user should not have access to this comment attachment")
# Romeo should be able to access the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'romeo'
br['p_pw'] = 'r123omeo'
br.submit()
br.open("%s/record/%i/comments/" % (CFG_SITE_URL, self.restricted_discussion))
response = br.response().read()
if not self.msg6 in response:
self.fail("Oops, this user should have access to this comment")
# Romeo should be able to access the attached files
br.open("%s/record/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, self.restricted_discussion, self.restr_comid_5))
response = br.response().read()
self.assertEqual(self.attached_file2_content, response)
def test_comment_replies_inherit_restrictions(self):
"""webcomment - a reply to a comment inherits restrictions"""
# In this test we reply to a restricted comment, and check if
# the restriction is inherited. However, in order to make sure
# that the comment restriction is inherited, and not the
# record restriction, we temporary change the restriction of
# the parent.
self.public_record_restr_comment
original_restriction = run_sql("SELECT restriction FROM cmtRECORDCOMMENT WHERE id=%s",
(self.restr_comid_2,))[0][0]
restriction_to_inherit = 'juliet_only'
run_sql("UPDATE cmtRECORDCOMMENT SET restriction=%s WHERE id=%s",
(restriction_to_inherit, self.restr_comid_2))
# Reply to a restricted comment
self.msg4 = "A test comment 4"
prepare_attachments()
self.restr_comid_3 = \
query_add_comment_or_remark(reviews=0, recID=self.public_record_restr_comment,
uid=self.jekyll_uid, msg=self.msg4,
editor_type='textarea',
attached_files=self.attached_files,
reply_to=self.restr_comid_2)
inherited_restriction = run_sql("SELECT restriction FROM cmtRECORDCOMMENT WHERE id=%s",
(self.restr_comid_3,))[0][0]
self.assertEqual(restriction_to_inherit, inherited_restriction)
# Restore original restriction
run_sql("UPDATE cmtRECORDCOMMENT SET restriction=%s WHERE id=%s",
(original_restriction, self.restr_comid_2))
def test_comment_reply_with_wrong_record(self):
"""webcomment - replying to comment using mismatching recid"""
# Juliet should not be able to reply to the comment, even through a public record
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/add?action=REPLY&comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not self.msg2 in response and \
"Authorization failure" in response:
pass
else:
self.fail("Oops, users should not be able to reply to comment using mismatching recid")
# Jekyll should also not be able to reply the comment using the wrong recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/add?action=REPLY&comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not self.msg2 in response and \
"Authorization failure" in response:
pass
else:
self.fail("Oops, users should not be able to reply to comment using mismatching recid")
def test_comment_access_attachment_with_wrong_record(self):
"""webcomment - accessing attachments using mismatching recid"""
# Juliet should not be able to access these files, especially with wrong recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
try:
br.open("%s/%s/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
except HTTPError:
pass
else:
self.fail("Oops, users should not be able to access comment attachment using mismatching recid")
# Jekyll should also not be able to access these files when using wrong recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
try:
br.open("%s/%s/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
response = br.response().read()
except HTTPError:
pass
else:
self.fail("Oops, users should not be able to access comment attachment using mismatching recid")
def test_comment_reply_to_deleted_comment(self):
"""webcomment - replying to a deleted comment"""
# Juliet should not be able to reply to the deleted comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/add?action=REPLY&comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if not self.msg7 in response:
# There should be no authorization failure, in case the
# comment was deleted in between. We'll simply go on but
# the orginal comment will not be included
pass
else:
self.fail("Oops, users should not be able to reply to a deleted comment")
# Jekyll should also not be able to reply the deleted comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/add?action=REPLY&comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if not self.msg7 in response:
# There should be no authorization failure, in case the
# comment was deleted in between. We'll simply go on but
# the orginal comment will not be included
pass
else:
self.fail("Oops, users should not be able to reply to a deleted comment")
def test_comment_access_files_deleted_comment(self):
"""webcomment - access files of a deleted comment"""
# Juliet should not be able to access the files
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if "You cannot access files of a deleted comment" in response:
pass
else:
self.fail("Oops, users should not have access to this deleted comment attachment")
# Jekyll should also not be able to access the files
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/attachments/get/%i/file2" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if "Authorization failure" in response:
pass
else:
self.fail("Oops, users should not have access to this deleted comment attachment")
def test_comment_report_deleted_comment(self):
"""webcomment - report a deleted comment"""
# Juliet should not be able to report a the deleted comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, users should not be able to report a deleted comment")
def test_comment_vote_deleted_comment(self):
"""webcomment - report a deleted comment"""
# Juliet should not be able to vote for a the deleted comment/review
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.deleted_comid))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, users should not be able to vote for a deleted comment")
def test_comment_report_with_wrong_record(self):
"""webcomment - report a comment using mismatching recid"""
# Juliet should not be able to report a comment she cannot access, even through public recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, users should not be able to report using mismatching recid")
# Jekyll should also not be able to report the comment using the wrong recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, users should not be able to report using mismatching recid")
def test_comment_vote_with_wrong_record(self):
"""webcomment - vote for a comment using mismatching recid"""
# Juliet should not be able to vote for a comment she cannot access, especially through public recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report a deleted comment")
# Jekyll should also not be able to vote for the comment using the wrong recid
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, users should not be able to report using mismatching recid")
def test_report_restricted_record_public_discussion_public_comment(self):
"""webcomment - report a comment restricted by 'viewrestrcoll'"""
# Juliet should not be able to report the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.restr_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_report_public_record_restricted_discussion_public_comment(self):
"""webcomment - report a comment restricted by 'viewcomment'"""
# Juliet should not be able to report the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.restricted_discussion, self.restr_comid_5))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_report_public_record_public_discussion_restricted_comment(self):
"""webcomment - report a comment restricted by 'viewrestrcomment'"""
# Juliet should not be able to report the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/report?comid=%s&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record_restr_comment, self.restr_comid_2))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_vote_restricted_record_public_discussion_public_comment(self):
"""webcomment - vote for a comment restricted by 'viewrestrcoll'"""
# Juliet should not be able to vote for the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.restr_record, self.restr_comid_1))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_vote_public_record_restricted_discussion_public_comment(self):
"""webcomment - vote for a comment restricted by 'viewcomment'"""
# Juliet should not be able to vote for the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.restricted_discussion, self.restr_comid_5))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_vote_public_record_public_discussion_restricted_comment(self):
"""webcomment - vote for a comment restricted by 'viewrestrcomment'"""
# Juliet should not be able to vote for the comment
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/vote?comid=%s&com_value=1&ln=en" % \
(CFG_SITE_URL, 'record', self.public_record_restr_comment, self.restr_comid_2))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to report this comment")
def test_comment_subscribe_restricted_record_public_discussion(self):
"""webcomment - subscribe to a discussion restricted with 'viewrestrcoll'"""
# Juliet should not be able to subscribe to the discussion
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/subscribe?ln=en" % \
(CFG_SITE_URL, 'record', self.restr_record))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to subscribe to this discussion")
# Jekyll should be able to subscribe
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'jekyll'
br['p_pw'] = 'j123ekyll'
br.submit()
br.open("%s/%s/%i/comments/subscribe?ln=en" % \
(CFG_SITE_URL, 'record', self.restr_record))
response = br.response().read()
if not "You have been subscribed" in response or \
"Authorization failure" in response:
self.fail("Oops, this user should be able to subscribe to this discussion")
def test_comment_subscribe_public_record_restricted_discussion(self):
"""webcomment - subscribe to a discussion restricted with 'viewcomment'"""
# Juliet should not be able to subscribe to the discussion
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'juliet'
br['p_pw'] = 'j123uliet'
br.submit()
br.open("%s/%s/%i/comments/subscribe?ln=en" % \
(CFG_SITE_URL, 'record', self.restricted_discussion))
response = br.response().read()
if not "Authorization failure" in response:
self.fail("Oops, this user should not be able to subscribe to this discussion")
# Romeo should be able to subscribe
br = Browser()
br.open(CFG_SITE_URL + '/youraccount/login')
br.select_form(nr=0)
br['p_un'] = 'romeo'
br['p_pw'] = 'r123omeo'
br.submit()
br.open("%s/%s/%i/comments/subscribe?ln=en" % \
(CFG_SITE_URL, 'record', self.restricted_discussion))
response = br.response().read()
if not "You have been subscribed" in response or \
"Authorization failure" in response:
print response
self.fail("Oops, this user should be able to subscribe to this discussion")
TEST_SUITE = make_test_suite(WebCommentWebPagesAvailabilityTest,
WebCommentRestrictionsTest)
if __name__ == "__main__":
run_test_suite(TEST_SUITE, warn_user=True)

Event Timeline

c4science · Help