PyInventory/inventory/tests/test_item_images.py

import tempfile
from unittest import mock

from django.http import FileResponse
from django.test import TestCase, override_settings
from django_tools.serve_media_app.models import UserMediaTokenModel
from model_bakery import baker

from inventory.models import ItemImageModel
from inventory.tests.fixtures.users import get_normal_pyinventory_user


@override_settings(SECURE_SSL_REDIRECT=True)
class ItemImagesTestCase(TestCase):
    def test_basics(self):
        with mock.patch('secrets.token_urlsafe', return_value='user1token'):
            pyinventory_user1 = get_normal_pyinventory_user(id=1)

        with mock.patch('secrets.token_urlsafe', return_value='user2token'):
            pyinventory_user2 = get_normal_pyinventory_user(id=2)

        token1_instance = UserMediaTokenModel.objects.get(user=pyinventory_user1)
        assert repr(token1_instance) == (f"<UserMediaTokenModel: user:1 token:'user1token' ({token1_instance.pk})>")
        token2_instance = UserMediaTokenModel.objects.get(user=pyinventory_user2)
        assert repr(token2_instance) == (f"<UserMediaTokenModel: user:2 token:'user2token' ({token2_instance.pk})>")

        with tempfile.TemporaryDirectory() as temp:
            with override_settings(MEDIA_ROOT=temp):
                with mock.patch('secrets.token_urlsafe', return_value='12345678901234567890'):
                    image_instance = baker.make(ItemImageModel, user=pyinventory_user1, _create_files=True)

                assert image_instance.image is not None
                url = image_instance.image.url
                assert url == '/media/user1token/12345678901234567890/mock_img.jpeg'

                # HTTP -> HTTPS redirect:
                response = self.client.get('/media/user1token/12345678901234567890/mock_img.jpeg', secure=False)
                self.assertRedirects(
                    response,
                    status_code=301,
                    expected_url='https://testserver/media/user1token/12345678901234567890/mock_img.jpeg',
                    fetch_redirect_response=False,
                )

                # Anonymous has no access:
                response = self.client.get(
                    '/media/user1token/12345678901234567890/mock_img.jpeg',
                    secure=True,
                )
                assert response.status_code == 403

                # Can't access with wrong user:
                self.client.force_login(pyinventory_user2)
                response = self.client.get(
                    '/media/user1token/12345678901234567890/mock_img.jpeg',
                    secure=True,
                )
                assert response.status_code == 403

                # Can access with the right user:
                self.client.force_login(pyinventory_user1)
                response = self.client.get(
                    '/media/user1token/12345678901234567890/mock_img.jpeg',
                    secure=True,
                )
                assert response.status_code == 200
                assert isinstance(response, FileResponse)
                assert response.getvalue() == image_instance.image.open('rb').read()

                # Test whats happen, if token was deleted
                UserMediaTokenModel.objects.all().delete()
                response = self.client.get(
                    '/media/user1token/12345678901234567890/mock_img.jpeg',
                    secure=True,
                )
                assert response.status_code == 400  # SuspiciousOperation -> HttpResponseBadRequest
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`import tempfile`
			`from unittest import mock`

			`from django.http import FileResponse`
			`from django.test import TestCase, override_settings`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`from django_tools.serve_media_app.models import UserMediaTokenModel`
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`from model_bakery import baker`

			`from inventory.models import ItemImageModel`
			`from inventory.tests.fixtures.users import get_normal_pyinventory_user`


Replace Selenium tests with Playwright 2022-06-20 17:22:58 +00:00			`@override_settings(SECURE_SSL_REDIRECT=True)`
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`class ItemImagesTestCase(TestCase):`
			`def test_basics(self):`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`with mock.patch('secrets.token_urlsafe', return_value='user1token'):`
			`pyinventory_user1 = get_normal_pyinventory_user(id=1)`

			`with mock.patch('secrets.token_urlsafe', return_value='user2token'):`
			`pyinventory_user2 = get_normal_pyinventory_user(id=2)`

			`token1_instance = UserMediaTokenModel.objects.get(user=pyinventory_user1)`
Move source code from /src/ 2023-07-21 05:50:19 +00:00			`assert repr(token1_instance) == (f"<UserMediaTokenModel: user:1 token:'user1token' ({token1_instance.pk})>")`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`token2_instance = UserMediaTokenModel.objects.get(user=pyinventory_user2)`
Move source code from /src/ 2023-07-21 05:50:19 +00:00			`assert repr(token2_instance) == (f"<UserMediaTokenModel: user:2 token:'user2token' ({token2_instance.pk})>")`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00
			`with tempfile.TemporaryDirectory() as temp:`
			`with override_settings(MEDIA_ROOT=temp):`
			`with mock.patch('secrets.token_urlsafe', return_value='12345678901234567890'):`
Move source code from /src/ 2023-07-21 05:50:19 +00:00			`image_instance = baker.make(ItemImageModel, user=pyinventory_user1, _create_files=True)`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`assert image_instance.image is not None`
			`url = image_instance.image.url`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`assert url == '/media/user1token/12345678901234567890/mock_img.jpeg'`
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`# HTTP -> HTTPS redirect:`
Move source code from /src/ 2023-07-21 05:50:19 +00:00			`response = self.client.get('/media/user1token/12345678901234567890/mock_img.jpeg', secure=False)`
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`self.assertRedirects(`
			`response,`
			`status_code=301,`
			`expected_url='https://testserver/media/user1token/12345678901234567890/mock_img.jpeg',`
			`fetch_redirect_response=False,`
			`)`

Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`# Anonymous has no access:`
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`response = self.client.get(`
			`'/media/user1token/12345678901234567890/mock_img.jpeg',`
			`secure=True,`
			`)`
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`assert response.status_code == 403`

Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`# Can't access with wrong user:`
			`self.client.force_login(pyinventory_user2)`
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`response = self.client.get(`
			`'/media/user1token/12345678901234567890/mock_img.jpeg',`
			`secure=True,`
			`)`
Add tests to uploaded user images 2020-11-15 13:31:37 +00:00			`assert response.status_code == 403`

Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`# Can access with the right user:`
			`self.client.force_login(pyinventory_user1)`
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`response = self.client.get(`
			`'/media/user1token/12345678901234567890/mock_img.jpeg',`
			`secure=True,`
			`)`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`assert response.status_code == 200`
			`assert isinstance(response, FileResponse)`
			`assert response.getvalue() == image_instance.image.open('rb').read()`

			`# Test whats happen, if token was deleted`
			`UserMediaTokenModel.objects.all().delete()`
Activate secure settings by default 2021-12-05 15:22:24 +00:00			`response = self.client.get(`
			`'/media/user1token/12345678901234567890/mock_img.jpeg',`
			`secure=True,`
			`)`
Use "serve_media_app" to serve users uploads see: https://github.com/jedie/django-tools/tree/master/django_tools/serve_media_app 2020-12-06 14:01:17 +00:00			`assert response.status_code == 400 # SuspiciousOperation -> HttpResponseBadRequest`