diff options
Diffstat (limited to 'budget/tests/tests.py')
| -rw-r--r-- | budget/tests/tests.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/budget/tests/tests.py b/budget/tests/tests.py index e18e9c3..a1cedfa 100644 --- a/budget/tests/tests.py +++ b/budget/tests/tests.py @@ -44,6 +44,8 @@ class TestCase(unittest.TestCase): # clean after testing models.db.session.remove() models.db.drop_all() + # reconfigure app with default settings + run.configure() def login(self, project, password=None, test_client=None): password = password or project @@ -373,6 +375,25 @@ class BudgetTestCase(TestCase): c.get("/exit") self.assertNotIn('raclette', session) + def test_admin_authentication(self): + run.app.config['ADMIN_PASSWORD'] = "pass" + + # test the redirection to the authentication page when trying to access admin endpoints + resp = self.app.get("/create") + self.assertIn('<a href="/admin?goto=%2Fcreate">', resp.data.decode('utf-8')) + + # test right password + resp = self.app.post("/admin?goto=%2Fcreate", data={'admin_password': 'pass'}) + self.assertIn('<a href="/create">/create</a>', resp.data.decode('utf-8')) + + # test wrong password + resp = self.app.post("/admin?goto=%2Fcreate", data={'admin_password': 'wrong'}) + self.assertNotIn('<a href="/create">/create</a>', resp.data.decode('utf-8')) + + # test empty password + resp = self.app.post("/admin?goto=%2Fcreate", data={'admin_password': ''}) + self.assertNotIn('<a href="/create">/create</a>', resp.data.decode('utf-8')) + def test_manage_bills(self): self.post_project("raclette") |