2024-03-13 02:13:42 +00:00
|
|
|
import datetime
|
|
|
|
|
2024-03-13 03:45:36 +00:00
|
|
|
from django.conf import settings
|
2024-03-13 02:13:42 +00:00
|
|
|
from django.http import Http404
|
2024-03-13 03:26:01 +00:00
|
|
|
import pytest
|
2024-05-10 01:39:41 +00:00
|
|
|
from pytest_django.asserts import assertContains
|
2024-03-13 02:13:42 +00:00
|
|
|
|
|
|
|
from . import views
|
|
|
|
from conservancy.fundgoal.models import FundraisingGoal
|
|
|
|
|
|
|
|
|
2024-03-13 03:26:01 +00:00
|
|
|
def create_fundraising_goal():
|
|
|
|
FundraisingGoal.objects.create(
|
|
|
|
fundraiser_code_name='cy2023-end-year-match',
|
|
|
|
fundraiser_goal_amount=0,
|
|
|
|
fundraiser_so_far_amount=0,
|
|
|
|
fundraiser_donation_count=0,
|
|
|
|
fundraiser_donation_count_disclose_threshold=0,
|
|
|
|
fundraiser_endtime=datetime.datetime(2000, 1, 1)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.django_db
|
|
|
|
def test_about_page_served(rf):
|
|
|
|
create_fundraising_goal()
|
|
|
|
request = rf.get('/about/')
|
2024-05-10 01:39:41 +00:00
|
|
|
response = views.content(request)
|
2024-03-13 03:26:01 +00:00
|
|
|
assertContains(response, 'Conservancy is a nonprofit organization')
|
|
|
|
|
|
|
|
|
|
|
|
def test_annual_report_file_served(rf):
|
2024-05-10 01:39:41 +00:00
|
|
|
request = rf.get('/projects/apply/ConservancyFSATemplate.pdf')
|
|
|
|
response = views.content(request)
|
2024-03-13 03:26:01 +00:00
|
|
|
assert response.headers['Content-Type'] == 'application/pdf'
|
|
|
|
|
|
|
|
|
|
|
|
def test_path_traversal_404s(rf):
|
2024-03-20 05:23:36 +00:00
|
|
|
# Will work in development only
|
2024-05-10 01:39:41 +00:00
|
|
|
assert (settings.BASE_DIR / 'content' / 'about/../../../conservancy-website.sqlite3').exists()
|
2024-03-20 05:23:36 +00:00
|
|
|
request = rf.get('/about/../../../conservancy-website.sqlite3')
|
2024-03-13 03:26:01 +00:00
|
|
|
with pytest.raises(Http404):
|
2024-05-10 01:39:41 +00:00
|
|
|
views.content(request)
|