From a12123ca016b7aa3d31b19749731b88c6d2d6988 Mon Sep 17 00:00:00 2001
From: FatherInire <105288522+FatherInire@users.noreply.github.com>
Date: Fri, 13 May 2022 17:55:29 +1000
Subject: [PATCH] Initial e2e testing

Authored by @FatherInire
---
 .gitignore                |  3 ++-
 docker-compose.yml        |  1 +
 files/__init__.py         |  0
 files/__main__.py         |  3 ++-
 files/helpers/const.py    |  2 +-
 files/helpers/sanitize.py |  1 -
 files/tests/__init__.py   |  0
 files/tests/test_e2e.py   | 42 +++++++++++++++++++++++++++++++++++++++
 readme.md                 |  6 ++++++
 requirements.txt          |  1 +
 10 files changed, 55 insertions(+), 4 deletions(-)
 create mode 100644 files/__init__.py
 create mode 100644 files/tests/__init__.py
 create mode 100644 files/tests/test_e2e.py

diff --git a/.gitignore b/.gitignore
index 62ed1d6db..f1e27c0c8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,4 +10,5 @@ venv/
 .sass-cache/
 flask_session/
 .DS_Store
-site_settings.json
\ No newline at end of file
+site_settings.json
+.venv
diff --git a/docker-compose.yml b/docker-compose.yml
index 9a846bb87..71f648a4d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,6 +2,7 @@ version: '2.3'
 
 services:
   files:
+    container_name: "themotte"
     build:
       context: .
     volumes:
diff --git a/files/__init__.py b/files/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/files/__main__.py b/files/__main__.py
index 27abf0b9a..8dbfe52c9 100644
--- a/files/__main__.py
+++ b/files/__main__.py
@@ -24,6 +24,7 @@ app.jinja_env.cache = {}
 app.jinja_env.auto_reload = True
 faulthandler.enable()
 
+
 app.config["SITE_NAME"]=environ.get("SITE_NAME").strip()
 app.config["GUMROAD_LINK"]=environ.get("GUMROAD_LINK", "https://marsey1.gumroad.com/l/tfcvri").strip()
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
@@ -34,7 +35,7 @@ app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 3153600
 app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()
 app.config["VERSION"] = "1.0.0"
 app.config['MAX_CONTENT_LENGTH'] = 16 * 1024 * 1024
-app.config["SESSION_COOKIE_SECURE"] = True
+app.config["SESSION_COOKIE_SECURE"] = "localhost" not in environ.get("DOMAIN")
 app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
 app.config["PERMANENT_SESSION_LIFETIME"] = 60 * 60 * 24 * 365
 app.config["DEFAULT_COLOR"] = environ.get("DEFAULT_COLOR", "ff0000").strip()
diff --git a/files/helpers/const.py b/files/helpers/const.py
index 45823547f..a388e7bad 100644
--- a/files/helpers/const.py
+++ b/files/helpers/const.py
@@ -9,7 +9,7 @@ from flask import request
 
 SITE = environ.get("DOMAIN", '').strip()
 SITE_NAME = environ.get("SITE_NAME", '').strip()
-if SITE == "localhost": SITE_FULL = 'http://' + SITE
+if "localhost" in SITE: SITE_FULL = 'http://' + SITE
 else: SITE_FULL = 'https://' + SITE
 
 
diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py
index 2fb407ff4..8cddf914d 100644
--- a/files/helpers/sanitize.py
+++ b/files/helpers/sanitize.py
@@ -291,7 +291,6 @@ def sanitize(sanitized, alert=False, comment=False, edit=False):
 
 	if bans: abort(403, description=f"Remove the banned domains {bans} and try again!")
 
-
 	signal.alarm(0)
 
 	return sanitized
diff --git a/files/tests/__init__.py b/files/tests/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/files/tests/test_e2e.py b/files/tests/test_e2e.py
new file mode 100644
index 000000000..d78bb4225
--- /dev/null
+++ b/files/tests/test_e2e.py
@@ -0,0 +1,42 @@
+from bs4 import BeautifulSoup
+from time import time, sleep
+from files.__main__ import app
+
+# these tests require `docker-compose up` first
+
+def test_rules():
+	response = app.test_client().get("/rules")
+	assert response.status_code == 200
+	assert response.text.startswith("<!DOCTYPE html>")
+
+
+def test_signup():
+	client = app.test_client()
+	with client: # this keeps the session between requests, which we need
+		signup_get_response = client.get("/signup")
+		assert signup_get_response.status_code == 200
+		soup = BeautifulSoup(signup_get_response.text, 'html.parser')
+		# these hidden input values seem to be used for anti-bot purposes and need to be submitted
+		formkey = next(tag for tag in soup.find_all("input") if tag.get("name") == "formkey").get("value")
+		form_timestamp = next(tag for tag in soup.find_all("input") if tag.get("name") == "now").get("value")
+
+		sleep(5) # too-fast submissions are rejected (bot check?)
+		username = "testuser" + str(round(time()))
+		signup_post_response = client.post("/signup", data={
+			"username": username,
+			"password": "password",
+			"password_confirm": "password",
+			"email": "",
+			"formkey": formkey,
+			"now": form_timestamp
+		})
+		print(f"Signing up as {username}")
+		assert signup_post_response.status_code == 302
+		assert "error" not in signup_post_response.location
+
+		# we should now be logged in and able to post
+
+
+
+
+
diff --git a/readme.md b/readme.md
index 08585a178..bcc9733c9 100644
--- a/readme.md
+++ b/readme.md
@@ -21,3 +21,9 @@ docker-compose up
 4 - That's it! Visit `localhost` in your browser.
 
 5 - Optional: to change the domain from "localhost" to something else and configure the site settings, as well as integrate it with the external services the website uses, please edit the variables in the `env` file and then restart the docker container.
+
+# Run the E2E tests:
+
+(after `docker-compose up`)
+`docker exec themotte bash -c "cd service && python3 -m pytest -s"`
+
diff --git a/requirements.txt b/requirements.txt
index bf19a09f5..7f1319eff 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -26,3 +26,4 @@ pyenchant
 youtube-dl
 yattag
 webptools
+pytest