Coverage for tests/store/tests_report.py: 100%

45 statements  

« prev     ^ index     » next       coverage.py v7.14.1, created at 2026-06-15 22:43 +0000

1import responses 

2from flask_testing import TestCase 

3 

4from webapp.app import create_app 

5 

6 

7class ReportSnapTest(TestCase): 

8 def create_app(self): 

9 app = create_app(testing=True) 

10 app.secret_key = "secret_key" 

11 app.config["WTF_CSRF_METHODS"] = [] 

12 app.config["REPORT_SHEET_URL"] = "https://example.com/report" 

13 app.config["TURNSTILE_VERIFY_URL"] = "https://example.com/turnstile" 

14 app.config["TURNSTILE_SECRET_KEY"] = "" 

15 return app 

16 

17 @responses.activate 

18 def test_report_without_turnstile_secret(self): 

19 responses.add( 

20 responses.Response( 

21 method="POST", 

22 url=self.app.config["REPORT_SHEET_URL"], 

23 status=200, 

24 ) 

25 ) 

26 

27 response = self.client.post( 

28 "/report", 

29 data={ 

30 "snap_name": "test-snap", 

31 "reason": "Snap Store terms of service violation", 

32 "comment": "A test report", 

33 }, 

34 ) 

35 

36 assert response.status_code == 200 

37 assert response.get_json() == {"ok": True} 

38 assert len(responses.calls) == 1 

39 assert ( 

40 responses.calls[0].request.url 

41 == self.app.config["REPORT_SHEET_URL"] 

42 ) 

43 

44 def test_report_rejects_missing_turnstile_token(self): 

45 self.app.config["TURNSTILE_SECRET_KEY"] = "test-secret" 

46 

47 response = self.client.post( 

48 "/report", 

49 data={ 

50 "snap_name": "test-snap", 

51 "reason": "Snap Store terms of service violation", 

52 "comment": "A test report", 

53 }, 

54 ) 

55 

56 assert response.status_code == 400 

57 assert response.get_json() == {"error": "turnstile_failed"} 

58 

59 @responses.activate 

60 def test_report_rejects_invalid_turnstile_token(self): 

61 self.app.config["TURNSTILE_SECRET_KEY"] = "test-secret" 

62 responses.add( 

63 responses.Response( 

64 method="POST", 

65 url=self.app.config["TURNSTILE_VERIFY_URL"], 

66 json={ 

67 "success": False, 

68 "error-codes": ["invalid-input-response"], 

69 }, 

70 status=200, 

71 ) 

72 ) 

73 

74 response = self.client.post( 

75 "/report", 

76 data={ 

77 "snap_name": "test-snap", 

78 "reason": "Snap Store terms of service violation", 

79 "comment": "A test report", 

80 "cf-turnstile-response": "invalid-token", 

81 }, 

82 ) 

83 

84 assert response.status_code == 400 

85 assert response.get_json() == {"error": "turnstile_failed"} 

86 assert len(responses.calls) == 1 

87 assert ( 

88 responses.calls[0].request.url 

89 == self.app.config["TURNSTILE_VERIFY_URL"] 

90 ) 

91 

92 @responses.activate 

93 def test_report_submits_when_turnstile_token_is_valid(self): 

94 self.app.config["TURNSTILE_SECRET_KEY"] = "test-secret" 

95 responses.add( 

96 responses.Response( 

97 method="POST", 

98 url=self.app.config["TURNSTILE_VERIFY_URL"], 

99 json={"success": True}, 

100 status=200, 

101 ) 

102 ) 

103 responses.add( 

104 responses.Response( 

105 method="POST", 

106 url=self.app.config["REPORT_SHEET_URL"], 

107 status=200, 

108 ) 

109 ) 

110 

111 response = self.client.post( 

112 "/report", 

113 data={ 

114 "snap_name": "test-snap", 

115 "reason": "Snap Store terms of service violation", 

116 "comment": "A test report", 

117 "cf-turnstile-response": "valid-token", 

118 }, 

119 ) 

120 

121 assert response.status_code == 200 

122 assert response.get_json() == {"ok": True} 

123 assert len(responses.calls) == 2 

124 assert ( 

125 responses.calls[0].request.url 

126 == self.app.config["TURNSTILE_VERIFY_URL"] 

127 ) 

128 assert ( 

129 responses.calls[1].request.url 

130 == self.app.config["REPORT_SHEET_URL"] 

131 )