response = self.app.delete(url('gist', gist_id=gist.gist_id))

        self.checkSessionFlash(response, 'Deleted gist %s' % gist.gist_id)

    def test_delete_normal_user_not_his_own_gist(self):

        self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)

        gist = _create_gist('delete-me')

        response = self.app.delete(url('gist', gist_id=gist.gist_id), status=403)

    def test_show(self):

        gist = _create_gist('gist-show-me')

        response = self.app.get(url('gist', gist_id=gist.gist_access_id))

        response.mustcontain('added file: gist-show-me<')

        response.mustcontain('gist-desc')

        response.mustcontain('<div class="btn btn-mini btn-success disabled">Public Gist</div>')

    def test_show_as_raw(self):

        gist = _create_gist('gist-show-me', content='GIST CONTENT')

        response = self.app.get(url('formatted_gist',

                                    gist_id=gist.gist_access_id, format='raw'))

        self.assertEqual(response.body, 'GIST CONTENT')

    def test_show_as_raw_individual_file(self):

        gist = _create_gist('gist-show-me-raw', content='GIST BODY')

        response = self.app.get(url('formatted_gist_file',

                                repo_name=HG_REPO, revision=rev))

        # test DB

        self.assertEqual(ChangesetComment.query().count(), 1)

        response.mustcontain(

            '''<div class="comments-number">'''

            ''' 1 comment (0 inline, 1 general)'''

        )

        self.assertEqual(Notification.query().count(), 2)

        users = [x.user.username for x in UserNotification.query().all()]

        # test_regular gets notification by @mention

    def test_delete(self):

        self.log_user()

        rev = '27cd5cce30c96924232dffcd24178a07ffeb5dfc'

        text = u'CommentOnRevision'

        params = {'text': text, '_authentication_token': self.authentication_token()}

        response = self.app.post(url(controller='changeset', action='comment',

                                     repo_name=HG_REPO, revision=rev),

                                     params=params)

        comments = ChangesetComment.query().all()

from kallithea.tests import *

class TestFollowersController(TestController):

    def test_index_hg(self):

        self.log_user()

        repo_name = HG_REPO

        response = self.app.get(url(controller='followers',

                                    action='followers',

                                    repo_name=repo_name))

        response.mustcontain("""Started following""")

    def test_index_git(self):

        self.log_user()

        repo_name = GIT_REPO

        response = self.app.get(url(controller='followers',

                                    action='followers',

                                    repo_name=repo_name))

        response.mustcontain("""Started following""")

class TestJournalController(TestController):

    def test_index(self):

        self.log_user()

        response = self.app.get(url(controller='journal', action='index'))

        response.mustcontain("""<div class="journal_day">%s</div>""" % datetime.date.today())

    def test_stop_following_repository(self):

        session = self.log_user()

#        repo = Session().query(Repository).filter(Repository.repo_name == HG_REPO).one()

#

#        followings = Session().query(UserFollowing)\

#            .filter(UserFollowing.user == usr)\

#            .filter(UserFollowing.follows_repository == repo).all()

#

#        assert len(followings) == 1, 'Not following any repository'

#

#        response = self.app.post(url(controller='journal',

#                                     action='toggle_following'),

#                                     {'follows_repo_id':repo.repo_id})

            Session().delete(n)

        Session().commit()

        self.assertEqual(Notification.query().all(), [])

    def test_index(self):

        response = self.app.get(url(controller='login', action='index'))

        self.assertEqual(response.status, '200 OK')

        # Test response...

    def test_login_admin_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response.session['authuser'].get('username'),

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

    def test_login_regular_ok(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'test_regular',

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response.session['authuser'].get('username'),

                         'test_regular')

        response = response.follow()

        response.mustcontain('/%s' % HG_REPO)

    def test_login_ok_came_from(self):

        test_came_from = '/_admin/users'

        response = self.app.post(url(controller='login', action='index',

                                     came_from=test_came_from),

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        response = response.follow()

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('Users Administration')

    def test_logout(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'test_regular',

                                  'password': 'test12'})

        self.assertNotIn('authuser', response.session)

    @parameterized.expand([

          ('data:text/html,<script>window.alert("xss")</script>',),

          ('mailto:test@example.com',),

          ('file:///etc/passwd',),

          ('ftp://some.ftp.server',),

          ('http://other.domain/bl%C3%A5b%C3%A6rgr%C3%B8d',),

    ])

    def test_login_bad_came_froms(self, url_came_from):

        response = self.app.post(url(controller='login', action='index',

                                     came_from=url_came_from),

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        self.assertEqual(response._environ['paste.testing_variables']

                         ['tmpl_context'].came_from, '/')

        response = response.follow()

        self.assertEqual(response.status, '200 OK')

    def test_login_short_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                  'password': 'as'})

        self.assertEqual(response.status, '200 OK')

        response.mustcontain('Enter 3 characters or more')

    def test_login_wrong_username_password(self):

        response = self.app.post(url(controller='login', action='index'),

                                 {'username': 'error',

                                  'password': 'test12'})

        response.mustcontain('invalid user name')

        response.mustcontain('invalid password')

        for encoded in args_encoded:

            self.assertIn(encoded, response.form.action)

    @parameterized.expand([

        ({'foo':'one', 'bar':'two'}, ('foo=one', 'bar=two')),

        ({'blue': u'blå'.encode('utf-8'), 'green':u'grøn'},

             ('blue=bl%C3%A5', 'green=gr%C3%B8n')),

    ])

    def test_redirection_after_successful_login_preserves_get_args(self, args, args_encoded):

        response = self.app.post(url(controller='login', action='index',

                                     came_from = '/_admin/users',

                                     **args),

                                  'password': 'test12'})

        self.assertEqual(response.status, '302 Found')

        for encoded in args_encoded:

            self.assertIn(encoded, response.location)

    @parameterized.expand([

        ({'foo':'one', 'bar':'two'}, ('foo=one', 'bar=two')),

        ({'blue': u'blå'.encode('utf-8'), 'green':u'grøn'},

             ('blue=bl%C3%A5', 'green=gr%C3%B8n')),

    ])

    def test_login_form_after_incorrect_login_preserves_get_args(self, args, args_encoded):

        response = self.app.post(url(controller='login', action='index',

        response.mustcontain('invalid password')

        for encoded in args_encoded:

            self.assertIn(encoded, response.form.action)

    #==========================================================================

    # REGISTRATIONS

    #==========================================================================

    def test_register(self):

        response = self.app.get(url(controller='login', action='register'))

        response.mustcontain('Sign Up')

    def test_register_err_same_username(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': uname,

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmail@domain.com',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        msg = validators.ValidUsername()._messages['username_exists']

        msg = h.html_escape(msg % {'username': uname})

        response.mustcontain(msg)

                                             'password_confirmation': 'test12',

                                             'email': 'goodmailm',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        response.mustcontain('An email address must contain a single @')

        response.mustcontain('Username may only contain '

                'alphanumeric characters underscores, '

                'periods or dashes and must begin with '

                'alphanumeric character')

    def test_register_err_case_sensitive(self):

        response = self.app.post(url(controller='login', action='register'),

                                            {'username': usr,

                                             'password': 'test12',

                                             'password_confirmation': 'test12',

                                             'email': 'goodmailm',

                                             'firstname': 'test',

                                             'lastname': 'test'})

        response.mustcontain('An email address must contain a single @')

        msg = validators.ValidUsername()._messages['username_exists']

        msg = h.html_escape(msg % {'username': usr})

        response.mustcontain(msg)

    test_user_1 = 'testme'

    @classmethod

    def teardown_class(cls):

        if User.get_by_username(cls.test_user_1):

            UserModel().delete(cls.test_user_1)

            Session().commit()

    def test_my_account(self):

        self.log_user()

        response = self.app.get(url('my_account'))

    def test_my_account_my_repos(self):

        self.log_user()

        response = self.app.get(url('my_account_repos'))

        cnt = Repository.query().filter(Repository.user ==

                           User.get_by_username(TEST_USER_ADMIN_LOGIN)).count()

        response.mustcontain('"totalRecords": %s' % cnt)

    def test_my_account_my_watched(self):

        self.log_user()

        response = self.app.get(url('my_account_watched'))

            #my account cannot make you an admin !

            params['admin'] = False

        params.pop('_authentication_token')

        self.assertEqual(params, updated_params)

    def test_my_account_update_err_email_exists(self):

        self.log_user()

        new_email = 'test_regular@mail.com'  # already exisitn email

        response = self.app.post(url('my_account'),

                                params=dict(

                                    new_password='test12',

                                    password_confirmation='test122',

                                    firstname='NewName',

                                    lastname='NewLastname',

                                    email=new_email,

                                    _authentication_token=self.authentication_token())

                                )

        response.mustcontain('This e-mail address is already taken')

    def test_my_account_update_err(self):

        self.log_user('test_regular2', 'test12')

        new_email = 'newmail.pl'

        response = self.app.post(url('my_account'),

                                 params=dict(

                                            new_password='test12',

                                            password_confirmation='test122',

                                            firstname='NewName',

                                            lastname='NewLastname',

                                            email=new_email,

                                            _authentication_token=self.authentication_token()))

        response.mustcontain('An email address must contain a single @')

        from kallithea.model import validators

        msg = validators.ValidUsername(edit=False, old_data={})\

                ._messages['username_exists']

        response.mustcontain(u"%s" % msg)

    def test_my_account_api_keys(self):

        usr = self.log_user('test_regular2', 'test12')

        user = User.get(usr['user_id'])

        response = self.app.get(url('my_account_api_keys'))

        response.mustcontain(user.api_key)

        response.mustcontain('Expires: Never')

    @parameterized.expand([

        ('forever', -1),

        ('5mins', 60*5),

                                    repo_name=HG_REPO))

        #repo type

        response.mustcontain(

            """<span class="repotag">hg"""

        )

        #public/private

        response.mustcontain(

            """<i class="icon-globe">"""

        )

        # clone url...

    def test_index_git(self):

        self.log_user()

        ID = Repository.get_by_repo_name(GIT_REPO).repo_id

        response = self.app.get(url(controller='summary',

                                    action='index',

                                    repo_name=GIT_REPO))

        #repo type

        response.mustcontain(

            """<span class="repotag">git"""

        )

        #public/private

        response.mustcontain(

            """<i class="icon-globe">"""

        )

        # clone url...

    def test_index_by_id_hg(self):

        self.log_user()

        ID = Repository.get_by_repo_name(HG_REPO).repo_id

        response = self.app.get(url(controller='summary',

                                    action='index',

                                    repo_name='_%s' % ID))

        #repo type

        response.mustcontain(

            """<span class="repotag">hg"""

        )

from kallithea.model.db import User, Repository

from kallithea.lib.auth import get_crypt_password

from kallithea.tests import TESTS_TMP_PATH, HG_REPO

from kallithea.config.environment import load_environment

rel_path = dn(dn(dn(dn(os.path.abspath(__file__)))))

conf = appconfig('config:development.ini', relative_to=rel_path)

load_environment(conf.global_conf, conf.local_conf)

add_cache(conf)

PASS = 'test12'

HOST = 'server.local'

METHOD = 'pull'

DEBUG = True

log = logging.getLogger(__name__)

class Command(object):

    def __init__(self, cwd):

        self.cwd = cwd