Compare commits

..

No commits in common. "a9c4fa9de0315cd688d27d57d2556bbf75cf21dd" and "822c8fc49b0d2801fdafd40c01328a00beac5212" have entirely different histories.

22 changed files with 259 additions and 458 deletions

View File

@ -2,30 +2,6 @@ Change Log
==========
Version 1.5.6
-------------
Released 2023/5/23
Bug fixes.
* Fixed the return URI of the creation forms to decode the next URI.
* Fixed the unmatched offset list to use the encoded next URI.
Version 1.5.5
-------------
Released 2023/5/23
Security fixes.
* Revised the next URI utilities to encode and decode the next URI
preventing tampering with the next URI.
* Added the integrity value of the CDN stylesheet links.
* Various fixes.
Version 1.5.4
-------------

View File

@ -24,7 +24,7 @@ from flask_sqlalchemy import SQLAlchemy
from accounting.utils.user import UserUtilityInterface
VERSION: str = "1.5.6"
VERSION: str = "1.5.4"
"""The package version."""
db: SQLAlchemy = SQLAlchemy()
"""The database instance."""

View File

@ -23,6 +23,6 @@ First written: 2023/2/1
{% block header %}{% block title %}{{ A_("Add a New Account") }}{% endblock %}{% endblock %}
{% block back_url %}{{ url_for("accounting.account.list")|accounting_or_next }}{% endblock %}
{% block back_url %}{{ request.args.get("next") or url_for("accounting.account.list") }}{% endblock %}
{% block action_url %}{{ url_for("accounting.account.store") }}{% endblock %}

View File

@ -23,6 +23,6 @@ First written: 2023/2/6
{% block header %}{% block title %}{{ A_("Add a New Currency") }}{% endblock %}{% endblock %}
{% block back_url %}{{ url_for("accounting.currency.list")|accounting_or_next }}{% endblock %}
{% block back_url %}{{ request.args.get("next") or url_for("accounting.currency.list") }}{% endblock %}
{% block action_url %}{{ url_for("accounting.currency.store") }}{% endblock %}

View File

@ -23,6 +23,6 @@ First written: 2023/2/25
{% block header %}{% block title %}{{ A_("Add a New Cash Disbursement Journal Entry") }}{% endblock %}{% endblock %}
{% block back_url %}{{ url_for("accounting-report.default")|accounting_or_next }}{% endblock %}
{% block back_url %}{{ request.args.get("next") or url_for("accounting-report.default") }}{% endblock %}
{% block action_url %}{{ url_for("accounting.journal-entry.store", journal_entry_type=journal_entry_type) }}{% endblock %}

View File

@ -23,6 +23,6 @@ First written: 2023/2/25
{% block header %}{% block title %}{{ A_("Add a New Cash Receipt Journal Entry") }}{% endblock %}{% endblock %}
{% block back_url %}{{ url_for("accounting-report.default")|accounting_or_next }}{% endblock %}
{% block back_url %}{{ request.args.get("next") or url_for("accounting-report.default") }}{% endblock %}
{% block action_url %}{{ url_for("accounting.journal-entry.store", journal_entry_type=journal_entry_type) }}{% endblock %}

View File

@ -23,6 +23,6 @@ First written: 2023/2/25
{% block header %}{% block title %}{{ A_("Add a New Transfer Journal Entry") }}{% endblock %}{% endblock %}
{% block back_url %}{{ url_for("accounting-report.default")|accounting_or_next }}{% endblock %}
{% block back_url %}{{ request.args.get("next") or url_for("accounting-report.default") }}{% endblock %}
{% block action_url %}{{ url_for("accounting.journal-entry.store", journal_entry_type=journal_entry_type) }}{% endblock %}

View File

@ -49,7 +49,7 @@ First written: 2023/4/17
<form action="{{ url_for("accounting-report.match-offsets", currency=report.currency, account=report.account) }}" method="post">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
<input type="hidden" name="next" value="{{ accounting_as_next() }}">
<input type="hidden" name="next" value="{{ request.full_path if request.query_string else request.path }}">
<div class="modal fade" id="accounting-match-modal" tabindex="-1" aria-labelledby="accounting-match-modal-label" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">

View File

@ -22,17 +22,7 @@ This module should not import any other module from the application.
from urllib.parse import urlparse, parse_qsl, ParseResult, urlencode, \
urlunparse
from flask import request, Blueprint, current_app
from itsdangerous import URLSafeSerializer, BadData
def __as_next() -> str:
"""Encodes the current request URI as value for the next URI.
:return: The current request URI as value for the next URI.
"""
return encode_next(
request.full_path if request.query_string else request.path)
from flask import request, Blueprint
def append_next(uri: str) -> str:
@ -72,13 +62,9 @@ def __get_next() -> str | None:
"""
next_uri: str | None = request.form.get("next") \
if request.method == "POST" else request.args.get("next")
if next_uri is None:
return None
try:
return URLSafeSerializer(current_app.config["SECRET_KEY"])\
.loads(next_uri, "next")
except BadData:
if next_uri is None or not next_uri.startswith("/"):
return None
return next_uri
def __set_next(uri: str, next_uri: str) -> str:
@ -91,29 +77,18 @@ def __set_next(uri: str, next_uri: str) -> str:
uri_p: ParseResult = urlparse(uri)
params: list[tuple[str, str]] = parse_qsl(uri_p.query)
params = [x for x in params if x[0] != "next"]
params.append(("next", encode_next(next_uri)))
params.append(("next", next_uri))
parts: list[str] = list(uri_p)
parts[4] = urlencode(params)
return urlunparse(parts)
def encode_next(uri: str) -> str:
"""Encodes the next URI.
:param uri: The next URI.
:return: The encoded next URI.
"""
return URLSafeSerializer(current_app.config["SECRET_KEY"])\
.dumps(uri, "next")
def init_app(bp: Blueprint) -> None:
"""Initializes the application.
:param bp: The blueprint of the accounting application.
:return: None.
"""
bp.add_app_template_global(__as_next, "accounting_as_next")
bp.add_app_template_filter(append_next, "accounting_append_next")
bp.add_app_template_filter(inherit_next, "accounting_inherit_next")
bp.add_app_template_filter(or_next, "accounting_or_next")

View File

@ -23,7 +23,6 @@ import unittest
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from testlib import NEXT_URI, create_test_app, get_client, set_locale, \
add_journal_entry
@ -79,7 +78,6 @@ class AccountTestCase(unittest.TestCase):
AccountL10n.query.delete()
Account.query.delete()
db.session.commit()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
response: httpx.Response
@ -145,7 +143,7 @@ class AccountTestCase(unittest.TestCase):
response = client.post(f"{PREFIX}/bases/{CASH.base_code}",
data={"csrf_token": csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{cash_id}-no": "5"})
self.assertEqual(response.status_code, 403)
@ -194,7 +192,7 @@ class AccountTestCase(unittest.TestCase):
response = client.post(f"{PREFIX}/bases/{CASH.base_code}",
data={"csrf_token": csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{cash_id}-no": "5"})
self.assertEqual(response.status_code, 403)
@ -246,7 +244,7 @@ class AccountTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/bases/{CASH.base_code}",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{cash_id}-no": "5"})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -528,7 +526,7 @@ class AccountTestCase(unittest.TestCase):
self.assertEqual(account.title_l10n, CASH.title)
self.assertEqual(account.l10n, [])
set_locale(self.app, self.client, self.csrf_token, "zh_Hant")
set_locale(self.client, self.csrf_token, "zh_Hant")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -543,7 +541,7 @@ class AccountTestCase(unittest.TestCase):
self.assertEqual({(x.locale, x.title) for x in account.l10n},
{("zh_Hant", f"{CASH.title}-zh_Hant")})
set_locale(self.app, self.client, self.csrf_token, "en")
set_locale(self.client, self.csrf_token, "en")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -558,7 +556,7 @@ class AccountTestCase(unittest.TestCase):
self.assertEqual({(x.locale, x.title) for x in account.l10n},
{("zh_Hant", f"{CASH.title}-zh_Hant")})
set_locale(self.app, self.client, self.csrf_token, "zh_Hant")
set_locale(self.client, self.csrf_token, "zh_Hant")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -593,7 +591,7 @@ class AccountTestCase(unittest.TestCase):
add_journal_entry(self.client,
form={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
"date": dt.date.today().isoformat(),
"currency-1-code": "USD",
"currency-1-credit-1-account_code": BANK.code,
@ -711,7 +709,7 @@ class AccountTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/bases/1111",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{id_1}-no": "4",
f"{id_2}-no": "1",
f"{id_3}-no": "5",
@ -738,7 +736,7 @@ class AccountTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/bases/1111",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{id_2}-no": "3a",
f"{id_3}-no": "5",
f"{id_4}-no": "2"})

View File

@ -23,7 +23,6 @@ import unittest
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from testlib import NEXT_URI, create_test_app, get_client, set_locale, \
add_journal_entry
@ -469,7 +468,7 @@ class CurrencyTestCase(unittest.TestCase):
self.assertEqual(currency.name_l10n, USD.name)
self.assertEqual(currency.l10n, [])
set_locale(self.app, self.client, self.csrf_token, "zh_Hant")
set_locale(self.client, self.csrf_token, "zh_Hant")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -484,7 +483,7 @@ class CurrencyTestCase(unittest.TestCase):
self.assertEqual({(x.locale, x.name) for x in currency.l10n},
{("zh_Hant", f"{USD.name}-zh_Hant")})
set_locale(self.app, self.client, self.csrf_token, "en")
set_locale(self.client, self.csrf_token, "en")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -499,7 +498,7 @@ class CurrencyTestCase(unittest.TestCase):
self.assertEqual({(x.locale, x.name) for x in currency.l10n},
{("zh_Hant", f"{USD.name}-zh_Hant")})
set_locale(self.app, self.client, self.csrf_token, "zh_Hant")
set_locale(self.client, self.csrf_token, "zh_Hant")
response = self.client.post(update_uri,
data={"csrf_token": self.csrf_token,
@ -522,8 +521,6 @@ class CurrencyTestCase(unittest.TestCase):
from accounting.models import Currency
detail_uri: str = f"{PREFIX}/{JPY.code}"
delete_uri: str = f"{PREFIX}/{JPY.code}/delete"
with self.app.app_context():
encoded_next_uri: str = encode_next(NEXT_URI)
list_uri: str = PREFIX
response: httpx.Response
@ -536,7 +533,7 @@ class CurrencyTestCase(unittest.TestCase):
add_journal_entry(self.client,
form={"csrf_token": self.csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": dt.date.today().isoformat(),
"currency-1-code": EUR.code,
"currency-1-credit-1-account_code": "1111-001",

View File

@ -22,7 +22,6 @@ import unittest
from flask import Flask
from accounting.utils.next_uri import encode_next
from testlib import NEXT_URI, Accounts, create_test_app, get_client, \
add_journal_entry
@ -42,7 +41,6 @@ class DescriptionEditorTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -53,7 +51,7 @@ class DescriptionEditorTestCase(unittest.TestCase):
"""
from accounting.journal_entry.utils.description_editor import \
DescriptionEditor
for form in get_form_data(self.csrf_token, self.encoded_next_uri):
for form in get_form_data(self.csrf_token):
add_journal_entry(self.client, form)
with self.app.app_context():
editor: DescriptionEditor = DescriptionEditor()
@ -145,24 +143,22 @@ class DescriptionEditorTestCase(unittest.TestCase):
Accounts.PREPAID)
def get_form_data(csrf_token: str, encoded_next_uri: str) \
-> list[dict[str, str]]:
def get_form_data(csrf_token: str) -> list[dict[str, str]]:
"""Returns the form data for multiple journal entry forms.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:return: A list of the form data.
"""
journal_entry_date: str = dt.date.today().isoformat()
return [{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-credit-0-account_code": Accounts.SERVICE,
"currency-0-credit-0-description": " Salary ",
"currency-0-credit-0-amount": "2500"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.MEAL,
@ -184,7 +180,7 @@ def get_form_data(csrf_token: str, encoded_next_uri: str) \
"currency-0-credit-2-description": " Dinner—Hamburger ",
"currency-0-credit-2-amount": "4.25"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.MEAL,
@ -200,7 +196,7 @@ def get_form_data(csrf_token: str, encoded_next_uri: str) \
"currency-0-credit-1-description": " Dinner—Steak ",
"currency-0-credit-1-amount": "8.28"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.MEAL,
@ -216,14 +212,14 @@ def get_form_data(csrf_token: str, encoded_next_uri: str) \
"currency-0-credit-1-description": " Lunch—Noodles ",
"currency-0-credit-1-amount": "7.47"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.TRAVEL,
"currency-0-debit-0-description": " Airplane—Lake City↔Hill Town",
"currency-0-debit-0-amount": "800"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.TRAVEL,
@ -251,7 +247,7 @@ def get_form_data(csrf_token: str, encoded_next_uri: str) \
"currency-0-credit-3-description": " Train—Red—Mall→Museum ",
"currency-0-credit-3-amount": "4.4"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.TRAVEL,
@ -297,7 +293,7 @@ def get_form_data(csrf_token: str, encoded_next_uri: str) \
"currency-0-credit-6-description": " Bike—Theatre→Home ",
"currency-0-credit-6-amount": "5.5"},
{"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry_date,
"currency-0-code": "USD",
"currency-0-debit-0-account_code": Accounts.PETTY_CASH,

View File

@ -24,7 +24,6 @@ from decimal import Decimal
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from testlib import NEXT_URI, Accounts, create_test_app, get_client, \
add_journal_entry, match_journal_entry_detail
@ -54,7 +53,6 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -155,8 +153,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
data=update_form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_id}?next=%2F_next")
response = self.client.post(f"{PREFIX}/{journal_entry_id}/delete",
data={"csrf_token": self.csrf_token})
@ -169,8 +166,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import JournalEntry, JournalEntryCurrency
create_uri: str = (f"{PREFIX}/create/receipt?"
f"next={self.encoded_next_uri}")
create_uri: str = f"{PREFIX}/create/receipt?next=%2F_next"
store_uri: str = f"{PREFIX}/store/receipt"
response: httpx.Response
form: dict[str, str]
@ -326,10 +322,8 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryCurrency
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
edit_uri: str = (f"{PREFIX}/{journal_entry_id}/edit?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
edit_uri: str = f"{PREFIX}/{journal_entry_id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
form_0: dict[str, str] = self.__get_update_form(journal_entry_id)
@ -491,8 +485,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -531,8 +524,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
= add_journal_entry(self.client, self.__get_add_form())
editor_username, admin_username = "editor", "admin"
client, csrf_token = get_client(self.app, admin_username)
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -565,8 +557,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
journal_entry_id_1: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id_1}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id_1}?next=%2F_next"
delete_uri: str = f"{PREFIX}/{journal_entry_id_1}/delete"
response: httpx.Response
@ -584,7 +575,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
add_journal_entry(
self.client,
form={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
"date": dt.date.today().isoformat(),
"currency-1-code": line_item.currency_code,
"currency-1-debit-1-original_line_item_id": line_item.id,
@ -594,18 +585,17 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
# Cannot delete the journal entry that is in use
response = self.client.post(f"{PREFIX}/{journal_entry_id_2}/delete",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_id_2}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_id_2}?next=%2F_next")
# Success
response = self.client.get(detail_uri)
self.assertEqual(response.status_code, 200)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -613,7 +603,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
self.assertEqual(response.status_code, 404)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 404)
def __get_add_form(self) -> dict[str, str]:
@ -621,8 +611,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
:return: The form data to add a new journal entry.
"""
form: dict[str, str] = get_add_form(self.csrf_token,
self.encoded_next_uri)
form: dict[str, str] = get_add_form(self.csrf_token)
form = {x: form[x] for x in form if "-debit-" not in x}
return form
@ -636,7 +625,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
not changed.
"""
form: dict[str, str] = get_unchanged_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri)
journal_entry_id, self.app, self.csrf_token)
form = {x: form[x] for x in form if "-debit-" not in x}
return form
@ -649,8 +638,7 @@ class CashReceiptJournalEntryTestCase(unittest.TestCase):
changed.
"""
form: dict[str, str] = get_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri,
False)
journal_entry_id, self.app, self.csrf_token, False)
form = {x: form[x] for x in form if "-debit-" not in x}
return form
@ -670,7 +658,6 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -771,8 +758,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
data=update_form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_id}?next=%2F_next")
response = self.client.post(f"{PREFIX}/{journal_entry_id}/delete",
data={"csrf_token": self.csrf_token})
@ -785,8 +771,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import JournalEntry, JournalEntryCurrency
create_uri: str = (f"{PREFIX}/create/disbursement?"
f"next={self.encoded_next_uri}")
create_uri: str = f"{PREFIX}/create/disbursement?next=%2F_next"
store_uri: str = f"{PREFIX}/store/disbursement"
response: httpx.Response
form: dict[str, str]
@ -945,10 +930,8 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryCurrency
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
edit_uri: str = (f"{PREFIX}/{journal_entry_id}/edit?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
edit_uri: str = f"{PREFIX}/{journal_entry_id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
form_0: dict[str, str] = self.__get_update_form(journal_entry_id)
@ -1114,8 +1097,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -1154,8 +1136,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
= add_journal_entry(self.client, self.__get_add_form())
editor_username, admin_username = "editor", "admin"
client, csrf_token = get_client(self.app, admin_username)
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -1187,8 +1168,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
"""
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
delete_uri: str = f"{PREFIX}/{journal_entry_id}/delete"
response: httpx.Response
@ -1196,7 +1176,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
self.assertEqual(response.status_code, 200)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -1204,7 +1184,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
self.assertEqual(response.status_code, 404)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 404)
def __get_add_form(self) -> dict[str, str]:
@ -1212,8 +1192,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
:return: The form data to add a new journal entry.
"""
form: dict[str, str] = get_add_form(self.csrf_token,
self.encoded_next_uri)
form: dict[str, str] = get_add_form(self.csrf_token)
form = {x: form[x] for x in form if "-credit-" not in x}
return form
@ -1227,7 +1206,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
not changed.
"""
form: dict[str, str] = get_unchanged_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri)
journal_entry_id, self.app, self.csrf_token)
form = {x: form[x] for x in form if "-credit-" not in x}
return form
@ -1240,8 +1219,7 @@ class CashDisbursementJournalEntryTestCase(unittest.TestCase):
changed.
"""
form: dict[str, str] = get_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri,
True)
journal_entry_id, self.app, self.csrf_token, True)
form = {x: form[x] for x in form if "-credit-" not in x}
return form
@ -1262,7 +1240,6 @@ class TransferJournalEntryTestCase(unittest.TestCase):
JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -1363,8 +1340,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
data=update_form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_id}?next=%2F_next")
response = self.client.post(f"{PREFIX}/{journal_entry_id}/delete",
data={"csrf_token": self.csrf_token})
@ -1377,8 +1353,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import JournalEntry, JournalEntryCurrency
create_uri: str = (f"{PREFIX}/create/transfer?"
f"next={self.encoded_next_uri}")
create_uri: str = f"{PREFIX}/create/transfer?next=%2F_next"
store_uri: str = f"{PREFIX}/store/transfer"
response: httpx.Response
form: dict[str, str]
@ -1573,10 +1548,8 @@ class TransferJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryCurrency
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
edit_uri: str = (f"{PREFIX}/{journal_entry_id}/edit?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
edit_uri: str = f"{PREFIX}/{journal_entry_id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
form_0: dict[str, str] = self.__get_update_form(journal_entry_id)
@ -1785,8 +1758,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -1825,8 +1797,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
= add_journal_entry(self.client, self.__get_add_form())
editor_username, admin_username = "editor", "admin"
client, csrf_token = get_client(self.app, admin_username)
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update"
journal_entry: JournalEntry
response: httpx.Response
@ -1860,8 +1831,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryCurrency
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update?as=receipt"
form_0: dict[str, str] = self.__get_update_form(journal_entry_id)
form_0 = {x: form_0[x] for x in form_0 if "-debit-" not in x}
@ -1962,8 +1932,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryCurrency
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_id}/update?as=disbursement"
form_0: dict[str, str] = self.__get_update_form(journal_entry_id)
form_0 = {x: form_0[x] for x in form_0 if "-credit-" not in x}
@ -2066,8 +2035,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
"""
journal_entry_id: int \
= add_journal_entry(self.client, self.__get_add_form())
detail_uri: str = (f"{PREFIX}/{journal_entry_id}?"
f"next={self.encoded_next_uri}")
detail_uri: str = f"{PREFIX}/{journal_entry_id}?next=%2F_next"
delete_uri: str = f"{PREFIX}/{journal_entry_id}/delete"
response: httpx.Response
@ -2075,7 +2043,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
self.assertEqual(response.status_code, 200)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -2083,7 +2051,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
self.assertEqual(response.status_code, 404)
response = self.client.post(delete_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 404)
def __get_add_form(self) -> dict[str, str]:
@ -2091,7 +2059,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
:return: The form data to add a new journal entry.
"""
return get_add_form(self.csrf_token, self.encoded_next_uri)
return get_add_form(self.csrf_token)
def __get_unchanged_update_form(self, journal_entry_id: int) \
-> dict[str, str]:
@ -2103,7 +2071,7 @@ class TransferJournalEntryTestCase(unittest.TestCase):
not changed.
"""
return get_unchanged_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri)
journal_entry_id, self.app, self.csrf_token)
def __get_update_form(self, journal_entry_id: int) -> dict[str, str]:
"""Returns the form data to update a journal entry, where the data are
@ -2113,9 +2081,8 @@ class TransferJournalEntryTestCase(unittest.TestCase):
:return: The form data to update the journal entry, where the data are
changed.
"""
return get_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri,
None)
return get_update_form(journal_entry_id,
self.app, self.csrf_token, None)
class JournalEntryReorderTestCase(unittest.TestCase):
@ -2133,7 +2100,6 @@ class JournalEntryReorderTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -2181,7 +2147,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/{id_2}/update", data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{id_2}?next={self.encoded_next_uri}")
f"{PREFIX}/{id_2}?next=%2F_next")
with self.app.app_context():
self.assertEqual(db.session.get(JournalEntry, id_1).no, 1)
@ -2215,7 +2181,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
response = self.client.post(
f"{PREFIX}/dates/{date.isoformat()}",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{id_1}-no": "4",
f"{id_2}-no": "1",
f"{id_3}-no": "5",
@ -2243,7 +2209,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
response = self.client.post(
f"{PREFIX}/dates/{date.isoformat()}",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
f"{id_2}-no": "3a",
f"{id_3}-no": "5",
f"{id_4}-no": "2"})
@ -2262,8 +2228,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
:return: The form data to add a new cash receipt journal entry.
"""
form: dict[str, str] = get_add_form(self.csrf_token,
self.encoded_next_uri)
form: dict[str, str] = get_add_form(self.csrf_token)
form = {x: form[x] for x in form if "-debit-" not in x}
return form
@ -2272,8 +2237,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
:return: The form data to add a new cash disbursement journal entry.
"""
form: dict[str, str] = get_add_form(self.csrf_token,
self.encoded_next_uri)
form: dict[str, str] = get_add_form(self.csrf_token)
form = {x: form[x] for x in form if "-credit-" not in x}
return form
@ -2287,7 +2251,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
where the data are not changed.
"""
form: dict[str, str] = get_unchanged_update_form(
journal_entry_id, self.app, self.csrf_token, self.encoded_next_uri)
journal_entry_id, self.app, self.csrf_token)
form = {x: form[x] for x in form if "-credit-" not in x}
return form
@ -2296,4 +2260,4 @@ class JournalEntryReorderTestCase(unittest.TestCase):
:return: The form data to add a new journal entry.
"""
return get_add_form(self.csrf_token, self.encoded_next_uri)
return get_add_form(self.csrf_token)

View File

@ -25,7 +25,6 @@ from decimal import Decimal
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from test_site.lib import JournalEntryLineItemData, JournalEntryCurrencyData, \
JournalEntryData, BaseTestData
@ -51,7 +50,6 @@ class OffsetTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
self.data: OffsetTestData = OffsetTestData(self.app, "editor")
@ -63,8 +61,7 @@ class OffsetTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import Account, JournalEntry
create_uri: str = (f"{PREFIX}/create/receipt?"
f"next={self.encoded_next_uri}")
create_uri: str = f"{PREFIX}/create/receipt?next=%2F_next"
store_uri: str = f"{PREFIX}/store/receipt"
form: dict[str, str]
old_amount: Decimal
@ -88,16 +85,14 @@ class OffsetTestCase(unittest.TestCase):
original_line_item=self.data.l_r_or3d)])])
# Non-existing original line item ID
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] = "9999"
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# The same debit or credit
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] \
= str(self.data.l_p_or1c.id)
form["currency-1-credit-1-account_code"] = self.data.l_p_or1c.account
@ -113,8 +108,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
response = self.client.post(
store_uri,
data=journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri))
data=journal_entry_data.new_form(self.csrf_token, NEXT_URI))
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
with self.app.app_context():
@ -123,8 +117,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
# The original line item is also an offset
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] \
= str(self.data.l_p_of1d.id)
form["currency-1-credit-1-account_code"] = self.data.l_p_of1d.account
@ -133,24 +126,21 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], create_uri)
# Not the same currency
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# Not the same account
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-account_code"] = Accounts.NOTES_RECEIVABLE
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# Not exceeding net balance - partially offset
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-amount"] \
= str(journal_entry_data.currencies[0].credit[0].amount
+ Decimal("0.01"))
@ -159,8 +149,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], create_uri)
# Not exceeding net balance - unmatched
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-3-amount"] \
= str(journal_entry_data.currencies[0].credit[2].amount
+ Decimal("0.01"))
@ -171,16 +160,14 @@ class OffsetTestCase(unittest.TestCase):
# Not before the original line items
old_days = journal_entry_data.days
journal_entry_data.days = old_days + 1
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
journal_entry_data.days = old_days
# Success
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
journal_entry_id: int \
@ -197,8 +184,7 @@ class OffsetTestCase(unittest.TestCase):
"""
from accounting.models import Account
journal_entry_data: JournalEntryData = self.data.j_r_of2
edit_uri: str = (f"{PREFIX}/{journal_entry_data.id}/edit?"
f"next={self.encoded_next_uri}")
edit_uri: str = f"{PREFIX}/{journal_entry_data.id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_data.id}/update"
form: dict[str, str]
response: httpx.Response
@ -210,16 +196,14 @@ class OffsetTestCase(unittest.TestCase):
journal_entry_data.currencies[0].credit[2].amount = Decimal("600")
# Non-existing original line item ID
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] = "9999"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# The same debit or credit
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] \
= str(self.data.l_p_or1c.id)
form["currency-1-credit-1-account_code"] = self.data.l_p_or1c.account
@ -236,8 +220,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
response = self.client.post(
update_uri,
data=journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri))
data=journal_entry_data.update_form(self.csrf_token, NEXT_URI))
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
with self.app.app_context():
@ -246,8 +229,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
# The original line item is also an offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-original_line_item_id"] \
= str(self.data.l_p_of1d.id)
form["currency-1-credit-1-account_code"] = self.data.l_p_of1d.account
@ -256,24 +238,21 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same currency
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same account
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-account_code"] = Accounts.NOTES_RECEIVABLE
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not exceeding net balance - partially offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-amount"] \
= str(journal_entry_data.currencies[0].debit[0].amount
+ Decimal("0.01"))
@ -285,8 +264,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not exceeding net balance - unmatched
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-3-amount"] \
= str(journal_entry_data.currencies[0].debit[2].amount
+ Decimal("0.01"))
@ -300,21 +278,18 @@ class OffsetTestCase(unittest.TestCase):
# Not before the original line items
old_days: int = journal_entry_data.days
journal_entry_data.days = old_days + 1
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
journal_entry_data.days = old_days
# Success
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_data.id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_data.id}?next=%2F_next")
def test_edit_receivable_original_line_item(self) -> None:
"""Tests to edit the receivable original line item.
@ -323,8 +298,7 @@ class OffsetTestCase(unittest.TestCase):
"""
from accounting.models import JournalEntry
journal_entry_data: JournalEntryData = self.data.j_r_or1
edit_uri: str = (f"{PREFIX}/{journal_entry_data.id}/edit?"
f"next={self.encoded_next_uri}")
edit_uri: str = f"{PREFIX}/{journal_entry_data.id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_data.id}/update"
form: dict[str, str]
response: httpx.Response
@ -336,24 +310,21 @@ class OffsetTestCase(unittest.TestCase):
journal_entry_data.currencies[0].credit[1].amount = Decimal("3.4")
# Not the same currency
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same account
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-account_code"] = Accounts.NOTES_RECEIVABLE
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not less than offset total - partially offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-amount"] \
= str(journal_entry_data.currencies[0].debit[0].amount
- Decimal("0.01"))
@ -365,8 +336,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not less than offset total - fully offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-2-amount"] \
= str(journal_entry_data.currencies[0].debit[1].amount
- Decimal("0.01"))
@ -380,29 +350,25 @@ class OffsetTestCase(unittest.TestCase):
# Not after the offset items
old_days: int = journal_entry_data.days
journal_entry_data.days = old_days - 1
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
journal_entry_data.days = old_days
# Not deleting matched original line items
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
del form["currency-1-debit-1-id"]
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Success
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_data.id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_data.id}?next=%2F_next")
# The original line item is always before the offset item, even when
# they happen in the same day.
@ -422,8 +388,7 @@ class OffsetTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import Account, JournalEntry
create_uri: str = (f"{PREFIX}/create/disbursement?"
f"next={self.encoded_next_uri}")
create_uri: str = f"{PREFIX}/create/disbursement?next=%2F_next"
store_uri: str = f"{PREFIX}/store/disbursement"
form: dict[str, str]
response: httpx.Response
@ -446,16 +411,14 @@ class OffsetTestCase(unittest.TestCase):
[])])
# Non-existing original line item ID
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] = "9999"
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# The same debit or credit
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] \
= str(self.data.l_r_or1d.id)
form["currency-1-debit-1-account_code"] = self.data.l_r_or1d.account
@ -471,8 +434,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
response = self.client.post(
store_uri,
data=journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri))
data=journal_entry_data.new_form(self.csrf_token, NEXT_URI))
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
with self.app.app_context():
@ -481,8 +443,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
# The original line item is also an offset
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] \
= str(self.data.l_r_of1c.id)
form["currency-1-debit-1-account_code"] = self.data.l_r_of1c.account
@ -491,24 +452,21 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], create_uri)
# Not the same currency
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# Not the same account
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-account_code"] = Accounts.NOTES_PAYABLE
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
# Not exceeding net balance - partially offset
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-amount"] \
= str(journal_entry_data.currencies[0].debit[0].amount
+ Decimal("0.01"))
@ -517,8 +475,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], create_uri)
# Not exceeding net balance - unmatched
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-3-amount"] \
= str(journal_entry_data.currencies[0].debit[2].amount
+ Decimal("0.01"))
@ -529,16 +486,14 @@ class OffsetTestCase(unittest.TestCase):
# Not before the original line items
old_days: int = journal_entry_data.days
journal_entry_data.days = old_days + 1
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], create_uri)
journal_entry_data.days = old_days
# Success
form = journal_entry_data.new_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.new_form(self.csrf_token, NEXT_URI)
response = self.client.post(store_uri, data=form)
self.assertEqual(response.status_code, 302)
journal_entry_id: int \
@ -555,8 +510,7 @@ class OffsetTestCase(unittest.TestCase):
"""
from accounting.models import Account, JournalEntry
journal_entry_data: JournalEntryData = self.data.j_p_of2
edit_uri: str = (f"{PREFIX}/{journal_entry_data.id}/edit?"
f"next={self.encoded_next_uri}")
edit_uri: str = f"{PREFIX}/{journal_entry_data.id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_data.id}/update"
form: dict[str, str]
response: httpx.Response
@ -568,16 +522,14 @@ class OffsetTestCase(unittest.TestCase):
journal_entry_data.currencies[0].credit[2].amount = Decimal("900")
# Non-existing original line item ID
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] = "9999"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# The same debit or credit
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] \
= str(self.data.l_r_or1d.id)
form["currency-1-debit-1-account_code"] = self.data.l_r_or1d.account
@ -594,8 +546,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
response = self.client.post(
update_uri,
data=journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri))
data=journal_entry_data.update_form(self.csrf_token, NEXT_URI))
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
with self.app.app_context():
@ -604,8 +555,7 @@ class OffsetTestCase(unittest.TestCase):
db.session.commit()
# The original line item is also an offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-original_line_item_id"] \
= str(self.data.l_r_of1c.id)
form["currency-1-debit-1-account_code"] = self.data.l_r_of1c.account
@ -614,24 +564,21 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same currency
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same account
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-account_code"] = Accounts.NOTES_PAYABLE
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not exceeding net balance - partially offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-amount"] \
= str(journal_entry_data.currencies[0].debit[0].amount
+ Decimal("0.01"))
@ -643,8 +590,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not exceeding net balance - unmatched
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-3-amount"] \
= str(journal_entry_data.currencies[0].debit[2].amount
+ Decimal("0.01"))
@ -658,16 +604,14 @@ class OffsetTestCase(unittest.TestCase):
# Not before the original line items
old_days: int = journal_entry_data.days
journal_entry_data.days = old_days + 1
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
journal_entry_data.days = old_days
# Success
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
journal_entry_id: int \
@ -684,8 +628,7 @@ class OffsetTestCase(unittest.TestCase):
"""
from accounting.models import JournalEntry
journal_entry_data: JournalEntryData = self.data.j_p_or1
edit_uri: str = (f"{PREFIX}/{journal_entry_data.id}/edit?"
f"next={self.encoded_next_uri}")
edit_uri: str = f"{PREFIX}/{journal_entry_data.id}/edit?next=%2F_next"
update_uri: str = f"{PREFIX}/{journal_entry_data.id}/update"
form: dict[str, str]
response: httpx.Response
@ -697,24 +640,21 @@ class OffsetTestCase(unittest.TestCase):
journal_entry_data.currencies[0].credit[1].amount = Decimal("0.9")
# Not the same currency
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-code"] = "EUR"
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not the same account
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-credit-1-account_code"] = Accounts.NOTES_PAYABLE
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Not less than offset total - partially offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-1-amount"] \
= str(journal_entry_data.currencies[0].debit[0].amount
- Decimal("0.01"))
@ -726,8 +666,7 @@ class OffsetTestCase(unittest.TestCase):
self.assertEqual(response.headers["Location"], edit_uri)
# Not less than offset total - fully offset
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
form["currency-1-debit-2-amount"] \
= str(journal_entry_data.currencies[0].debit[1].amount
- Decimal("0.01"))
@ -741,29 +680,25 @@ class OffsetTestCase(unittest.TestCase):
# Not after the offset items
old_days: int = journal_entry_data.days
journal_entry_data.days = old_days - 1
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
journal_entry_data.days = old_days
# Not deleting matched original line items
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
del form["currency-1-credit-1-id"]
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
# Success
form = journal_entry_data.update_form(self.csrf_token,
self.encoded_next_uri)
form = journal_entry_data.update_form(self.csrf_token, NEXT_URI)
response = self.client.post(update_uri, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"],
f"{PREFIX}/{journal_entry_data.id}?"
f"next={self.encoded_next_uri}")
f"{PREFIX}/{journal_entry_data.id}?next=%2F_next")
# The original line item is always before the offset item, even when
# they happen in the same day

View File

@ -23,12 +23,17 @@ import unittest
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from testlib import NEXT_URI, Accounts, create_test_app, get_client
PREFIX: str = "/accounting/options"
"""The URL prefix for the option management."""
DETAIL_URI: str = f"{PREFIX}?next=%2F_next"
"""THE URI for the option detail."""
EDIT_URI: str = f"{PREFIX}/edit?next=%2F_next"
"""THE URI for the form to edit the options."""
UPDATE_URI: str = f"{PREFIX}/update"
"""THE URI to update the options."""
class OptionTestCase(unittest.TestCase):
@ -45,7 +50,6 @@ class OptionTestCase(unittest.TestCase):
with self.app.app_context():
from accounting.models import Option
Option.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "admin")
@ -55,18 +59,15 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
client, csrf_token = get_client(self.app, "nobody")
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
edit_uri: str = f"{PREFIX}/edit?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
response: httpx.Response
response = client.get(detail_uri)
response = client.get(DETAIL_URI)
self.assertEqual(response.status_code, 403)
response = client.get(edit_uri)
response = client.get(EDIT_URI)
self.assertEqual(response.status_code, 403)
response = client.post(update_uri, data=self.__get_form(csrf_token))
response = client.post(UPDATE_URI, data=self.__get_form(csrf_token))
self.assertEqual(response.status_code, 403)
def test_viewer(self) -> None:
@ -75,18 +76,15 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
client, csrf_token = get_client(self.app, "viewer")
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
edit_uri: str = f"{PREFIX}/edit?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
response: httpx.Response
response = client.get(detail_uri)
response = client.get(DETAIL_URI)
self.assertEqual(response.status_code, 403)
response = client.get(edit_uri)
response = client.get(EDIT_URI)
self.assertEqual(response.status_code, 403)
response = client.post(update_uri, data=self.__get_form(csrf_token))
response = client.post(UPDATE_URI, data=self.__get_form(csrf_token))
self.assertEqual(response.status_code, 403)
def test_editor(self) -> None:
@ -95,18 +93,15 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
client, csrf_token = get_client(self.app, "editor")
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
edit_uri: str = f"{PREFIX}/edit?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
response: httpx.Response
response = client.get(detail_uri)
response = client.get(DETAIL_URI)
self.assertEqual(response.status_code, 403)
response = client.get(edit_uri)
response = client.get(EDIT_URI)
self.assertEqual(response.status_code, 403)
response = client.post(update_uri, data=self.__get_form(csrf_token))
response = client.post(UPDATE_URI, data=self.__get_form(csrf_token))
self.assertEqual(response.status_code, 403)
def test_admin(self) -> None:
@ -114,20 +109,17 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
edit_uri: str = f"{PREFIX}/edit?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
response: httpx.Response
response = self.client.get(detail_uri)
response = self.client.get(DETAIL_URI)
self.assertEqual(response.status_code, 200)
response = self.client.get(edit_uri)
response = self.client.get(EDIT_URI)
self.assertEqual(response.status_code, 200)
response = self.client.post(update_uri, data=self.__get_form())
response = self.client.post(UPDATE_URI, data=self.__get_form())
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
def test_set(self) -> None:
"""Test to set the options.
@ -135,62 +127,59 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
from accounting.utils.options import options
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
edit_uri: str = f"{PREFIX}/edit?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
form: dict[str, str]
response: httpx.Response
# Empty currency code
form = self.__get_form()
form["default_currency_code"] = " "
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Non-existing currency code
form = self.__get_form()
form["default_currency_code"] = "ZZZ"
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Empty current account
form = self.__get_form()
form["default_ie_account_code"] = " "
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Non-existing current account
form = self.__get_form()
form["default_ie_account_code"] = "9999-999"
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Not a current account
form = self.__get_form()
form["default_ie_account_code"] = Accounts.MEAL
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item name empty
form = self.__get_form()
key = [x for x in form if x.endswith("-name")][0]
form[key] = " "
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item account empty
form = self.__get_form()
key = [x for x in form if x.endswith("-account_code")][0]
form[key] = " "
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item non-expense account
form = self.__get_form()
@ -198,9 +187,9 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-expense-")
and x.endswith("-account_code")][0]
form[key] = Accounts.SERVICE
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item non-income account
form = self.__get_form()
@ -208,9 +197,9 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-income-")
and x.endswith("-account_code")][0]
form[key] = Accounts.UTILITIES
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item payable expense
form = self.__get_form()
@ -218,9 +207,9 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-expense-")
and x.endswith("-account_code")][0]
form[key] = Accounts.PAYABLE
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item receivable income
form = self.__get_form()
@ -228,17 +217,17 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-income-")
and x.endswith("-account_code")][0]
form[key] = Accounts.RECEIVABLE
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Recurring item description template empty
form = self.__get_form()
key = [x for x in form if x.endswith("-description_template")][0]
form[key] = " "
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], edit_uri)
self.assertEqual(response.headers["Location"], EDIT_URI)
# Success, with malformed order
with self.app.app_context():
@ -247,9 +236,9 @@ class OptionTestCase(unittest.TestCase):
self.assertEqual(len(options.recurring.expenses), 0)
self.assertEqual(len(options.recurring.incomes), 0)
response = self.client.post(update_uri, data=self.__get_form())
response = self.client.post(UPDATE_URI, data=self.__get_form())
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
self.assertEqual(options.default_currency_code, "EUR")
@ -272,9 +261,9 @@ class OptionTestCase(unittest.TestCase):
# Success, with no recurring data
form = self.__get_form()
form = {x: form[x] for x in form if not x.startswith("recurring-")}
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
self.assertEqual(len(options.recurring.expenses), 0)
@ -286,15 +275,13 @@ class OptionTestCase(unittest.TestCase):
:return: None.
"""
from accounting.models import Option
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
form: dict[str, str]
option: Option | None
resource: httpx.Response
response = self.client.post(update_uri, data=self.__get_form())
response = self.client.post(UPDATE_URI, data=self.__get_form())
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
option = db.session.get(Option, "recurring")
@ -308,9 +295,9 @@ class OptionTestCase(unittest.TestCase):
# The recurring setting was not modified
form = self.__get_form()
form["default_currency_code"] = "JPY"
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
option = db.session.get(Option, "recurring")
@ -324,9 +311,9 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-expense-")
and x.endswith("-account_code")][0]
form[key] = Accounts.MEAL
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
option = db.session.get(Option, "recurring")
@ -341,14 +328,12 @@ class OptionTestCase(unittest.TestCase):
from accounting.models import Option
from accounting.utils.user import get_user_pk
admin_username, editor_username = "admin", "editor"
detail_uri: str = f"{PREFIX}?next={self.encoded_next_uri}"
update_uri: str = f"{PREFIX}/update"
option: Option | None
response: httpx.Response
response = self.client.post(update_uri, data=self.__get_form())
response = self.client.post(UPDATE_URI, data=self.__get_form())
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
editor_pk: int = get_user_pk(editor_username)
@ -363,9 +348,9 @@ class OptionTestCase(unittest.TestCase):
if x.startswith("recurring-expense-")
and x.endswith("-account_code")][0]
form[key] = Accounts.MEAL
response = self.client.post(update_uri, data=form)
response = self.client.post(UPDATE_URI, data=form)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], detail_uri)
self.assertEqual(response.headers["Location"], DETAIL_URI)
with self.app.app_context():
option = db.session.get(Option, "recurring")
@ -382,7 +367,7 @@ class OptionTestCase(unittest.TestCase):
if csrf_token is None:
csrf_token = self.csrf_token
return {"csrf_token": csrf_token,
"next": self.encoded_next_uri,
"next": NEXT_URI,
"default_currency_code": "EUR",
"default_ie_account_code": "0000-000",
"recurring-expense-1-name": "Water bill",

View File

@ -23,15 +23,13 @@ from typing import Type
from click.testing import Result
from flask import Flask, Blueprint, render_template, redirect, Response, \
url_for, request
url_for
from flask.testing import FlaskCliRunner
from flask_babel_js import BabelJS
from flask_sqlalchemy import SQLAlchemy
from flask_wtf import CSRFProtect
from sqlalchemy import Column
from accounting.utils.next_uri import encode_next
bp: Blueprint = Blueprint("home", __name__)
"""The global blueprint."""
babel_js: BabelJS = BabelJS()

View File

@ -140,38 +140,36 @@ class JournalEntryData:
for line_item in currency.credit:
line_item.journal_entry = self
def new_form(self, csrf_token: str, encoded_next_uri: str) \
-> dict[str, str]:
def new_form(self, csrf_token: str, next_uri: str) -> dict[str, str]:
"""Returns the journal entry as a creation form.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:param next_uri: The next URI.
:return: The journal entry as a creation form.
"""
return self.__form(csrf_token, encoded_next_uri, is_update=False)
return self.__form(csrf_token, next_uri, is_update=False)
def update_form(self, csrf_token: str, encoded_next_uri: str) \
-> dict[str, str]:
def update_form(self, csrf_token: str, next_uri: str) -> dict[str, str]:
"""Returns the journal entry as an update form.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:param next_uri: The next URI.
:return: The journal entry as an update form.
"""
return self.__form(csrf_token, encoded_next_uri, is_update=True)
return self.__form(csrf_token, next_uri, is_update=True)
def __form(self, csrf_token: str, encoded_next_uri: str,
is_update: bool = False) -> dict[str, str]:
def __form(self, csrf_token: str, next_uri: str, is_update: bool = False) \
-> dict[str, str]:
"""Returns the journal entry as a form.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:param next_uri: The next URI.
:param is_update: True for an update operation, or False otherwise
:return: The journal entry as a form.
"""
date: dt.date = dt.date.today() - dt.timedelta(days=self.days)
form: dict[str, str] = {"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": next_uri,
"date": date.isoformat()}
for i in range(len(self.currencies)):
form.update(self.currencies[i].form(i + 1, is_update))

View File

@ -96,7 +96,7 @@ First written: 2023/1/27
</span>
<form action="{{ url_for("locale.set-locale") }}" method="post">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
<input type="hidden" name="next" value="{{ accounting_as_next() }}">
<input type="hidden" name="next" value="{{ request.full_path if request.query_string else request.path }}">
<ul class="dropdown-menu dropdown-menu-end">
{% for locale_code, locale_name in get_all_linguas().items() %}
<li>

View File

@ -22,7 +22,6 @@ import unittest
import httpx
from flask import Flask
from accounting.utils.next_uri import encode_next
from test_site import db
from test_site.lib import JournalEntryCurrencyData, JournalEntryData, \
BaseTestData
@ -47,7 +46,6 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
from accounting.models import JournalEntry, JournalEntryLineItem
JournalEntry.query.delete()
JournalEntryLineItem.query.delete()
self.encoded_next_uri: str = encode_next(NEXT_URI)
self.client, self.csrf_token = get_client(self.app, "editor")
@ -62,7 +60,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
response = client.post(f"{PREFIX}/{Accounts.PAYABLE}",
data={"csrf_token": csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 403)
def test_viewer(self) -> None:
@ -76,7 +74,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
response = client.post(f"{PREFIX}/{Accounts.PAYABLE}",
data={"csrf_token": csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 403)
def test_editor(self) -> None:
@ -89,7 +87,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/{Accounts.PAYABLE}",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -102,7 +100,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
response = self.client.post(f"{PREFIX}/{Accounts.PAYABLE}",
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -152,7 +150,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
match_uri = f"{PREFIX}/{Accounts.RECEIVABLE}"
response = self.client.post(match_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -202,7 +200,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
match_uri = f"{PREFIX}/{Accounts.PAYABLE}"
response = self.client.post(match_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -280,7 +278,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
match_uri = f"{PREFIX}/{Accounts.RECEIVABLE}"
response = self.client.post(match_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)
@ -346,7 +344,7 @@ class UnmatchedOffsetTestCase(unittest.TestCase):
match_uri = f"{PREFIX}/{Accounts.PAYABLE}"
response = self.client.post(match_uri,
data={"csrf_token": self.csrf_token,
"next": self.encoded_next_uri})
"next": NEXT_URI})
self.assertEqual(response.status_code, 302)
self.assertEqual(response.headers["Location"], NEXT_URI)

View File

@ -22,12 +22,11 @@ from urllib.parse import quote_plus
import httpx
from flask import Flask, request
from itsdangerous import URLSafeSerializer
from accounting.utils.next_uri import append_next, inherit_next, or_next
from accounting.utils.pagination import Pagination, DEFAULT_PAGE_SIZE
from accounting.utils.query import parse_query_keywords
from testlib import TEST_SERVER, create_test_app, get_csrf_token, NEXT_URI
from testlib import TEST_SERVER, create_test_app, get_csrf_token
class NextUriTestCase(unittest.TestCase):
@ -41,8 +40,6 @@ class NextUriTestCase(unittest.TestCase):
:return: None.
"""
self.app: Flask = create_test_app()
self.serializer: URLSafeSerializer \
= URLSafeSerializer(self.app.config["SECRET_KEY"])
def test_next_uri(self) -> None:
"""Tests the next URI utilities with the next URI.
@ -54,12 +51,12 @@ class NextUriTestCase(unittest.TestCase):
current_uri: str = request.full_path if request.query_string \
else request.path
self.assertEqual(append_next(self.TARGET),
f"{self.TARGET}?next={self.__encode(current_uri)}")
f"{self.TARGET}?next={quote_plus(current_uri)}")
next_uri: str = request.form["next"] if request.method == "POST" \
else request.args["next"]
self.assertEqual(inherit_next(self.TARGET),
f"{self.TARGET}?next={next_uri}")
self.assertEqual(or_next(self.TARGET), self.__decode(next_uri))
f"{self.TARGET}?next={quote_plus(next_uri)}")
self.assertEqual(or_next(self.TARGET), next_uri)
return ""
self.app.add_url_rule("/test-next", view_func=test_next_uri_view,
@ -69,11 +66,10 @@ class NextUriTestCase(unittest.TestCase):
csrf_token: str = get_csrf_token(client)
response: httpx.Response
encoded_uri: str = self.__encode(NEXT_URI)
response = client.get(f"/test-next?next={encoded_uri}&q=abc&page-no=4")
response = client.get("/test-next?next=/next&q=abc&page-no=4")
self.assertEqual(response.status_code, 200)
response = client.post("/test-next", data={"csrf_token": csrf_token,
"next": encoded_uri,
"next": "/next",
"name": "viewer"})
self.assertEqual(response.status_code, 200)
@ -84,6 +80,10 @@ class NextUriTestCase(unittest.TestCase):
"""
def test_no_next_uri_view() -> str:
"""The test view without the next URI."""
current_uri: str = request.full_path if request.query_string \
else request.path
self.assertEqual(append_next(self.TARGET),
f"{self.TARGET}?next={quote_plus(current_uri)}")
self.assertEqual(inherit_next(self.TARGET), self.TARGET)
self.assertEqual(or_next(self.TARGET), self.TARGET)
return ""
@ -108,8 +108,10 @@ class NextUriTestCase(unittest.TestCase):
"""
def test_invalid_next_uri_view() -> str:
"""The test view without the next URI."""
self.assertEqual(inherit_next(self.TARGET), self.TARGET)
self.assertEqual(or_next(self.TARGET), self.TARGET)
self.assertEqual(inherit_next(self.TARGET),
request.args.get("inherit-expected"))
self.assertEqual(or_next(self.TARGET),
request.args.get("or-expected"))
return ""
self.app.add_url_rule("/test-invalid-next",
@ -125,29 +127,19 @@ class NextUriTestCase(unittest.TestCase):
# A foreign URI
next_uri = "https://example.com"
response = client.get(f"/test-invalid-next?next={quote_plus(next_uri)}")
expected1 = self.TARGET
expected2 = self.TARGET
response = client.get(f"/test-invalid-next?next={quote_plus(next_uri)}"
f"&inherit-expected={quote_plus(expected1)}"
f"&or-expected={quote_plus(expected2)}")
self.assertEqual(response.status_code, 200)
response = client.post("/test-invalid-next",
response = client.post("/test-invalid-next"
f"?inherit-expected={quote_plus(expected1)}"
f"&or-expected={quote_plus(expected2)}",
data={"csrf_token": csrf_token,
"next": next_uri})
self.assertEqual(response.status_code, 200)
def __encode(self, uri: str) -> str:
"""Encodes the next URI.
:param uri: The next URI.
:return: The encoded next URI.
"""
return self.serializer.dumps(uri, "next")
def __decode(self, uri: str) -> str:
"""Decodes the next URI.
:param uri: The encoded next URI.
:return: The next URI.
"""
return self.serializer.loads(uri, "next")
class QueryKeywordParserTestCase(unittest.TestCase):
"""The test case for the query keyword parser."""

View File

@ -25,7 +25,6 @@ from typing import Literal
import httpx
from flask import Flask, render_template_string
from accounting.utils.next_uri import encode_next
from test_site import create_app
TEST_SERVER: str = "https://testserver"
@ -99,35 +98,30 @@ def get_client(app: Flask, username: str) -> tuple[httpx.Client, str]:
client: httpx.Client = httpx.Client(app=app, base_url=TEST_SERVER)
client.headers["Referer"] = TEST_SERVER
csrf_token: str = get_csrf_token(client)
with app.app_context():
encoded_next_uri: str = encode_next(NEXT_URI)
response: httpx.Response = client.post("/login",
data={"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": "/",
"username": username})
assert response.status_code == 302
assert response.headers["Location"] == NEXT_URI
assert response.headers["Location"] == "/"
return client, csrf_token
def set_locale(app: Flask, client: httpx.Client, csrf_token: str,
def set_locale(client: httpx.Client, csrf_token: str,
locale: Literal["en", "zh_Hant", "zh_Hans"]) -> None:
"""Sets the current locale.
:param app: The Flask application.
:param client: The test client.
:param csrf_token: The CSRF token.
:param locale: The locale.
:return: None.
"""
with app.app_context():
encoded_next_uri: str = encode_next(NEXT_URI)
response: httpx.Response = client.post("/locale",
data={"csrf_token": csrf_token,
"locale": locale,
"next": encoded_next_uri})
"next": "/next"})
assert response.status_code == 302
assert response.headers["Location"] == NEXT_URI
assert response.headers["Location"] == "/next"
def add_journal_entry(client: httpx.Client, form: dict[str, str]) -> int:
@ -158,6 +152,6 @@ def match_journal_entry_detail(location: str) -> int:
:raise AssertionError: When the location is not the journal entry detail.
"""
m: re.Match = re.match(
r"^/accounting/journal-entries/(\d+)\?next=", location)
r"^/accounting/journal-entries/(\d+)\?next=%2F_next", location)
assert m is not None
return int(m.group(1))

View File

@ -33,15 +33,14 @@ EMPTY_NOTE: str = " \n\n "
"""The empty note content."""
def get_add_form(csrf_token: str, encoded_next_uri: str) -> dict[str, str]:
def get_add_form(csrf_token: str) -> dict[str, str]:
"""Returns the form data to add a new journal entry.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:return: The form data to add a new journal entry.
"""
return {"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": dt.date.today().isoformat(),
"currency-0-code": "USD",
"currency-0-debit-0-no": "16",
@ -103,15 +102,13 @@ def get_add_form(csrf_token: str, encoded_next_uri: str) -> dict[str, str]:
def get_unchanged_update_form(journal_entry_id: int, app: Flask,
csrf_token: str, encoded_next_uri: str) \
-> dict[str, str]:
csrf_token: str) -> dict[str, str]:
"""Returns the form data to update a journal entry, where the data are not
changed.
:param journal_entry_id: The journal entry ID.
:param app: The Flask application.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:return: The form data to update the journal entry, where the data are not
changed.
"""
@ -124,7 +121,7 @@ def get_unchanged_update_form(journal_entry_id: int, app: Flask,
form: dict[str, str] \
= {"csrf_token": csrf_token,
"next": encoded_next_uri,
"next": NEXT_URI,
"date": journal_entry.date,
"note": " \n \n\n " if journal_entry.note is None
else f"\n \n\n \n \n{journal_entry.note} \n\n "}
@ -185,22 +182,20 @@ def __get_new_index(indices_used: set[int]) -> int:
def get_update_form(journal_entry_id: int, app: Flask,
csrf_token: str, encoded_next_uri: str,
is_debit: bool | None) -> dict[str, str]:
csrf_token: str, is_debit: bool | None) -> dict[str, str]:
"""Returns the form data to update a journal entry, where the data are
changed.
:param journal_entry_id: The journal entry ID.
:param app: The Flask application.
:param csrf_token: The CSRF token.
:param encoded_next_uri: The encoded next URI.
:param is_debit: True for a cash disbursement journal entry, False for a
cash receipt journal entry, or None for a transfer journal entry.
:return: The form data to update the journal entry, where the data are
changed.
"""
form: dict[str, str] = get_unchanged_update_form(
journal_entry_id, app, csrf_token, encoded_next_uri)
journal_entry_id, app, csrf_token)
# Mess up the line items in a currency
currency_prefix: str = __get_currency_prefix(form, "USD")