chore: bump Flask and werkzeug (#2034)

* chore: bump Flask and werkzeug * fix test
dpgaspar · May 8, 2023 · 8a17103 · 8a17103
1 parent e83af73
commit 8a17103
Show file tree

Hide file tree

Showing 6 changed files with 81 additions and 79 deletions.
diff --git a/flask_appbuilder/tests/security/test_auth_ldap.py b/flask_appbuilder/tests/security/test_auth_ldap.py
@@ -933,5 +933,4 @@ def test_login_failed_keep_next_url(self):
             data=dict(username="natalie", password="natalie_password"),
             follow_redirects=False,
         )
-
-        assert response.location == "http://localhost/users/userinfo/"
+        assert response.location == "/users/userinfo/"
diff --git a/flask_appbuilder/tests/security/test_mvc_security.py b/flask_appbuilder/tests/security/test_mvc_security.py
@@ -99,7 +99,7 @@ def test_db_login_no_next_url(self):
         response = self.browser_login(
             self.client, USERNAME_ADMIN, PASSWORD_ADMIN, follow_redirects=False
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_valid_next_url(self):
         """
@@ -113,7 +113,7 @@ def test_db_login_valid_next_url(self):
             next_url="/users/list/",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/users/list/"
+        assert response.location == "/users/list/"
 
     def test_db_login_valid_http_scheme_url(self):
         """
@@ -155,7 +155,7 @@ def test_db_login_invalid_external_next_url(self):
             next_url="https://google.com",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_invalid_scheme_next_url(self):
         """
@@ -169,7 +169,7 @@ def test_db_login_invalid_scheme_next_url(self):
             next_url="ftp://sample",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_invalid_localhost_file_next_url(self):
         """
@@ -183,7 +183,7 @@ def test_db_login_invalid_localhost_file_next_url(self):
             next_url="file:///path",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_invalid_no_netloc_with_scheme_next_url(self):
         """
@@ -197,7 +197,7 @@ def test_db_login_invalid_no_netloc_with_scheme_next_url(self):
             next_url="http:///sample.com ",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_invalid_control_characters_next_url(self):
         """
@@ -211,7 +211,7 @@ def test_db_login_invalid_control_characters_next_url(self):
             next_url="\u0001" + "sample.com",
             follow_redirects=False,
         )
-        assert response.location == "http://localhost/"
+        assert response.location == "/"
 
     def test_db_login_failed_keep_next_url(self):
         """
@@ -231,7 +231,7 @@ def test_db_login_failed_keep_next_url(self):
             follow_redirects=False,
         )
 
-        assert response.location == "http://localhost/users/list/"
+        assert response.location == "/users/list/"
 
     def test_auth_builtin_roles(self):
         """

diff --git a/flask_appbuilder/tests/test_mvc.py b/flask_appbuilder/tests/test_mvc.py
@@ -3,7 +3,7 @@
 import logging
 from typing import Set
 
-from flask import Flask, make_response, redirect, request, session
+from flask import Flask, make_response, redirect, session
 from flask_appbuilder import AppBuilder, SQLA
 from flask_appbuilder.actions import action
 from flask_appbuilder.baseviews import expose
@@ -754,9 +754,11 @@ def test_back(self):
             self.browser_login(c, USERNAME_ADMIN, PASSWORD_ADMIN)
             c.get("/model1view/list/?_flt_0_field_string=f")
             c.get("/model2view/list/")
-            c.get("/back", follow_redirects=True)
-            assert request.args["_flt_0_field_string"] == "f"
-            assert "/model1view/list/" == request.path
+            response = c.get("/back", follow_redirects=False)
+            assert (
+                response.location
+                == "http://localhost/model1view/list/?_flt_0_field_string=f"
+            )
 
     def test_model_creation(self):
         """
@@ -1085,7 +1087,7 @@ def test_modelview_add_redirects(self):
         )
 
         self.assertEqual(rv.status_code, 302)
-        self.assertEqual("http://localhost/", rv.headers["Location"])
+        self.assertEqual("/", rv.headers["Location"])
 
         # Revert data changes
         model1 = (
@@ -1113,7 +1115,7 @@ def test_modelview_edit_redirects(self):
             data=dict(field_string="test_redirect", field_integer="200"),
         )
         self.assertEqual(rv.status_code, 302)
-        self.assertEqual("http://localhost/", rv.headers["Location"])
+        self.assertEqual("/", rv.headers["Location"])
 
         # Revert data changes
         insert_model1(self.appbuilder.get_session, i=model_id - 1)
@@ -1129,7 +1131,7 @@ def test_modelview_delete_redirects(self):
         )
         rv = client.get(f"/model1viewwithredirects/delete/{model_id}")
         self.assertEqual(rv.status_code, 302)
-        self.assertEqual("http://localhost/", rv.headers["Location"])
+        self.assertEqual("/", rv.headers["Location"])
         # Revert data changes
         insert_model1(self.appbuilder.get_session, i=model_id - 1)
 

diff --git a/flask_appbuilder/tests/test_mvc_oauth.py b/flask_appbuilder/tests/test_mvc_oauth.py
@@ -62,11 +62,11 @@ def test_oauth_login(self):
                 session_["oauth_state"] = "random_state"
             response = client.get(f"/oauth-authorized/google?state={state}")
             self.assertEqual(current_user.email, "user1@fab.org")
-            self.assertEqual(response.location, "http://localhost/")
+            self.assertEqual(response.location, "/")
 
     def test_oauth_login_invalid_state(self):
         """
-        OAuth: Test login
+        OAuth: Test login invalid state
         """
         self.appbuilder.sm.oauth_remotes = {"google": OAuthRemoteMock()}
 
@@ -77,7 +77,7 @@ def test_oauth_login_invalid_state(self):
                 session["oauth_state"] = "invalid_state"
             response = client.get(f"/oauth-authorized/google?state={state}")
             self.assertEqual(current_user.is_authenticated, False)
-            self.assertEqual(response.location, "http://localhost/login/")
+            self.assertEqual(response.location, "/login/")
 
     def test_oauth_login_unknown_provider(self):
         """
@@ -92,7 +92,7 @@ def test_oauth_login_unknown_provider(self):
                 session["oauth_state"] = "random_state"
 
         response = client.get(f"/oauth-authorized/unknown_provider?state={state}")
-        self.assertEqual(response.location, "http://localhost/login/")
+        self.assertEqual(response.location, "/login/")
 
     def test_oauth_login_next(self):
         """
@@ -122,4 +122,4 @@ def test_oauth_login_next_check(self):
             with client.session_transaction() as session:
                 session["oauth_state"] = "random_state"
         response = client.get(f"/oauth-authorized/google?state={state}")
-        self.assertEqual(response.location, "http://localhost/")
+        self.assertEqual(response.location, "/")