Validation: add email-validator + phonenumbers; improve server-side validation; add tests; update templates and requirements

2025-12-21 23:00:01 +01:00
parent 15c629a5e7
commit 3d237a928c
5 changed files with 264 additions and 8 deletions
--- a/tests/test_validation.py
+++ b/tests/test_validation.py
@@ -0,0 +1,77 @@
+import pytest
+from pathlib import Path
+
+from app import app, db, Frage
+
+
+@pytest.fixture
+def client(tmp_path):
+    db_file = tmp_path / "test.db"
+    app.config['TESTING'] = True
+    app.config['SQLALCHEMY_DATABASE_URI'] = f'sqlite:///{db_file}'
+    app.BASE_DIR = str(tmp_path)
+
+    with app.app_context():
+        db.drop_all()
+        db.create_all()
+        q = Frage(text='Testfrage?')
+        db.session.add(q)
+        db.session.commit()
+        app.config['TEST_QUESTION_ID'] = q.id
+
+    with app.test_client() as test_client:
+        yield test_client
+
+
+def _base_form(question_id):
+    return {
+        'vorname': 'Max',
+        'nachname': 'Mustermann',
+        'strasse': 'Musterstraße',
+        'hausnummer': '1',
+        'plz': '12345',
+        'ort': 'Musterstadt',
+        'land': 'Deutschland',
+        f'frage_{question_id}': 'Antwort'
+    }
+
+
+def test_invalid_email_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'not-an-email', 'telefon_vorwahl': '', 'telefon_nummer': ''})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Ungültige E-Mail-Adresse' in res.get_data(as_text=True)
+
+
+def test_invalid_phone_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    # invalid numeric content
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': 'notnum'})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Ungültige Telefonnummer' in res.get_data(as_text=True)
+
+
+def test_missing_phone_part_shows_error(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': ''})
+
+    res = client.post('/', data=data)
+    assert res.status_code == 200
+    assert 'Vorwahl und Telefonnummer müssen beide angegeben werden' in res.get_data(as_text=True)
+
+
+def test_valid_email_and_phone_redirects(client):
+    qid = app.config.get('TEST_QUESTION_ID')
+    data = _base_form(qid)
+    data.update({'email': 'max@example.com', 'telefon_vorwahl': '49', 'telefon_nummer': '1234567'})
+
+    res = client.post('/', data=data, follow_redirects=False)
+    # successful submission should redirect to /danke
+    assert res.status_code in (302, 303)