summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/admin_views/tests.py2
-rw-r--r--tests/auth_tests/test_middleware.py37
-rw-r--r--tests/auth_tests/test_views.py8
-rw-r--r--tests/auth_tests/urls_custom_user_admin.py2
-rw-r--r--tests/settings_tests/tests.py45
5 files changed, 12 insertions, 82 deletions
diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py
index 87d6f86ae4..7b7e09a25f 100644
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@@ -773,7 +773,7 @@ class AdminViewBasicTest(AdminViewBasicTestCase):
user = User.objects.get(username='super')
user.set_unusable_password()
user.save()
-
+ self.client.force_login(user)
response = self.client.get(reverse('admin:index'))
self.assertNotContains(response, reverse('admin:password_change'),
msg_prefix='The "change password" link should not be displayed if a user does not have a usable password.')
diff --git a/tests/auth_tests/test_middleware.py b/tests/auth_tests/test_middleware.py
index e67a89ef26..9ebb1e46ee 100644
--- a/tests/auth_tests/test_middleware.py
+++ b/tests/auth_tests/test_middleware.py
@@ -4,47 +4,26 @@ from django.http import HttpRequest
from django.test import TestCase
-class TestSessionAuthenticationMiddleware(TestCase):
+class TestAuthenticationMiddleware(TestCase):
def setUp(self):
- self.user_password = 'test_password'
- self.user = User.objects.create_user('test_user',
- 'test@example.com',
- self.user_password)
-
+ self.user = User.objects.create_user('test_user', 'test@example.com', 'test_password')
self.middleware = AuthenticationMiddleware()
- self.assertTrue(self.client.login(
- username=self.user.username,
- password=self.user_password,
- ))
+ self.client.force_login(self.user)
self.request = HttpRequest()
self.request.session = self.client.session
- def test_changed_password_doesnt_invalidate_session(self):
- """
- Changing a user's password shouldn't invalidate the session if session
- verification isn't activated.
- """
- session_key = self.request.session.session_key
+ def test_no_password_change_doesnt_invalidate_session(self):
+ self.request.session = self.client.session
self.middleware.process_request(self.request)
self.assertIsNotNone(self.request.user)
self.assertFalse(self.request.user.is_anonymous())
- # After password change, user should remain logged in.
+ def test_changed_password_invalidates_session(self):
+ # After password change, user should be anonymous
self.user.set_password('new_password')
self.user.save()
self.middleware.process_request(self.request)
self.assertIsNotNone(self.request.user)
- self.assertFalse(self.request.user.is_anonymous())
- self.assertEqual(session_key, self.request.session.session_key)
-
- def test_changed_password_invalidates_session_with_middleware(self):
- with self.modify_settings(
- MIDDLEWARE_CLASSES={'append': ['django.contrib.auth.middleware.SessionAuthenticationMiddleware']}):
- # After password change, user should be anonymous
- self.user.set_password('new_password')
- self.user.save()
- self.middleware.process_request(self.request)
- self.assertIsNotNone(self.request.user)
- self.assertTrue(self.request.user.is_anonymous())
+ self.assertTrue(self.request.user.is_anonymous())
# session should be flushed
self.assertIsNone(self.request.session.session_key)
diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py
index b23d895152..19a47a2697 100644
--- a/tests/auth_tests/test_views.py
+++ b/tests/auth_tests/test_views.py
@@ -24,7 +24,7 @@ from django.core.urlresolvers import NoReverseMatch, reverse, reverse_lazy
from django.db import connection
from django.http import HttpRequest, QueryDict
from django.middleware.csrf import CsrfViewMiddleware, get_token
-from django.test import TestCase, modify_settings, override_settings
+from django.test import TestCase, override_settings
from django.test.utils import patch_logger
from django.utils.encoding import force_text
from django.utils.http import urlquote
@@ -506,9 +506,6 @@ class ChangePasswordTest(AuthViewsTestCase):
self.assertURLEqual(response.url, '/password_reset/')
-@modify_settings(MIDDLEWARE_CLASSES={
- 'append': 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
-})
class SessionAuthenticationTests(AuthViewsTestCase):
def test_user_password_change_updates_session(self):
"""
@@ -876,9 +873,6 @@ class LogoutTest(AuthViewsTestCase):
# Redirect in test_user_change_password will fail if session auth hash
# isn't updated after password change (#21649)
-@modify_settings(MIDDLEWARE_CLASSES={
- 'append': 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
-})
@override_settings(
PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'],
ROOT_URLCONF='auth_tests.urls_admin',
diff --git a/tests/auth_tests/urls_custom_user_admin.py b/tests/auth_tests/urls_custom_user_admin.py
index dc47be68c7..de33984fa5 100644
--- a/tests/auth_tests/urls_custom_user_admin.py
+++ b/tests/auth_tests/urls_custom_user_admin.py
@@ -10,8 +10,10 @@ class CustomUserAdmin(UserAdmin):
def log_change(self, request, object, message):
# LogEntry.user column doesn't get altered to expect a UUID, so set an
# integer manually to avoid causing an error.
+ original_pk = request.user.pk
request.user.pk = 1
super(CustomUserAdmin, self).log_change(request, object, message)
+ request.user.pk = original_pk
site.register(get_user_model(), CustomUserAdmin)
diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py
index 90b2b8e580..bf4f071c2f 100644
--- a/tests/settings_tests/tests.py
+++ b/tests/settings_tests/tests.py
@@ -12,7 +12,6 @@ from django.test import (
override_settings, signals,
)
from django.utils import six
-from django.utils.encoding import force_text
@modify_settings(ITEMS={
@@ -489,47 +488,3 @@ class TestListSettings(unittest.TestCase):
finally:
del sys.modules['fake_settings_module']
delattr(settings_module, setting)
-
-
-class TestSessionVerification(unittest.TestCase):
-
- def setUp(self):
- self.settings_module = ModuleType('fake_settings_module')
- self.settings_module.SECRET_KEY = 'foo'
-
- def tearDown(self):
- if 'fake_settings_module' in sys.modules:
- del sys.modules['fake_settings_module']
-
- def test_session_verification_deprecation_no_verification(self):
- self.settings_module.MIDDLEWARE_CLASSES = ['django.contrib.auth.middleware.AuthenticationMiddleware']
- sys.modules['fake_settings_module'] = self.settings_module
- with warnings.catch_warnings(record=True) as warn:
- warnings.filterwarnings('always')
- Settings('fake_settings_module')
- self.assertEqual(
- force_text(warn[0].message),
- "Session verification will become mandatory in Django 1.10. "
- "Please add 'django.contrib.auth.middleware.SessionAuthenticationMiddleware' "
- "to your MIDDLEWARE_CLASSES setting when you are ready to opt-in after "
- "reading the upgrade considerations in the 1.8 release notes.",
- )
-
- def test_session_verification_deprecation_both(self):
- self.settings_module.MIDDLEWARE_CLASSES = [
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- ]
- sys.modules['fake_settings_module'] = self.settings_module
- with warnings.catch_warnings(record=True) as warn:
- warnings.filterwarnings('always')
- Settings('fake_settings_module')
- self.assertEqual(len(warn), 0)
-
- def test_session_verification_deprecation_neither(self):
- self.settings_module.MIDDLEWARE_CLASSES = []
- sys.modules['fake_settings_module'] = self.settings_module
- with warnings.catch_warnings(record=True) as warn:
- warnings.filterwarnings('always')
- Settings('fake_settings_module')
- self.assertEqual(len(warn), 0)
View Lorry Controller Status